github ulsklyc/yuvomi v0.71.12
on GitHub

latest release: v0.71.13
2 hours ago

Security

  • OIDC account linking (revert v0.71.11): the relaxed email_verified !== false check introduced in v0.71.11 is replaced with a strict opt-in. The default is restored to email_verified === true required; the new OIDC_TRUST_EMAIL_WITHOUT_VERIFIED_CLAIM=true env var lets admins opt in explicitly for IdPs that omit the claim but only issue verified addresses.

Added

  • OIDC_TRUST_EMAIL_WITHOUT_VERIFIED_CLAIM env var (opt-in): set to true to allow account linking when the IdP omits the email_verified claim entirely. Only enable this for IdPs fully under your control that never issue unverified email addresses (e.g. older Authentik deployments without an explicit email_verified property mapping).
Check out latest releases or
releases around ulsklyc/yuvomi v0.71.12

Don't miss a new yuvomi release

NewReleases is sending notifications on new releases.

Get notifications