BREAKING CHANGE(twofauth): Update image docker.io/2fauth/2fauth 7.0.1 → 8.0.1 (#49958)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [docker.io/2fauth/2fauth](https://redirect.github.com/Bubka/2FAuth) |
major | `4209283` → `4a1f329` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/18710) for more information.

Add the preset `:preserveSemverRanges` to your config if you don't want
to pin your dependencies.

---

### Release Notes

<details>
<summary>Bubka/2FAuth (docker.io/2fauth/2fauth)</summary>

###
[`v8.0.1`](https://redirect.github.com/Bubka/2FAuth/blob/HEAD/changelog.md#801---2026-07-05)

[Compare
Source](https://redirect.github.com/Bubka/2FAuth/compare/v8.0.0...v8.0.1)

##### Fixed

- [issue
#&#8203;558](https://redirect.github.com/Bubka/2FAuth/issues/558) docker
container crashes while startup
- [issue
#&#8203;561](https://redirect.github.com/Bubka/2FAuth/issues/561)
Container fails to start when fixing Passport key permissions in
rootless Docker

###
[`v8.0.0`](https://redirect.github.com/Bubka/2FAuth/blob/HEAD/changelog.md#800---2026-06-25)

[Compare
Source](https://redirect.github.com/Bubka/2FAuth/compare/v7.0.1...v8.0.0)

2FAuth already bumps to v8 because of the upgrade of the Laravel PHP
framework it is built on.

> \[!WARNING]
> One of the underlying components has changed the way authentication
tokens are generated, so your personal access tokens will become
invalid. This is, strictly speaking, a breaking change, but the impact
is limited (not everyone uses PAT) and generating new tokens is not a
big deal. I'm sorry about that nonetheless.

Despite the short time that has passed since v7, I found time to make
two improvements to the user experience:

- You can now switch between groups without having to open the selection
menu. Groups are displayed as chips directly below the search bar for
quick switching. The groups displayed in the chips list are the ones you
choose to make visible. A new option is available in the Group edit form
to do so.
- Lengthy pages in the Settings and Admin sections now have a navigation
menu that lets you scrolls to the desired section. Don't be surprised —
I took this opportunity to reorganize the *Settings > Options* page, as
all the additions over time had made it a bit messy.

You can disable any of this from the *Settings > Options* page if you
want to restore the previous behaviour.

This release also includes several security fixes, including one that
affects authentication via a reverse proxy with the following
consequence:

> \[!WARNING]
> To ensure authentication at 2FAuth level, your auth proxy must now be
identified as trusted with the
[TRUSTED\_PROXIES](https://docs.2fauth.app/getting-started/config/env-vars/#trusted_proxies)
environment variable.

##### Added

- Group switching can be done directly from the main view using chips
- The lengthy Settings and Admin pages now come with a quick navigation
menu that lets you scroll directly to the desired section.
- The docker image is now tagged with shifting major and minor tags
([#&#8203;541](https://redirect.github.com/Bubka/2FAuth/issues/541)).

##### New env vars

- `PHP_MEMORY_LIMIT_TEMP_OVERRIDE`: Temporary PHP memory limit applied
during QR code detection to prevent `exhausted memory error`
([doc](https://docs.2fauth.app/getting-started/config/env-vars/#PHP_MEMORY_LIMIT_TEMP_OVERRIDE)).

##### Security fix

- Fix of a possible user impersonation and admin privilege escalation
issue when using an [authentication
proxy](https://docs.2fauth.app/security/authentication/auth-proxy/) (thx
[@&#8203;Dokaoista](https://redirect.github.com/Dokaoista)).
- Fix of SSRF vulnerability via dns rebinding during imageLink resource
fetching (thx [@&#8203;5ud0er / Tarmo
Technologies](https://redirect.github.com/5ud0er)).
- Block IPv6 NAT64 addresses in SSRF guard (thx
[@&#8203;tonghuaroot](https://redirect.github.com/tonghuaroot)).
- Fix missing authorization on share recipients endpoint allowing
cross-user account enumeration (thx
[@&#8203;de3erve-hunter](https://redirect.github.com/de3erve-hunter)).

##### Fixed

- [issue
#&#8203;540](https://redirect.github.com/Bubka/2FAuth/issues/540)
Scan/Import QR Code Not working
- [issue
#&#8203;543](https://redirect.github.com/Bubka/2FAuth/issues/543)
Scan/Import Google Authentificator QR Code
- [issue
#&#8203;549](https://redirect.github.com/Bubka/2FAuth/issues/549)
Unshare action in Manage mode does not remove sharing
- UI elements overlapping during transitions on Manage mode enter/leave

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzAuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEzMC4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImFwcC90d29mYXV0aCIsInJlbm92YXRlL2NvbnRhaW5lciIsInR5cGUvbWFqb3IiXX0=-->
This commit is contained in:
TrueCharts Bot
2026-07-07 20:53:02 +02:00
committed by GitHub
parent 917ecf36f6
commit 4761e5f2ae
2 changed files with 3 additions and 3 deletions
+2 -2
View File
@@ -9,7 +9,7 @@ annotations:
trueforge.org/min_helm_version: "3.14"
trueforge.org/train: stable
apiVersion: v2
appVersion: 7.0.1
appVersion: 8.0.1
dependencies:
- name: common
version: 29.7.1
@@ -36,5 +36,5 @@ sources:
- https://github.com/trueforge-org/truecharts/tree/master/charts/stable/twofauth
- https://hub.docker.com/r/2fauth/2fauth
type: application
version: 7.3.0
version: 8.0.0
+1 -1
View File
@@ -2,7 +2,7 @@
image:
repository: docker.io/2fauth/2fauth
pullPolicy: IfNotPresent
tag: 7.0.1@sha256:42092830b535a852a17426b76abfc44362cb37f3345d340d910b85d2d166e4c4
tag: 8.0.1@sha256:4a1f329e42b9bdfb625db3094bd6f79a2f44640b6259d4cdb9f336c676bf120e
securityContext:
container: