From 4761e5f2aeaf062271ddce3c874c1fb3bd53a935 Mon Sep 17 00:00:00 2001 From: TrueCharts Bot Date: Tue, 7 Jul 2026 20:53:02 +0200 Subject: [PATCH] =?UTF-8?q?BREAKING=20CHANGE(twofauth):=20Update=20image?= =?UTF-8?q?=20docker.io/2fauth/2fauth=207.0.1=20=E2=86=92=208.0.1=20(#4995?= =?UTF-8?q?8)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [docker.io/2fauth/2fauth](https://redirect.github.com/Bubka/2FAuth) | major | `4209283` → `4a1f329` | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/18710) for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes
Bubka/2FAuth (docker.io/2fauth/2fauth) ### [`v8.0.1`](https://redirect.github.com/Bubka/2FAuth/blob/HEAD/changelog.md#801---2026-07-05) [Compare Source](https://redirect.github.com/Bubka/2FAuth/compare/v8.0.0...v8.0.1) ##### Fixed - [issue #​558](https://redirect.github.com/Bubka/2FAuth/issues/558) docker container crashes while startup - [issue #​561](https://redirect.github.com/Bubka/2FAuth/issues/561) Container fails to start when fixing Passport key permissions in rootless Docker ### [`v8.0.0`](https://redirect.github.com/Bubka/2FAuth/blob/HEAD/changelog.md#800---2026-06-25) [Compare Source](https://redirect.github.com/Bubka/2FAuth/compare/v7.0.1...v8.0.0) 2FAuth already bumps to v8 because of the upgrade of the Laravel PHP framework it is built on. > \[!WARNING] > One of the underlying components has changed the way authentication tokens are generated, so your personal access tokens will become invalid. This is, strictly speaking, a breaking change, but the impact is limited (not everyone uses PAT) and generating new tokens is not a big deal. I'm sorry about that nonetheless. Despite the short time that has passed since v7, I found time to make two improvements to the user experience: - You can now switch between groups without having to open the selection menu. Groups are displayed as chips directly below the search bar for quick switching. The groups displayed in the chips list are the ones you choose to make visible. A new option is available in the Group edit form to do so. - Lengthy pages in the Settings and Admin sections now have a navigation menu that lets you scrolls to the desired section. Don't be surprised — I took this opportunity to reorganize the *Settings > Options* page, as all the additions over time had made it a bit messy. You can disable any of this from the *Settings > Options* page if you want to restore the previous behaviour. This release also includes several security fixes, including one that affects authentication via a reverse proxy with the following consequence: > \[!WARNING] > To ensure authentication at 2FAuth level, your auth proxy must now be identified as trusted with the [TRUSTED\_PROXIES](https://docs.2fauth.app/getting-started/config/env-vars/#trusted_proxies) environment variable. ##### Added - Group switching can be done directly from the main view using chips - The lengthy Settings and Admin pages now come with a quick navigation menu that lets you scroll directly to the desired section. - The docker image is now tagged with shifting major and minor tags ([#​541](https://redirect.github.com/Bubka/2FAuth/issues/541)). ##### New env vars - `PHP_MEMORY_LIMIT_TEMP_OVERRIDE`: Temporary PHP memory limit applied during QR code detection to prevent `exhausted memory error` ([doc](https://docs.2fauth.app/getting-started/config/env-vars/#PHP_MEMORY_LIMIT_TEMP_OVERRIDE)). ##### Security fix - Fix of a possible user impersonation and admin privilege escalation issue when using an [authentication proxy](https://docs.2fauth.app/security/authentication/auth-proxy/) (thx [@​Dokaoista](https://redirect.github.com/Dokaoista)). - Fix of SSRF vulnerability via dns rebinding during imageLink resource fetching (thx [@​5ud0er / Tarmo Technologies](https://redirect.github.com/5ud0er)). - Block IPv6 NAT64 addresses in SSRF guard (thx [@​tonghuaroot](https://redirect.github.com/tonghuaroot)). - Fix missing authorization on share recipients endpoint allowing cross-user account enumeration (thx [@​de3erve-hunter](https://redirect.github.com/de3erve-hunter)). ##### Fixed - [issue #​540](https://redirect.github.com/Bubka/2FAuth/issues/540) Scan/Import QR Code Not working - [issue #​543](https://redirect.github.com/Bubka/2FAuth/issues/543) Scan/Import Google Authentificator QR Code - [issue #​549](https://redirect.github.com/Bubka/2FAuth/issues/549) Unshare action in Manage mode does not remove sharing - UI elements overlapping during transitions on Manage mode enter/leave
--- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). --- charts/stable/twofauth/Chart.yaml | 4 ++-- charts/stable/twofauth/values.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/stable/twofauth/Chart.yaml b/charts/stable/twofauth/Chart.yaml index c55daad43b0..5d792da6d3f 100644 --- a/charts/stable/twofauth/Chart.yaml +++ b/charts/stable/twofauth/Chart.yaml @@ -9,7 +9,7 @@ annotations: trueforge.org/min_helm_version: "3.14" trueforge.org/train: stable apiVersion: v2 -appVersion: 7.0.1 +appVersion: 8.0.1 dependencies: - name: common version: 29.7.1 @@ -36,5 +36,5 @@ sources: - https://github.com/trueforge-org/truecharts/tree/master/charts/stable/twofauth - https://hub.docker.com/r/2fauth/2fauth type: application -version: 7.3.0 +version: 8.0.0 diff --git a/charts/stable/twofauth/values.yaml b/charts/stable/twofauth/values.yaml index 23e6da3e80e..7649dbe8e16 100644 --- a/charts/stable/twofauth/values.yaml +++ b/charts/stable/twofauth/values.yaml @@ -2,7 +2,7 @@ image: repository: docker.io/2fauth/2fauth pullPolicy: IfNotPresent - tag: 7.0.1@sha256:42092830b535a852a17426b76abfc44362cb37f3345d340d910b85d2d166e4c4 + tag: 8.0.1@sha256:4a1f329e42b9bdfb625db3094bd6f79a2f44640b6259d4cdb9f336c676bf120e securityContext: container: