v1.1.4

What's Changed

Security Fixes

• fix(security): add ReferrerPolicy header for CSRF validation - Browsers were not sending Referer header required by Fiber's CSRF middleware, causing "referer not supplied" validation failures on HTTPS
• fix(security): remove Cross-Origin-Embedder-Policy header - The default COEP header was breaking browser extensions like Bitwarden

Developer Experience

• chore: migrate dev tools to go tool directive - Dev tools (templ, golangci-lint, goimports, gofumpt) now use Go 1.24+ tool directives for version-locked consistency

Full Changelog

v1.1.3...v1.1.4

v1.1.3

Security Fix: Session-based CSRF Storage

This release fixes the root cause of CSRF token validation failures that persisted after v1.1.2.

Root Cause

The CSRF middleware was using its own internal in-memory storage, separate from the session store. This caused:

• Tokens to fail validation on subsequent requests
• Session-based authentication to work, but CSRF to fail
• Issues in production even with PersistSessions=true

Fix

• CSRF middleware now uses session-based storage (Session: sessionStore)
• Tokens persist in the session and survive container restarts
• Full alignment between session and CSRF token lifecycle

Changes

• internal/web/server.go: Added Session and SessionKey to CSRF config
• Updated createCSRFConfig to accept sessionStore parameter
• Added regression test confirming the fix

Full Changelog

v1.1.2...v1.1.3

v1.1.2

Security Fix

CSRF Token Expiration Bug Fixed

Critical fix: CSRF token expiration was incorrectly set to 3600 nanoseconds instead of 1 hour, causing all login attempts to fail with "CSRF token validation failed".

What was affected

• All login attempts failed with "Access Forbidden - CSRF token validation failed"
• The bug was introduced when CSRF middleware was configured with Expiration: 3600 (interpreted as nanoseconds) instead of Expiration: time.Hour

Changes

• Fixed CSRF token expiration from ~3.6 microseconds to 1 hour (#390)

Full Changelog: v1.1.1...v1.1.2

v1.1.1

What's Changed

Bug Fixes

• fix: restore Docker HEALTHCHECK with built-in --health-check flag (#385)
  • Added --health-check CLI flag that performs HTTP health check against /health/live
  • Works with distroless images (no shell/curl required)
  • Re-enabled HEALTHCHECK in Dockerfile

Dependencies

• fix(deps): update module github.com/a-h/templ to v0.3.977 (#377)
• chore(deps): update pnpm to v10.28.0 (#384)
• chore(deps): update dependabot/fetch-metadata action to v2.5.0 (#381)

Testing & Quality

• refactor: replace go-mutesting with gremlins for mutation testing (#379)
• test(retry): add mutation-killing tests for retry package (#380)
• test(options): add mutation-killing tests for Parse function (#382)

Full Changelog: v1.1.0...v1.1.1

v1.1.0

What's Changed

Features

• Enhanced Detail Views: Add email, description, copy-to-clipboard for users/groups/computers (#373)
• GUI Rework: Theme switching (light/dark/system), density controls, accessibility improvements (#370)
• Client-side Search: Add real-time search filter for users, groups, and computers lists
• Searchable Combobox: Filterable dropdown for user/group selection
• Rate Limiting: Add rate limiting for authentication endpoints
• Graceful Shutdown: Proper signal handling with context propagation
• Retry Logic: Exponential backoff for LDAP operations
• TLS Skip Verify: Support for self-signed certificates
• WCAG Compliance: Title attributes and accessibility improvements

Bug Fixes

• LDAP DN Handling: Properly handle special characters in LDAP DNs (#371)
• UTF-8 Parsing: Fix invalid UTF-8 handling in URL parsing (#369)
• Template Cache: Resolve data race in template cache Get method
• Connection Pooling: Disable pooling and use reverse membership lookup
• CSS Cache Busting: Preserve current CSS file when cleaning old versions

Documentation

• Update README screenshots with enhanced detail views (#375)
• Add SECURITY.md for vulnerability reporting
• Fix password inconsistency in AGENTS.md examples
• Improve screenshot presentation with borders and single-column layout

Testing & Quality

• Implement comprehensive testing pyramid with unit, integration, and fuzz tests
• Add gremlins mutation testing configuration
• Add health handler tests for improved coverage
• Add durationcheck, fatcontext, and forcetypeassert linters
• Add standalone vet and vuln-check Makefile targets

Dependencies

• Update Go to 1.25.x
• Update simple-ldap-go to v1.6.0
• Update Tailwind CSS to v4.1.x
• Update numerous GitHub Actions to latest versions
• Various npm dependency updates

CI/CD

• Fix auto-merge workflow circular dependency
• Improve merge queue integration
• Update GitHub Actions security hardening

Upgrading

No breaking changes. Direct upgrade from v1.0.x is supported.

Full Changelog: v1.0.8...v1.1.0

v1.0.8

fix build

• fix build of css

What's Changed

• chore(deps): update tailwindcss monorepo to v4.0.3 by @renovate in #168
• chore(deps): update pnpm to v10.2.0 by @renovate in #169
• chore(deps): update dependency go to v1.23.6 by @renovate in #170

Full Changelog: v1.0.7...v1.0.8

v1.0.7

What's Changed

• chore(deps): update pnpm to v9.13.0 by @renovate in #150
• fix(deps): update module github.com/netresearch/simple-ldap-go to v1.0.1 by @renovate in #149
• chore(deps): update pnpm to v9.13.2 by @renovate in #152
• chore(deps): update dependency tailwindcss to v3.4.15 by @renovate in #151
• chore(deps): update pnpm to v9.14.2 by @renovate in #156
• chore(deps): update dependency prettier-plugin-tailwindcss to v0.6.9 by @renovate in #155
• chore(deps): update pnpm to v9.14.4 by @renovate in #158
• chore(deps): update dependency prettier to v3.4.1 by @renovate in #157

Full Changelog: v1.0.6...v1.0.7

v1.0.6

What's Changed

• chore(deps): update pnpm to v9.5.0 by @renovate in #102
• chore(deps): update dependency prettier to v3.3.3 by @renovate in #103
• chore(deps): update dependency tailwindcss to v3.4.6 - autoclosed by @renovate in #104
• chore(deps): update dependency tailwindcss to v3.4.7 by @renovate in #108
• chore(deps): update pnpm to v9.6.0 by @renovate in #106
• fix(deps): update github.com/netresearch/simple-ldap-go digest to a5323ef by @renovate in #105
• chore(deps): update dependency postcss to v8.4.40 by @renovate in #107
• chore(deps): update dependency autoprefixer to v10.4.20 by @renovate in #109
• chore(deps): update dependency postcss to v8.4.41 by @renovate in #110
• chore(deps): update pnpm to v9.7.0 by @renovate in #111
• chore(deps): update dependency tailwindcss to v3.4.9 by @renovate in #113
• fix(deps): update github.com/netresearch/simple-ldap-go digest to 089547a by @renovate in #112
• chore(deps): update dependency tailwindcss to v3.4.9 by @renovate in #114
• chore(deps): update dependency prettier-plugin-tailwindcss to v0.6.6 by @renovate in #116
• chore(deps): update dependency cssnano to v7.0.5 - autoclosed by @renovate in #115
• chore(deps): update dependency tailwindcss to v3.4.10 by @renovate in #117
• chore(deps): update pnpm to v9.7.1 by @renovate in #119
• fix(deps): update github.com/netresearch/simple-ldap-go digest to 4a28ba8 by @renovate in #120
• chore(deps): update dependency concurrently to v9 by @renovate in #125
• chore(deps): update dependency cssnano to v7.0.6 by @renovate in #124
• chore(deps): update dependency @tailwindcss/forms to v0.5.9 by @renovate in #122
• chore(deps): update pnpm to v9.9.0 by @renovate in #121
• chore(deps): update dependency postcss to v8.4.45 by @renovate in #123
• chore(deps): update golang docker tag to v1.23 by @renovate in #118
• chore(deps): update dependency nodemon to v3.1.6 by @renovate in #132
• chore(deps): update dependency postcss to v8.4.47 by @renovate in #131
• chore(deps): update dependency concurrently to v9.0.1 by @renovate in #130
• chore(deps): update pnpm to v9.11.0 by @renovate in #128
• chore(deps): update dependency nodemon to v3.1.6 by @renovate in #133
• fix(deps): update github.com/netresearch/simple-ldap-go digest to 15999f1 by @renovate in #127
• chore(deps): update pnpm to v9.12.1 by @renovate in #136
• chore(deps): update dependency prettier-plugin-tailwindcss to v0.6.8 by @renovate in #135
• chore(deps): update dependency nodemon to v3.1.7 by @renovate in #134
• chore(deps): update dependency tailwindcss to v3.4.13 by @renovate in #129
• chore(deps): update dependency prettier-plugin-tailwindcss to v0.6.8 by @renovate in #137
• chore(deps): update dependency @tailwindcss/forms to v0.5.9 by @renovate in #126
• fix(deps): update github.com/netresearch/simple-ldap-go digest to 8c3de1c by @renovate in #139
• chore(deps): update dependency tailwindcss to v3.4.13 by @renovate in #138
• fix(deps): update module github.com/netresearch/simple-ldap-go to v1 by @renovate in #140
• chore(deps): update dependency tailwindcss to v3.4.14 by @renovate in #141
• chore(deps): update pnpm to v9.12.2 by @renovate in #142
• chore(deps): update node.js to v22 by @renovate in #144
• chore(deps): update pnpm to v9.12.3 by @renovate in #143
• chore(deps): update dependency concurrently to v9.1.0 by @renovate in #146
• chore(deps): update dependency postcss to v8.4.49 by @renovate in #147
• chore(deps): update dependency postcss to v8.4.49 by @renovate in #148

Full Changelog: v1.0.5...v1.0.6

v1.0.5

What's Changed

• chore(deps): update pnpm to v9.1.2 by @renovate in #81
• chore(deps): update pnpm to v9.1.4 by @renovate in #86
• fix(deps): update github.com/netresearch/simple-ldap-go digest to 4a351a8 by @renovate in #84
• chore(deps): update dependency nodemon to v3.1.2 by @renovate in #85
• chore(deps): update dependency nodemon to v3.1.2 by @renovate in #87
• fix(deps): update module github.com/rs/zerolog to v1.33.0 by @renovate in #83
• chore(deps): update pnpm to v9.4.0 by @renovate in #94
• chore(deps): update dependency cssnano to v7.0.3 by @renovate in #92
• chore(deps): update dependency prettier-plugin-tailwindcss to ^0.6.0 by @renovate in #88
• chore(deps): update dependency nodemon to v3.1.4 by @renovate in #90
• chore(deps): update docker/build-push-action action to v6 by @renovate in #95
• fix(deps): update github.com/netresearch/simple-ldap-go digest to 86bc235 by @renovate in #91
• chore(deps): update dependency tailwindcss to v3.4.4 by @renovate in #93
• fix(deps): update module github.com/gofiber/fiber/v2 to v2.52.5 [security] by @renovate in #98

Full Changelog: v1.0.4...v1.0.5

v1.0.4

What's Changed

• chore(deps): update pnpm to v9.1.0 by @renovate in #77
• fix(deps): update module github.com/a-h/templ to v0.2.680 by @renovate in #79
• chore(deps): update dependency cssnano to v7 by @renovate in #78

Full Changelog: v1.0.3...v1.0.4