Comments (5)
@JoelSpeed Ping.
from oauth2-proxy.
Hey @lubo,
I'm not sure how I feel about these kinds of tags and have been trying to work out what I'd like to do about this going forward.
This style of tag can be great for large and firmly rooted software projects that have lots of maintainers and thorough release processes and very strict semver coherence. For a small project like this, where we have just taken over the ownership and are not entirely sure what the state of the project is, I don't know if we have enough investment from people to be this strict at present.
I know there are some breaking changes that have been raised in issues already and I'm sure there will be more as the project gains more momentum again. For now I am tempted to create minor tags that move but with the proviso that we aren't strictly sticking to semver and are unlikely to be backporting fixes, we simply don't have capacity for this much work.
On a different note, I personally wouldn't want to use a tag like this for a security themed project, for something like the OAuth2 Proxy that, when broken, would block access to many other services, this is the kind of thing where I would want to vet each release in a staging environment before promoting to production! Does that make sense?
@syscll Do you have anything to add?
from oauth2-proxy.
Hi, @JoelSpeed. Yes, it makes perfect sense. If the project doesn't strictly follow semantic versioning, then it's not very useful. But if it did, using minor tags in production shouldn't be a problem if the project publisher is trusted and the app is tested thoroughly, and it'd allow the operators to have more self-maintained infrastructure. Other tags, i.e. major and latest
, are pretty much just a development convenience.
from oauth2-proxy.
This issue has been inactive for 60 days. If the issue is still relevant please comment to re-activate the issue. If no action is taken within 7 days, the issue will be marked closed.
from oauth2-proxy.
Closing as this is quite stale. Feel free to reopen if you have any other thoughts.
from oauth2-proxy.
Related Issues (20)
- [Feature]: Allow entire YAML config via environment variable
- [Feature]: Docker: Add HEALTHCHECK command HOT 4
- [Bug]: Distroless docker container is unable to use unix domain socket. HOT 2
- [Bug]: Broken content-type in v7.6.0 (probably a breaking change from v7.4.0) HOT 2
- [Support]: oauth2-proxy running on a system behind a port-forwarding firewall
- [Feature]: Support for Redis alternatives HOT 6
- [Feature]: Implement CSRF token validation on oauth2-proxy
- [Bug]:/internal-auth/oauth2/auth not working HOT 1
- [Support]: show login screen instead of automatically redirecting to oAuth provider HOT 2
- [Bug]: Possible README Inaccuracy HOT 7
- [Support]: Can not get X-Auth-Request-Email and X-Auth-Request-User
- [Support]: Synology basic reverse proxy and sso server => oauth2-proxy => another docker application to protect by auth HOT 1
- [Support]: Getting CRSF cookie or cookie limit 4kb error HOT 2
- [Feature]: auto refresh token HOT 5
- "403: You do not have permission to access this resource." but only for some users HOT 1
- [Bug]: Docs - htpasswd-file description does not mention SHA1 encryption HOT 2
- [Bug]: 500 (Internal Server Error) on invalid cookie
- [Bug]: Infinite loop if the Csrf cookie is set twice
- [Support]: nginx + oauth2-proxy, logout configuration
- [Feature]: options for add files in /oauth2/static/ HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oauth2-proxy.