sourcegraph v2.5.13 Release Notes
-
👌 Improvements to builtin authentication
When using
auth.provider == "builtin"
, two new important changes mean that a Sourcegraph server will be locked down and only accessible to users who are invited by an admin user (previously, we advised users to place their own auth proxy in front of Sourcegraph servers).0️⃣ 1. When
auth.provider == "builtin"
Sourcegraph will now by default require an admin to invite users instead of allowing anyone who can visit the site to sign up. Setauth.allowSignup == true
to retain the old behavior of allowing anyone who can access the site to signup. 🔧 2. Whenauth.provider == "builtin"
, Sourcegraph will now respects a newauth.public
site configuration option (default value:false
). Whenauth.public == false
, Sourcegraph will not allow anyone to access the site unless they have an account and are signed in.