chore(deps): bump the minor-patch group across 1 directory with 2 updates

Bumps the minor-patch group with 2 updates in the / directory: [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite). Updates `github.com/go-ldap/ldap/v3` from 3.4.12 to 3.4.13 - [Release notes](https://github.com/go-ldap/ldap/releases) - [Commits](https://github.com/go-ldap/ldap/compare/v3.4.12...v3.4.13) Updates `modernc.org/sqlite` from 1.46.1 to 1.47.0 - [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/cznic/sqlite/compare/v1.46.1...v1.47.0) --- updated-dependencies: - dependency-name: github.com/go-ldap/ldap/v3 dependency-version: 3.4.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-patch - dependency-name: modernc.org/sqlite dependency-version: 1.47.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>
chore(deps-dev): bump @types/node in /frontend in the minor-patch group (#711 )
2026-03-20 05:30:49 +00:00 · 2026-03-18 08:15:17 +00:00 · 2026-03-14 20:26:53 +02:00
16 changed files with 23 additions and 594 deletions
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -1,82 +0,0 @@
 name: Proxy Integration Tests
 on:
  workflow_dispatch:
    inputs:
      build:
        type: boolean
        description: Build from current tag before running tests
 permissions:
  contents: read
 jobs:
  determine-tag:
    runs-on: ubuntu-latest
    outputs:
      version: ${{ steps.metadata.outputs.VERSION }}
      commit_hash: ${{ steps.metadata.outputs.COMMIT_HASH }}
      build_timestamp: ${{ steps.metadata.outputs.BUILD_TIMESTAMP }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Determine metadata
        id: metadata
        run: |
          # Generate static metadata
          echo "COMMIT_HASH=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT"
          echo "BUILD_TIMESTAMP=$(date '+%Y-%m-%dT%H:%M:%S')" >> "$GITHUB_OUTPUT"
          # Determine version
          if [ "${{ inputs.build }}" == "true" ]; then
            echo "VERSION=development" >> "$GITHUB_OUTPUT"
          else
            echo "VERSION=${{ github.ref_name }}" >> "$GITHUB_OUTPUT"
          fi
  integration:
    runs-on: ubuntu-latest
    needs: determine-tag
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Setup Go
        uses: actions/setup-go@v6
        with:
          go-version: "1.25.0"
      - name: Initialize submodules
        run: |
          git submodule init
          git submodule update
      - name: Apply patches
        run: |
          git apply --directory paerser/ patches/nested_maps.diff
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
        if: ${{ inputs.build == 'true' }}
      - name: Build
        uses: docker/build-push-action@v6
        if: ${{ inputs.build == 'true' }}
        with:
          platforms: linux/amd64
          tags: ghcr.io/${{ github.repository_owner }}/tinyauth:${{ needs.determine-tag.outputs.version }}
          outputs: type=image,push=false
          cache-from: type=gha
          cache-to: type=gha,mode=max
          build-args: |
            VERSION=${{ needs.determine-tag.outputs.version }}
            COMMIT_HASH=${{ needs.determine-tag.outputs.commit_hash }}
            BUILD_TIMESTAMP=${{ needs.determine-tag.outputs.build_timestamp }}
      - name: Set tinyauth version
        run: |
          sed -i "s/TINYAUTH_VERSION=.*/TINYAUTH_VERSION=${{ needs.determine-tag.outputs.version }}/" integration/.env
      - name: Test
        run: make integration
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -15,6 +15,8 @@ jobs:
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          ref: nightly
      - name: Generate metadata
        id: metadata
--- a/6
+++ b/6
@@ -81,11 +81,5 @@ sql:
 	sqlc generate
 # Go gen
 .PHONY: generate
 generate:
 	go run ./gen
 # Proxy integration tests
 .PHONY: integration
 integration:
 	go run ./integration -- --log=false
--- a/frontend/bun.lock
+++ b/frontend/bun.lock
@@ -37,7 +37,7 @@
      "devDependencies": {
        "@eslint/js": "^10.0.1",
        "@tanstack/eslint-plugin-query": "^5.91.4",
-        "@types/node": "^25.4.0",
+        "@types/node": "^25.5.0",
        "@types/react": "^19.2.14",
        "@types/react-dom": "^19.2.3",
        "@vitejs/plugin-react": "^5.1.4",
@@ -417,7 +417,7 @@
    "@types/ms": ["@types/ms@2.1.0", "", {}, "sha512-GsCCIZDE/p3i96vtEqx+7dBUGXrc7zeSK3wwPHIaRThS+9OhWIXRqzs4d6k1SVU8g91DrNRWxWUGhp5KXQb2VA=="],
-    "@types/node": ["@types/node@25.4.0", "", { "dependencies": { "undici-types": "~7.18.0" } }, "sha512-9wLpoeWuBlcbBpOY3XmzSTG3oscB6xjBEEtn+pYXTfhyXhIxC5FsBer2KTopBlvKEiW9l13po9fq+SJY/5lkhw=="],
+    "@types/node": ["@types/node@25.5.0", "", { "dependencies": { "undici-types": "~7.18.0" } }, "sha512-jp2P3tQMSxWugkCUKLRPVUpGaL5MVFwF8RDuSRztfwgN1wmqJeMSbKlnEtQqU8UrhTmzEmZdu2I6v2dpp7XIxw=="],
    "@types/react": ["@types/react@19.2.14", "", { "dependencies": { "csstype": "^3.2.2" } }, "sha512-ilcTH/UniCkMdtexkoCN0bI7pMcJDvmQFPvuPvmEaYA/NSfFTAgdUSLAoVjaRJm7+6PvcM+q1zYOwS4wTYMF9w=="],
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -43,7 +43,7 @@
  "devDependencies": {
    "@eslint/js": "^10.0.1",
    "@tanstack/eslint-plugin-query": "^5.91.4",
-    "@types/node": "^25.4.0",
+    "@types/node": "^25.5.0",
    "@types/react": "^19.2.14",
    "@types/react-dom": "^19.2.3",
    "@vitejs/plugin-react": "^5.1.4",
--- a/go.mod
+++ b/go.mod
@@ -10,7 +10,7 @@ require (
 	github.com/docker/docker v28.5.2+incompatible
 	github.com/gin-gonic/gin v1.12.0
 	github.com/go-jose/go-jose/v4 v4.1.3
-	github.com/go-ldap/ldap/v3 v3.4.12
+	github.com/go-ldap/ldap/v3 v3.4.13
 	github.com/golang-migrate/migrate/v4 v4.19.1
 	github.com/google/go-querystring v1.2.0
 	github.com/google/uuid v1.6.0
@@ -23,11 +23,11 @@ require (
 	golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546
 	golang.org/x/oauth2 v0.36.0
 	gotest.tools/v3 v3.5.2
-	modernc.org/sqlite v1.46.1
+	modernc.org/sqlite v1.47.0
 )
 require (
-	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
+	github.com/Azure/go-ntlmssp v0.1.0 // indirect
 	github.com/BurntSushi/toml v1.4.0 // indirect
 	github.com/Masterminds/goutils v1.1.1 // indirect
 	github.com/Masterminds/semver/v3 v3.2.1 // indirect
@@ -120,7 +120,7 @@ require (
 	golang.org/x/text v0.35.0 // indirect
 	google.golang.org/protobuf v1.36.10 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	modernc.org/libc v1.67.6 // indirect
+	modernc.org/libc v1.70.0 // indirect
 	modernc.org/mathutil v1.7.1 // indirect
 	modernc.org/memory v1.11.0 // indirect
 	rsc.io/qr v0.2.0 // indirect
--- a/go.sum
+++ b/go.sum
@@ -1,7 +1,7 @@
 github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c h1:udKWzYgxTojEKWjV8V+WSxDXJ4NFATAsZjh8iIbsQIg=
 github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
-github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8=
+github.com/Azure/go-ntlmssp v0.1.0 h1:DjFo6YtWzNqNvQdrwEyr/e4nhU3vRiwenz5QX7sFz+A=
-github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
+github.com/Azure/go-ntlmssp v0.1.0/go.mod h1:NYqdhxd/8aAct/s4qSYZEerdPuH1liG2/X9DiVTbhpk=
 github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0=
 github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
 github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ=
@@ -107,8 +107,8 @@ github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 h1:BP4M0CvQ
 github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
 github.com/go-jose/go-jose/v4 v4.1.3 h1:CVLmWDhDVRa6Mi/IgCgaopNosCaHz7zrMeF9MlZRkrs=
 github.com/go-jose/go-jose/v4 v4.1.3/go.mod h1:x4oUasVrzR7071A4TnHLGSPpNOm2a21K9Kf04k1rs08=
-github.com/go-ldap/ldap/v3 v3.4.12 h1:1b81mv7MagXZ7+1r7cLTWmyuTqVqdwbtJSjC0DAp9s4=
+github.com/go-ldap/ldap/v3 v3.4.13 h1:+x1nG9h+MZN7h/lUi5Q3UZ0fJ1GyDQYbPvbuH38baDQ=
-github.com/go-ldap/ldap/v3 v3.4.12/go.mod h1:+SPAGcTtOfmGsCb3h1RFiq4xpp4N636G75OEace8lNo=
+github.com/go-ldap/ldap/v3 v3.4.13/go.mod h1:LxsGZV6vbaK0sIvYfsv47rfh4ca0JXokCoKjZxsszv0=
 github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
 github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
@@ -381,18 +381,18 @@ gotest.tools/v3 v3.5.2 h1:7koQfIKdy+I8UTetycgUqXWSDwpgv193Ka+qRsmBY8Q=
 gotest.tools/v3 v3.5.2/go.mod h1:LtdLGcnqToBH83WByAAi/wiwSFCArdFIUV/xxN4pcjA=
 modernc.org/cc/v4 v4.27.1 h1:9W30zRlYrefrDV2JE2O8VDtJ1yPGownxciz5rrbQZis=
 modernc.org/cc/v4 v4.27.1/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
-modernc.org/ccgo/v4 v4.30.1 h1:4r4U1J6Fhj98NKfSjnPUN7Ze2c6MnAdL0hWw6+LrJpc=
+modernc.org/ccgo/v4 v4.32.0 h1:hjG66bI/kqIPX1b2yT6fr/jt+QedtP2fqojG2VrFuVw=
-modernc.org/ccgo/v4 v4.30.1/go.mod h1:bIOeI1JL54Utlxn+LwrFyjCx2n2RDiYEaJVSrgdrRfM=
+modernc.org/ccgo/v4 v4.32.0/go.mod h1:6F08EBCx5uQc38kMGl+0Nm0oWczoo1c7cgpzEry7Uc0=
-modernc.org/fileutil v1.3.40 h1:ZGMswMNc9JOCrcrakF1HrvmergNLAmxOPjizirpfqBA=
+modernc.org/fileutil v1.4.0 h1:j6ZzNTftVS054gi281TyLjHPp6CPHr2KCxEXjEbD6SM=
-modernc.org/fileutil v1.3.40/go.mod h1:HxmghZSZVAz/LXcMNwZPA/DRrQZEVP9VX0V4LQGQFOc=
+modernc.org/fileutil v1.4.0/go.mod h1:EqdKFDxiByqxLk8ozOxObDSfcVOv/54xDs/DUHdvCUU=
 modernc.org/gc/v2 v2.6.5 h1:nyqdV8q46KvTpZlsw66kWqwXRHdjIlJOhG6kxiV/9xI=
 modernc.org/gc/v2 v2.6.5/go.mod h1:YgIahr1ypgfe7chRuJi2gD7DBQiKSLMPgBQe9oIiito=
-modernc.org/gc/v3 v3.1.1 h1:k8T3gkXWY9sEiytKhcgyiZ2L0DTyCQ/nvX+LoCljoRE=
+modernc.org/gc/v3 v3.1.2 h1:ZtDCnhonXSZexk/AYsegNRV1lJGgaNZJuKjJSWKyEqo=
-modernc.org/gc/v3 v3.1.1/go.mod h1:HFK/6AGESC7Ex+EZJhJ2Gni6cTaYpSMmU/cT9RmlfYY=
+modernc.org/gc/v3 v3.1.2/go.mod h1:HFK/6AGESC7Ex+EZJhJ2Gni6cTaYpSMmU/cT9RmlfYY=
 modernc.org/goabi0 v0.2.0 h1:HvEowk7LxcPd0eq6mVOAEMai46V+i7Jrj13t4AzuNks=
 modernc.org/goabi0 v0.2.0/go.mod h1:CEFRnnJhKvWT1c1JTI3Avm+tgOWbkOu5oPA8eH8LnMI=
-modernc.org/libc v1.67.6 h1:eVOQvpModVLKOdT+LvBPjdQqfrZq+pC39BygcT+E7OI=
+modernc.org/libc v1.70.0 h1:U58NawXqXbgpZ/dcdS9kMshu08aiA6b7gusEusqzNkw=
-modernc.org/libc v1.67.6/go.mod h1:JAhxUVlolfYDErnwiqaLvUqc8nfb2r6S6slAgZOnaiE=
+modernc.org/libc v1.70.0/go.mod h1:OVmxFGP1CI/Z4L3E0Q3Mf1PDE0BucwMkcXjjLntvHJo=
 modernc.org/mathutil v1.7.1 h1:GCZVGXdaN8gTqB1Mf/usp1Y/hSqgI2vAGGP4jZMCxOU=
 modernc.org/mathutil v1.7.1/go.mod h1:4p5IwJITfppl0G4sUEDtCr4DthTaT47/N3aT6MhfgJg=
 modernc.org/memory v1.11.0 h1:o4QC8aMQzmcwCK3t3Ux/ZHmwFPzE6hf2Y5LbkRs+hbI=
@@ -401,8 +401,8 @@ modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8=
 modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns=
 modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w=
 modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE=
-modernc.org/sqlite v1.46.1 h1:eFJ2ShBLIEnUWlLy12raN0Z1plqmFX9Qe3rjQTKt6sU=
+modernc.org/sqlite v1.47.0 h1:R1XyaNpoW4Et9yly+I2EeX7pBza/w+pmYee/0HJDyKk=
-modernc.org/sqlite v1.46.1/go.mod h1:CzbrU2lSB1DKUusvwGz7rqEKIq+NUd8GWuBBZDs9/nA=
+modernc.org/sqlite v1.47.0/go.mod h1:hWjRO6Tj/5Ik8ieqxQybiEOUXy0NJFNp2tpvVpKlvig=
 modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0=
 modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A=
 modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
--- a/integration/.env
+++ b/integration/.env
@@ -1,16 +0,0 @@
 # Nginx configuration
 NGINX_VERSION=1.29
 # Whoami configuration
 WHOAMI_VERSION=latest
 # Traefik configuration
 TRAEFIK_VERSION=v3.6
 TINYAUTH_HOST=tinyauth.127.0.0.1.sslip.io
 WHOAMI_HOST=whoami.127.0.0.1.sslip.io
 # Envoy configuration
 ENVOY_VERSION=v1.33-latest
 # Tinyauth configuration
 TINYAUTH_VERSION=latest
--- a/integration/config.yml
+++ b/integration/config.yml
@@ -1,15 +0,0 @@
 appUrl: http://tinyauth.127.0.0.1.sslip.io
 auth:
  users: test:$2a$10$eG88kFow83l5YRSlTSL2o.sZimjxFHrpiKdaSUZqpLBGX7Y2.4PZG
 log:
  json: true
  level: trace
 apps:
  whoami:
    config:
      domain: whoami.127.0.0.1.sslip.io
    path:
      allow: /allow
--- a/integration/docker-compose.envoy.yml
+++ b/integration/docker-compose.envoy.yml
@@ -1,16 +0,0 @@
 services:
  envoy:
    image: envoyproxy/envoy:${ENVOY_VERSION}
    ports:
      - 80:80
    volumes:
      - ./envoy.yml:/etc/envoy/envoy.yaml:ro
  whoami:
    image: traefik/whoami:${WHOAMI_VERSION}
  tinyauth:
    image: ghcr.io/steveiliop56/tinyauth:${TINYAUTH_VERSION}
    command: --experimental.configfile=/data/config.yml
    volumes:
      - ./config.yml:/data/config.yml:ro
--- a/integration/docker-compose.nginx.yml
+++ b/integration/docker-compose.nginx.yml
@@ -1,16 +0,0 @@
 services:
  nginx:
    image: nginx:${NGINX_VERSION}
    ports:
      - 80:80
    volumes:
      - ./nginx.conf:/etc/nginx/conf.d/default.conf:ro
  whoami:
    image: traefik/whoami:${WHOAMI_VERSION}
  tinyauth:
    image: ghcr.io/steveiliop56/tinyauth:${TINYAUTH_VERSION}
    command: --experimental.configfile=/data/config.yml
    volumes:
      - ./config.yml:/data/config.yml:ro
--- a/integration/docker-compose.traefik.yml
+++ b/integration/docker-compose.traefik.yml
@@ -1,28 +0,0 @@
 services:
  traefik:
    image: traefik:${TRAEFIK_VERSION}
    command: |
      --api.insecure=true
      --providers.docker
      --entryPoints.web.address=:80
    ports:
      - 80:80
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
  whoami:
    image: traefik/whoami:${WHOAMI_VERSION}
    labels:
      traefik.enable: true
      traefik.http.routers.whoami.rule: Host(`${WHOAMI_HOST}`)
      traefik.http.routers.whoami.middlewares: tinyauth
  tinyauth:
    image: ghcr.io/steveiliop56/tinyauth:${TINYAUTH_VERSION}
    command: --experimental.configfile=/data/config.yml
    volumes:
      - ./config.yml:/data/config.yml:ro
    labels:
      traefik.enable: true
      traefik.http.routers.tinyauth.rule: Host(`${TINYAUTH_HOST}`)
      traefik.http.middlewares.tinyauth.forwardauth.address: http://tinyauth:3000/api/auth/traefik
--- a/integration/envoy.yml
+++ b/integration/envoy.yml
@@ -1,105 +0,0 @@
 static_resources:
  listeners:
    - name: "listener_http"
      address:
        socket_address:
          address: "0.0.0.0"
          port_value: 80
      filter_chains:
        - filters:
            - name: "envoy.filters.network.http_connection_manager"
              typed_config:
                "@type": "type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager"
                stat_prefix: "ingress_http"
                use_remote_address: true
                skip_xff_append: false
                route_config:
                  name: "local_route"
                  virtual_hosts:
                    - name: "whoami_service"
                      domains: ["whoami.127.0.0.1.sslip.io"]
                      routes:
                        - match:
                            prefix: "/"
                          route:
                            cluster: "whoami"
                    - name: "tinyauth_service"
                      domains: ["tinyauth.127.0.0.1.sslip.io"]
                      typed_per_filter_config:
                        envoy.filters.http.ext_authz:
                          "@type": "type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthzPerRoute"
                          disabled: true
                      routes:
                        - match:
                            prefix: "/"
                          route:
                            cluster: "tinyauth"
                http_filters:
                  - name: "envoy.filters.http.ext_authz"
                    typed_config:
                      "@type": "type.googleapis.com/envoy.extensions.filters.http.ext_authz.v3.ExtAuthz"
                      transport_api_version: "v3"
                      http_service:
                        path_prefix: "/api/auth/envoy?path="
                        server_uri:
                          uri: "tinyauth:3000"
                          cluster: "tinyauth"
                          timeout: "0.25s"
                        authorization_request:
                          allowed_headers:
                            patterns:
                              - exact: "authorization"
                              - exact: "accept"
                              - exact: "cookie"
                          headers_to_add:
                            - key: "x-forwarded-proto"
                              value: "%REQ(:SCHEME)%"
                            - key: "x-forwarded-host"
                              value: "%REQ(:AUTHORITY)%"
                            - key: "x-forwarded-uri"
                              value: "%REQ(:PATH)%"
                        authorization_response:
                          allowed_upstream_headers:
                            patterns:
                              - prefix: "remote-"
                          allowed_client_headers:
                            patterns:
                              - exact: "set-cookie"
                              - exact: "location"
                          allowed_client_headers_on_success:
                            patterns:
                              - exact: "set-cookie"
                              - exact: "location"
                      failure_mode_allow: false
                  - name: "envoy.filters.http.router"
                    typed_config:
                      "@type": "type.googleapis.com/envoy.extensions.filters.http.router.v3.Router"
  clusters:
    - name: "whoami"
      connect_timeout: "0.25s"
      type: "logical_dns"
      dns_lookup_family: "v4_only"
      lb_policy: "round_robin"
      load_assignment:
        cluster_name: "whoami"
        endpoints:
          - lb_endpoints:
              - endpoint:
                  address:
                    socket_address:
                      address: "whoami"
                      port_value: 80
    - name: "tinyauth"
      connect_timeout: "0.25s"
      type: "logical_dns"
      dns_lookup_family: "v4_only"
      lb_policy: "round_robin"
      load_assignment:
        cluster_name: "tinyauth"
        endpoints:
          - lb_endpoints:
              - endpoint:
                  address:
                    socket_address:
                      address: "tinyauth"
                      port_value: 3000
--- a/integration/integrarion_tests.go
+++ b/integration/integrarion_tests.go
@@ -1,62 +0,0 @@
 package main
 import (
 	"fmt"
 	"io"
 	"net/http"
 	"strings"
 )
 func testUnauthorized(client *http.Client) error {
 	req, err := http.NewRequest("GET", WhoamiURL, nil)
 	if err != nil {
 		return err
 	}
 	resp, err := client.Do(req)
 	if err != nil {
 		return err
 	}
 	defer resp.Body.Close()
 	body, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return err
 	}
 	// nginx and envoy will throw us at the frontend
 	if resp.StatusCode != http.StatusUnauthorized && !strings.Contains(string(body), "<div id=\"root\"></div>") {
 		return fmt.Errorf("expected status code %d or to to contain '<div id=\"root\"></div>', got %d", http.StatusUnauthorized, resp.StatusCode)
 	}
 	return nil
 }
 func testLoggedIn(client *http.Client) error {
 	req, err := http.NewRequest("GET", WhoamiURL, nil)
 	if err != nil {
 		return err
 	}
 	req.SetBasicAuth(DefaultUsername, DefaultPassword)
 	resp, err := client.Do(req)
 	if err != nil {
 		return err
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode != http.StatusOK {
 		return fmt.Errorf("expected status code %d, got %d", http.StatusOK, resp.StatusCode)
 	}
 	return nil
 }
 func testACLAllowed(client *http.Client) error {
 	req, err := http.NewRequest("GET", WhoamiURL+"/allow", nil)
 	if err != nil {
 		return err
 	}
 	resp, err := client.Do(req)
 	if err != nil {
 		return err
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode != http.StatusOK {
 		return fmt.Errorf("expected status code %d, got %d", http.StatusOK, resp.StatusCode)
 	}
 	return nil
 }
--- a/integration/integration.go
+++ b/integration/integration.go
@@ -1,191 +0,0 @@
 package main
 import (
 	"bufio"
 	"context"
 	"errors"
 	"flag"
 	"fmt"
 	"log/slog"
 	"net/http"
 	"os"
 	"os/exec"
 	"path"
 	"time"
 )
 var ProxiesToTest = []string{"traefik", "nginx", "envoy"}
 const (
 	EnvFile    = ".env"
 	ConfigFile = "config.yml"
 )
 const (
 	TinyauthURL = "http://tinyauth.127.0.0.1.sslip.io"
 	WhoamiURL   = "http://whoami.127.0.0.1.sslip.io"
 )
 const (
 	DefaultUsername = "test"
 	DefaultPassword = "password"
 )
 func main() {
 	logFlag := flag.Bool("log", false, "enable stack logging")
 	flag.Parse()
 	rootFolder, err := os.Getwd()
 	if err != nil {
 		slog.Error("fail", "error", err)
 		os.Exit(1)
 	}
 	slog.Info("root folder", "folder", rootFolder)
 	integrationRoot := rootFolder
 	if _, err := os.Stat(path.Join(rootFolder, ".git")); err != nil {
 		if !errors.Is(err, os.ErrNotExist) {
 			slog.Error("fail", "error", err)
 			os.Exit(1)
 		}
 	} else {
 		integrationRoot = path.Join(rootFolder, "integration")
 	}
 	slog.Info("integration root", "folder", integrationRoot)
 	for _, proxy := range ProxiesToTest {
 		slog.Info("begin", "proxy", proxy)
 		compose := fmt.Sprintf("docker-compose.%s.yml", proxy)
 		if _, err := os.Stat(path.Join(integrationRoot, compose)); err != nil {
 			slog.Error("fail", "proxy", proxy, "error", err)
 			os.Exit(1)
 		}
 		if err := createInstanceAndRunTests(compose, *logFlag, proxy, integrationRoot); err != nil {
 			slog.Error("fail", "proxy", proxy, "error", err)
 			os.Exit(1)
 		}
 		slog.Info("end", "proxy", proxy)
 	}
 }
 func runTests(client *http.Client, name string) error {
 	if err := testUnauthorized(client); err != nil {
 		slog.Error("fail unauthorized test", "name", name)
 		return err
 	}
 	slog.Info("unauthorized test passed", "name", name)
 	if err := testLoggedIn(client); err != nil {
 		slog.Error("fail logged in test", "name", name)
 		return err
 	}
 	slog.Info("logged in test passed", "name", name)
 	if err := testACLAllowed(client); err != nil {
 		slog.Error("fail acl test", "name", name)
 		return err
 	}
 	slog.Info("acl test passed", "name", name)
 	return nil
 }
 func createInstanceAndRunTests(compose string, log bool, name string, integrationDir string) error {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
 	composeFile := path.Join(integrationDir, compose)
 	envFile := path.Join(integrationDir, EnvFile)
 	cmdArgs := []string{"compose", "-f", composeFile, "--env-file", envFile, "up", "--build", "--force-recreate", "--remove-orphans"}
 	cmd := exec.CommandContext(ctx, "docker", cmdArgs...)
 	if log {
 		setupCmdLogging(cmd)
 	}
 	if err := cmd.Start(); err != nil {
 		return err
 	}
 	defer func() {
 		cmd.Process.Signal(os.Interrupt)
 		cmd.Wait()
 	}()
 	slog.Info("instance created", "name", name)
 	if err := waitForHealthy(); err != nil {
 		return err
 	}
 	slog.Info("instance healthy", "name", name)
 	client := &http.Client{}
 	if err := runTests(client, name); err != nil {
 		return err
 	}
 	slog.Info("tests passed", "name", name)
 	cmd.Process.Signal(os.Interrupt)
 	if err := cmd.Wait(); cmd.ProcessState.ExitCode() != 130 && err != nil {
 		return err
 	}
 	return nil
 }
 func setupCmdLogging(cmd *exec.Cmd) {
 	stdout, _ := cmd.StdoutPipe()
 	stderr, _ := cmd.StderrPipe()
 	go func() {
 		scanner := bufio.NewScanner(stdout)
 		for scanner.Scan() {
 			slog.Info("docker out", "stdout", scanner.Text())
 		}
 	}()
 	go func() {
 		scanner := bufio.NewScanner(stderr)
 		for scanner.Scan() {
 			slog.Error("docker out", "stderr", scanner.Text())
 		}
 	}()
 }
 func waitForHealthy() error {
 	ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
 	defer cancel()
 	ticker := time.NewTicker(10 * time.Second)
 	client := http.Client{}
 	for {
 		select {
 		case <-ctx.Done():
 			return errors.New("tinyauth not healthy after 5 minutes")
 		case <-ticker.C:
 			req, err := http.NewRequestWithContext(ctx, "GET", TinyauthURL+"/api/healthz", nil)
 			if err != nil {
 				return err
 			}
 			res, err := client.Do(req)
 			if err != nil {
 				continue
 			}
 			if res.StatusCode == http.StatusOK {
 				return nil
 			}
 		}
 	}
 }
--- a/integration/nginx.conf
+++ b/integration/nginx.conf
@@ -1,36 +0,0 @@
 server {
    listen 80;
    listen [::]:80;
    server_name tinyauth.127.0.0.1.sslip.io;
    location / {
        proxy_pass http://tinyauth:3000;
    }
 }
 server {
    listen 80;
    listen [::]:80;
    server_name whoami.127.0.0.1.sslip.io;
    location / {
        proxy_pass http://whoami;
        auth_request /tinyauth;
        error_page 401 = @tinyauth_login;
    }
    location /tinyauth {
        internal;
        proxy_pass http://tinyauth:3000/api/auth/nginx;
        proxy_set_header x-original-url $scheme://$http_host$request_uri;
        proxy_set_header x-forwarded-proto $scheme;
        proxy_set_header x-forwarded-host $host;
        proxy_set_header x-forwarded-uri $request_uri;
    }
    location @tinyauth_login {
      return 302 http://tinyauth.127.0.0.1.sslip.io/login?redirect_uri=$scheme://$http_host$request_uri;
    }
 }