Conversation
JoshuaWilkes
approved these changes
Mar 26, 2026
Collaborator
JoshuaWilkes
left a comment
JoshuaWilkes
left a comment
There was a problem hiding this comment.
LGTM, test should be fixed once you merge #929 in to main
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
Apr 2, 2026
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [common-fate/granted](https://github.com/common-fate/granted) | minor | `v0.38.0` → `v0.39.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>common-fate/granted (common-fate/granted)</summary> ### [`v0.39.0`](https://github.com/fwdcloudsec/granted/releases/tag/v0.39.0) [Compare Source](fwdcloudsec/granted@v0.38.0...v0.39.0) Granted v0.39.0 is the first release published under the [fwdcloudsec](https://github.com/fwdcloudsec) organization. This release includes new features, bug fixes, and updates to the release infrastructure. #### Release Infrastructure Changes Starting with v0.39.0, Granted releases are published to new infrastructure under the `granted.dev` domain: - **Binary downloads** are now hosted at [releases.granted.dev](https://releases.granted.dev) - **Linux APT repository** has moved to `apt.releases.granted.dev` — see the [installation docs](https://docs.granted.dev/getting-started) for updated setup instructions - **Homebrew** (`brew install fwdcloudsec/granted/granted`) now builds from source via the [fwdcloudsec/homebrew-granted](https://github.com/fwdcloudsec/homebrew-granted) tap. Prebuilt macOS binaries are not currently available — if you need them, please [open a discussion](https://github.com/fwdcloudsec/granted/discussions) - **GPG signing key** has been updated ([fwdcloudsec/granted-docs#4](fwdcloudsec/granted-docs#4)). The APT repository signing key has been updated too — see the installation docs for the new key Previous releases remain available at `releases.commonfate.io`. #### Features - **OAuth Authorization Code + PKCE flow for SSO login** — adds a more secure SSO authentication method ([#​923](fwdcloudsec/granted#923)) by [@​dgilmanuni](https://github.com/dgilmanuni) - **Hierarchical RoleSessionName resolution** — role session names are now resolved hierarchically when assuming roles ([#​884](fwdcloudsec/granted#884)) by [@​FredPerr](https://github.com/FredPerr) - **`GRANTED_BROWSER_PROFILE` env var** — override the browser profile used for console sessions via an environment variable ([#​914](fwdcloudsec/granted#914)) by [@​billyjbryant](https://github.com/billyjbryant) - **Zen browser support** — native support for the Zen browser ([#​930](fwdcloudsec/granted#930)) by [@​meyerjrr](https://github.com/meyerjrr) #### Bug Fixes - Fix `--mfa-token` flag being ignored in credential process mode ([#​908](fwdcloudsec/granted#908)) by [@​dafujii](https://github.com/dafujii) - Fix AWS profile being set incorrectly when role chaining ([#​841](fwdcloudsec/granted#841)) by [@​raine-tingley](https://github.com/raine-tingley) - Fix Nix install path detection for fish and tcsh shell aliases ([#​921](fwdcloudsec/granted#921)) by [@​pyrex41](https://github.com/pyrex41) - Fix SSO browser stdout noise ([#​916](fwdcloudsec/granted#916)) by [@​benjamin-pilgrim](https://github.com/benjamin-pilgrim) - Fix `TooManyRequests` exception handling ([#​912](fwdcloudsec/granted#912)) by [@​silvaalbert](https://github.com/silvaalbert) - Fix AWS config directory permissions ([#​843](fwdcloudsec/granted#843)) by [@​jescarri](https://github.com/jescarri) - Fix `ExportCredentialSuffix` nil handling ([#​915](fwdcloudsec/granted#915)) by [@​supergibbs](https://github.com/supergibbs) - Fix help message for `browser set` command ([#​909](fwdcloudsec/granted#909)) by [@​LZong-tw](https://github.com/LZong-tw) - Fix `--ref` flag when adding git profile registries ([#​864](fwdcloudsec/granted#864)) by [@​chrnorm](https://github.com/chrnorm) #### Console Service Map Added support for: AWS Control Tower, CloudFront, ElastiCache, SQS, Cognito, and Global Accelerator ([#​871](fwdcloudsec/granted#871), [#​877](fwdcloudsec/granted#877), [#​893](fwdcloudsec/granted#893)) #### Housekeeping - Upgraded to Go 1.25 and renamed module to `github.com/fwdcloudsec/granted` ([#​913](fwdcloudsec/granted#913)) - Removed legacy Common Fate integrations and plugins ([#​855](fwdcloudsec/granted#855), [#​861](fwdcloudsec/granted#861)) - Cleaned up registry package ([#​805](fwdcloudsec/granted#805)) by [@​EloyTolosaDev](https://github.com/EloyTolosaDev) - Dependency updates ([#​922](fwdcloudsec/granted#922)) by [@​ericofusco](https://github.com/ericofusco) #### New Contributors - [@​jescarri](https://github.com/jescarri), [@​raine-tingley](https://github.com/raine-tingley), [@​EloyTolosaDev](https://github.com/EloyTolosaDev), [@​FredPerr](https://github.com/FredPerr), [@​mikegray](https://github.com/mikegray), [@​LZong-tw](https://github.com/LZong-tw), [@​dafujii](https://github.com/dafujii), [@​supergibbs](https://github.com/supergibbs), [@​ericofusco](https://github.com/ericofusco), [@​pyrex41](https://github.com/pyrex41), [@​benjamin-pilgrim](https://github.com/benjamin-pilgrim), [@​silvaalbert](https://github.com/silvaalbert), [@​billyjbryant](https://github.com/billyjbryant), [@​dgilmanuni](https://github.com/dgilmanuni) Thank you to everyone who contributed to this release! **Full Changelog**: <fwdcloudsec/granted@v0.38.0...v0.39.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTAiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbIlJlbm92YXRlIEJvdCIsImF1dG9tYXRpb246Ym90LWF1dGhvcmVkIiwiZGVwZW5kZW5jeS10eXBlOjptaW5vciJdfQ==-->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What changed?
Adds support for the Zen browser, which is based off firefox which supports granted containers.
Why?
I have moved to using Zen and want a faster way to switch between which browser I use + keeping the custom template for testing. There has also been community interest in Zen support.
Examples:
This PR removes the need to specify a custom browser path for Zen spoofing as Firefox. By giving the native option of selecting Zen as an option.
How did you test it?
granted browser set+ select 'Zen'assume -cOS tested on:
Potential risks
Low risk as just adding a new entrypoint for existing interface for browser support
Is patch release candidate?
No, new feature
Link to relevant docs PRs