chore(deps): update container image ghcr.io/authelia/authelia to v4.38.2@a1a2d1b by renovate (#19338)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[ghcr.io/authelia/authelia](https://togithub.com/authelia/authelia/pkgs/container/authelia)
([source](https://togithub.com/authelia/authelia)) | minor | `4.37.5` ->
`4.38.2` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>authelia/authelia (ghcr.io/authelia/authelia)</summary>

###
[`v4.38.2`](https://togithub.com/authelia/authelia/releases/tag/v4.38.2)

[Compare
Source](https://togithub.com/authelia/authelia/compare/v4.38.1...v4.38.2)

##### Bug Fixes

- **server:** invalid base url
([#&#8203;6881](https://togithub.com/authelia/authelia/issues/6881))
([22dd505](22dd505726))

##### Docker Container

-   `docker pull authelia/authelia:4.38.2`
-   `docker pull ghcr.io/authelia/authelia:4.38.2`

###
[`v4.38.1`](https://togithub.com/authelia/authelia/releases/tag/v4.38.1)

[Compare
Source](https://togithub.com/authelia/authelia/compare/v4.38.0...v4.38.1)

##### Bug Fixes

- **configuration:** default redirection url check fails
([#&#8203;6867](https://togithub.com/authelia/authelia/issues/6867))
([65a7fc2](65a7fc217b))
- **storage:** mysql migrate failure webauthn
([#&#8203;6866](https://togithub.com/authelia/authelia/issues/6866))
([60cae67](60cae6754d)),
closes
[#&#8203;6859](https://togithub.com/authelia/authelia/issues/6859)

##### Docker Container

-   `docker pull authelia/authelia:4.38.1`
-   `docker pull ghcr.io/authelia/authelia:4.38.1`

###
[`v4.38.0`](https://togithub.com/authelia/authelia/releases/tag/v4.38.0)

[Compare
Source](https://togithub.com/authelia/authelia/compare/v4.37.5...v4.38.0)

#### Overview

It's important users check the [Release Notes on the
Blog](https://www.authelia.com/blog/4.38-release-notes/) as there are
potential necessary changes with experimental/beta features. This fairly
large release is primarily a culmination of effort from
[@&#8203;smkent](https://togithub.com/smkent),
[@&#8203;nightah](https://togithub.com/nightah),
[@&#8203;clems4ever](https://togithub.com/clems4ever),
[@&#8203;mind-ar](https://togithub.com/mind-ar), and
[@&#8203;james-d-elliott](https://togithub.com/james-d-elliott). Many
others have made contributions in this time either in the form of pull
requests, feedback, or some even went as far as contributing their
attitudes.

See the change log below for more information about this release.

##### Bug Fixes

- **commands:** internal services not cleaned up properly
([#&#8203;4966](https://togithub.com/authelia/authelia/issues/4966))
([f44700c](f44700c352)),
closes
[#&#8203;4963](https://togithub.com/authelia/authelia/issues/4963)
- **commands:** missing pkcs8 option
([#&#8203;5270](https://togithub.com/authelia/authelia/issues/5270))
([033d3c0](033d3c0408))
- **commands:** no args not enforced on crypto hash generate
([#&#8203;5237](https://togithub.com/authelia/authelia/issues/5237))
([0f4f5d5](0f4f5d5848))
- **commands:** storage cmd fail when implicit config absent
([#&#8203;5213](https://togithub.com/authelia/authelia/issues/5213))
([569af0f](569af0fef0))
- **configuration:** deprecated secrets not mapped
([#&#8203;6150](https://togithub.com/authelia/authelia/issues/6150))
([5446efb](5446efb48a))
- **configuration:** fail to parse large int duration
([#&#8203;5408](https://togithub.com/authelia/authelia/issues/5408))
([713f8e9](713f8e9ab7))
- **configuration:** illogical refresh interval default
([#&#8203;6319](https://togithub.com/authelia/authelia/issues/6319))
([c49b973](c49b973120))
- **configuration:** optional value not treated as optional
([#&#8203;5853](https://togithub.com/authelia/authelia/issues/5853))
([5edd5fc](5edd5fcf69))
- **configuration:** regression in redis default port
([#&#8203;6428](https://togithub.com/authelia/authelia/issues/6428))
([f93a0b5](f93a0b5bf9))
- **configuration:** secret permission errors panic
([#&#8203;5141](https://togithub.com/authelia/authelia/issues/5141))
([622bf42](622bf42ed4)),
closes
[#&#8203;5138](https://togithub.com/authelia/authelia/issues/5138)
- **configuration:** warning about log level env
([#&#8203;6784](https://togithub.com/authelia/authelia/issues/6784))
([c70c83f](c70c83f745))
- **handlers:** legacy authz failure on nginx
([#&#8203;4956](https://togithub.com/authelia/authelia/issues/4956))
([ab01fa6](ab01fa6bca))
- **logging:** injected time format inconsistent
([#&#8203;5004](https://togithub.com/authelia/authelia/issues/5004))
([b9a6856](b9a6856ff5))
- **middlewares:** failure to detect remote ip
([#&#8203;5339](https://togithub.com/authelia/authelia/issues/5339))
([34ec813](34ec813370))
- **model:** yaml encoding of totp and webauthn fails
([#&#8203;5204](https://togithub.com/authelia/authelia/issues/5204))
([dfbbf1a](dfbbf1a1f3))
- **notification:** error on non-normative login responses
([#&#8203;4729](https://togithub.com/authelia/authelia/issues/4729))
([8ef90ca](8ef90caac9)),
closes
[#&#8203;4717](https://togithub.com/authelia/authelia/issues/4717)
- **notification:** missing display name
([#&#8203;4653](https://togithub.com/authelia/authelia/issues/4653))
([a771cc6](a771cc6c2b))
- **notification:** missing use of timeout
([#&#8203;4652](https://togithub.com/authelia/authelia/issues/4652))
([a691131](a691131288))
- **notification:** smtp auth not configured
([#&#8203;4647](https://togithub.com/authelia/authelia/issues/4647))
([7b8ed46](7b8ed46537))
- **notifier:** mime parts in reverse order
([#&#8203;5623](https://togithub.com/authelia/authelia/issues/5623))
([13b54b4](13b54b41db)),
closes
[#&#8203;5617](https://togithub.com/authelia/authelia/issues/5617)
- **ntp:** startup check skipped when it shouldn't be
([#&#8203;5701](https://togithub.com/authelia/authelia/issues/5701))
([934f68b](934f68b3d3))
- **ntp:** version 4 encoded incorrectly
([#&#8203;4773](https://togithub.com/authelia/authelia/issues/4773))
([b815521](b815521384))
- **oidc:** client auth basic fails on correctly encoded header
([#&#8203;5632](https://togithub.com/authelia/authelia/issues/5632))
([cb116db](cb116dbabf))
- **oidc:** client credentials flow not populating session
([#&#8203;5797](https://togithub.com/authelia/authelia/issues/5797))
([62c36eb](62c36eb0c0))
- **oidc:** client id not in audience whitelist
([#&#8203;5980](https://togithub.com/authelia/authelia/issues/5980))
([ad82ec7](ad82ec7b28))
- **oidc:** csp blocks form_post response form submit
([#&#8203;4719](https://togithub.com/authelia/authelia/issues/4719))
([cf4010b](cf4010b4fb)),
closes
[#&#8203;4669](https://togithub.com/authelia/authelia/issues/4669)
- **oidc:** default response mode not validated
([#&#8203;5129](https://togithub.com/authelia/authelia/issues/5129))
([c8f75b1](c8f75b19af))
- **oidc:** failure to insert with client credentials grant
([#&#8203;5809](https://togithub.com/authelia/authelia/issues/5809))
([895cdc2](895cdc28a0))
- **oidc:** insufficient debug logs on some endpoints
([#&#8203;5783](https://togithub.com/authelia/authelia/issues/5783))
([f09dbee](f09dbee8ef))
- **oidc:** par consent state error
([#&#8203;5880](https://togithub.com/authelia/authelia/issues/5880))
([321a380](321a3803f5))
- **oidc:** par context redirect
([#&#8203;6450](https://togithub.com/authelia/authelia/issues/6450))
([0d0fda8](0d0fda8ac5))
- **oidc:** par model mapping
([#&#8203;5879](https://togithub.com/authelia/authelia/issues/5879))
([e42bbca](e42bbca1ef))
- **oidc:** pkce session generated needlessly
([#&#8203;5762](https://togithub.com/authelia/authelia/issues/5762))
([896752c](896752ce9c))
- **oidc:** pre-config audience not matched
([#&#8203;6513](https://togithub.com/authelia/authelia/issues/6513))
([aee9d28](aee9d28f7c))
- **oidc:** refresh flow scope parameter ignored
([#&#8203;5782](https://togithub.com/authelia/authelia/issues/5782))
([e250ad3](e250ad31eb))
- **oidc:** userinfo endpoint returns additional audience
([#&#8203;5781](https://togithub.com/authelia/authelia/issues/5781))
([0919173](0919173013))
- **server:** errors not logged
([#&#8203;4682](https://togithub.com/authelia/authelia/issues/4682))
([53a6275](53a6275a79))
- **storage:** postgresql webauthn tbl invalid aaguid constraint
([#&#8203;5183](https://togithub.com/authelia/authelia/issues/5183))
([fa250ea](fa250ea7dd)),
closes
[#&#8203;5182](https://togithub.com/authelia/authelia/issues/5182)
- **templates:** plain text email misleading
([#&#8203;5036](https://togithub.com/authelia/authelia/issues/5036))
([a91762c](a91762c15b)),
closes
[#&#8203;4915](https://togithub.com/authelia/authelia/issues/4915)
- **utils:** fix suite setup timeout
([#&#8203;4771](https://togithub.com/authelia/authelia/issues/4771))
([56f0282](56f028294b)),
closes
[#&#8203;4751](https://togithub.com/authelia/authelia/issues/4751)
- webauthn credential user id missing
([#&#8203;5882](https://togithub.com/authelia/authelia/issues/5882))
([4903567](4903567548))
- webauthn user handle encoding
([f567b67](f567b67994))

##### Features

- add systemd security hardening
([#&#8203;6480](https://togithub.com/authelia/authelia/issues/6480))
([648fdfe](648fdfe93b))
- **authentication:** ldap memberof group search
([#&#8203;5418](https://togithub.com/authelia/authelia/issues/5418))
([f79db58](f79db588be)),
closes
[#&#8203;2161](https://togithub.com/authelia/authelia/issues/2161)
- **authentication:** ldap time replacements
([#&#8203;4483](https://togithub.com/authelia/authelia/issues/4483))
([d67554a](d67554ab88)),
closes
[#&#8203;1964](https://togithub.com/authelia/authelia/issues/1964)
[#&#8203;1284](https://togithub.com/authelia/authelia/issues/1284)
- **authentication:** suport ldap over unix socket
([#&#8203;5397](https://togithub.com/authelia/authelia/issues/5397))
([fb5c285](fb5c285c25))
- **commands:** config template command
([#&#8203;6013](https://togithub.com/authelia/authelia/issues/6013))
([16b0e20](16b0e20244))
- **commands:** go build info
([#&#8203;5775](https://togithub.com/authelia/authelia/issues/5775))
([37ee009](37ee0092c8))
- **commands:** storage import/export commands
([#&#8203;4545](https://togithub.com/authelia/authelia/issues/4545))
([d7ab3bb](d7ab3bb633))
- **configuration:** disallow public suffix domains
([#&#8203;4855](https://togithub.com/authelia/authelia/issues/4855))
([598ea2b](598ea2bb19))
- **configuration:** env config file discovery
([#&#8203;4618](https://togithub.com/authelia/authelia/issues/4618))
([0130edb](0130edb870))
- **configuration:** file filters
([#&#8203;4515](https://togithub.com/authelia/authelia/issues/4515))
([c7f4d59](c7f4d5999d))
- **configuration:** freeipa ldap implementation
([#&#8203;4482](https://togithub.com/authelia/authelia/issues/4482))
([d0d80b4](d0d80b4f66)),
closes
[#&#8203;2177](https://togithub.com/authelia/authelia/issues/2177)
[#&#8203;2161](https://togithub.com/authelia/authelia/issues/2161)
- **configuration:** glauth ldap implementation
([#&#8203;4499](https://togithub.com/authelia/authelia/issues/4499))
([d3d87ff](d3d87ffe30))
- **configuration:** lldap implementation
([#&#8203;4498](https://togithub.com/authelia/authelia/issues/4498))
([5b8b314](5b8b3145ad))
- **configuration:** load config from directory
([#&#8203;4616](https://togithub.com/authelia/authelia/issues/4616))
([cc1e58e](cc1e58e004))
- **configuration:** rfc2307bis implementation
([#&#8203;4900](https://togithub.com/authelia/authelia/issues/4900))
([2e6d17b](2e6d17ba8a))
- **configuration:** unix socket listener subpath
([#&#8203;6463](https://togithub.com/authelia/authelia/issues/6463))
([7a97373](7a9737381f))
- **handlers:** authz authrequest authelia url
([#&#8203;5181](https://togithub.com/authelia/authelia/issues/5181))
([2dcfc0b](2dcfc0b04c))
- **logging:** date time layout
([#&#8203;6333](https://togithub.com/authelia/authelia/issues/6333))
([786985e](786985e7b1)),
closes
[#&#8203;6136](https://togithub.com/authelia/authelia/issues/6136)
- **metrics:** record openid connect histogram
([#&#8203;5769](https://togithub.com/authelia/authelia/issues/5769))
([bd04624](bd04624c09))
- **notification:** important events notifications
([#&#8203;4644](https://togithub.com/authelia/authelia/issues/4644))
([f685f24](f685f247cf))
- oauth2 authorization bearer
([#&#8203;6774](https://togithub.com/authelia/authelia/issues/6774))
([fb50f1a](fb50f1a70c)),
closes
[#&#8203;2023](https://togithub.com/authelia/authelia/issues/2023)
[#&#8203;188](https://togithub.com/authelia/authelia/issues/188)
- **oidc:** auth policy applied per-subject
([#&#8203;5486](https://togithub.com/authelia/authelia/issues/5486))
([db6d95c](db6d95cae9)),
closes
[#&#8203;2621](https://togithub.com/authelia/authelia/issues/2621)
- **oidc:** client authentication modes
([#&#8203;5150](https://togithub.com/authelia/authelia/issues/5150))
([3d2da0b](3d2da0b070))
- **oidc:** client credentials grant type
([#&#8203;5729](https://togithub.com/authelia/authelia/issues/5729))
([b829e1b](b829e1b8a4))
- **oidc:** client_secret_jwt client auth
([#&#8203;5031](https://togithub.com/authelia/authelia/issues/5031))
([42671d3](42671d3edb))
- **oidc:** client_secret_jwt client auth
([#&#8203;5253](https://togithub.com/authelia/authelia/issues/5253))
([1dbfbc5](1dbfbc5f88))
- **oidc:** disable minimum parameter entropy
([#&#8203;5495](https://togithub.com/authelia/authelia/issues/5495))
([32c6880](32c68804e0))
- **oidc:** jwk selection by id
([#&#8203;5464](https://togithub.com/authelia/authelia/issues/5464))
([65f69ae](65f69aeb4e))
- **oidc:** jwt profile for oauth 2.0 access tokens
([#&#8203;5913](https://togithub.com/authelia/authelia/issues/5913))
([9a28de5](9a28de558f))
- **oidc:** jwt response for introspection
([#&#8203;5840](https://togithub.com/authelia/authelia/issues/5840))
([34b7a47](34b7a47bc8))
- **oidc:** jwt secured authorization response mode
([#&#8203;5914](https://togithub.com/authelia/authelia/issues/5914))
([0196e0b](0196e0b7ff))
- **oidc:** per-client custom token lifespans
([#&#8203;5741](https://togithub.com/authelia/authelia/issues/5741))
([788be59](788be599c0))
- **oidc:** per-client pkce enforcement policy
([#&#8203;4692](https://togithub.com/authelia/authelia/issues/4692))
([adaf069](adaf069eab))
- **oidc:** private_key_jwt client auth
([#&#8203;5280](https://togithub.com/authelia/authelia/issues/5280))
([65ecfe4](65ecfe4b9a))
- **oidc:** pushed authorization requests
([#&#8203;4546](https://togithub.com/authelia/authelia/issues/4546))
([ff6be40](ff6be40f5e))
- **oidc:** requested audience policy
([#&#8203;6002](https://togithub.com/authelia/authelia/issues/6002))
([c950736](c9507368ab))
- **oidc:** server issuer identification
([#&#8203;5912](https://togithub.com/authelia/authelia/issues/5912))
([0da4abf](0da4abfd48))
- **oidc:** signed discovery
([#&#8203;6003](https://togithub.com/authelia/authelia/issues/6003))
([357ce8e](357ce8efdc))
- **server:** customizable authz endpoints
([#&#8203;4296](https://togithub.com/authelia/authelia/issues/4296))
([65705a6](65705a646d)),
closes
[#&#8203;2753](https://togithub.com/authelia/authelia/issues/2753)
[#&#8203;3716](https://togithub.com/authelia/authelia/issues/3716)
- **server:** handle head method
([#&#8203;5003](https://togithub.com/authelia/authelia/issues/5003))
([a345490](a345490826))
- **server:** listen on unix sockets
([#&#8203;5038](https://togithub.com/authelia/authelia/issues/5038))
([90d1901](90d190121d))
- **server:** recover panics
([2c6a8e1](2c6a8e18ba))
- **server:** update default headers
([#&#8203;5881](https://togithub.com/authelia/authelia/issues/5881))
([e9e2969](e9e2969bad))
- **session:** multiple session cookie domains
([#&#8203;3754](https://togithub.com/authelia/authelia/issues/3754))
([8b29cf7](8b29cf7ee8)),
closes
[#&#8203;1198](https://togithub.com/authelia/authelia/issues/1198)
- **session:** redirection by cookie domain
([#&#8203;6017](https://togithub.com/authelia/authelia/issues/6017))
([6a6059d](6a6059dc22))
- **templates:** add multiline helper functions
([#&#8203;6227](https://togithub.com/authelia/authelia/issues/6227))
([00725ec](00725ec7b1))
- **templates:** templating functions
([#&#8203;4635](https://togithub.com/authelia/authelia/issues/4635))
([55a6794](55a6794370))
- **totp:** reuse policy
([5d3e7a0](5d3e7a0183))
- **web:** add password policy visible feedback on password change
([#&#8203;5714](https://togithub.com/authelia/authelia/issues/5714))
([b0746dc](b0746dc4d4)),
closes
[#&#8203;5048](https://togithub.com/authelia/authelia/issues/5048)
- **web:** caps lock detection
([61c30b3](61c30b373f))
- **web:** multiple webauthn credential registration
([c0dbdd9](c0dbdd97ab)),
closes [#&#8203;275](https://togithub.com/authelia/authelia/issues/275)
[#&#8203;4366](https://togithub.com/authelia/authelia/issues/4366)
- **web:** one-time codes for identity verification
([e618cf3](e618cf3416)),
closes
[#&#8203;3801](https://togithub.com/authelia/authelia/issues/3801)
- **web:** per-device two factor method
([b33dabb](b33dabbe6e)),
closes
[#&#8203;1699](https://togithub.com/authelia/authelia/issues/1699)
- **web:** privacy policy url
([#&#8203;4625](https://togithub.com/authelia/authelia/issues/4625))
([a566c16](a566c16d08)),
closes
[#&#8203;2639](https://togithub.com/authelia/authelia/issues/2639)
- **web:** revoke reset password tokens
([2a38819](2a388194fb)),
closes [#&#8203;136](https://togithub.com/authelia/authelia/issues/136)
- **web:** second factor identity verification
([d62d79e](d62d79e581)),
closes [#&#8203;135](https://togithub.com/authelia/authelia/issues/135)
- **web:** user one-time password preferences
([87d2a34](87d2a3419d))

##### Performance Improvements

- **server:** cached openapi document
([#&#8203;4674](https://togithub.com/authelia/authelia/issues/4674))
([1c3219e](1c3219e93f))
- **web:** lazy loading
([87747a5](87747a50ed))

##### Docker Container

-   `docker pull authelia/authelia:4.38.0`
-   `docker pull ghcr.io/authelia/authelia:4.38.0`

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://togithub.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNDkuMyIsInVwZGF0ZWRJblZlciI6IjM3LjI0OS4zIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=-->

charts/premium/authelia/Chart.yaml

@@ -4,10 +4,10 @@ annotations:
   truecharts.org/SCALE-support: "true"
   truecharts.org/category: security
   truecharts.org/max_helm_version: "3.14"
-  truecharts.org/min_helm_version: "3.12"
+  truecharts.org/min_helm_version: "3.11"
   truecharts.org/train: premium
 apiVersion: v2
-appVersion: 4.37.5
+appVersion: 4.38.2
 dependencies:
   - name: common
     version: 20.1.5
@@ -51,4 +51,4 @@ sources:
   - https://github.com/truecharts/charts/tree/master/charts/premium/authelia
   - https://ghcr.io/authelia/authelia
 type: application
-version: 23.6.0
+version: 23.7.0

charts/premium/authelia/values.yaml

@@ -1,7 +1,7 @@
 image:
   repository: ghcr.io/authelia/authelia
   pullPolicy: IfNotPresent
-  tag: 4.37.5@sha256:25fc5423238b6f3a1fc967fda3f6a9212846aeb4a720327ef61c8ccff52dbbe2
+  tag: 4.38.2@sha256:a1a2d1b2befab7faa0bb8c68c791c26b28c517b1fd6e1eec05d4335ffbf9aeaa
 manifestManager:
   enabled: true
 workload: