.github/workflows/pen-tests.yml

@@ -32,7 +32,7 @@ jobs:
         run: sleep 30s
 
       - name: ZAP Scan
-        uses: zaproxy/action-full-scan@v0.10.0
+        uses: zaproxy/action-full-scan@v0.12.0
         with:
           target: http://localhost:3001
           cmd_options: "-a"

README.md

@@ -18,58 +18,38 @@
 
 # Logto
 
-Logto[^info] is an open-source Identity and Access Management (IAM) platform designed to streamline Customer Identity and Access Management (CIAM) and Workforce Identity Management. With Single Sign-On (SSO), OIDC-based authentication, and Multi-Tenant SaaS capabilities, Logto offers a scalable, secure, and developer-friendly way to manage authentication for modern web and mobile application
-
-## Getting started
-- [Join now](https://discord.gg/vRvwuwgpVX) the 💬 [Logto Discord server](https://discord.gg/vRvwuwgpVX) and connect with developers! Get real-time support, share ideas, and stay updated on all things identity management.
-- Deploy today by [registering now](https://auth.logto.io/register) for a free, full featured development tenant 
-- Follow the [quick start](https://logto.io/quick-starts/?utm_source=github&utm_medium=repo_logto) guide to begin managing authentication efficiently.
-- Check out our [📖 integrations](https://docs.logto.io/integrations?utm_source=github&utm_medium=repo_logto) to start integrating Logto with your application today.
-- A step-by-step getting started is available on 📖 [Logto docs](https://docs.logto.io/docs/get-started/welcome/?utm_source=github&utm_medium=repo_logto).
-- Visit 🎨 [Logto website](https://logto.io/?utm_source=github&utm_medium=repo_logto) for a brief introduction if you are new to Logto.
-
-> [!IMPORTANT]
-> [Subscribe now](https://logto.io/subscribe/?utm_source=github&utm_medium=repo_logto) to stay updated with the latest information about the Logto and receive feature updates in real-time.
+Logto[^info] is an open-source identity and access management infrastructure for modern apps and SaaS products, supporting OIDC, OAuth 2.0 and SAML open standards for authentication and authorization.
 
 ## Key features
 
-### 🧑‍💻 Comprehensive frontend-to-backend identity solution
+### 🧑‍💻 Comprehensive frontend-to-backend identity solutions
 
-- Enables OpenID Connect (OIDC) based authentication with Logto SDKs.
+- Enables OpenID Connect (OIDC) based authentication and authorization with Logto SDKs.
 - Supports passwordless sign-in, along with various options like email, phone number, username, Google, Facebook, and other social sign-in methods.
-- Offers beautiful UI components with customizable CSS to suit your business needs.
+- Offers beautiful prebuilt UI with customizable options to suit your business needs.
 
 ### 📦 Out-of-the-box infrastructure
 
-- Includes a ready-to-use [Management API](https://openapi.logto.io/), serving as your authentication provider, thus eliminating the need for extra implementation.
-- Provides SDKs that seamlessly integrate your apps with Logto across multiple platforms and languages, tailored to your development environment.
-- Offers flexible connectors that can be scaled with community contributions and customized with SAML, OAuth, and OIDC protocols.
+- Includes a ready-to-use [Management API](https://openapi.logto.io/) that allows you to build customized functionality on top of Logto.
+- Provides various [official SDKs and guides](https://docs.logto.io/quick-starts) that help you integrate your apps with Logto across multiple platforms and languages.
+- Offers flexible [social and message connectors](https://docs.logto.io/integrations) that can be used for one-click social sign-ins and customized with SAML, OAuth, and OIDC protocols.
 
 ### 💻 Enterprise-ready solutions
 
-- Implements [role-based access control (RBAC)](https://docs.logto.io/docs/recipes/rbac/) for scalable authorization.
-- Enables user management with [audit logs](https://docs.logto.io/docs/recipes/inspect-audit-logs/) to track identity-related activities and maintain security.
-- Enables [single sign-on (SSO)](https://docs.logto.io/docs/recipes/single-sign-on/) and [multi-factor authentication (MFA)](https://docs.logto.io/docs/recipes/multi-factor-auth/) without minimal coding.
-- Leverage [Logto organizations](https://docs.logto.io/docs/recipes/organizations/understand-how-it-works/) to build [multi-tenancy](https://blog.logto.io/tenancy-models/) apps with ease.
+- Implements [role-based access control (RBAC)](https://docs.logto.io/authorization/role-based-access-control) for scalable authorization.
+- [Organizations](https://docs.logto.io/organizations/understand-how-organizations-work) is the way to build [multi-tenancy](https://blog.logto.io/tenancy-models) apps with ease.
+- Enables user management with [audit logs](https://docs.logto.io/developers/audit-logs) to track identity-related activities and maintain security.
+- Provides [single sign-on (SSO)](https://docs.logto.io/end-user-flows/enterprise-sso) and [multi-factor authentication (MFA)](https://docs.logto.io/end-user-flows/mfa) without coding.
 
-## Customer Identity Access Management (CIAM) introductory courses
-For a more approachable introduction, check out Logto’s ***Customer Identity Access Management (CIAM) introductory courses***:
-- [CIAM 101](https://blog.logto.io/ciam-101-intro-authn-sso/): Authentication, Identity, Single sign-on (SSO)
-- [CIAM 102](https://blog.logto.io/ciam-102-authz-and-rbac/): Authorization & Role-based Access Control
+## Get started
 
-## Deep dives 
-For a ***deeper understanding*** of key identity management topics, explore our [blog](https://blog.logto.io/):
-- [Understanding token exchange in OAuth/OIDC](https://blog.logto.io/token-exchange)– Learn about token-based authentication systems.
-- [Opaque token vs JWT](https://blog.logto.io/opaque-token-vs-jwt) – Discover the differences between token types for authentication.
-- [When should I use JWTs?](https://blog.logto.io/when-should-i-use-jwts) – A guide on when to use JSON Web Token (JWT) for secure authentication.
-- [Bring your own sign-in UI](https://blog.logto.io/bring-your-own-ui)– Customize your user interface (UI) with Logto Cloud for flexible authentication.
+### Logto Cloud
 
-## Launch Logto today
-### Interactive demo
+Try [Logto Cloud](https://cloud.logto.io/?sign_up=true&utm_source=github&utm_medium=repo_logto) to start the Logto journey with zero deployment overhead.
 
-- Try [Logto Cloud](https://cloud.logto.io/?sign_up=true&utm_source=github&utm_medium=repo_logto) to have the same dev experience and zero deployment overhead.
+### GitPod
 
-- If you're launching Logto [via GitPod](https://gitpod.io/#https://github.com/logto-io/demo), please wait for the message `App is running at https://3002-...gitpod.io` to appear in the terminal, press Command (**CMD**) on macOS or Ctrl on Windows, then click the URL starting with `https://3002-` to continue your Logto journey.
+You can launch Logto [via GitPod](https://gitpod.io/#https://github.com/logto-io/demo). Please wait for the message `App is running at https://3002-...gitpod.io` to appear in the terminal, press Command on macOS or Ctrl on Windows, then click the URL starting with `https://3002-` to continue your Logto journey.
 
 ### Docker Compose
 
@@ -106,24 +86,22 @@ Logto uses the [default browserslist config](https://github.com/browserslist/bro
 
 - Our team takes security seriously, especially when it relates to identity. If you find any existing or potential security issues, please do not hesitate to email 🔒 [security@logto.io](mailto:security@logto.io).
 - About other bug reports, feature requests, and feedback, you can:
-  - Directly 🙋 [open an issue](https://github.com/logto-io/logto/issues/new) on GitHub;
+  - Directly 🙋 [open an issue](https://github.com/logto-io/logto/issues/new) on GitHub if you find a bug.
   - 💬 [Join our Discord server](https://discord.gg/vRvwuwgpVX) to have a live chat.
+  - 📧 [Subscribe to our newsletter](https://logto.io/subscribe) to stay tuned on our latest articles and updates.
 
 ## Licensing
 
 [MPL-2.0](LICENSE).
 
 ## Contributing
 
-We have a [contributing guideline](https://github.com/logto-io/logto/blob/master/.github/CONTRIBUTING.md) available. Feel free to [contact us](https://logto.io/contact) before coding.
-
-## Contact us
-
-**Have questions or need support?** We’re here to help! Reach out to our team anytime. If you need assistance or have inquiries about Logto, [Contact Us](https://logto.io/contact), and we’ll make sure you have everything you need to succeed.
+We have a [contributing guideline](https://github.com/logto-io/logto/blob/master/.github/CONTRIBUTING.md) available. Feel free to reach out to us before coding.
 
 ## Resources
-- [📚 Logto docs](https://docs.logto.io/?utm_source=github&utm_medium=repo_logto)
-- [📝 Logto blog](https://blog.logto.io/?utm_source=github&utm_medium=repo_logto)
+
+- [📚 Logto docs](https://docs.logto.io/?utm_source=github&utm_medium=repo_logto) for 
+- [📝 Logto blog](https://blog.logto.io/?utm_source=github&utm_medium=repo_logto) for in-depth articles, tutorials, and updates.
 - [🔗 Logto API](https://openapi.logto.io/?utm_source=github&utm_medium=repo_logto)
 - Check out our [awesome list](./AWESOME.md) of community-contributed resources.
 

packages/cli/CHANGELOG.md

@@ -1,5 +1,14 @@
 # Change Log
 
+## 1.25.0
+
+### Patch Changes
+
+- Updated dependencies [1c7bdf9ba]
+- Updated dependencies [b0135bcd3]
+  - @logto/schemas@1.25.0
+  - @logto/connector-kit@4.2.0
+
 ## 1.24.1
 
 ### Patch Changes

packages/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@logto/cli",
-  "version": "1.24.1",
+  "version": "1.25.0",
   "description": "Logto CLI.",
   "author": "Silverhand Inc. <contact@silverhand.io>",
   "homepage": "https://github.com/logto-io/logto#readme",
@@ -42,9 +42,9 @@
     "url": "https://github.com/logto-io/logto/issues"
   },
   "dependencies": {
-    "@logto/connector-kit": "workspace:^4.1.1",
+    "@logto/connector-kit": "workspace:^4.2.0",
     "@logto/core-kit": "workspace:^2.5.4",
-    "@logto/schemas": "workspace:1.24.1",
+    "@logto/schemas": "workspace:1.25.0",
     "@logto/shared": "workspace:^3.1.4",
     "@silverhand/essentials": "^2.9.1",
     "@silverhand/slonik": "31.0.0-beta.2",

packages/connectors/connector-aliyun-dm/CHANGELOG.md

@@ -1,5 +1,54 @@
 # @logto/connector-aliyun-dm
 
+## 1.3.0
+
+### Minor Changes
+
+- 03ea1f96c: feat: custom email templates in multiple languages via Management API
+
+  ## Details
+
+  Introduce localized email template customization capabilities. This update allows administrators to create and manage multiple email templates for different languages and template types (e.g., SignIn, ForgotPassword) via the management API.
+
+  Email connectors now support automatic template selection based on the user's preferred language. If a template is not available in the user's preferred language, the default template will be used.
+
+  - For client-side API requests, like experience API and user account API, the user's preferred language is determined by the `Accept-Language` header.
+  - For server-side API requests, like organization invitation API, email language preference can be set by passing extra `locale` parameter in the `messagePayload`.
+  - The email template selection logic is based on the following priority order:
+    1. Find the template that matches the user's preferred language detected from the request.
+    2. Find the template that matches the default language set in the sign-in experience settings.
+    3. Use the default template set in the email connector settings.
+
+  ### Management API
+
+  - `PUT /email-templates`: Bulk create or update email templates.
+  - `GET /email-templates`: List all email templates with filter by language and type support.
+  - `DELETE /email-templates`: Bulk delete email templates by language and type.
+  - `GET /email-templates/{id}`: Get a specific email template by ID.
+  - `DELETE /email-templates/{id}`: Delete a specific email template by ID.
+  - `PATCH /email-templates/{id}/details`: Update email template details by ID.
+
+  ### Supported email connectors
+
+  - `@logto/connector-aliyun-dm`
+  - `@logto/connector-aws-ses`
+  - `@logto/connector-mailgun`
+  - `@logto/connector-sendgrid-email`
+  - `@logto/connector-smtp`
+
+  ### Unsupported email connectors
+
+  The following email connectors have their templates managed at the provider side and do not support reading templates from Logto.
+  The user's preferred language will be passed to the provider as the `locale` parameter in the email sending request payload. For i18n support, administrators must manage the template selection logic at the provider side.
+
+  - `@logto/connector-postmark`
+  - `@logto/connector-http-email`
+
+### Patch Changes
+
+- Updated dependencies [b0135bcd3]
+  - @logto/connector-kit@4.2.0
+
 ## 1.2.1
 
 ### Patch Changes

packages/connectors/connector-aliyun-dm/package.json

@@ -1,9 +1,9 @@
 {
   "name": "@logto/connector-aliyun-dm",
-  "version": "1.2.1",
+  "version": "1.3.0",
   "description": "Aliyun DM connector implementation.",
   "dependencies": {
-    "@logto/connector-kit": "workspace:^4.1.1",
+    "@logto/connector-kit": "workspace:^4.2.0",
     "@silverhand/essentials": "^2.9.1",
     "got": "^14.0.0",
     "snakecase-keys": "^8.0.1",

packages/connectors/connector-aliyun-sms/CHANGELOG.md

@@ -1,5 +1,18 @@
 # @logto/connector-aliyun-sms
 
+## 1.3.0
+
+### Minor Changes
+
+- bca4177c6: add `strictPhoneRegionNumberCheck` to config with default value `false`
+
+  When this configuration is enabled, the connector will assume by default that all phone numbers include a valid region code and rely on this to determine whether the phone number belongs to mainland China. If your users' phone numbers do not include a region code due to historical reasons, their sign-in processes may be affected. Please enable this setting with caution.
+
+### Patch Changes
+
+- Updated dependencies [b0135bcd3]
+  - @logto/connector-kit@4.2.0
+
 ## 1.2.1
 
 ### Patch Changes

packages/connectors/connector-aliyun-sms/package.json

@@ -1,9 +1,9 @@
 {
   "name": "@logto/connector-aliyun-sms",
-  "version": "1.2.1",
+  "version": "1.3.0",
   "description": "Aliyun SMS connector implementation.",
   "dependencies": {
-    "@logto/connector-kit": "workspace:^4.1.1",
+    "@logto/connector-kit": "workspace:^4.2.0",
     "@silverhand/essentials": "^2.9.1",
     "got": "^14.0.0",
     "snakecase-keys": "^8.0.1",

packages/connectors/connector-amazon/CHANGELOG.md

@@ -1,5 +1,13 @@
 # @logto/connector-amazon
 
+## 0.1.1
+
+### Patch Changes
+
+- f67500cb5: update connector logo for light mode and dark mode
+- Updated dependencies [b0135bcd3]
+  - @logto/connector-kit@4.2.0
+
 ## 0.1.0
 
 ### Minor Changes