chore(deps): update quay.io/oauth2-proxy/oauth2-proxy docker tag to v7.11.0

This MR contains the following updates:

Package	Type	Update	Change
quay.io/oauth2-proxy/oauth2-proxy (source)	Kustomization	minor	v7.8.1 -> v7.11.0

---

⚠ Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

oauth2-proxy/oauth2-proxy (quay.io/oauth2-proxy/oauth2-proxy)

v7.11.0

Compare Source

v7.10.0

Compare Source

• #​2615 feat(cookies): add option to set a limit on the number of per-request CSRF cookies oauth2-proxy sets (@​bh-tt)
• #​2605 fix: show login page on broken cookie (@​Primexz)
• #​2743 feat: allow use more possible google admin-sdk api scopes (@​BobDu)
• #​2359 feat: add SourceHut (sr.ht) provider(@​bitfehler)
• #​2524 fix: regex substitution for $ signs in upstream path handling before running envsubst (@​dashkan / @​tuunit)
• #​3104 feat(cookie): add feature support for cookie-secret-file (@​sandy2008)
• #​3055 feat: support non-default authorization request response mode also for OIDC providers (@​stieler-it)
• #​3138 feat: make google_groups argument optional when using google provider (@​sourava01)
• #​3093 feat: differentiate between "no available key" and error for redis sessions (@​nobletrout)
• GHSA-7rh7-c77v-6434 fix: skip_auth_routes bypass through query parameter inclusion

v7.9.0

Compare Source

• #​3072 feat: support for multiple github orgs #​3072 (@​daniel-mersch)
• #​3116 feat: bump to go1.24.5 and full dependency update (@​wardviaene / @​dolmen)
• #​3097 chore(deps): update alpine base image to v3.22.0
• #​3101 fix: return error for empty Redis URL list (@​dgivens)

v7.8.2

Compare Source

• #​3031 Fixes Refresh Token bug with Entra ID and Workload Identity (#​3027)[https://github.com/oauth2-proxy/oauth2-proxy/issues/3028] by using client assertion when redeeming the token (@​richard87)
• #​3001 Allow to set non-default authorization request response mode (@​stieler-it)
• #​3041 chore(deps): upgrade to latest golang v1.23.x release (@​TheImplementer)
• #​1916 fix: role extraction from access token in keycloak oidc (@​Elektordi / @​tuunit)
• #​3014 feat: ability to parse JWT encoded profile claims (@​ikarius)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.