chore(docs): update of OEL images

[ory-bot]

Update OEL images

Summary by CodeRabbit

• Documentation

  • Added changelog entries for version 26.2.9 across all self-hosted products documenting security updates and dependency patches
  • Updated release tag information (2026-05-04) for all products

• Bug Fixes

  • Kratos: Strengthened identity schema validation with structural safeguards and improved HTTP security measures

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: bbb621d0-77af-430b-b619-ddb49a05605d

📥 Commits

Reviewing files that changed from the base of the PR and between d86fdb6 and d8faaa9.

📒 Files selected for processing (10)

• docs/self-hosted/oel/keto/changelog/v26.2.9.md
• docs/self-hosted/oel/kratos/changelog/v26.2.9.md
• docs/self-hosted/oel/oathkeeper/changelog/v26.2.9.md
• docs/self-hosted/oel/oauth2/changelog/v26.2.9.md
• docs/self-hosted/oel/oel-hydra-image-tags.md
• docs/self-hosted/oel/oel-keto-image-tags.md
• docs/self-hosted/oel/oel-kratos-image-tags.md
• docs/self-hosted/oel/oel-oathkeeper-image-tags.md
• docs/self-hosted/oel/oel-polis-image-tags.md
• docs/self-hosted/oel/polis/changelog/v26.2.9.md

---

📝 Walkthrough

Walkthrough

This PR documents a v26.2.9 patch release for five self-hosted OEL products (Hydra, Keto, Kratos, Oathkeeper, OAuth2, and Polis), adding changelog entries detailing security-focused dependency updates and Kratos identity-schema hardening, plus updating image tag reference tables.

Changes

v26.2.9 Release Documentation

Layer / File(s)	Summary
Changelog Entries: Core Security Updates docs/self-hosted/oel/keto/changelog/v26.2.9.md, docs/self-hosted/oel/oathkeeper/changelog/v26.2.9.md, docs/self-hosted/oel/oauth2/changelog/v26.2.9.md, docs/self-hosted/oel/polis/changelog/v26.2.9.md	Each product receives a v26.2.9 changelog entry documenting security patch dependency bumps (pgx, moby/spdystream, otel, postcss, uuid, @xmldom/xmldom, axios, and NestJS-related libraries).
Changelog Entry: Product-Specific Hardening docs/self-hosted/oel/kratos/changelog/v26.2.9.md	Kratos v26.2.9 entry additionally documents identity-schema loading hardening: structural limits (body size, nesting depth, key count, array elements, node count), rejection of root-resolving $ref pointers, regex pattern validation, default SSRF-guarded HTTP client, and 1 MiB cache response cap.
Image Tag Table Updates docs/self-hosted/oel/oel-hydra-image-tags.md, docs/self-hosted/oel/oel-keto-image-tags.md, docs/self-hosted/oel/oel-kratos-image-tags.md, docs/self-hosted/oel/oel-oathkeeper-image-tags.md, docs/self-hosted/oel/oel-polis-image-tags.md	Each product's image tag reference table is updated with a new row for v26.2.9 (release date 2026-05-04).

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Suggested reviewers

• vinckr
• aeneasr
• unatasha8
• adamwalach

Poem

🐰 A patch so fine, dependencies aligned,
Security hardened, vulnerabilities confined,
Kratos schemas now stand strong and tall,
Version 26.2.9 releases for all!
Trust and safety, bundled up tight! 🎉

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'chore(docs): update of OEL images' is partially related to the changeset, as it covers documentation updates but is overly broad and doesn't reflect the significant security updates documented in the changelog entries.	Consider a more specific title that highlights the security updates, such as 'chore(docs): add v26.2.9 security patch changelogs for OEL products' or similar.
Description check	❓ Inconclusive	The PR description 'Update OEL images' is vague and generic, lacking specific details about what is being updated or why. It does not follow the template structure with sections for big picture context, issue references, or checklist items.	Provide a detailed description following the template structure, explaining the v26.2.9 security updates, the dependencies being patched, and any relevant issue references or design documents.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch oel-version-update

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 60 minutes.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}