kanidm-docs-1.4.3~git1.078625c-bp156.10.1<>,HgHI%z ICUZȠ [MFD/.vaWK.3֝7_"x tݖOY_$IY >g=D:$ʺTS%~wY$uhʝRM7Mf"ד4B}|/X<16Y3cu_xj> SlN&p)EedE 5jYpқ.R* 裱Fs"y?""H.Z")Xz}V ٘1gaa{-Q@G4kK~LyAOWB-)mXhwf tl3>x-T==&6EjdfC6%_2 _D i* By@=~rz`?> -.rWWP܁cDGHS*!v~%kvᲰ{Ntod@Hy=MR`/!kZxu%PHʦGj+31 >;x?hd! , T     l + ,$.1447L7p77(8$88,1981:=o1F5GLHI,XY\ ]|^bc4defluvhz"dCkanidm-docs1.4.3~git1.078625cbp156.10.1Documentation for Kanidm AdministrationDocumentation for using and configuring Kanidm.gHi02-armsrv2zSUSE Linux Enterprise 15openSUSEMPL-2.0http://bugs.opensuse.orgUnspecifiedhttps://github.com/Firstyear/kanidmlinuxaarch64zV tSB7R! *MV!! F -@1HkU@%e92a17wGE '\ *<y \ 1Z? /Y=QRm7- 1W  >=? y p!t & +')u'64n BX!&  x &9 D  ) < (AAA큤A큤A큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤gHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgHgH48d79940aaecb8141e968f2679f5d78cfb1dfe34b7e69ee3f43c02e3e9c3cfd4623503b4bb56558de27f1b4bf87b36defdf64625f5f2b1b4f8f35d61a81f9ad2950288ce01196461ec6497c270ca4a170ed1beeed54f81b4f4c70cd0a06cf486faa8b27a6f05358505bf70ceea26b8ae9ab84469705cdb5ec939e606ba1ef03a5350e05c2cd061031c96fa048a70e3f68f6fc6879fee02590cb96b41fd997ca66ae4786743d89c19010b3ed37561b1c738f2931a046764a2cbc908d6bbc0ee57ea985ff7222e65e800a338b6f762402454cc8ff5754954a654289d99a9e3b9c9bd6c4659d8e1600239b86e437942a4c74cea8ccaad9f369f30a4087c04032ca6f28b04378654078effb6f34cae7e6605a8c7af1bc7f45f27e9ec095ca7860fda442b51f67d61c4a6a9fa7dc1202250c3a5d01310dead3f047fc9033c987795cd6933d58d0da96791a9a5deee6c907565be0cd5bb4aaaf35f0c88f1affcf742ca8fedf7455f634d7bd2877929cd94d9298abdcd0f1b057a430e3f0d996f187a766df6b873b8b83a94aac5579d058ec2fae3ec0682f8c734987ea9c9a546622cbb1e7977dc473d2b9ab4f715299825771852ded79a87a833d2cb902f39f2d8c4bbaf8d8fb7dd56638d306d113671be13bae404d9601940c393b22f84685ac9520e62dfe35450d215edb2c496fc659f6562be094da9a66241e5844a9938bf4973fb1c2bf51f217e5e080ac6c523147b173d36cf87466892aa2b4b4c1927e27d1e999c322642bbb1baa06715f35d0f4ecaaae547d3f037a0a08865c7dee9c04cff420afbe5e48037a94327c69728582ebd6187a334335b00b0e6b9c995ae04892d2cf2944848ebaa6055aef440da1669b926b2eb49da7dd611d3bca679186045d3c45672985cc9a69a8666ab578013e089dfa8a25988bd0624fc27a54b78612cf859bd0c8f3e1b96872198eae5e4c463bf81142ad85a80b1a7838ff6c97202411bbeb9cd72ded7ad1e854d98205230ea5e25d50992a77dece6d8d6c1f0454ad285d7161c2914f1881f19437acb11a173ba2bef3e58f0c6df22627446375b1e9dcdd9e2e2c0b110bfa983b593983cb28ef08cd48f220e3c7a5063819e51ab49cf253c171f6612692236d3705c569a5843e5a4bdc1d3bd520fd46ec03061ffe937445395fa65eee85cd3758f2467679c5e581a72f7e82a60ca631e4eb94e081381b0e3cbfbae0df183699600f8be17948cbb2198d831d4e511b99f516d188a25aed90bd041db276abb6a96bc1edf5967682c05cd17e158e8eb7da49f73b40059dacfe01357261530447ffc00a7e0d10850ff0d07dd5eb7752da3c7caf7a60e94bfd925e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8556694b3f3a3122d01b410ff3565fd6a8eb2b8565af0a367ee4a756ca485a30d5fe4b600f2967f665a4a2c16476293550c0da85ed85068ab43727dc137119ef1f1db7d69a59340751d182d392eb25c554c339f07c32bce53d52f7acbb8a971382549a73fa98465f1bebb068c8b7fdd418a859115c28516044ac10472feced6bf4abd2cea12c073c5676c5de7f0ea5f983fdf3ffa0f7a363ca35ab4e3e386506cdc22429ad31324815e063a0e13cb667725b70de7cfe746eaac8cb5fbcb393b4a16f075d233e913836ac2734bdf32a114c7bb6ed5caf26e1e5bff0ed574e46c5f3b28dcb0b030b79d365954dc435e93494f02bf3b892b3501ceae7c0ad0a28f0f71d3caf0a9ce9a774b882fd5be3bebe916fc5bd52a97cf36599c26c6465ed1168f41cdf5f8f38ae16832c63d7406421a473773bd940f1b6a32b357e6c2a190ae46823fab0bd86677850d5491b2a58fa0eb8c8d205ea88c067ffb6015db7bbb04d7a8919000e9495c73b9f52b473bb057d059246bf7493a76fa5b11a8ad81149cf22a70fed19be0837b2265636308f2614a23f355dbca597e40b400e366d7dcc9edf9f6126f435b24faf3bfea6c4a00573be9aff2a01ddbb7735068968731ad321e4d55de413cd09040d1948a3cce85ab6a81a22f6c8b63e31fc1a3e62c1b7ecd1ee2bccc191cf2112f41dc24b147836ca57057da3ea70c83d886a2a11c4b46dfb7dc5e9d69d5b0ab85488570d1d35b232b8ff547f5c7f9009271ab08fd714d197bd37ee734216b942fc06dad357abbf159a6c3b3b92ddb531b5ebd1e29e642cf5b50ff9e5d0abf919446ae44afca406fdb9155f5d38b0377d43e3889b07079e1f1cc9c1d2955088c0233760d7af1a2ab73dc65cb0f0991ab31d654eafd6a3e900250a2439625505dcaae5bce4487787246a1e9c1997f6750911ad4ab269367ff5ff2363e54e9597eba40424a9cdc8e1d96b3b0b05cd9e5eec18a6feab0138904e42f2b63a5486fbd413c57eab2d3f9be179d93a19d94e1764cc63df14a6ad1eadafc09ccf00d77347901a17574dddd827161c02c352c8413de547b24c28603e82ac1e9d202ad3e76359f5a131c5f5cc2758a77c8868fc3dadc20ebf2e2dc7da22421fa1a06cb0bdbcca209cdb9be1b78a183bb29215f541634884df440adcf12193a4f848b307b86f4828efad8d20879a2c34729e0797b12c1a84a68079333dc1980831f027a47a51075e337ebe828a2484500452639ff127bb8c5a422223c7bfb52fbaf43a11fd4270db73742ac0dbef42ad16223eeb0dcfecb69ddddb840d1ed4ee2f918d924dfa9315bbceb634ee4c2ff98fdbd76e00e4ec99971a53a08049cf7a40bde125b7d48d113059bde79f6246cd44b6103cb7b436ca67237fea6420f9fd80cfb51ef931f4c272cca731ef27f9ba47adbd6a89bc08eb5ae09eec4b79f00d4a9f18f8493914595ed774523633f14c640276068a5b3950fee3f69074b9a1875cf21638400a49354bc884f9ff24bcde52d65c034a21faa8dea3f383a236ea99e1687fc44a76172ab29480bdf9c35af8f172d63805acf135995302ba45082deafbd5be41451bb4efdf77018be644b7c39ca75fd7fe1b4d90afad0c60ba0e8aa620d4d167c5fae4dff9a478a8cd50cc5f0a612a35df32e2ddad99f229f6e02ffebc44d43e938f483c1936ce80782feb239524711cad2eb9087f60136b5800c378bbe80bfeb42c5e06ff2228d04f19b16c1e3d02f69a7c3c7c743f2192ebad429d40d4dcc3b10a28e129bd4f2798b28021227c44df7c492a38cdd445bf26faafdf676c12d4736c3ddb37b90ddf5f873cbf6ea76e508d3cc82738eb843ee1eb84b5838628f9a76be3afe03c2ea183ddb97f07a906d077979f2e3264443d8edbd8bc3045aa3a1558937b32729429cef1f8d25db9447679e82cce4ecef74fe5b3da1a7de784b45ac831afbc25acaa6a5c94a8e2c04c04a5b6348f4c5b7eafc3ce763e84528630de5f0f67e28a9bdc6b0a5bcd15caeff240b71b762bbfe2e1ae1cb78c013d1d618a21adc03edab851d9fdca9f532cf972884825516fa4182fd6c24b8ad1172537c940dd6e783e1d819db69e561318559d37830355be1595797fa8e4377c73bb74c71cfdd698f32606256ba8c479d2b377a9814933bac371fa3fae6544e1c9964ff3f81a1e48f4bd3d67272c18d04733a310106137357b6136c9394f74ced558237f170d19aab317bd5d59ce5b7794205d725af1c4ab8d83d54ce44207cdb19569fa72f2d4d240177341af26e1da6856821a2b0b10525d26bc28554237622a84111bd071913f8b117ab5485d9caec2af6de7a4cbfde41a174093c9f00c44cc18e2f1e49f79c456d536afe57c2ca557921dcf4009cdb0a4fa55a3b02be89cd338f442d738f0749161d39d3c6749a69b45a208419d2aeb6e80c49e80470e1a5e764b760752592b50a57fdb03574ef23687a6464bfb1a4d95162fcb425a34059231cbbc5c516d46067fc684d0ad63dc1d3bdc6852e63e3a5748bf18b827a813c15667d288e6ada6b95a8a17c0d748912379b787c5bc804491ecd58aa3318fb4adae997c242066993d921c9789558582132b94c37622f487f4023879d12ab2fde4b8931afcc6573bb4b941a1e8ff4c48b217e9c0c917c7994dfc7af201628c59c487978e5137dbc10900dcfa3e0e2a516345cc79d013373ecee767afdabaef1f035f2f9dfe2187cf2d16c8b2b1c1c78d6d74708f37405592bba43b3ed5e8cc62b9b2dc9e0137fe0e426315112460d6fc9cd49e1bcdfb58e9bb16c6366983fd0bc865e15977e7add0cb2e41840cd2ed5516bcaf86ac61b1eea526eca14eb1a3c1f74ea8c16c1483173423bdbff12c6a1f082fdfa58762bde09c79af8b7a787bb027715e1f88f18bf97b53f046fce10290967fe9958682b1d43eb5d6c9afa3d46f02eb3fb4a6239baadecf85cd3ab3ae72c3befa62872f9d9306fd976e3a46c9a471a5532330bc996cedb56971c3d711125f5c741bc3d486ded1e1e9bf999eeb1829ac972ee47fac55cb9dfe2d69b824073c017fcccb8625cba3b76b18400ba1a3fa52a1daf7a13e81404339d2113416657f5b10e6e25234d689fc1bc72ef8ed53eb86336d19a1a1c0564c201eb6f2ba3ab7378cc0902dd3f403092f46450d1653a3479643a31a34dc1822b0a87fd992aefd8418c7f2a32ecc66c655325b44e4fa5492c82c5385d8538e7b147ae32a4f50e44793dd18761430256a8c50ec606f9901e0ed90695a34584c0a59346a5fd0e58e3f06852a1c0b7f06de7e1edc59e4b6546d5a259b78a31739bec18e3fe5bdad8ec274eb121632cd812d734cb66e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8553e4b5e8280c6e1c7f1285f322d4d870e0a8a8822f67a0e8c5470b8b13e2f52635feb411de2c76a1ca1b69e9b93d10d30a9123dcb390d03d40805bdcea9039ec7fd9e14ee19f91a790b1a207e4227cf9d95c1c9afe2633f22e963c9226f5062743015456f03ccee83f47f4f064e726a5a33710c60d7fde6c5d878f9b6148c05b913e3d2da1073393c130692dd1a1f6b0d4e40bb4c5312c5a811eb78d12e76490ce8db713cc4cda2862ac5df01770e9646890784203e861583e8812489c0f8de20ea8257539506921d9d06bdbcdc2e067d3f7e3e4d71abada2fa8bbdd78b0a91a7644710fd75c8e63e0907cf91eefd47bcba7a7dd0dac9cf54c8cc28f1850de306aac4d283e152241d8ee3269db48c189c1d9300d9d1e5032ec943dd5333f826b63bea36931fb1d328dc61fe76ee6818c68db649724021cbb5b6a99d65977bcdfa0e5c7abe59031b7440f610efee424822106d0461a95401f1060f0d0639790410f4ef57c6bbbc1275d6cda53a7505b70c501eb7f205879bd52d80d4fcf3d6f155fc387d75911426bf88405501a564e674b2d749e402ad1b06d108654373e5347a946447688150bb8038b34b912a10f4ddbe926909f073a9b516074887e8309300f786b5abe2ae9a8cb49feb95b275db68d93adf6e2e0e1633b7cb633dc65ca6a206e4d16b1c8e1296ba73d694ba8344b0695d6954f655736ddaca6fc48925d29454de480bbe084889c2aecb72d8db5b4cd70036d45d4a66fb8a2bd8add89b09f89e81cb2036c98d1278e3092614c70053f178c2950bec6c1e6bf9ecb9bb4be2046403846cfee2647f07f53412bdf9644cdd7500ad9e937d14b5ad69772dc02e4309c4dd0149fc181c083c375881fb1d407acaa2282c3477eb292246e9827e9f21a00ae52ed74dcac8ad2f8959996b387ddebcf862f75cfc8fe19a1fda3c66eec813d6e8bb9e6c8a57565b106b9023fbc6d58079c42caa230304af4040c62484274ed23576bbef4726dd9b4bc25f4a194f17e6eee8481f3514cf30bcd6b2b2e4c461f1b1f99b4309a9566c13fadb82e8f6eda9814bc01edea8d2af6aebc9f158f60867167b6b933036dd27a0303b9424dfa3bb5a5ea4a49a11e1f74ad155da31797bc2e8b37ddeb93221c4c8c1532826864bcd1e924de123b911ce771f5f8685be4c2ba808803ecd2c0308254106373e612dba9493ef774304fc074386dfd47cec0623e4b8a725c5e631dd8105749589d5e90e29ab7dfd29fb932e7a028c89f0e22ea93d05321a8febab42a1df0a1bc5e2fd6746386c174b9c803d7c6ab5c3a0691bda989941bbe08d46cf5f7160f36aa74c0b618769d9af07f2fd5e44e9248d209e54c4799e2df0a1330e039f3e9652875931d8e15e113753163a840420f979dfb187a0619d540bc2980b96a5d2459377906662cc8bb4f7a02b4c4990707e67farootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootkanidm-1.4.3~git1.078625c-bp156.10.1.src.rpmkanidm-docskanidm-docs(aarch-64)     rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rpmlib(TildeInVersions)3.0.4-14.6.0-14.0-15.2-14.10.0-14.14.3g@r@g@r@g*g'eg$ffą@fV@f@fafXj@fH@f2.ffe @eeԔ@epee@@dQd@ddOd9@@cwcT@ck@ca @c*ccbbnv@bL/@b/.@a+@aaV@`@`s```8@`e__u_'@william.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwilliam.brown@suse.comWilliam Brown William Brown william.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.deWilliam Brown - Update to version 1.4.3~git1.078625c: * Update to latest fido-mds-tool (#3230)- Update to version 1.4.3~git0.fb00176: * Release 1.4.3 * Warn when v2 options are used in v1 unixd config (#3228) * Resolve UI Auth Loop with OAuth2 (#3226) * Harden transport in pam unixd (#3227) * Improve warning around invalid JWT deserialisation (#3224) * Update and fix server config files in examples. (#3225) * Change CLI oauth2 command from set-display-name to set-displayname for consistency. (#3212) * Add docs on customising Kanidm. (#3209) * Correct spelling of occurred (#3222) * UI/Feature polish (#3191) * Prevent Invalid MFA Reg States (#3194) * Change CSS for applications so SVG scales nicely in Firefox. (#3200) * 20241109 3185 max age (#3196) * Hoist max_age to prevent incorrect deserialisation (#3190) * Release 1.4.2 * Re-migrate all acps to force updating (#3184) * security - low - fault in migrations (#3182)- Update to version 1.4.1~git0.ad93202: * Release 1.4.1 * Correct missing CSP header (#3177) * Resolve pam services not always having a tty (#3176)- Update to version 1.4.0~git2.770efa8: * Resolve incorrect handling of rhost in pam (#3171)- Update to version 1.4.0~git1.c297c3f: * Docker makefile latest * Release 1.4.0 * chore: Made oauth2 scopes required in CLI (#3165) * More "choosing a domain" revision (#3161) * Update missing inputmode numeric when adding a new TOTP. (#3160) * Improve OAuth2 authorisation ux (#3158) * Fix attribute scim sync attribute naming (#3159) * Change to text input and use numeric mode for TOTP prompts. (#3154) * Fix release note date and typos (#3153) * Release 1.4.0-pre * Release Notes (#3149) * Remove WASM (#3148) * Rewrite "choosing a domain", add other considerations (#3147) * Harmonize UI and remove unused css (#3033) * ripping out some extra packages (#3146) * OAuth2 Device flow foundations (#3098) * htmx by default (#3145) * Support reloading via systemd (#3144) * Chore: Refactor Groups to be more generic (#3136) * 20241024 1271 cert reload on SIGHUP (#3140) * Update docs, improve locking (#3141) * 2856 - use tags for containers on build (#3139) * Fix image when too smol (#3138) * yale's rabbit-hole-chasing-htmx-fixing-megapatch (#3135) * ipinfo should be single value (#3137) * Tidy the reauth ui (#3130) * Add missing schemas to get OpenAPI validation to pass. (#3129) * Change some OperationError into HTTP Bad Request (400). (#3125) * Bump the all group with 11 updates (#3127) * Bump the all group in /pykanidm with 5 updates (#3128) * Fill in some Swagger API docs for a few v1 endpoints. (#3126) * Diagram Improvements in Book (#3124) * Fix passkey auth flow redirects (#3123) * Improve handling of inaccesible shadow file (#3122) * Log HTTP Not Found (404) as info log level. (#3119) * more errors for the people (#3121) * 20241017 unixd home (#3113) * 20241017 3107 token ttl (#3114) * docs: Update kanidm_ppa instructions for new repo logic (#3117) * fix(lint) minor lint fix for unnecessary match use (#3118) * Totp input changes (#3115) * Add the strict flag on client creates for developers (#3111) * Working scim entry get for person (#3088) * Add nss testframework and fallback when daemon offline (#3093) * Improve deb packaging, add aarch64 (#3083) * Cache buster buster (#3091) * fix(http): status content type should be JSON (#3096) * Bump the all group across 1 directory with 7 updates (#3106) * Bump the all group across 1 directory with 10 updates (#3103) * 20241012 attr name SCIM fix (#3102) * Scim add EntryReference (#3079) * Bump the all group across 1 directory with 3 updates (#3094) * Fix Increment Replication Post Upgrade (#3089) * Remove white background from square logo (#3087) * Add support for group extension (#3081) * 20240921 ssh keys and unix password in credential update session (#3056) * Fix landing and redirect URLs for GitLab, add some useful links (#3055) * [htmx] Make it harder to miss the save button on the cred update page (#3013) * Add example Outline config (#3076) * 20240925 cleanups (#3060) * Add instructions for unlinking Homebrew Rust on macOS (#3085) * Don't reprompt for login when no session exists in cli (#3082) * Make good on some TechDebt (#3084) * Feat: Adding POSIX Password fallback (#3067) * Bump the all group across 1 directory with 13 updates (#3080) * Complete the implementation of the posix account cache (#3041) * 20240926 tech debt (#3066) * Fix migration of last mod cid (#3065) * Increase totp secret size (#3061) * Bump mozilla-actions/sccache-action from 0.0.5 to 0.0.6 in the all group (#3075) * Improve pipe handling on linux (#3069) * reformat oauth2 URL list, highlight legacy bits (#3062) * scim_proto: fix incorrect language tag (#3064) * Add ownCloud example config (#3059) * Add example config for JetBrains Hub / YouTrack (#3058) * Bump the all group with 8 updates (#3053) * Bump the all group in /pykanidm with 3 updates (#3054) * Document basic authenticating GitLab to Kanidm (#3050) * fix(doc): updating docker container ref (#3049) * Resolve incorrect SCIM Sync serialisation (#3047) * CLI image error nicening (#3037) * Add rfc7009 and rfc7662 metadata to oidc discovery (#3046) * More openapi tweaks (#3038) * Bump the all group with 6 updates (#3044) * Bump the all group in /pykanidm with 3 updates (#3043) * fix(docs): make it clearer that bearer auth is a thing (#3031) * implements additional traits for filter types (#3036) * 20240810 SCIM entry basic (#3032) * CreatedAt/ModifiedAt fix (#3034) * Pykanidm fixes (#3030) * 20240906 Attribute as an Enum Type (#3025) * Bump the all group with 9 updates (#3029) * Bump the all group in /pykanidm with 4 updates (#3028) * Credentials page/Self cred update flow UI improvements (#3012) * 20240828 Support Larger Images, Allow Custom Domain Icons (#3016) * MemberOf in search implies DirectMemberOf (#3024) * fix(kanidm): don't allow empty string fields on CLI (#3018) * Bump cryptography from 42.0.4 to 43.0.1 in /pykanidm in the pip group (#3023) * generate completions for elvish and fish (#3015) * Bump the all group with 4 updates (#3021) * Bump the all group in /pykanidm with 3 updates (#3022) * 20240820 SCIM value (#2992) * fix(daemon): handling IPv6 addresses in healthcheck (#3004) * fix(webui): Javascript errors after server-side update blocking login. Fixed after cache invalidating (#3011) * OAuth2 Token Type (#3008) * Bump the all group in /pykanidm with 4 updates (#3007) * Bump the all group with 8 updates (#3006) * Spattering of oauth2 stuff (#3000) * Doc multi instance (#2997) * Expose group rename (#2999) * feat: self cred update flow (#2995) * Better Error Message (#2998) * Add missing group for application admin (#2991) * enforcen den clippen (#2990) * 20240817 group mail acp (#2982) * 20240810 application passwords (#2968) * Bump the all group with 17 updates (#2986) * Bump the all group in /pykanidm with 3 updates (#2985) * Mail substr index (#2981) * Doc format, add api-token section (#2975) * [HTMX] small profile improvements (#2974) * Foundations of pam/nss multi resolver * TLS, no seriously. (#2963) * Update suse.md to avoid Authentication token manipulation error (#2973) * Add Alpine Linux installation instructions (#2871) * Bump the all group across 1 directory with 10 updates (#2966) * [HTMX] User settings (#2929) * Bump the all group in /pykanidm with 2 updates (#2965) * Docs updates (#2961) * Bump aiohttp from 3.10.0 to 3.10.2 in /pykanidm in the pip group (#2962) * Prevent bug in pam (#2960) * Improve migration error message (#2959) * Fix incorrect logic in cred update flow (#2956) * Docker-and-docs-fixes (#2954) * Bump the all group in /pykanidm with 5 updates (#2952) * Bump the all group with 10 updates (#2953) * Added orca flag to extend privileged authentication expiry (#2949) * In honour of SebaT, error on db lock acq timeout (#2947) * Add measurement of lock acquisition (#2946) * [htmx] Credential Update page (#2897) * Update to 1.4.0-dev (#2943)- explicitly depend on cargo to pull in latest compiler revision- Update to version 1.3.3~git0.f075d13: * Release 1.3.3 * Mail substr index (#2981)- Update to version 1.3.2~git0.229b0cc: * Release 1.3.2 * Prevent bug in pam (#2960) * Reduce client logging noise * Improve migration error message (#2959)- Update to version 1.3.1~git0.eed7c07: * Fix incorrect logic in cred update flow (#2956) * Resolve maintainer bikeshedding- Update to version 1.3.0~git0.e2a563f: * Release 1.3.0 (#2941) * New orca models (#2909) * Run rust_build CI between multiple Rust versions (#2939) * Bump the all group across 1 directory with 9 updates (#2938) * Bump the all group in /pykanidm with 4 updates (#2937) * fixing println bug (#2935) * Reorganising the daemon startup so it doesn't fail with OTEL configured (#2934) * clippying all the things (#2931) * docs reordering and cleanup (#2932) * Add scim proto to kanidm, refactor to improve serde performance. (#2933) * 20240725 allow connection to older servers (#2930) * Ubuntu/Debian buildy scripty tweaky things (#2928) * kanidm graph graphviz unfit for scripting bc. of non-graphviz output (#2876) * Improve workflow when account policy isnt satisfied (#2927) * Docs rework (#2919) * Bump the all group in /pykanidm with 4 updates (#2924) * Bump the all group with 5 updates (#2925) * Substring Indexing (#2905) * Oauth2 in htmx (#2912) * Strict redirect URL enforcement (#2917) * Bump gix-path from 0.10.8 to 0.10.9 in the cargo group (#2918) * fix typos (#2908) * Add missing groups scope to Grafana example scope-map (#2914) * build profiles: rename release_suse_generic to release_linux (#2907) * 20240716 check mkdir (#2906) * Fix issues with suspend reported by himmelblau (#2911) * Implement home_mount_path logic (#2894) * Forcing the http2 feature on hyper, but also chasing some out of date packages (#2896) * Updating service type per kanidm/kanidm#2892 (#2898) * making the internals of kanidmclientconfig public for other users (#2895) * enable build htmx in docker (#2893) * Fixes the logout flow in htmx and improves the login error dialog (#2889) * htmx logout tidy up (#2884) * Tidy up replication poll interval (#2883) * Bump the all group with 8 updates (#2899) * Bump the all group in /pykanidm with 2 updates (#2900) * Add a migration for future versions that will notify and warn about the removal of security keys. (#2885) * Update mtls cert lifetime (#2886) * Bump zipp from 3.16.2 to 3.19.1 in /pykanidm in the pip group (#2888) * [htmx] Apps page (#2868) * Bump the all group in /pykanidm with 3 updates (#2879) * Bump the all group across 1 directory with 10 updates (#2881) * 20240703 htmx (#2870) * Bump certifi from 2023.7.22 to 2024.7.4 in /pykanidm (#2877) * Offer configuration of images for Oauth2 resources (#2665) * 2818 2511 oauth2 urls (#2867) * Vale Edits 0.1 (#2869) * added orca docker file, make target and credential reset capabilities (#2846) * 20240620 htmx (#2854) * Bump the all group in /pykanidm with 2 updates (#2864) * Bump the all group with 5 updates (#2865) * Fixed link to the developers guide (#2862) * Tweaks to make the makefile make things make easier. * Update sssd.md * adding freebsd target_os * Bump the all group across 1 directory with 8 updates (#2852) * Bump the all group in /pykanidm with 3 updates (#2849) * Bump the all group with 2 updates (#2850) * Configurable thread count (#2847) * 20240613 performance improvements (#2844) * Bump urllib3 from 2.0.7 to 2.2.2 in /pykanidm (#2843) * Allow providers to be box dyn (#2794) * Bump the all group in /pykanidm with 2 updates (#2842) * illumos support (#2838) * 20240611 performance (#2836) * Bump the all group across 1 directory with 3 updates (#2837) * Bump the all group across 1 directory with 5 updates (#2835) * 20240607 2417 piv (#2829) * fix: typos in OpenApi (#2827) * Bump authlib from 1.3.0 to 1.3.1 in /pykanidm (#2834) * Bump the all group with 7 updates (#2811) * Double shutdown doesn't help! (#2828) * Stats collection improvements and a bunch of other stuff (#2820) * Add development taint flag to prevent mismatch of server versions (#2821) * Remove small ambiguity in docs (#2823) * lowering "access search" security log levels (#2819) * Better WebAuthn and other error responses (#2608) * Update examples/server_container.toml (#2814) * Bump the all group in /pykanidm with 3 updates (#2812) * 20240530 nightly warnings (#2806) * Regrets Dot Pee Enn Gee (#2804) * Resolve incorrect handling of tokens in logout flow (#2795) * 2756 - resolve invalid loading of dyngroups at startup (#2779) * WIP: serialization and domain info setting wonkiness (#2791) * Bump the all group in /pykanidm with 3 updates (#2799) * fix DB_PATH variable propagation (#2797) * feat: add support for ldap compare request (#2780) * Add ACP checking to exists operations. (#2790) * Allow name write privileges to be withheld (#2773) * Check for same version with backup/restore (#2789) * Revive Cookies. (#2788) * Fixing up the docs deploy script (#2787) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2781) * Update our domain TGT level (#2776) * Fix PIN and MFA Code pam prompts (#2759) * Update design for KRC (#2713) * Add some extra comparisons to the readme (#2768) * strip out some debug messages unless *really* debugging. (#2767) * Update dev version (#2726) * Don't need to check versions when there's an intermediary reporting connectivity issues (#2758) * updating text to fix typo, add more info (#2761) * Changing TOTP "copy" box from form field to code block. (#2765) * chore(deps-dev): bump ruff in /pykanidm in the all group (#2763) * Use fully qualified container URLS (#2754) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2747) * chore(deps-dev): bump jinja2 from 3.1.3 to 3.1.4 in /pykanidm (#2752) * Fixing up build for rust 1.78, hiding things behind cfg(test) etc. (#2753) * Fix broken links in
sections (#2737) * Update Webauthn and Base64 (#2734) * Add some metadata for lib macros (#2735) * chore(deps): bump the all group in /pykanidm with 7 updates (#2729) * Clean up utils password rand generation. (#2727)- Update to version 1.2.2~git0.c4153c9: * Resolve incorrect handling of tokens in logout flow (#2795) (#2803)- Update to version 1.2.1~git0.ba82b1a: * 2756 - resolve dyngroups not loading correctly at startup (#2778)- Update to version 1.2.0~git0.9efa91a: * Release 1.2.0 (#2733) * Prepare 1.2.0 * Release 1.2.0 prep (#2724) * Minor upgrade fixes (#2722) * Resolve OAuth2 client/rs confusion (#2719) * Improve access control doc to describe privilege access mode (#2721) * Support 1.1 attribute in LDAP (#2720) * Add mail support to groups (#2718) * Add session limit (#2714) * added profile and `memberof` search to the basic model (#2712) * chore(deps): bump the all group in /pykanidm with 4 updates (#2717) * Fix typo in oauth2 error message (#2715) * 20240409 rework orca markov (#2699) * Begin the basis of the key provider model (#2640) * chore(deps): bump the all group in /pykanidm with 4 updates (#2707) * chore(deps): bump peaceiris/actions-mdbook from 1 to 2 in the all group (#2706) * chore(deps): bump idna from 3.4 to 3.7 in /pykanidm (#2703) * fix(TotpDigits): fix typo in TryFrom impl (#2702) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2696) * chore(deps): bump h2 from 0.3.25 to 0.3.26 (#2694) * Windows Hello Authentication requirements (#2688) * chore(deps): bump the all group with 1 update (#2690) * chore(deps-dev): bump the all group in /pykanidm with 1 update (#2691) * Require kanidm-unixd before kanidm-unixd-tasks (#2687) * kanidm unixd mfa capabilities (#2672) * Add Grafana integration to OAuth2 documentation (#2685) * [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686) * ldap-sync: allow to use attrs more than once (#2676) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2683) * chore(deps): bump the all group with 1 update (#2682) * fix(docs): packaging section improved (#2677) * Fix developer ethics link (#2674) * fix(docs): filename, header and title mismatch fixes (#2660) * 20240312 concread upgrade (#2668) * fix(docs): capitalization fixes (#2659) * fix(docs): links corrected (#2661) * fix api typo (#2657) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2662) * chore(deps): bump the all group in /pykanidm with 9 updates (#2656) * Update bootstrap 5.0.2 to 5.3.3 & minor UI fixes (#2650) * fix(docs): typos, grammar and broken link fixes (#2644) * increase severity for "{:?} !⊆ allowed: {:?}" (#2648) * Add instructions on how to enable PKCE in Nextcloud (#2647) * 20230224 2437 orca remodel (#2591) * Add initial design for key domains (#2564) * Add upgrade process, improve developer readme (#2635) * Doc unix client support (#2633) * 20240301 systemd uid (#2602) * expose group patch for parity (#2628) * Adding a builtin class for all built-in things (#2603) * apidoc tag fixes (#2625) * chore(deps): bump mio from 0.8.10 to 0.8.11 (#2620) * Fix missing entry managed by on anonymouns (#2623) * Notes on privilege-expiry (#2622) * SPAs really are stupid sometimes (#2609) * apidoc fixes (#2614) * chore(deps): bump the all group in /pykanidm with 4 updates (#2615) * Typo fixes (#2610) * Return consent scope to service account (#2605) * OpenAPI schema fixes (#2590) * WASM test fixing (#2595) * Feature object graph (#2518) * Add domain version test framework (#2576) * Fix the miniflux oauth2 example (#2598) * docs(monitoring): Fix syntax for OpenTelemetry config (#2594) * 20240221 2489 cleanup api v1 (#2573) * Changing to allow startup without a config file (#2582) * Allow /dev/tpmrm0 on older systemd versions (#2587) * Adjust output of claim maps for better parsing (#2566) * chore(deps): bump the all group in /pykanidm with 4 updates (#2585) * improved error description for commit_credential_update (#2579) * Make /status less noisy (#2574) * chore(deps): bump cryptography from 42.0.2 to 42.0.4 in /pykanidm (#2567) * Add system range protection (#2565) * Fix string comparison in Debian build script (#2409) * of course I started looking at clippy things and now I can't stop (#2560) * 20240216 308 resource limits (#2559) * fix(oauth2): typo in basic path (#2562) * Adding duplicate-finder script (#2550) * prctl compile-time fixes, also chasing lints (#2558) * Removing unused constant and updating docstring for LDAP bind address (#2556) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2553) * Support Policy Updates (#2536) * chore(deps): bump cryptography from 42.0.0 to 42.0.2 in /pykanidm (#2548) * Re-enable HW tpm support (#2531) * Add further hardening for system services (#2542) * fixing the test script (#2547) * when the HTTPS server fails, handle that gracefully (#2546) * Fix update intent ttl parameters (#2540) * radius build workflow fixes (#2541) * Conflict nscd, start before sshd (#2539) * Fix incorrect documentation elements (#2533) * Remove replication is in dev flag (#2535) * Ordering auth methods in the CLI (#2508) * Set lowercase owner name in tag (#2534) * Add code_challenge_methods_supported to OIDC discovery (#2525) * Himmelblau requires the machine key for unix_user_get (#2523) * Extend on Apache example (#2524) * chore(deps): bump the all group in /pykanidm with 4 updates (#2520) * List of supported features (#2499) * Update to latest dev version (#2486)- Update to version 1.1.0~rc16~git7.8a1b7b5: * Require kanidm-unixd before kanidm-unixd-tasks (#2687)- Update to version 1.1.0~rc16~git6.e51d0de: * [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686) * return consent map to service account (#2604)- Update to version 1.1.0~rc16~git4.d407844: * Remove zstd feature- Update to version 1.1.0~rc16~git3.81298e8: * Allow /dev/tpmrm0 on older systemd versions (#2587)- Add ipa-sync service - Update to version 1.1.0~rc16~git2.6fb4fac: * List of supported features (#2499)- Update to version 1.1.0~rc16~git1.a917291: * Correct cargo versions * Release 1.1.0-rc.16 (#2483) * Fix for incorrect domain migration rollbacks (#2482) * Add tools for remigration and domain level raising (#2481) * chore(deps): bump cryptography from 41.0.6 to 42.0.0 in /pykanidm (#2480) * Support SPN in groups claim (#2474) * Credential update tweaks (#2475) * Oauth2 pkce faq (#2473) * Fix debian versioning (#2472) * chore(deps): bump the all group in /pykanidm with 7 updates (#2479) * chore(deps): bump the all group with 1 update (#2478) * Fix RUV trim (#2466) * 20240125 2217 client credentials grant (#2456) * docs: Add application passwords design document (#2427) * handling master docs (#2465) * update the artifact name in the download step (#2464) * Book SUMMARY.md: Fix part titles according to mdbook (#2463) * Update chat link, add keywords (#2462) * PyKanidm updates and testing (#2301) * chore(deps): bump aiohttp from 3.9.1 to 3.9.2 in /pykanidm (#2461) * 1222 what rights does anonymous have (#2436) * Fix inverted key/chain logic from TLS error improvement (#2453) * Improve TLS configuration errors (#2447) * chore(deps): bump shlex from 1.2.0 to 1.3.0 (#2445) * chore(deps): bump the all group with 1 update (#2441) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2443) * Return sshkey label to cli fields (#2440) * Add rfc8414 metadata (#2434) * Add test for delete referer invalid (#2435) * Clarify role of WebUI in README.md (#2431) * Adding max_ber_size option in config for ldap sync (#2416) * Debian build fixes (also the book) (#2400) * 2390 1980 allow native applications (#2428) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2430) * cookies (#2426) * Clean RUV (#2424) * chore(deps-dev): bump jinja2 from 3.1.2 to 3.1.3 in /pykanidm (#2425) * Upgrade replication to use anchors (#2423) * Minor fixes for oidc with single page applications (#2420) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2421) * Use case insensitive match on substrings in line with ldap (#2419) * Change OAuth2 RS Origin from the CLI (#2418) * Add design diagrams (#2332) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2410) * Fix deb release flow to find the matrix split artifacts (#2406) * 20231222 piv authentication (#2398) * Update docs, closes SQLite Write-Ahead Logging might make page size immutable #2404 (#2405) * Build the kanidm cli tools deb as well (#2402) * Force apply idm migrations to apply access controls (#2401) * fixing up the integration script (#2392) * chore(deps): bump the all group in /pykanidm with 8 updates (#2396) * chore(deps): bump the all group with 2 updates (#2395) * fix backup filename and regexp pattern for cleanup (#2386) * idprovider: Provide the keystore during auth (#2385) * db: Fix insert_tagged_hsm_key doesn't cache the hsm key (#2389) * daemon: Fix inverted logic on cache dir check (#2388) * Add improved domain migration framework and default MFA (#2382) * Trim and lowecase usernames (#2380) * Add DN as a virtual ldap attr (#2379) * fixing default for oauth2 request_parameter_supported metadata (#2378) * chore(deps): bump the all group in /pykanidm with 6 updates (#2375) * 20231218 ipa sync unix password (#2374) * chore(deps): bump the all group with 2 updates (#2372) * 1481 2024 access control rework (#2366) * chore(deps): bump zerocopy from 0.7.26 to 0.7.31 (#2368) * chore(deps): bump the all group with 3 updates (#2363) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2362) * 249 2024 managed by syntax (#2359) * typo (#2356) * 20231204 ipa sync minor improvements (#2357) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2355) * Unixd build/debugging updates (#2350) * 20231129 webauthn attestation (#2351) * Fix handling of TPM in some trait contexts (#2347) * docs: miniflux added pkce support (#2352) * Using proper axum http headers lib for compatibility (#2348) * Bearer should send with same caps we accept (#2345) * chore(deps): bump cryptography from 41.0.4 to 41.0.6 in /pykanidm (#2341) * docs: improve grammar for book/src/developers/faq.md (#2343) * Expose machine key in auth phase (#2340) * 20231128 freeipa migration (#2338) * Unix crossbuild scripts and docs (#2326) * Expose TPM in more interface places (#2334) * chore(deps): bump the all group in /pykanidm with 6 updates (#2336) * Adding kanidm client config docs and notes ref #2248 (#2333) * Update to the latest compact-jwt version (#2331) * Adding env var configs for the server (#2329) * Better errors when TPM PIN file not found (#2330) * 20231120 2320 sssd compat (#2328) * Resolve future send issue with keystore (#2311) * chore(deps): bump the all group in /pykanidm with 6 updates (#2325) * chore(deps): bump the all group with 3 updates (#2324) * Add test (#2323) * OAuth2 scopes validation logging missing details (#2317) * Add systemd deps for unixd (#2314) * 20231115 oauth2 authreq (#2310) * Docs - Bump Fedora 36 to Fedora 38 (#2309) * chore(deps): bump the all group with 4 updates (#2306) * chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2305) * Remove serde json from wasm (#2304) * Fix spelling (#2303) * 20231109 1122 credential class (#2300) * Moving daemon tracing to OpenTelemetry (#2292) * 20231101 add id cert to unixint (#2284) * Docs fixes for #2296 (#2297) * Update OpenAPI schema gen to actually... be kinda sorta valid. (#2296) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2294) * chore(deps): bump the all group with 8 updates (#2293) * pw min length in account policy (#2289) * WASM troubleshooting docs closes #2286 (#2291) * oauth2 typo (#2290) * Update notes to avoid some possible interpretation errors (#2288) * Feature: kanidm CLI pulling OpenAPI schema (#2285) * Feature: configurable replication poll interval (#2283) * Minor improvements to incoming replication (#2279) * Problems with bash completion autocomplete (#2281) * Remove unused imports and clippy lint (#2276) * Rework ldap bind routine (#2268) * Disable inconsistent test (#2278) * make versions consistent * 1.1.0 rc.15 dev post-release (#2271)- Update to version 1.1.0~rc15~git8.122b6af: * Remove unused import that breaks builds on newer rust versions * Update to latest webauthn-rs version * fix version * Fix maint branch versions * Disable inconsistent test (#2278)- Update to version 1.1.0~rc15~git2.74f5c0f: * make versions consistent * 1.1.0 rc.15 dev post-release (#2271) * Release 1.1.0-rc.15-dev * started writing docs and ended up in another rabbit hole (#2267) * CLI integration test beginnings (#2261) * chore(deps): bump the all group with 7 updates (#2266) * chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2265) * Add book chapter + cli * Cargo fmt and clippy checks * Restrict posix passwords on ldap bind with config * Splitting the SPAs (#2219) * Bug chasing (#2257) * cargo fmt + clippy (#2241) * service-account or person validity show returns for non-existing identity (#2258) * don't need write if we are not writing (#2256) * adding service account patch methods (#2255) * .deb package build and docs fixes (#2252) * Auth flow docs (#2249) * pykanidm test code (#2202) * chore(deps): bump the all group with 5 updates (#2247) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2246) * 20231019 1122 account policy basics (#2245) * Add note on snaps to PAM and nsswitch with link to new section in FAQ (#2244) * 20231014 account policy (#2218) * chore(deps): bump rustix from 0.38.15 to 0.38.19 (#2242) * Fix incorrect references to LDAP in sync (#2239) * Remove unused crate users (#2240) * chore(deps-dev): bump urllib3 from 2.0.6 to 2.0.7 in /pykanidm (#2238) * Windows build fixes and test coverage (#2220) * more space checks (#2234) * Fixing dependabot and its mistakes (#2232) * chore(deps-dev): bump mypy from 1.5.1 to 1.6.0 in /pykanidm (#2231) * chore(deps-dev): bump mkdocs-material from 9.4.4 to 9.4.6 in /pykanidm (#2230) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2229) * chore(deps): bump tokio from 1.32.0 to 1.33.0 (#2228) * chore(deps): bump tss-esapi from 7.3.0 to 7.4.0 (#2227) * chore(deps): bump regex from 1.9.6 to 1.10.1 (#2226) * chore(deps): bump tracing from 0.1.37 to 0.1.39 (#2225) * chore(deps): bump utoipa-swagger-ui from 3.1.5 to 4.0.0 (#2224) * chore(deps): bump proc-macro2 from 1.0.68 to 1.0.69 (#2223) * chore(deps): bump async-trait from 0.1.73 to 0.1.74 (#2222) * chore(deps): bump serde from 1.0.188 to 1.0.189 (#2221) * OpenAPI/swagger docs autogen (#2175) * 20231012 346 name deny list (#2214) * Add file diagnosis (#2210) * fix RUV on startup, improve filter output (#2211) * Chasing yaks down dark alleyways (#2207) * Reduce `pam_kanidm`'s priority in Debian platforms (#2209) * chore(deps-dev): bump ruff from 0.0.291 to 0.0.292 in /pykanidm (#2194) * chore(deps-dev): bump coverage from 7.3.1 to 7.3.2 in /pykanidm (#2195) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2193) * chore(deps-dev): bump mkdocs-material from 9.4.2 to 9.4.4 in /pykanidm (#2197) * chore(deps): bump libc from 0.2.148 to 0.2.149 (#2201) * chore(deps): bump axum-auth from 0.4.0 to 0.4.1 (#2200) * chore(deps): bump syn from 2.0.37 to 2.0.38 (#2199) * chore(deps): bump proc-macro2 from 1.0.67 to 1.0.68 (#2198) * chore(deps): bump aiohttp from 3.8.5 to 3.8.6 in /pykanidm (#2196) * chore(deps-dev): bump pylint-pydantic from 0.2.4 to 0.3.0 in /pykanidm (#2192) * 20231008 remove expect used (#2191) * Thread naming and display (#2190) * Replication tweaks - try the most recent successful one and error less (#2189) * Chasing wooly quadrapeds again (#2163) * 68 20230929 replication finalisation (#2160) * In-system image storage (#2112) * chore(deps-dev): bump urllib3 from 2.0.4 to 2.0.6 in /pykanidm (#2173) * chore(deps-dev): bump mkdocs-material from 9.3.2 to 9.4.2 in /pykanidm (#2165) * chore(deps): bump clap_complete from 4.4.1 to 4.4.3 (#2170) * chore(deps): bump hashbrown from 0.14.0 to 0.14.1 (#2169) * chore(deps): bump clap from 4.4.4 to 4.4.6 (#2168) * chore(deps): bump regex from 1.9.5 to 1.9.6 (#2167) * chore(deps): bump pydantic from 2.3.0 to 2.4.2 in /pykanidm (#2166) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2164) * fix credential update intent defaults (#2162) * 68 20230919 replication configuration (#2131) * Can't build kanidmd using the Ubuntu docker builder scripts - cleanup (#2154) * Enforce TLS key size minimums (#2145) * bindaddress default doesn't match documentation (#2150) * chore(deps-dev): bump ruff from 0.0.290 to 0.0.291 in /pykanidm (#2137) * chore(deps-dev): bump mkdocs from 1.5.2 to 1.5.3 in /pykanidm (#2138) * chore(deps): bump syn from 2.0.32 to 2.0.37 (#2143) * chore(deps): bump tss-esapi from 7.2.0 to 7.3.0 (#2142) * chore(deps): bump tokio-util from 0.7.8 to 0.7.9 (#2141) * chore(deps): bump dyn-clone from 1.0.13 to 1.0.14 (#2140) * chore(deps): bump clap from 4.4.3 to 4.4.4 (#2139) * chore(deps-dev): bump mkdocs-material from 9.3.1 to 9.3.2 in /pykanidm (#2136) * minor changes to speed up WASM tests (#2133) * chore(deps): bump cryptography from 41.0.3 to 41.0.4 in /pykanidm (#2134) * CLI and kanidm_client changes to handle errors and TLS validation changes (#2127) * Typo (#2125) * chore(deps-dev): bump mkdocs-material from 9.2.8 to 9.3.1 in /pykanidm (#2114) * chore(deps-dev): bump ruff from 0.0.287 to 0.0.290 in /pykanidm (#2115) * chore(deps-dev): bump black from 23.9.0 to 23.9.1 in /pykanidm (#2116) * chore(deps): bump chrono from 0.4.30 to 0.4.31 (#2124) * chore(deps): bump docker/setup-qemu-action from 2 to 3 (#2119) * chore(deps): bump proc-macro2 from 1.0.66 to 1.0.67 (#2123) * chore(deps): bump serde_json from 1.0.106 to 1.0.107 (#2122) * chore(deps): bump libc from 0.2.147 to 0.2.148 (#2121) * chore(deps): bump clap from 4.4.2 to 4.4.3 (#2120) * chore(deps): bump docker/build-push-action from 4 to 5 (#2118) * chore(deps): bump docker/setup-buildx-action from 2 to 3 (#2117) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2113) * Yaleman/issue989 (#2111) * Cinco de yakko (#2108) * 68 20230912 session consistency (#2110) * Fix typo (#2109) * Implement DeviceAuthorizationGrant for MFA (#2079) * Schema dooby doo ... yon (#2103) * sqlite3 doesn't need to be installed on dev machines (#2104) * 68 20230908 replication attrunique (#2086) * chore(deps-dev): bump pytest-aiohttp from 1.0.4 to 1.0.5 in /pykanidm (#2092) * chore(deps-dev): bump coverage from 7.3.0 to 7.3.1 in /pykanidm (#2089) * chore(deps-dev): bump mkdocs-material from 9.2.7 to 9.2.8 in /pykanidm (#2090) * chore(deps-dev): bump black from 23.7.0 to 23.9.0 in /pykanidm (#2088) * chore(deps-dev): bump pytest from 7.4.1 to 7.4.2 in /pykanidm (#2091) * chore(deps): bump actions/checkout from 3 to 4 (#2102) * chore(deps): bump walkdir from 2.3.3 to 2.4.0 (#2101) * chore(deps): bump serde_json from 1.0.105 to 1.0.106 (#2100) * chore(deps): bump openssl-sys from 0.9.92 to 0.9.93 (#2099) * chore(deps): bump bytes from 1.4.0 to 1.5.0 (#2097) * chore(deps): bump clap_complete from 4.4.0 to 4.4.1 (#2098) * chore(deps): bump argon2 from 0.5.1 to 0.5.2 (#2096) * chore(deps): bump syn from 2.0.31 to 2.0.32 (#2095) * chore(deps): bump chrono from 0.4.28 to 0.4.30 (#2094) * chore(deps): bump base64 from 0.21.3 to 0.21.4 (#2093) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2087) * move from git2 to gix (#2085) * Schema-dooby-doo-part-trois (#2082) * CLI and test things (#2080) * 68 20230907 replication (#2081) * minor tweaks to Orca (#2077) * Changing build targets for debs (#2076) * Removing default features from git2 package (#2078) * 68 20230829 replication referential integrity (#2048) * Schema dooby doo part two (#2071) * 68 20230831 design replication coordinator (#2051) * improve wording of webauthn cli interaction (#2073) * When an empty body was returned, do request would error incorrectly (#2074) * update bug template, closes #2054 (#2055) * Yak hassling (#2059) * docs: api tokens are managed by idm_admin (#2072) * chore(deps-dev): bump pytest from 7.4.0 to 7.4.1 in /pykanidm (#2062) * chore(deps-dev): bump mkdocstrings from 0.22.0 to 0.23.0 in /pykanidm (#2063) * chore(deps-dev): bump ruff from 0.0.286 to 0.0.287 in /pykanidm (#2061) * chore(deps): bump async-recursion from 1.0.4 to 1.0.5 (#2070) * chore(deps): bump syn from 2.0.29 to 2.0.31 (#2069) * chore(deps): bump clap from 4.4.0 to 4.4.2 (#2068) * chore(deps): bump url from 2.4.0 to 2.4.1 (#2067) * chore(deps): bump regex from 1.9.4 to 1.9.5 (#2066) * chore(deps): bump chrono from 0.4.26 to 0.4.28 (#2065) * chore(deps): bump tower-http from 0.4.3 to 0.4.4 (#2064) * chore(deps-dev): bump mkdocs-material from 9.2.5 to 9.2.7 in /pykanidm (#2060) * Check in missing users crate for SELinux integration (#2050) * Add tests for X-Forwarded-For header (kinda) (#1957) * docs: fix miniflux oauth example (#2046) * Clear cache before verify on some low-level tests (#2044) * 68 20230828 replication of schema (#2045) * Update compact jwt (#2043) * Allow patching of crates from related projects (#2042) * pam multistep auth state machine (#2022) * chore(deps): bump clap from 4.3.23 to 4.4.0 (#2039) * chore(deps): bump reqwest from 0.11.18 to 0.11.20 (#2040) * chore(deps): bump openssl from 0.10.56 to 0.10.57 (#2038) * chore(deps): bump clap_complete from 4.3.2 to 4.4.0 (#2036) * chore(deps): bump base64 from 0.21.2 to 0.21.3 (#2037) * chore(deps): bump regex from 1.9.3 to 1.9.4 (#2035) * chore(deps): bump serde from 1.0.183 to 1.0.188 (#2034) * chore(deps): bump openssl-sys from 0.9.91 to 0.9.92 (#2033) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2032) * chore(deps-dev): bump mkdocs-material from 9.1.21 to 9.2.5 in /pykanidm (#2031) * chore(deps-dev): bump ruff from 0.0.285 to 0.0.286 in /pykanidm (#2030) * chore(deps): bump pydantic from 2.2.1 to 2.3.0 in /pykanidm (#2029) * Authentication shortcut to get a RW session (#1993) * wopsies, missing imports (#2023) * idv cli (#2001) * Trying to fix the (current) container build failures (#2021) * pykanidm updoots (#2019) * 68 20230821 replication (#2020) * Configurable session timeouts (#1965) * fix: output an array in json mode for `kanidm group list` (#2016) * feat: add json output modes for `person list` and `system oauth2 list` (#2017) * docs: Update missed add_members command (#2018) * Less human strings more enums (#1989) * Resolve incorrect time units on timeout (#2014) * chore(deps): bump dyn-clone from 1.0.12 to 1.0.13 (#2013) * chore(deps): bump quote from 1.0.32 to 1.0.33 (#2012) * chore(deps): bump gloo-timers from 0.2.6 to 0.3.0 (#2011) * chore(deps): bump serde_with from 3.2.0 to 3.3.0 (#2010) * chore(deps): bump clap from 4.3.21 to 4.3.23 (#2009) * chore(deps): bump tokio from 1.31.0 to 1.32.0 (#2008) * chore(deps): bump serde_json from 1.0.104 to 1.0.105 (#2007) * chore(deps): bump syn from 2.0.28 to 2.0.29 (#2006) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2005) * chore(deps-dev): bump mypy from 1.5.0 to 1.5.1 in /pykanidm (#2004) * chore(deps-dev): bump ruff from 0.0.284 to 0.0.285 in /pykanidm (#2003) * chore(deps): bump pydantic from 2.1.1 to 2.2.1 in /pykanidm (#2002) * reordering layers so the web server works in non-debug-mode (#1999) * 20230817 idv migration (#1992) * daemon: kanidmd version requires a config file to run (#1959) (#1990) * Resolve issues with dyngroup members (#1986) * Revert "sqlite where IN for id entry (#1988)" (#1991) * sqlite where IN for id entry (#1988) * Identity verification feature (#1819) * 1982 service account access (#1985) * Fixing test release (#1983) * error handling and web server logging fixes (#1960) * Struct-ifying schema things (#1971) * Orca tweaks (#1963) * Fighting with zypper, tagging our images (#1964) * chore(deps-dev): bump coverage from 7.2.7 to 7.3.0 in /pykanidm (#1974) * chore(deps-dev): bump mypy from 1.4.1 to 1.5.0 in /pykanidm (#1973) * chore(deps): bump serde from 1.0.182 to 1.0.183 (#1979) * Are we JSON yet? Kinda. But we're closer. (#1967) * chore(deps): bump clap from 4.3.19 to 4.3.21 (#1978) * chore(deps): bump tokio from 1.29.1 to 1.31.0 (#1977) * chore(deps): bump async-trait from 0.1.72 to 0.1.73 (#1976) * chore(deps): bump selinux from 0.4.1 to 0.4.2 (#1975) * chore(deps-dev): bump ruff from 0.0.282 to 0.0.284 in /pykanidm (#1972) * docs: Fix outdated oauth2 subcommands (#1969) * Allow one-character usernames (#1941) * resolver: Himmelblau needs old token for refresh (#1962) * updating python packages to close dependabot securiity alerts (#1956) * providing server configuration in the testkit::test macro (#1953) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1952) * chore(deps-dev): bump ruff from 0.0.280 to 0.0.282 in /pykanidm (#1951) * chore(deps-dev): bump mkdocs from 1.5.1 to 1.5.2 in /pykanidm (#1950) * chore(deps): bump openssl from 0.10.55 to 0.10.56 (#1949) * chore(deps): bump regex from 1.9.1 to 1.9.3 (#1948) * chore(deps): bump serde from 1.0.180 to 1.0.182 (#1947) * chore(deps): bump filetime from 0.2.21 to 0.2.22 (#1946) * chore(deps): bump openssl-sys from 0.9.90 to 0.9.91 (#1945) * chore(deps): bump serde_with from 3.1.0 to 3.2.0 (#1944) * chore(deps): bump axum from 0.6.19 to 0.6.20 (#1943) * removing debug string (#1937) * Final v3 master x book deployment fix (#1936) * trying a different ref (#1935) * replaced `skip_serializing_if` with `skip_serializing_none` (#1932) * another book round (#1933) * trying again (#1931) * fixed serialization of oauth2 token scope (#1930) * added compression layer for the pkg route (#1928) * Resolve build failiures when selinux is enabled (#1927) * Resolve issue with publishing (#1925) * Set dev version (#1924)- Update to version 1.1.0~beta13~git7.1fb34a9: * Resolve incorrect time units on timeout (#2014) * Update cargo lock, docker fixes * 1982 service account access (#1985) * fixed serialization of oauth2 token scope (#1930) * added compression layer for the pkg route (#1928)- Resolve issues with fedora/centos build- Update to version 1.1.0~beta13~git2.5d1e2f9: * Resolve build failiures when selinux is enabled (#1927) * Resolve issue with publishing (#1925) * Set dev version (#1924) * Release 1.1.0-beta.13 (#1922) * 20230731 release (#1921) * Improve default shells for distros (#1920) * 20230728 techdebt paydown (#1909) * chasing weirdness (#1910) * chore(deps-dev): bump mkdocs-material from 9.1.19 to 9.1.21 in /pykanidm (#1918) * chore(deps): bump serde_json from 1.0.103 to 1.0.104 (#1917) * chore(deps): bump serde from 1.0.174 to 1.0.178 (#1916) * chore(deps): bump tikv-jemallocator from 0.5.0 to 0.5.4 (#1915) * chore(deps-dev): bump mkdocs from 1.4.3 to 1.5.1 in /pykanidm (#1913) * chore(deps-dev): bump pylint-pydantic from 0.2.3 to 0.2.4 in /pykanidm (#1912) * chore(deps): bump pydantic from 2.0.3 to 2.1.1 in /pykanidm (#1911) * 20230727 unix int modularity (#1907) * bumping action version (#1908) * 68 20230720 replication improvements (#1905) * Resolve compilation issue with tpm enabled on linux (#1902) * Improve service file for host installs (#1901) * 20230720 unix int modular (#1881) * fixing up pydantic things (#1885) * 1788 admin unix socket (#1880) * chore(deps-dev): bump pylint-pydantic from 0.2.1 to 0.2.3 in /pykanidm (#1900) * chore(deps-dev): bump ruff from 0.0.278 to 0.0.280 in /pykanidm (#1899) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1898) * chore(deps-dev): bump mkdocs-material from 9.1.18 to 9.1.19 in /pykanidm (#1897) * chore(deps): bump async-trait from 0.1.71 to 0.1.72 (#1895) * chore(deps-dev): bump types-toml from 0.10.8.6 to 0.10.8.7 in /pykanidm (#1896) * chore(deps): bump axum from 0.6.18 to 0.6.19 (#1894) * chore(deps): bump clap from 4.3.12 to 4.3.19 (#1893) * chore(deps): bump axum-macros from 0.3.7 to 0.3.8 (#1892) * chore(deps): bump serde from 1.0.171 to 1.0.174 (#1891) * chore(deps): bump uuid from 1.4.0 to 1.4.1 (#1890) * chore(deps): bump quote from 1.0.31 to 1.0.32 (#1889) * chore(deps): bump tower-http from 0.4.1 to 0.4.3 (#1888) * chore(deps): bump syn from 2.0.26 to 2.0.27 (#1887) * chore(deps): bump urlencoding from 2.1.2 to 2.1.3 (#1886) * added hsts header middleware (#1882) * chore(deps): bump aiohttp from 3.8.4 to 3.8.5 in /pykanidm (#1883) * 1785 allow sync attr yielding via partial write admin (#1879) * Alter filter generation to exclude empty conditions (#1877) * Revert to opensuse based radius container. (#1878) * Unix gid duplicate fix (#1876) * Refactor docker_build_kanidm to be more isolated (v13) (#1872) * Sync account import improvements (#1873) * chore(deps): bump quote from 1.0.29 to 1.0.31 (#1870) * chore(deps-dev): bump black from 23.3.0 to 23.7.0 in /pykanidm (#1859) * Add a newline to fix links in LLDAP section of the README (#1871) * chore(deps): bump dyn-clone from 1.0.11 to 1.0.12 (#1869) * chore(deps): bump pydantic from 1.10.11 to 2.0.3 in /pykanidm (#1858) * chore(deps): bump serde_json from 1.0.102 to 1.0.103 (#1868) * Fix missing slash in tag (#1853) * chore(deps): bump argon2 from 0.5.0 to 0.5.1 (#1867) * chore(deps): bump syn from 2.0.25 to 2.0.26 (#1866) * chore(deps): bump paste from 1.0.13 to 1.0.14 (#1864) * chore(deps-dev): bump pylint-pydantic from 0.2.0 to 0.2.1 in /pykanidm (#1863) * chore(deps): bump clap from 4.3.11 to 4.3.12 (#1862) * chore(deps-dev): bump pytest-asyncio from 0.21.0 to 0.21.1 in /pykanidm (#1861) * chore(deps): bump proc-macro2 from 1.0.64 to 1.0.66 (#1860) * chore(deps-dev): bump ruff from 0.0.277 to 0.0.278 in /pykanidm (#1857) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1856) * chore(deps): bump actions/upload-pages-artifact from 1 to 2 (#1855) * Revert "something something token permissions (#1850)" (#1852) * something something token permissions (#1850) * Upgraded clap, removing atty as a dependency (#1849) * Ensure we dont use std hashmaps (#1848) * Improve selinux in tasks daemon (#1847) * Resolve issue with order of operations causing group memberships to disappear (#1845) * headless webdriver testing, starting on brotli feature (#1844) * chore(deps-dev): bump mkdocs-material from 9.1.17 to 9.1.18 in /pykanidm (#1835) * chore(deps): bump serde from 1.0.166 to 1.0.170 (#1843) * Fix a typo in the unix daemon debug (#1822) * chore(deps-dev): bump ruff from 0.0.275 to 0.0.277 in /pykanidm (#1833) * chore(deps): bump serde-wasm-bindgen from 0.4.5 to 0.5.0 (#1842) * chore(deps): bump proc-macro2 from 1.0.63 to 1.0.64 (#1841) * chore(deps): bump syn from 2.0.23 to 2.0.25 (#1840) * chore(deps): bump async-trait from 0.1.69 to 0.1.71 (#1839) * chore(deps): bump regex from 1.8.4 to 1.9.1 (#1838) * chore(deps): bump is-terminal from 0.4.8 to 0.4.9 (#1837) * chore(deps): bump serde_json from 1.0.99 to 1.0.100 (#1836) * Allow Authorization header in CORS preflight response (#1831) * chore(deps): bump pydantic from 1.10.10 to 1.10.11 in /pykanidm (#1834) * chore(deps-dev): bump pylint-pydantic from 0.1.8 to 0.2.0 in /pykanidm (#1832) * Add preflight headers (#1829) * Persist nonce through refresh to support client (#1826) * Cleanup spa handling (#1825) * 1792 public oauth clients (#1821) * 1812 1813 post axum cleanup (#1817) * Fix diagram colours (#1815) * Converting from tide to axum (#1797) * Add client UX for redirecting to an external portal for synced accounts (#1791) * Add cors policy (#1807) * Improve tasks daemon shutdown (#1806) * Improve durability of migrations (#1804) * clippy-izing an unsafe in pam (#1795) * chore(deps): bump pydantic from 1.10.9 to 1.10.10 in /pykanidm (#1803) * chore(deps): bump uuid from 1.3.4 to 1.4.0 (#1802) * chore(deps): bump tokio from 1.28.2 to 1.29.1 (#1801) * chore(deps): bump syn from 2.0.20 to 2.0.23 (#1800) * chore(deps): bump whoami from 1.4.0 to 1.4.1 (#1799) * chore(deps): bump quote from 1.0.28 to 1.0.29 (#1798) * 20230629 tpm keygen ... again (#1793) * Fixing the kanidmd healthcheck (#1789) * Name change history (#1727) * 20230628 tpm minor issue with key regen (#1790) * Still trying to fix the docs. (#1709) * Improve cli to support multi-domain handling. (#1786) * Started chasing noise, found some code to delete... (#1768) * Improve tpm key generation - improve unix config for tpms. (#1782) * chore(deps-dev): bump pytest from 7.3.2 to 7.4.0 in /pykanidm (#1771) * chore(deps-dev): bump mkdocs-material from 9.1.16 to 9.1.17 in /pykanidm (#1773) * chore(deps-dev): bump mypy from 1.3.0 to 1.4.1 in /pykanidm (#1784) * chore(deps): bump serde_json from 1.0.97 to 1.0.99 (#1778) * chore(deps): bump syn from 2.0.18 to 2.0.20 (#1779) * chore(deps): bump authlib from 1.2.0 to 1.2.1 in /pykanidm (#1777) * chore(deps): bump proc-macro2 from 1.0.60 to 1.0.63 (#1776) * chore(deps): bump libc from 0.2.146 to 0.2.147 (#1774) * chore(deps): bump gloo-net from 0.2.6 to 0.3.0 (#1772) * chore(deps-dev): bump ruff from 0.0.272 to 0.0.275 in /pykanidm (#1770) * Fix debian packaging (#1742) * Remove r2d2 - sad beep noises (#1766) * Kanidmd is a bit noisy (#1765) * Ux improvements - Allow enrolling other devices (#1764) * Make argon2id default pw hasher - improve parameter detection (#1762) * chore(deps): bump openssl from 0.10.54 to 0.10.55 (#1761) * Implement tpm binding of cached password hashes (#1754) * Mention client configuration in tool installation guide (#1756) * Remove scripts that are no longer required (#1759) * OAuth2 secret JSON (#1758) * Allow account locking with expire-at 'epoch' and 'now' (#1757) * Resolve codespell issues (#1753) * Add tls generator to main kanidmd (#1743) * Fix block_on in ssh authorised keys (#1752) * chore(deps-dev): bump mkdocs-material from 9.1.15 to 9.1.16 in /pykanidm (#1751) * chore(deps): bump gloo from 0.8.0 to 0.8.1 (#1750) * chore(deps-dev): bump pytest-mock from 3.10.0 to 3.11.1 in /pykanidm (#1749) * chore(deps): bump hashbrown from 0.13.2 to 0.14.0 (#1748) * 1737 1739 sync - map uidnumbers mail (#1741) * Add support for argon2id (#1736) * Disable neon on linux (#1740) * 20230614 unix account security - move account name deny to unixd (#1733) * fixed return value of add_ava_int (#1735) * unix_integration: also check running SELinux mode (#1704) * added pre_cand entries to both pre_modify and pre_batch_modify plugin functions (#1732) * 20230608 ldap sync (#1728) * Add acp allowing service accounts to clear their own sessions (#1731) * Declare when no applications are available (#1730) * Fix ip addr parse (#1729) * X-Forwarded-For catcher - improve ip addr parsing (#1725) * chore(deps): bump proc-macro2 from 1.0.59 to 1.0.60 (#1723) * chore(deps): bump url from 2.3.1 to 2.4.0 (#1722) * chore(deps-dev): bump pytest from 7.3.1 to 7.3.2 in /pykanidm (#1719) * chore(deps): bump libc from 0.2.145 to 0.2.146 (#1721) * chore(deps-dev): bump ruff from 0.0.270 to 0.0.272 in /pykanidm (#1720) * docs: fix typo in sync concepts (#1715) * chore(deps): bump regex from 1.8.3 to 1.8.4 (#1718) * chore(deps): bump pydantic from 1.10.8 to 1.10.9 in /pykanidm (#1717) * chore(deps): bump serde from 1.0.163 to 1.0.164 (#1716) * Absolutely minimal implementation (#1711) * Add further incremental replication tests (#1707) * Save two more kay strokes (#1708) * Documentation root directory 404 (#1706) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1697) * Improve diagnostic and docs of ldap bind requiring posix password (#1702) * #1680 redux - trying to fix docs again (#1692) * Automatically login & reauth (#1691) * chore(deps-dev): bump coverage from 7.2.6 to 7.2.7 in /pykanidm (#1698) * chore(deps): bump libc from 0.2.144 to 0.2.145 (#1701) * chore(deps): bump openssl from 0.10.52 to 0.10.54 (#1700) * chore(deps): bump csv from 1.2.1 to 1.2.2 (#1699) * chore(deps): bump syn from 2.0.17 to 2.0.18 (#1696) * chore(deps): bump chrono from 0.4.24 to 0.4.26 (#1695) * chore(deps-dev): bump mkdocs-material from 9.1.14 to 9.1.15 in /pykanidm (#1694) * chore(deps): bump openssl-sys from 0.9.87 to 0.9.88 (#1693) * Documentation root directory 404 (#1681) * Crono expression parser fix (#1682) * Document OpenID connect setup for Miniflux (#1683) * chore(deps): bump cryptography from 39.0.1 to 41.0.0 in /pykanidm (#1684) * Improve the readme (#1679) * Move the socket startup to localise it to the acceptor (#1678) * SELinux support for kanidm-unixd-tasks daemon (#1661) * Resolve ability to delete ssh keys with spaces in tags (#1674) * Adding mdbook-template back for bookgen (#1660) * chore(deps-dev): bump coverage from 7.2.5 to 7.2.6 in /pykanidm (#1669) * chore(deps-dev): bump mkdocstrings from 0.21.2 to 0.22.0 in /pykanidm (#1671) * 20230526 incremental replication improvements (#1659) * chore(deps): bump regex from 1.8.1 to 1.8.3 (#1670) * chore(deps): bump hashbrown from 0.12.3 to 0.13.2 (#1668) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1667) * chore(deps): bump tokio from 1.28.1 to 1.28.2 (#1666) * chore(deps-dev): bump ruff from 0.0.269 to 0.0.270 in /pykanidm (#1665) * chore(deps): bump quote from 1.0.27 to 1.0.28 (#1664) * chore(deps): bump pydantic from 1.10.7 to 1.10.8 in /pykanidm (#1663) * fixing get-tags-action in book build (#1657) * Add more replication tests, improve some handling of tombstones. (#1656) * Bring back CpuOptLevel x86_64_v1 (#1590) * Doc fixes (#1658) * Identifiable tokens (#1623) * Add version tag to makefile images (#1654) * during service account recovery, remove incompatible credentials (#1650) * signal handling for tasks daemon (#1651) * Time travelling (#1648) * chore(deps): bump requests from 2.28.2 to 2.31.0 in /pykanidm (#1649) * 20230508 replication incremental (#1620) * chore(deps-dev): bump mkdocs-material from 9.1.12 to 9.1.14 in /pykanidm (#1642) * chore(deps): bump wasm-bindgen from 0.2.85 to 0.2.86 (#1647) * chore(deps): bump js-sys from 0.3.62 to 0.3.63 (#1646) * chore(deps): bump uuid from 1.3.2 to 1.3.3 (#1645) * chore(deps): bump proc-macro2 from 1.0.56 to 1.0.58 (#1644) * chore(deps): bump reqwest from 0.11.17 to 0.11.18 (#1643) * chore(deps-dev): bump ruff from 0.0.267 to 0.0.269 in /pykanidm (#1641) * Fix use-reset-token command hint (#1639) * chore(deps): bump pymdown-extensions from 9.9.2 to 10.0 in /pykanidm (#1638) * chore(deps-dev): bump mypy from 1.2.0 to 1.3.0 in /pykanidm (#1636) * chore(deps): bump wasm-bindgen-test from 0.3.34 to 0.3.35 (#1635) * chore(deps-dev): bump ruff from 0.0.265 to 0.0.267 in /pykanidm (#1634) * chore(deps): bump syn from 2.0.15 to 2.0.16 (#1633) * chore(deps): bump quote from 1.0.26 to 1.0.27 (#1628) * chore(deps): bump serde from 1.0.162 to 1.0.163 (#1632) * chore(deps-dev): bump mkdocs-material from 9.1.9 to 9.1.12 in /pykanidm (#1631) * chore(deps): bump tokio from 1.28.0 to 1.28.1 (#1629) * chore(deps): bump web-sys from 0.3.61 to 0.3.62 (#1627) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1626) * chore(deps): bump libc from 0.2.143 to 0.2.144 (#1625) * chore(deps): bump js-sys from 0.3.61 to 0.3.62 (#1624) * Update policy (#1619) * fixing up some spelling errors (#1618) * Update RELEASE_NOTES.md (#1616) * 20230505 replication groundwork - ruv consistency improvements (#1606) * chore(deps-dev): bump ruff from 0.0.263 to 0.0.265 in /pykanidm (#1608) * chore(deps-dev): bump mkdocs-material from 9.1.8 to 9.1.9 in /pykanidm (#1609) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1611) * chore(deps): bump serde from 1.0.160 to 1.0.162 (#1613) * chore(deps): bump libc from 0.2.142 to 0.2.143 (#1612) * chore(deps): bump pkg-config from 0.3.26 to 0.3.27 (#1610) * chore(deps-dev): bump mkdocs from 1.4.2 to 1.4.3 in /pykanidm (#1607) * github pages ... something is definitely going weird. (#1605) * token permissions! (#1604) * Using github actions might actually push a change (#1603) * looks like that's a bug (#1602) * fix things (#1601) * 20230506 ignore some references (#1600) * Harden migrate session to prevent duplicate migration errors (#1599) * reducing action concurrency load (#1598) * more testing cleanup (#1595) * Document that you need to tell Nginx or other proxies to use HTTP 1.1… (#1592) * sccache github actions fixes (#1593) * Start next dev cycle (#1589)- Update to version 1.1.0~alpha12~git0.bcdbb18: * Release 1.1.0-alpha.12 (#1588) * chore(deps): bump tokio-util from 0.7.7 to 0.7.8 (#1587) * chore(deps): bump reqwest from 0.11.16 to 0.11.17 (#1586) * chore(deps): bump tokio from 1.27.0 to 1.28.0 (#1585) * chore(deps): bump uuid from 1.3.1 to 1.3.2 (#1584) * chore(deps): bump clap from 3.2.23 to 3.2.25 (#1583) * chore(deps-dev): bump coverage from 7.2.3 to 7.2.5 in /pykanidm (#1582) * Correctly prevent start up when https sockets in use (#1579) * Filter rdns and dns for ldap filters (#1576) * use sccache, merge "test" actions into "build", remove homebrew caching (#1578) * Cleanup incorrect log errors of denied entries (#1577) * 20230424 clippppppppppppyyyyyyyy (#1574) * Add exclusive process lock to Kanidm to prevent accidental duplicate commands. (#1575) * more more more unixd build fixes (#1573) * chore(deps-dev): bump mkdocs-material from 9.1.7 to 9.1.8 in /pykanidm (#1572) * chore(deps): bump openssl from 0.10.51 to 0.10.52 (#1571) * chore(deps): bump openssl-sys from 0.9.86 to 0.9.87 (#1570) * chore(deps-dev): bump ruff from 0.0.262 to 0.0.263 in /pykanidm (#1569) * more-merge unixd commands (#1568) * Consolidate unix tools (#1566) * 1553 pam remote or local detection (#1565) * chore(deps): bump openssl from 0.10.50 to 0.10.51 (#1563) * Improve user experince of refreshing with intent tokens during cred update (#1556) * chore(deps): bump tracing-subscriber from 0.3.16 to 0.3.17 (#1562) * chore(deps): bump regex from 1.7.3 to 1.8.1 (#1561) * chore(deps): bump libc from 0.2.141 to 0.2.142 (#1560) * chore(deps-dev): bump ruff from 0.0.261 to 0.0.262 in /pykanidm (#1559) * chore(deps-dev): bump mkdocs-material from 9.1.6 to 9.1.7 in /pykanidm (#1558) * chore(deps): bump actions/upload-artifact from 1 to 3 (#1557) * Fix incompatible future warnings by removing older crates (#1554) * 20230330 oauth2 refresh tokens (#1502) * Sorting documentation builds (#1551) * Add troubleshooting step for pam home dirs (#1550) * AuthSession non empty vec part 2 (#1543) * chore(deps): bump openssl from 0.10.49 to 0.10.50 (#1548) * chore(deps): bump serde from 1.0.159 to 1.0.160 (#1547) * chore(deps): bump syn from 2.0.13 to 2.0.15 (#1546) * chore(deps): bump serde_json from 1.0.95 to 1.0.96 (#1545) * chore(deps-dev): bump pytest from 7.3.0 to 7.3.1 in /pykanidm (#1544) * chore(deps): bump h2 from 0.3.15 to 0.3.17 (#1540) * Improve unicode control character detection (#1539) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1533) * chore(deps-dev): bump mypy from 1.0.1 to 1.2.0 in /pykanidm (#1532) * chore(deps): bump filetime from 0.2.20 to 0.2.21 (#1529) * chore(deps-dev): bump mkdocstrings from 0.20.0 to 0.21.2 in /pykanidm (#1536) * chore(deps-dev): bump mkdocs-material from 9.1.5 to 9.1.6 in /pykanidm (#1535) * chore(deps-dev): bump ruff from 0.0.260 to 0.0.261 in /pykanidm (#1534) * chore(deps-dev): bump coverage from 7.2.2 to 7.2.3 in /pykanidm (#1530) * chore(deps): bump uuid from 1.3.0 to 1.3.1 (#1531) * chore(deps): bump syn from 2.0.12 to 2.0.13 (#1527) * chore(deps): bump dialoguer from 0.10.3 to 0.10.4 (#1526) * chore(deps-dev): bump pytest from 7.2.2 to 7.3.0 in /pykanidm (#1528) * chore(deps): bump libc from 0.2.140 to 0.2.141 (#1525) * chore(deps): bump fernet from 0.2.0 to 0.2.1 (#1524) * Authsession non empty vec (#1522) * chore(deps-dev): bump ruff from 0.0.259 to 0.0.260 in /pykanidm (#1506) * chore(deps-dev): bump mkdocs-material from 9.1.4 to 9.1.5 in /pykanidm (#1510) * chore(deps): bump serde from 1.0.158 to 1.0.159 (#1515) * chore(deps): bump openssl from 0.10.48 to 0.10.49 (#1513) * chore(deps): bump tokio from 1.26.0 to 1.27.0 (#1505) * chore(deps): bump openssl-sys from 0.9.83 to 0.9.84 (#1507) * chore(deps): bump futures from 0.3.27 to 0.3.28 (#1509) * chore(deps): bump reqwest from 0.11.15 to 0.11.16 (#1517) * chore(deps-dev): bump black from 23.1.0 to 23.3.0 in /pykanidm (#1514) * changing from merge to squash (#1521) * chore(deps): bump proc-macro2 from 1.0.54 to 1.0.56 * fixing up auto-merge (#1519) * chore(deps): bump syn from 2.0.10 to 2.0.12 (#1511) * chore(deps-dev): bump types-toml from 0.10.8.5 to 0.10.8.6 in /pykanidm (#1504) * chore(deps): bump serde_json from 1.0.94 to 1.0.95 (#1516) * chore(deps): bump ldap3_proto from 0.3.1 to 0.3.2 (#1518) * chore(deps): bump syn from 1.0.109 to 2.0.10 (#1499) * Be non empty vec (#1501) * 1496 ldap basedn config (#1500) * chore(deps): bump proc-macro2 from 1.0.52 to 1.0.54 (#1494) * chore(deps): bump regex from 1.7.1 to 1.7.3 (#1491) * chore(deps): bump pydantic from 1.10.6 to 1.10.7 in /pykanidm (#1492) * chore(deps-dev): bump mkdocs-material from 9.1.3 to 9.1.4 in /pykanidm (#1487) * chore(deps): bump async-trait from 0.1.67 to 0.1.68 (#1488) * Improve string validation (#1497) * chore(deps): bump reqwest from 0.11.14 to 0.11.15 (#1493) * chore(deps-dev): bump ruff from 0.0.257 to 0.0.259 in /pykanidm (#1489) * chore(deps): bump serde from 1.0.157 to 1.0.158 (#1490) * Adding an auto-merger for dependabot updates (#1486) * Make examples in ldap chapter consistent (#1495) * 1115 priv (reauth, sudo) mode (#1479) * chore(deps): bump openssl from 0.10.47 to 0.10.48 (#1484) * Server daemon logging and exit codes (#1475) * Fix path-relative links in documentation (#1478) * chore(deps): bump openssl from 0.10.45 to 0.10.47 (#1471) * chore(deps): bump serde from 1.0.155 to 1.0.157 (#1473) * chore(deps-dev): bump mkdocs-material from 9.1.2 to 9.1.3 in /pykanidm (#1468) * chore(deps-dev): bump pylint-pydantic from 0.1.7 to 0.1.8 in /pykanidm (#1469) * chore(deps-dev): bump coverage from 7.2.1 to 7.2.2 in /pykanidm (#1463) * chore(deps-dev): bump ruff from 0.0.254 to 0.0.257 in /pykanidm (#1466) * chore(deps): bump async-trait from 0.1.66 to 0.1.67 (#1461) * chore(deps): bump whoami from 1.3.0 to 1.4.0 (#1460) * chore(deps): bump zxcvbn from 2.2.1 to 2.2.2 (#1464) * chore(deps): bump openssl-sys from 0.9.80 to 0.9.82 (#1470) * chore(deps-dev): bump pytest-asyncio from 0.20.3 to 0.21.0 in /pykanidm (#1459) * Add unixd exit code (#1453) * Unixd daemon improvement (#1454) * chore(deps): bump walkdir from 2.3.2 to 2.3.3 (#1458) * checks for a minimum number of arguments (#1452) * chore(deps): bump chrono from 0.4.23 to 0.4.24 (#1444) * chore(deps): bump futures from 0.3.26 to 0.3.27 (#1447) * chore(deps): bump paste from 1.0.11 to 1.0.12 (#1449) * chore(deps-dev): bump mkdocs-material from 9.1.1 to 9.1.2 in /pykanidm (#1450) * chore(deps): bump csv from 1.2.0 to 1.2.1 (#1443) * chore(deps): bump libc from 0.2.139 to 0.2.140 (#1442) * chore(deps): bump serde from 1.0.152 to 1.0.155 (#1446) * chore(deps): bump pydantic from 1.10.5 to 1.10.6 in /pykanidm (#1448) * Image fixes in the build (#1441) * Fix RADIUS docker image file permissions (#1439) * User auth token session display implementation (#1415) * RADIUS container fixes (#1424) * Update book - OAuth2 integration step (#1437) * chore(deps): bump async-trait from 0.1.64 to 0.1.66 (#1433) * Hopefully fix exp issues by making it a stable part of the access token. (#1434) * chore(deps): bump base64 from 0.13.1 to 0.21.0 (#1350) * chore(deps): bump serde_json from 1.0.93 to 1.0.94 (#1427) * chore(deps-dev): bump pytest from 7.2.1 to 7.2.2 in /pykanidm (#1431) * chore(deps-dev): bump pylint-pydantic from 0.1.6 to 0.1.7 in /pykanidm (#1430) * chore(deps-dev): bump ruff from 0.0.253 to 0.0.254 in /pykanidm (#1429) * chore(deps-dev): bump mkdocs-material from 9.0.15 to 9.1.1 in /pykanidm (#1428) * Openssl build fix (#1422) * 1399 some async cleanup (#1421) * Web UI: Sort group memberships of profile (#1410) * Update the dev docs to flow nicer (#1420) * chore(deps): bump dyn-clone from 1.0.10 to 1.0.11 (#1417) * chore(deps): bump tokio from 1.25.0 to 1.26.0 (#1418) * chore(deps-dev): bump coverage from 7.1.0 to 7.2.1 in /pykanidm (#1405) * chore(deps-dev): bump ruff from 0.0.230 to 0.0.253 in /pykanidm (#1419) * 1399 cleanup cli docs (#1413) * 1399 cleanup reorg (#1412) * 1399 cleanup (#1409) * Version output for 4 unix_int tools (#1408) * Windows build fixes (#1388) * chore(deps): bump num_enum from 0.5.10 to 0.5.11 (#1404) * chore(deps-dev): bump types-toml from 0.10.8.4 to 0.10.8.5 in /pykanidm (#1407) * chore(deps): bump syn from 1.0.107 to 1.0.109 (#1406) * chore(deps-dev): bump mkdocs-material from 9.0.13 to 9.0.15 in /pykanidm (#1403) * Mention my Recursing of the Passport (#1402) * Start to add reauth capabilities (#1398) * Add Recursive Logos (#1401) * Prevent invalidation of api tokens (#1397) * chore(deps): bump tokio-util from 0.7.4 to 0.7.7 (#1378) * chore(deps): bump web-sys from 0.3.60 to 0.3.61 (#1362) * chore(deps): bump filetime from 0.2.19 to 0.2.20 (#1375) * chore(deps): bump pydantic from 1.10.4 to 1.10.5 in /pykanidm (#1392) * chore(deps-dev): bump mkdocs-material from 9.0.12 to 9.0.13 in /pykanidm (#1394) * chore(deps): bump num_enum from 0.5.9 to 0.5.10 (#1391) * chore(deps-dev): bump types-toml from 0.10.8.3 to 0.10.8.4 in /pykanidm (#1395) * chore(deps-dev): bump mypy from 1.0.0 to 1.0.1 in /pykanidm (#1390) * chore(deps): bump csv from 1.1.6 to 1.2.0 (#1393) * chore(deps): bump base64urlsafedata from 0.1.2 to 0.1.3 (#1389) * 20230220 passkey cleanup (#1396) * 1115 store credential ids per session (#1386) * Reduce the number of cow cells in idm (#1385) * 1355 docker builds (#1384) * chore(deps): bump proc-macro2 from 1.0.50 to 1.0.51 (#1369) * Improve some small behaviours of login and key management (#1383) * 967 oauth2 implicit search (#1382) * chore(deps): bump wasm-bindgen-test from 0.3.33 to 0.3.34 (#1364) * chore(deps): bump serde_json from 1.0.91 to 1.0.93 (#1376) * chore(deps-dev): bump black from 22.12.0 to 23.1.0 in /pykanidm (#1367) * chore(deps-dev): bump pylint-pydantic from 0.1.5 to 0.1.6 in /pykanidm (#1351) * chore(deps-dev): bump coverage from 7.0.5 to 7.1.0 in /pykanidm (#1352) * 20230130 hackweek replication (#1358) * Improve some diagnostic messages in console (#1381) * chore(deps): bump docker/build-push-action from 3 to 4 (#1360) * chore(deps): bump aiohttp from 3.8.3 to 3.8.4 in /pykanidm (#1377) * chore(deps-dev): bump mypy from 0.991 to 1.0.0 in /pykanidm (#1380) * chore(deps): bump uuid from 1.2.2 to 1.3.0 (#1368) * chore(deps-dev): bump mkdocs-material from 9.0.6 to 9.0.12 in /pykanidm (#1379) * chore(deps-dev): bump types-toml from 0.10.8.1 to 0.10.8.3 in /pykanidm (#1374) * chore(deps): bump cryptography from 39.0.0 to 39.0.1 in /pykanidm (#1371) * Update release docs to prevent forgetting a release step (#1370) * 1355 docker builds (#1357) * Update to 12 dev (#1356)- bsc#1210356 - CVE-2023-26964 - hyper,h2: stream stacking when H2 processing HTTP2 RST_STREAM frames- Automatic update of vendored dependencies- Update to version 1.1.0~alpha11~git0.d3a2a6b: * Release 1.1.0-alpha.11 (#1354) * 20230128 protected to access (#1349) * 20230125 pre rel cleanup (#1348) * 20230125 pre rel cleanup (#1347) * Allow multiple backends to run in parallel for repl tests (#1346) * 20230121 access improvement (#1345) * Fix debian build path (#1331) * Windows-related build fixes (#1344) * chore(deps): bump gloo-net from 0.2.5 to 0.2.6 (#1338) * chore(deps-dev): bump mkdocstrings from 0.19.1 to 0.20.0 in /pykanidm (#1334) * making the robots easier and happier (#1343) * chore(deps): bump tokio from 1.24.1 to 1.24.2 (#1340) * chore(deps): bump toml from 0.5.10 to 0.5.11 (#1337) * chore(deps): bump proc-macro2 from 1.0.49 to 1.0.50 (#1332) * chore(deps): bump reqwest from 0.11.13 to 0.11.14 (#1333) * chore(deps): bump async-trait from 0.1.61 to 0.1.62 (#1335) * 2023 orca improve (#1342) * Adding healthcheck functionality to kanidmd (#1330) * less lint more bark, ruff ruff (#1341) * 1121 SCIM import totp freeipa (#1328) * 1121 multiple totp (#1325) * chore(deps-dev): bump pylint from 2.15.9 to 2.15.10 in /pykanidm (#1324) * chore(deps-dev): bump mkdocs-material from 9.0.3 to 9.0.5 in /pykanidm (#1322) * chore(deps-dev): bump coverage from 7.0.4 to 7.0.5 in /pykanidm (#1323) * chore(deps-dev): bump pytest from 7.2.0 to 7.2.1 in /pykanidm (#1318) * chore(deps): bump regex from 1.7.0 to 1.7.1 (#1316) * chore(deps): bump ldap3_client from `2c9dc31` to `b3c7653` (#1320) * chore(deps-dev): bump pook from 1.0.2 to 1.1.1 in /pykanidm (#1319) * chore(deps): bump dialoguer from 0.10.2 to 0.10.3 (#1317) * Fix ldap vattr search (#1315) * Spell checking and stuff (#1314) * Bump coverage from 7.0.1 to 7.0.4 in /pykanidm (#1311) * Bump mkdocstrings-python from 0.8.2 to 0.8.3 in /pykanidm (#1313) * Bump async-trait from 0.1.60 to 0.1.61 (#1310) * Bump mkdocs-material from 8.5.11 to 9.0.3 in /pykanidm (#1312) * Update yew to 0.20 (#1308) * Bump tokio from 1.23.0 to 1.24.1 (#1309) * Cleanup references to sqlite, add a FAQ section (#1307) * Bump serde from 1.0.151 to 1.0.152 (#1303) * Bump whoami from 1.2.3 to 1.3.0 (#1304) * Bump pydantic from 1.10.2 to 1.10.4 in /pykanidm (#1305) * Fix the book again (#1302) * 20221224 cleanup (#1300) * Bump scim_proto from `cb147c8` to `b5a392f` (#1294) * Bump openssl from 0.10.44 to 0.10.45 (#1295) * Bump openssl-sys from 0.9.79 to 0.9.80 (#1296) * docs: reformat book and introduce workflow to ensure it stays formatted (#1286) * Bump libc from 0.2.138 to 0.2.139 (#1292) * Bump ldap3_proto from `5149451` to `2c9dc31` (#1297) * Bump coverage from 6.5.0 to 7.0.1 in /pykanidm (#1298) * feat(kanidmd): add ldap support for mail primary and alternative address (#1287) * chore(make): co-locate .PHONY declaration and target (#1291) * Can’t build designs private documentation (#1289) * 20221221 sync deploy (#1285) * Bump serde from 1.0.150 to 1.0.151 (#1276) * 20221219 sync polish (#1284) * Bump async-trait from 0.1.59 to 0.1.60 (#1278) * Bump toml from 0.5.9 to 0.5.10 (#1280) * Bump dyn-clone from 1.0.9 to 1.0.10 (#1282) * Bump serde_json from 1.0.89 to 1.0.91 (#1275) * Bump mkdocstrings from 0.19.0 to 0.19.1 in /pykanidm (#1277) * feat(oauth2): add support for a 'groups' claim (#1272) * Bump paste from 1.0.9 to 1.0.11 (#1279) * Bump syn from 1.0.105 to 1.0.107 (#1283) * Bump quote from 1.0.21 to 1.0.23 (#1281) * Bump pylint from 2.15.8 to 2.15.9 in /pykanidm (#1274) * Bump proc-macro2 from 1.0.47 to 1.0.49 (#1273) * 20221216 a little cleanup as a treat (#1266) * fix(make): improve help output and solve warnings (#1269) * fix: set executable flag for shell scripts (#1268) * chore: add jceb to list of contributors (#1267) * docs: correct LDAP DN for token authentication (#1263) * docs: correct command for generating a password (#1261) * docs: replace kanidm account with kanidm person (#1262) * docs: unify representation of dn=token (#1264) * docs: fix link to oauth2 documentation (#1260) * 20221123 iam migration work (#1258) * fix(oauth2): use the short name in the userinfo (#1259) * Bump serde from 1.0.148 to 1.0.150 (#1257) * Bump authlib from 1.1.0 to 1.2.0 in /pykanidm (#1255) * Bump pytest-asyncio from 0.20.2 to 0.20.3 in /pykanidm (#1254) * Bump openssl from 0.10.43 to 0.10.44 (#1251) * Bump certifi from 2022.9.24 to 2022.12.7 in /pykanidm (#1247) * Bump tokio from 1.22.0 to 1.23.0 (#1249) * Bump pylint from 2.15.7 to 2.15.8 in /pykanidm (#1253) * Bump black from 22.10.0 to 22.12.0 in /pykanidm (#1256) * Bump filetime from 0.2.18 to 0.2.19 (#1248) * Bump libc from 0.2.137 to 0.2.138 (#1243) * Bump serde from 1.0.147 to 1.0.148 (#1242) * Bump gloo-net from 0.2.4 to 0.2.5 (#1244) * Bump syn from 1.0.103 to 1.0.105 (#1240) * Bump async-trait from 0.1.58 to 0.1.59 (#1239) * Bump pylint from 2.15.6 to 2.15.7 in /pykanidm (#1246) * Bump mkdocs-material from 8.5.10 to 8.5.11 in /pykanidm (#1245) * Improve ldap sections (#1218) * Bump openssl from 0.10.42 to 0.10.43 (#1235) * Bump serde_json from 1.0.88 to 1.0.89 (#1238) * Bump bytes from 1.2.1 to 1.3.0 (#1236) * Bump jetli/wasm-pack-action from 0.3.0 to 0.4.0 (#1231) * Bump rpassword from 7.1.0 to 7.2.0 (#1233) * Add new mail read group (#1224) * fixing up automation (#1230) * Add signal trapping for a variety of signals (#1223) * docs tweaks, renaming integrations (#1228) * Add ability to bind with token with a dn=token marker (#1225) * 20221121 debug webui (#1217) * Cargo updates (#1219) * Bump reqwest from 0.11.12 to 0.11.13 (#1210) * Abstract webauthn authenticator access, and use Windows API on Windows (#1203) * 20221116 oauth2 app portal 2 (#1201) * Bump pylint from 2.15.5 to 2.15.6 in /pykanidm (#1216) * Bump serde_json from 1.0.87 to 1.0.88 (#1212) * Bump tokio from 1.21.2 to 1.22.0 (#1213) * Bump mkdocstrings-python from 0.8.0 to 0.8.2 in /pykanidm (#1215) * Bump mypy from 0.990 to 0.991 in /pykanidm (#1214) * 20221116 oauth2 app portal (#1200) * Bump pytest-asyncio from 0.20.1 to 0.20.2 in /pykanidm (#1194) * 1116 UI hints (#1199) * Reword security keys (#1196) * Bump mkdocs-material from 8.5.8 to 8.5.10 in /pykanidm (#1193) * remove pam tester (#1197) * Bump mkdocstrings-python from 0.7.1 to 0.8.0 in /pykanidm (#1195) * Bump types-toml from 0.10.8 to 0.10.8.1 in /pykanidm (#1192) * Bump mypy from 0.982 to 0.990 in /pykanidm (#1191) * Bump chrono from 0.4.22 to 0.4.23 (#1188) * Bump actions/dependency-review-action from 2 to 3 (#1187) * Bump base64urlsafedata from 0.1.1 to 0.1.2 (#1190) * Workflow tweaks (#1186) * 1116 UI hint (#1185) * 613 oauth2 logout (#1184) * started working on fixing a log issue and chased some clippy lints (#1182) * 20221103 ipa import driver (#1180) * Review oauth2 best practices document (#1181) * Add tools container support (#1178) * improve webauthn errors (#1179) * Add version header and warnings (#1175) * Bump mkdocs-material from 8.5.7 to 8.5.8 in /pykanidm (#1173) * Bump mkdocs from 1.4.1 to 1.4.2 in /pykanidm (#1174) * Bump regex from 1.6.0 to 1.7.0 (#1172) * Improve handling of openssl3 in md4 tests (#1171) * Add /etc/skel templating and notes adjacent to kanidm-unixd and packaging (#1113) * Further test improvements (#1166) * Setup for next dev cycle (#1165)- Update to version 1.1.0~alpha10~git2.4a03ca5: * Add tools container support (#1178) * Improve handling of openssl3 in md4 tests (#1171)- Update to kanidm 1.1.0-alpha.10 * Management and tracking of authenticated sessions * Make upgrade migrations more robust when upgrading over multiple versions * Add support for service account tokens via ldap for extended read permissions * Unix password management in web ui for posix accounts * Support internal dynamic group entries * Allow selection of name/spn in oidc claims * Admin UI wireframes and basic elements * TLS enforced as a requirement for all servers * Support API service account tokens * Make name rules stricter due to issues found in production * Improve Oauth2 PKCE testing * Add support for new password import hashes * Allow configuration of trusting x forward for headers * Components for account permission elevation modes * Make pam\_unix more robust in high latency environments * Add proc macros for test cases * Improve authentication requests with cookie/token seperation * Cleanup of expired authentication sessions * Improved administration of password badlists- Update to version 1.1.0~alpha9~git6.b20d5312: * Resolve upgrade in place error with cbor to json (#1028)- Update to version 1.1.0~alpha9~git5.98546259: * Remove dependency on git webauthn authentication versions- Update to version 1.1.0~alpha9~git4.33b4e11b: * Resolve issue with migration application order (#986)- Update to version 1.1.0~alpha9~git2.ebab6c5f: * Fix cargo.lock + Docker * Fixing the Github Actions Kanidmd build (#963) * (cargo-release) version 1.1.0-alpha.9 (#962) * Improve radius to support eap-tls with ca-dir (#957) * A pile of Wasm UI tweaks (#958) * Bump types-requests from 2.28.3 to 2.28.6 in /kanidm_rlm_python (#960) * Update validator requirement from ^0.15.0 to ^0.16.0 (#959) * Bump types-requests from 2.28.3 to 2.28.6 in /pykanidm (#961) * 383 164 authentication updates 9 (#956) * Update libsqlite3-sys requirement from 0.24.2 to 0.25.0 in /kanidm_unix_int (#929)- Update to version 1.1.0~alpha8~git1.980f358d: * Push some missed bits to documents * (cargo-release) version 1.1.0-alpha.8 * 20220501 fix logging (#730) * ref #725 - updated comment to note it's still failing (#727) * Remove async references (#724) * 383 170 164 authentication updates 3 (#723) * Making the login path nicer, dev scripting (#721) * Tweak docs generation... (#722) * Docs updates to push all tagged versions + dev (#720) * 20220427 dependency updates (#718)- Automatic update of vendored dependencies- Update to resolve bsc#1196972 CVE-2022-24713 - Regex DOS- resolve bsc#1194119 (CVE-2021-45710)- Update to version 1.1.0~alpha7~git0.c8468199: * (cargo-release) version 1.1.0-alpha.7 * Pre-release update and cleanup (#631) * Improve autofocus to oauth2 (#630) * Finalise email changes for oidc (#629) * Temp use env filter (#628) * 20211216 tracing cleanup (#627) * Art attribution * Refactor of value and addition of base types for business attributes (#626) * Add xmas logo * Add rinstall file (#625)- bsc#1191031 - use _pam_moduledir in spec macros - Update to version 1.1.0~alpha6~git0.c9f4b1d: * (cargo-release) version 1.1.0-alpha.6 * Added an interactive cli dialog to kanidm login (#584) * Add support for storing security token key in domain config (#581) * Remove auditscope for tracing (#580) * Entry Arc Tracking to reduce memory footprint (#579) * Rewrite how we store the internals of valuesets in entries (#578) * Improving logging and docs around unixd/PAM/NSS (#577) * Swap to tide-openssl (#575) * Start to remove audit scope :) (#574) * Fix io capture in tests (#573)- Update to version 1.1.0~alpha5~git0.4be329e: * (cargo-release) version 1.1.0-alpha.5 * Release prep * Fix totp registration workflow with broken authenticators (#516) * Add statistical analysis to indexes (#505) * 511 upgrade failure - add debuging tools and improve debugging of the issue. (#512) * fixes #503 - TOTP prompt no longer drops a newline (#515) * Fixing kanidm windows client build (#507) * Add the ability to configure and provide Oauth2 authentication for Kanidm. (#485) * Change default totp to sha256 (#504) * Fixes #494 - password change user-facing responses (#499) * Fix readonly check (#496) * Update webauthn-authenticator-rs to fix test failures (#493) * Update repo locations and versions in prep for release (#492) * Add workaround for podman subid issue (#491) * 163 account recovery code (#469) * check user shell (#392) (#490) * Removed `OperationResponse` (#489) * Set default shell to `bin/sh` (#488) * 20210607 orca ldap (#470) * `kanidm_client` bool/return values (#479) * Arc cachesize warning fixes (#483) * Closure Refactoring (#482) * Renamed fields in `dbvalue` (#477) * 471 add service files (#474) * fixes #478 - adds note about web ui already being packaged (#480) * unixd will now bail if startup tests fail (#476) * Add email syntax (#465) * Add some openid stubs (#464) * Add auth docs (#463) * 64 120 session claims (#462) * Add ldap vattr mapping (#459) * Fix for unixd issue (#460) * 414 clear stale credentials (#447) * Fix multivalue setting of description attribute (#457) * 445 update pam nsswitch md (#451) * simpler ip logging (#454) * I might have become clippy this time (#449) * Calming clippy's nerves, Friday edition (#448) * 444 - client's config URI missing and more file open handling (#446) * Fix proxy usage in tests (#443) * This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442) * oauth design (#441) * Adding an example config file (#440) * adding env vars, making clippy happier, cleaning up some error messages (#438) * 20210509 cleanup clippy and audit name (#437) * 277 radius pw not accept for main pw (#435) * Orca - a load testing framework for Kanidm (#431) * Add verification of name indexes (#433) * Add ability to pick a server role (#432) * Adding a new verb group remove_members (#434) * 397 Caching password badlist (#425) * User feedback improvements, also handling a permissions issue (#424) * Fix concat issue * Update contributors * Making clippy happy (#420) * Fix 421 - clearer debug messages when doing things (#422) * 62 idm qs cleanup (#419) * Rough working login page (#417) * Make clippy happy (#415) * More debug messages (#413) * merging upstream (#411) * Improve error message when socket not found (#412) * Idlset2, query cache, acp resolve cache (#409) * Add lto thin (#410) * fixing broken action (#405) * Basic documentation for monitoring (#404) * Create design for mfa_backup_code.rst (#402) * phrasing (#401) * Docs update (#400) - Remove un-needed source files: * kanidm-unixd-tasks.service * kanidm-unixd.service * kanidmd.service * server.toml- Update to version 1.1.0~alpha4~git54.675146e: * check user shell (#392) (#490) * Removed `OperationResponse` (#489) * Set default shell to `bin/sh` (#488) * 20210607 orca ldap (#470) * `kanidm_client` bool/return values (#479) * Arc cachesize warning fixes (#483) * Closure Refactoring (#482)- Update to version 1.1.0~alpha4~git47.5e83b68: * Renamed fields in `dbvalue` (#477) * 471 add service files (#474) * fixes #478 - adds note about web ui already being packaged (#480) * unixd will now bail if startup tests fail (#476) * Add email syntax (#465) * Add some openid stubs (#464) * Add auth docs (#463) * 64 120 session claims (#462) * Add ldap vattr mapping (#459)- Update to version 1.1.0~alpha4~git38.d978c9d: * Fix for unixd issue (#460)- Update to version 1.1.0~alpha4~git37.e8b1089: * 414 clear stale credentials (#447) * Fix multivalue setting of description attribute (#457) * 445 update pam nsswitch md (#451) * simpler ip logging (#454) * I might have become clippy this time (#449) * Calming clippy's nerves, Friday edition (#448) * 444 - client's config URI missing and more file open handling (#446) * Fix proxy usage in tests (#443) * This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442) * oauth design (#441) * Adding an example config file (#440) * adding env vars, making clippy happier, cleaning up some error messages (#438) * 20210509 cleanup clippy and audit name (#437) * 277 radius pw not accept for main pw (#435) * Orca - a load testing framework for Kanidm (#431) * Add verification of name indexes (#433) * Add ability to pick a server role (#432) * Adding a new verb group remove_members (#434) * 397 Caching password badlist (#425) * User feedback improvements, also handling a permissions issue (#424) * Fix concat issue * Update contributors * Making clippy happy (#420) * Fix 421 - clearer debug messages when doing things (#422) * 62 idm qs cleanup (#419) * Rough working login page (#417) * Make clippy happy (#415) * More debug messages (#413) * merging upstream (#411) * Improve error message when socket not found (#412) * Idlset2, query cache, acp resolve cache (#409) * Add lto thin (#410) * fixing broken action (#405) * Basic documentation for monitoring (#404) * Create design for mfa_backup_code.rst (#402) * phrasing (#401) * Docs update (#400)- Update to version 1.1.0~alpha4~git0.0ac5da8: * Performance Improvements * TOTP CLI enrollment * Jemalloc in main server instead of system allocator * Command line completion * TLS file handling improvements * Webauthn authentication and enrollment on CLI * Add db vacuum task * Unix tasks daemon that automatically creates home directories * Support for sk-ecdsa public ssh keys * Badlist checked at login to determine account compromise * Minor Fixes for attribute display- Update to version v1.1.0alpha.3~git0.b34c893: * (cargo-release) version 1.1.0-alpha.3 * release notes * Update Dependencies * Unixd - NXCache of unknown items (#338) * WIP - Improve Auth Proto to Support Webauthn (#333) * Follow up on ci fixes * Add port verification to start server in kanidm_client tests * Update CI base image to ubuntu 20.04 * Add libudev to ci * 13 135 webauthn support (#332) * Change root user check to warning due to container run times (#328) * Fixes #324 account softlocking and rate limiting (#326) * Add passpoint link * Update tumbleweed docs * Account valid-from and expiry (#322)- Update to version v1.1.0alpha.2~git0.764e727: * Update * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * gitignore * Update Release Notes * 250 cookie to auth bearer (#321) * 259 reduce clones (#319) * Xxx clippy outdated (#318) * 314 improve async (#316) * Update README.md * On login pw upgrade (#315) * Add python3 support to radius * Dynamic crypto rounds (#311) * tweak book chapter * 67 resource limits impl (#307) * Update based on review * Apply suggestions from code review * doc * Build improvements * Support zfs page size * V large cleanup * Cleanup and improve client error handling * Improve server hardening * Update deps + add simd support in container * Add FAQ + eap selection * Minor updates * tweak release steps- Initial Commiti02-armsrv2 1732807063  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~1.4.3~git1.078625c-bp156.10.11.4.3~git1.078625c-bp156.10.1   kanidmdocssrcSUMMARY.mdaccess_controlintro.mdaccountsaccount_policy.mdanonymous_account.mdauthentication_and_credentials.mdgroups.mdintro.mdpeople_accounts.mdposix_accounts_and_groups.mdservice_accounts.mdadministration.mdbackup_and_restore.mdchoosing_a_domain_name.mdclient_tools.mdcustomising.mddatabase_maintenance.mddevelopersdesignsaccess_control_defaults.mdaccess_profiles_original.mdaccess_profiles_rework_2022.mdaccount_policy.rstapplication_passwords.mdarchitecture.mdauth.mdauth_proto_rewrite_late_2020.rstauthentication_flow.mdcontent_security_policy.mdcredential-display.rstcredential-update.rstcryptography_key_domains.mddefault_idm_layout.rstdesigns.mddevice-authentication.rstdiagramscombined-flow.graffleidv_api_diagram.drawioidv_api_diagram.drawio.svgidv_generic_responses.drawioidv_generic_responses.drawio.svgidv_state_machine.drawioidv_state_machine.drawio.svgobject-lifecycle-states.graffleobject-lifecycle-states.pngsearch-flow.grafflesearch-flow.pngwrite-flow.grafflewrite-flow.pngdomain_display_name.mddomain_join_machine_accounts.mddowngrade.rstelevated_priv_mode.mdidentifiable_secrets.mdidentity_verification_feature.mdidm_rest_layout.rstindexing.mdkanidm-trust.rstldap_gateway.rstlogging.mdmemberof.rstmfa-device-enrollment-process.rstmfa_backup_code.rstmigration.rstoauth.rstoauth2_app_listing.mdoauth2_device_flow.mdoauth2_refresh_tokens.mdpassword-import.rstprofile_display.mdradius.rstrecycle_bin.rstrepl_future_considerations.rstreplication.rstreplication_coordinator.mdreplication_design_and_notes.mdresource_limits.rstrest_interface.mdschema_reference_types.rstscim_migration_planning.mdsession_logout.rstsudo.rstsystem_protected_objects.rstuid_gid_generation.rstunixd_homes_task.rstunixd_multi_resolver_2024.mddeveloper_ethics.mdfaq.mdpython_module.mdradius.mdradius_module_development.mdreadme.mdrelease_checklist.mddomain_rename.mdevaluation_quickstart.mdexampleskubernetes_ingress.mdreadme.mdtraefik.mdfrequently_asked_questions.mdglossary.mdimageskani-alert.pngkani-warning.pnginstalling_client_tools.mdinstalling_the_server.mdintegrationsldap.mdoauth2oauth2.mdcustom_claims.mdexamples.mdhow_does_oauth2_work.mdoauth2_claims.mdpam_and_nsswitchpam_and_nsswitch.mdfedora.mdsuse.mdtroubleshooting.mdradius.mdreadme.mdssh_key_distribution.mdsssd.mdintroduction_to_kanidm.mdmonitoring_the_platform.mdpackagingcommunity_packages.mddebian_ubuntu_packaging.mdpackaging.mdppa_packages.mdpreparing_for_your_deployment.mdrecycle_bin.mdrepladministration.mddeployment.mdplanning.mdreadme.mdsecurity_hardening.mdserver_configuration.mdserver_updates.mdsupport.mdsupported_features.mdsyncconcepts.mdfreeipa.mdldap.mdtemplateskani-alert.mdkani-warning.mdtroubleshootingtroubleshooting.mdcurl_connection_test.txt/usr/share//usr/share/kanidm//usr/share/kanidm/docs//usr/share/kanidm/docs/src//usr/share/kanidm/docs/src/access_control//usr/share/kanidm/docs/src/accounts//usr/share/kanidm/docs/src/developers//usr/share/kanidm/docs/src/developers/designs//usr/share/kanidm/docs/src/developers/designs/diagrams//usr/share/kanidm/docs/src/examples//usr/share/kanidm/docs/src/images//usr/share/kanidm/docs/src/integrations//usr/share/kanidm/docs/src/integrations/oauth2//usr/share/kanidm/docs/src/integrations/pam_and_nsswitch//usr/share/kanidm/docs/src/packaging//usr/share/kanidm/docs/src/repl//usr/share/kanidm/docs/src/sync//usr/share/kanidm/docs/src/templates//usr/share/kanidm/docs/src/troubleshooting/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protectionobs://build.opensuse.org/openSUSE:Maintenance:18681/openSUSE_Backports_SLE-15-SP6_Update/11151efc6248983b3902ae115fd6ee03-kanidm.openSUSE_Backports_SLE-15-SP6_Updatedrpmxz5aarch64-suse-linux       directoryexported SGML document, ASCII textASCII textUTF-8 Unicode textexported SGML document, UTF-8 Unicode textC source, ASCII textemptyXML 1.0 document, ASCII text (gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT))ASCII text, with very long linesSVG Scalable Vector Graphics imageUTF-8 Unicode text, with very long linesPNG image data, 649 x 599, 8-bit/color RGB, non-interlacedPNG image data, 1976 x 696, 8-bit/color RGB, non-interlacedPNG image data, 1976 x 1223, 8-bit/color RGB, non-interlacedHTML document, ASCII textPNG image data, 150 x 127, 8-bit/color RGBA, non-interlacedexported SGML document, ASCII text, with very long lines/"poTXutf-8cf2e21f1f0c36e818d571e025ea4cc869baeadd96fd61561be7d2557e076f505?P7zXZ !t/ ]"k%NƖs~ZUឯYQ5MneU_i{A(? B8hMGy8<8Zz,(^UDz9bdU 'vopmC*PdVas /فS4<8 z,kQ~8A+.x?p0/TuS' ȏ㎺ PφBʿ*Mp76[4-h%C\zTPRm7H،TCU:+KC#*9E%R^1FhF]CɩsE& 9Gwik;y.!7WŞ]{MMmB':iMznvd'eeYAf@txxBy]q$]76:|l8^Y`SqE-}fsvqF0HǐF<*]g}Czug3FؕAV,LNXs 1Kw[QU[eQ f@ٟ4 OD;t1G_8-AqfAz%;T$rIl:z^fx%gHɡG!(W%46ǜ?tG}T.; e2˒^16*E! IV#(9V>`-j3Vz,H;00ֺ;l1Te4[,9*.j-`83[8Xm6 \S3dH-'ylhD@,)?01 &lAMsWGeY feh5ze+'z\N!&$dio 06<#N&@w Q |?l1͍/&-<95 %qTLp +KQZy`(q3kG2 \NCٺ {]ׁ9*ۭmbˬYk0%/)M$jʪ%83iL BGD)襜pucj*D_ʧgJyp#BjRըn|__C'Q"f"%$ +Quۜsv^8J?'GhnOm,cq)? L5 0H81GU$L7mf(""zq*4/԰وWmyI6dm$X if+;AvJs$ag`:K=gh#=\{apq:# A_aJVOΥ{JkybCЩzRx,|h^g/xHd sOA6HA~m7#!%(3)ރL<͚J%?JkYoC%,?621_ԤgKeEfؽzD(ƕU4OŊ:adf>OWs46e;R|a'>`1|l`iSfF[+8 f*\Imfx܌Cֲ!?HQT!0~iʸ5+Z,Ҹvr{!QebQVR(UH1trƟ҃Krm/G";7tX@\b 9|JYGGw,Hj:fѯ@޹Wc}ht,۸H⩥,)緒M5KGF +`m16 fd\.A,x0Y c*i+2 :)t_{θ z[;/;kYָZ5<"4d,t^DִЊ&:|Z")1\I#;k>~r]fp'bəEeIp{NJY`q5`g7[.XqZכ.Q*w 2]IͰ}T[l2=uבMF%eUkR}Y"qg]˥ 4p^Dj =xnvZu"Y r7$!Oj #Ek5kZ>cw`+OR\mU(F>U)mDlJm]}5e:ل8f\Yg<4kIU~0mǨ&\DP)aqnKNMM!bI6!,&E|qz+o;*lb)|^+e?~.K)HV0K+B4tbPFFcX>B}`Ai !J?aS6nCQ 5X9mR ]:{@V*θ[vGJH_K8x u#>(J?NEvgS1Vd;W 3ѐBmpr6s51I)*m|0YAH:ÿ:@Xf32IJ[Lt( ~F~,7` dIaBŏ`3R6Vd7!t1D$O-9RՉ&t\*Gdv@ԹI)1*N|+& Οs(gZ_YnStb6gak]kzRF_EZe7q饶 YZ