kanidm-docs-1.3.2~git0.229b0cc-bp155.29.1<>,fDĊI%z WțF|ߴT 6B rJ*YDc7HӕMPKO5+E1YiSrva]B#RW][=܃kTCMh'GJl59t鹗0qQE&լLoj})13: Tnl,WLLaC?lL:DoNaץuvl-v.-Sjæs˛^%+ך3~z#=};8or >΂Um&m=yao\:F=HIQ,^j%8wzzt37!W%E'JCmu# %&et])GC$toE xCZ}5okubPa$cNKF="RjpJ,k>SVx( ~Y!ªk97 }Fi23'LSI>;?d! , T     \ +7 +.@1G4N4|6777(787*98l*:<:*FlGl,HnIqXqYq\q]tP^bTcdefluv(z|Ckanidm-docs1.3.2~git0.229b0ccbp155.29.1Documentation for Kanidm AdministrationDocumentation for using and configuring Kanidm.fDh02-ch1a3'SUSE Linux Enterprise 15openSUSEMPL-2.0http://bugs.opensuse.orgUnspecifiedhttps://github.com/Firstyear/kanidmlinuxx86_64 zJ tS xBa7 *MK!! F -@1HkU@%e92a17wGE '\ *<y \ 1Z /Y=QRm7- 1  >@ (i '! ! =z\+')Vu'2.  zX!& . &9 D  /%- < (AAA큤A큤A큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤fDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDfDbb068d1859d714aa284396b06986a6e22c1287633c2752814803716d23cc097b06689ce76dbdd541764bf547f89f17728680630c68aff4ccc18db1d113b6b97d950288ce01196461ec6497c270ca4a170ed1beeed54f81b4f4c70cd0a06cf4868f36903d20404873dd50292c1aae2be5df278c791b9b3ea0a1f56f7efd8f8e7a1e9c8431f9c421987c0a68772d939a31d2a098718f3cb2f58e233e102c5329c06ae4786743d89c19010b3ed37561b1c738f2931a046764a2cbc908d6bbc0ee579af4a2f42526c710e220bb255920e917f2dd47953b89e69b54f18341b028d8d9690b8f2b6da4887cc368e4dcc993a16d45b78cefad04fd6dd6175953279016cbf28b04378654078effb6f34cae7e6605a8c7af1bc7f45f27e9ec095ca7860fda52f86e81610d593e9cf4db5cf4c3c29f0ae8d89db71c04dc44053e07359607a46933d58d0da96791a9a5deee6c907565be0cd5bb4aaaf35f0c88f1affcf742ca8fedf7455f634d7bd2877929cd94d9298abdcd0f1b057a430e3f0d996f187a76465c4b5054380c1e7dc7bd4d689817c373fcad8402588f48c7f1ab694eb9419191e73d39bdc4225292da6f67f5ec235a9f8f713f83d42676a43a0a41ae055e6ea51822dfec0f268e5ecbd9bf5cf2814061baca2e61dd211e461e4282913f4dc71c2bf51f217e5e080ac6c523147b173d36cf87466892aa2b4b4c1927e27d1e99bf712a0cc03381e4bad58b70d98794e2c1d79c4d167ad92c990ce2b6c2e8d3480afbe5e48037a94327c69728582ebd6187a334335b00b0e6b9c995ae04892d2cf2944848ebaa6055aef440da1669b926b2eb49da7dd611d3bca679186045d3c42d1ff68fde546bdeef7048e457bf95c45baf2441fff219207fefb84ab678ad2dbd0c8f3e1b96872198eae5e4c463bf81142ad85a80b1a7838ff6c97202411bbeb9cd72ded7ad1e854d98205230ea5e25d50992a77dece6d8d6c1f0454ad285d7161c2914f1881f19437acb11a173ba2bef3e58f0c6df22627446375b1e9dcdd97fd2096d2df1a9659b945921ffeaa83be47a9f30fafc4226a1cc831ac035531d171f6612692236d3705c569a5843e5a4bdc1d3bd520fd46ec03061ffe937445395fa65eee85cd3758f2467679c5e581a72f7e82a60ca631e4eb94e081381b0e3cbfbae0df183699600f8be17948cbb2198d831d4e511b99f516d188a25aed90bd041db276abb6a96bc1edf5967682c05cd17e158e8eb7da49f73b40059dacfe01357261530447ffc00a7e0d10850ff0d07dd5eb7752da3c7caf7a60e94bfd925e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8556694b3f3a3122d01b410ff3565fd6a8eb2b8565af0a367ee4a756ca485a30d5fe4b600f2967f665a4a2c16476293550c0da85ed85068ab43727dc137119ef1f1db7d69a59340751d182d392eb25c554c339f07c32bce53d52f7acbb8a971382549a73fa98465f1bebb068c8b7fdd418a859115c28516044ac10472feced6bf4abd2cea12c073c5676c5de7f0ea5f983fdf3ffa0f7a363ca35ab4e3e386506cdc22429ad31324815e063a0e13cb667725b70de7cfe746eaac8cb5fbcb393b4a16f075d233e913836ac2734bdf32a114c7bb6ed5caf26e1e5bff0ed574e46c5f3b28dcb0b030b79d365954dc435e93494f02bf3b892b3501ceae7c0ad0a28f0f71d3caf0a9ce9a774b882fd5be3bebe916fc5bd52a97cf36599c26c6465ed1168f41cdf5f8f38ae16832c63d7406421a473773bd940f1b6a32b357e6c2a190ae46823fab0bd86677850d5491b2a58fa0eb8c8d205ea88c067ffb6015db7bbb04d7a8919000e9495c73b9f52b473bb057d059246bf7493a76fa5b11a8ad81149cf22a70fed19be0837b2265636308f2614a23f355dbca597e40b400e366d7dcc9edf9f6126f435b24faf3bfea6c4a00573be9aff2a01ddbb7735068968731ad321e4d55de413cd09040d1948a3cce85ab6a81a22f6c8b63e31fc1a3e62c1b7ecd1eaff2c9da0541350ad0a0357142b4847a0b43f9bee8849c8fb458fb63a336b1f3dc5e9d69d5b0ab85488570d1d35b232b8ff547f5c7f9009271ab08fd714d197bd37ee734216b942fc06dad357abbf159a6c3b3b92ddb531b5ebd1e29e642cf5b50ff9e5d0abf919446ae44afca406fdb9155f5d38b0377d43e3889b07079e1f1460b6abed31702b7bd9c780cd48247b2d77e35b4c7f2fdf4e354b5d85985615450a2439625505dcaae5bce4487787246a1e9c1997f6750911ad4ab269367ff5ff2363e54e9597eba40424a9cdc8e1d96b3b0b05cd9e5eec18a6feab0138904e4e56eb6a73e45df44a0fcbb8f784c822b2286d3e73f3ac50ed565ef2287a74c77fc09ccf00d77347901a17574dddd827161c02c352c8413de547b24c28603e82ac1e9d202ad3e76359f5a131c5f5cc2758a77c8868fc3dadc20ebf2e2dc7da22421fa1a06cb0bdbcca209cdb9be1b78a183bb29215f541634884df440adcf12193a4f848b307b86f4828efad8d20879a2c34729e0797b12c1a84a68079333dc1980831f027a47a51075e337ebe828a2484500452639ff127bb8c5a422223c7bfb52fbaf43a11fd4270db73742ac0dbef42ad16223eeb0dcfecb69ddddb840d1ed4ee2f918d924dfa9315bbceb634ee4c2ff98fdbd76e00e4ec99971a53a08049cf7a40bde125b7d48d113059bde79f6246cd44b6103cb7b436ca67237fea6420f00d4a9f18f8493914595ed774523633f14c640276068a5b3950fee3f69074b9a1875cf21638400a49354bc884f9ff24bcde52d65c034a21faa8dea3f383a236edeafbd5be41451bb4efdf77018be644b7c39ca75fd7fe1b4d90afad0c60ba0e8aa620d4d167c5fae4dff9a478a8cd50cc5f0a612a35df32e2ddad99f229f6e02ffebc44d43e938f483c1936ce80782feb239524711cad2eb9087f60136b5800c378bbe80bfeb42c5e06ff2228d04f19b16c1e3d02f69a7c3c7c743f2192ebad429d40d4dcc3b10a28e129bd4f2798b28021227c44df7c492a38cdd445bf26faafdf676c12d4736c3ddb37b90ddf5f873cbf6ea76e508d3cc82738eb843ee1eb84b5838628f9a76be3afe03c2ea183ddb97f07a906d077979f2e3264443d8edbd6c1ece4660470b528299ffeb2e60d2e56ba207ff91715730b5ace75588789200a1a7de784b45ac831afbc25acaa6a5c94a8e2c04c04a5b6348f4c5b7eafc3ce763e84528630de5f0f67e28a9bdc6b0a5bcd15caeff240b71b762bbfe2e1ae1cb78c013d1d618a21adc03edab851d9fdca9f532cf972884825516fa4182fd6c24b8ad1172537c940dd6e783e1d819db69e561318559d37830355be1595797fa8e4377c73bb74c71cfdd698f32606256ba8c479d2b377a9814933bac371fa3fae6544e1c9964ff3f81a1e48f4bd3d67272c18d04733a310106137357b6136c9394f74ced558237f170d19aab317bd5d59ce5b7794205d725af1c4ab8d83d54ce44237622a84111bd071913f8b117ab5485d9caec2af6de7a4cbfde41a174093c9f89f08fbc9186fe8fa1aad8cd7b4a08760790bf8830044ee3ac11132684311437be89cd338f442d738f0749161d39d3c6749a69b45a208419d2aeb6e80c49e80470e1a5e764b760752592b50a57fdb03574ef23687a6464bfb1a4d95162fcb425a34059231cbbc5c516d46067fc684d0ad63dc1d3bdc6852e63e3a5748bf18b82900840c8c82e13993fb01acd146781d6aaa869b82325de95d0a42d990127eabc4391b7b6210cf6d3a84dd67f2f4df573d75d5d858881a67a01a797c53b86847929f8a183439b13aa8f9589d6dedda13b7c038cf253509d4689ab17d4c345601e950033b8c615ae7a325c1a094ccf06c347bc9c99a54ac6a4d8f3189c6f932fd4654b8c4c9983bb9299fd354cf4638b3e798eb6fd08d46cf577e99f3d6fdaf7cd8cc62b9b2dc9e0137fe0e426315112460d6fc9cd49e1bcdfb58e9bb16c636698ab4ea43641dd3e7aa2a82010298656556d5afe380e16a904f8337c494cc83b28d7c51525a2147e88ce1182a2d7bcdc4e885eb4baf4897e0150573045db36e18787bb027715e1f88f18bf97b53f046fce10290967fe9958682b1d43eb5d6c9afa013fdffe18ad74688734e9f81723fd7aa151666a6a574f5621c408fcc252026a6a5154b270af80cc867af81437efdc3767dc229eafd30c1b94a325820711ee85e47e1a7d9c61add7ba52669b9c6c2e18f34ccaae12cf6a5faa60fc5a1e4264fb3d46f02eb3fb4a6239baadecf85cd3ab3ae72c3befa62872f9d9306fd976e3a46c9a471a5532330bc996cedb56971c3d711125f5c741bc3d486ded1e1e9bf999327891548c7fd2c4da26bd192f8004c03b6838fa08c073b5810755fe136347bfba1a3fa52a1daf7a13e81404339d2113416657f5b10e6e25234d689fc1bc72efc8c0643088c26c182c2d0025c87863fc2a4ad13be9f10be52a38ba5e72f2d9e952e1f1fed856f2f5d99d6587cfe684ba0b54498f7bc5e5223e83be3df244773c4e4fa5492c82c5385d8538e7b147ae32a4f50e44793dd18761430256a8c50ec649842d6c33733af8fb52849c5631608dc4e596f98a144a3e435b45abd49f4d17f3b7980c71ea2dd348ca67cfcd254d3c32674b296d6329217deabd5e0d48ab40e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8555519b3130019a444dcec7a38b1ce6e30041af04e635201393866b87096290799ae2b04787aa6ece5f956d50872242b98d83b202b1ea503c9b5d8895be4111605a94bbd94025f4115e3bb3ae04386bdf7cda9471c075e0ca4155ca6ff7601d7303015456f03ccee83f47f4f064e726a5a33710c60d7fde6c5d878f9b6148c05b913e3d2da1073393c130692dd1a1f6b0d4e40bb4c5312c5a811eb78d12e76490ce8db713cc4cda2862ac5df01770e9646890784203e861583e8812489c0f8de202dbe12a2b80f5c826c9f7f5c90094b1d0f7c91b72db6a23a7cb42d7737e13b3df4592aa9f84ff0fd30b4b21aff67a4b467c2751d1002947c374c0a216e75a4a97be683f684c4d5b677f9dc98e847354f32f3c56d8c9d09a9612e7ad968d821503bea36931fb1d328dc61fe76ee6818c68db649724021cbb5b6a99d65977bcdfac2bf81085576b04fbe02b3d86dd5692572b0509762b73145fb7ffb72f6c858909f7dba59e3cfed45cf3eefd1cf2e77409d43652df9811a75f16eed398b04abc1fc387d75911426bf88405501a564e674b2d749e402ad1b06d108654373e5347a4ed0b545cfb89940126783a6a7bf0670e5937de4400c30c5372cb38f3dea2233eb3710824cf403d71460f2a5f6932b501842f953f77c731bad8202e2baa750fcd5e91095ad44415f18ef2a724ee4e18e0495e991e4631c8e1bb11d14e8e851bb67f00e160bdeb94b3e9d2579a4916bff5e0cbd576ff2f14ededc085b40e548526830bd2dc39795e38e039e8454df8f687720fd6994dc249509d3cb4fb410ead76e86d00d5bbd6f4ae2650c10ac8c3cfe8a66a58e0ad1566fff86b538bb86d21309c4dd0149fc181c083c375881fb1d407acaa2282c3477eb292246e9827e9f21d250299926bde5c82320e7ceb33bb516781ef384d0f57e4c2d55a0ec0252cee316a8664c9177bea33d4eaf9052738d0c577e3a42db7a9dc371e842c7b83951d8db01f327b69984296f23fd62ca42dc6bf18c45c85afaeb8b0b3f4a2f466bda66bc4be51fd708e9c8b47d877c4fe59994fdd15f765ce66d6f36c39566befe9e0a0867167b6b933036dd27a0303b9424dfa3bb5a5ea4a49a11e1f74ad155da3179a3ab2f06eb1928d1be3ffb8a74af08f0e146a74d43ecbdaf9396b771fd54a3754c2ba808803ecd2c0308254106373e612dba9493ef774304fc074386dfd47cec0623e4b8a725c5e631dd8105749589d5e90e29ab7dfd29fb932e7a028c89f0e22ea93d05321a8febab42a1df0a1bc5e2fd6746386c174b9c803d7c6ab5c3a0691bda989941bbe08d46cf5f7160f36aa74c0b618769d9af07f2fd5e44e9248d209e54c4799e2df0a1330e039f3e9652875931d8e15e113753163a840420f979dfb187a0619d540bc2980b96a5d2459377906662cc8bb4f7a02b4c4990707e67farootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootkanidm-1.3.2~git0.229b0cc-bp155.29.1.src.rpmkanidm-docskanidm-docs(x86-64)     rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rpmlib(TildeInVersions)3.0.4-14.6.0-14.0-15.2-14.10.0-14.14.3fV@f@fafXj@fH@f2.ffe @eeԔ@epee@@dQd@ddOd9@@cwcT@ck@ca @c*ccbbnv@bL/@b/.@a+@aaV@`@`s```8@`e__u_'@william.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwilliam.brown@suse.comWilliam Brown William Brown william.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.deWilliam Brown - Update to version 1.3.2~git0.229b0cc: * Release 1.3.2 * Prevent bug in pam (#2960) * Reduce client logging noise * Improve migration error message (#2959)- Update to version 1.3.1~git0.eed7c07: * Fix incorrect logic in cred update flow (#2956) * Resolve maintainer bikeshedding- Update to version 1.3.0~git0.e2a563f: * Release 1.3.0 (#2941) * New orca models (#2909) * Run rust_build CI between multiple Rust versions (#2939) * Bump the all group across 1 directory with 9 updates (#2938) * Bump the all group in /pykanidm with 4 updates (#2937) * fixing println bug (#2935) * Reorganising the daemon startup so it doesn't fail with OTEL configured (#2934) * clippying all the things (#2931) * docs reordering and cleanup (#2932) * Add scim proto to kanidm, refactor to improve serde performance. (#2933) * 20240725 allow connection to older servers (#2930) * Ubuntu/Debian buildy scripty tweaky things (#2928) * kanidm graph graphviz unfit for scripting bc. of non-graphviz output (#2876) * Improve workflow when account policy isnt satisfied (#2927) * Docs rework (#2919) * Bump the all group in /pykanidm with 4 updates (#2924) * Bump the all group with 5 updates (#2925) * Substring Indexing (#2905) * Oauth2 in htmx (#2912) * Strict redirect URL enforcement (#2917) * Bump gix-path from 0.10.8 to 0.10.9 in the cargo group (#2918) * fix typos (#2908) * Add missing groups scope to Grafana example scope-map (#2914) * build profiles: rename release_suse_generic to release_linux (#2907) * 20240716 check mkdir (#2906) * Fix issues with suspend reported by himmelblau (#2911) * Implement home_mount_path logic (#2894) * Forcing the http2 feature on hyper, but also chasing some out of date packages (#2896) * Updating service type per kanidm/kanidm#2892 (#2898) * making the internals of kanidmclientconfig public for other users (#2895) * enable build htmx in docker (#2893) * Fixes the logout flow in htmx and improves the login error dialog (#2889) * htmx logout tidy up (#2884) * Tidy up replication poll interval (#2883) * Bump the all group with 8 updates (#2899) * Bump the all group in /pykanidm with 2 updates (#2900) * Add a migration for future versions that will notify and warn about the removal of security keys. (#2885) * Update mtls cert lifetime (#2886) * Bump zipp from 3.16.2 to 3.19.1 in /pykanidm in the pip group (#2888) * [htmx] Apps page (#2868) * Bump the all group in /pykanidm with 3 updates (#2879) * Bump the all group across 1 directory with 10 updates (#2881) * 20240703 htmx (#2870) * Bump certifi from 2023.7.22 to 2024.7.4 in /pykanidm (#2877) * Offer configuration of images for Oauth2 resources (#2665) * 2818 2511 oauth2 urls (#2867) * Vale Edits 0.1 (#2869) * added orca docker file, make target and credential reset capabilities (#2846) * 20240620 htmx (#2854) * Bump the all group in /pykanidm with 2 updates (#2864) * Bump the all group with 5 updates (#2865) * Fixed link to the developers guide (#2862) * Tweaks to make the makefile make things make easier. * Update sssd.md * adding freebsd target_os * Bump the all group across 1 directory with 8 updates (#2852) * Bump the all group in /pykanidm with 3 updates (#2849) * Bump the all group with 2 updates (#2850) * Configurable thread count (#2847) * 20240613 performance improvements (#2844) * Bump urllib3 from 2.0.7 to 2.2.2 in /pykanidm (#2843) * Allow providers to be box dyn (#2794) * Bump the all group in /pykanidm with 2 updates (#2842) * illumos support (#2838) * 20240611 performance (#2836) * Bump the all group across 1 directory with 3 updates (#2837) * Bump the all group across 1 directory with 5 updates (#2835) * 20240607 2417 piv (#2829) * fix: typos in OpenApi (#2827) * Bump authlib from 1.3.0 to 1.3.1 in /pykanidm (#2834) * Bump the all group with 7 updates (#2811) * Double shutdown doesn't help! (#2828) * Stats collection improvements and a bunch of other stuff (#2820) * Add development taint flag to prevent mismatch of server versions (#2821) * Remove small ambiguity in docs (#2823) * lowering "access search" security log levels (#2819) * Better WebAuthn and other error responses (#2608) * Update examples/server_container.toml (#2814) * Bump the all group in /pykanidm with 3 updates (#2812) * 20240530 nightly warnings (#2806) * Regrets Dot Pee Enn Gee (#2804) * Resolve incorrect handling of tokens in logout flow (#2795) * 2756 - resolve invalid loading of dyngroups at startup (#2779) * WIP: serialization and domain info setting wonkiness (#2791) * Bump the all group in /pykanidm with 3 updates (#2799) * fix DB_PATH variable propagation (#2797) * feat: add support for ldap compare request (#2780) * Add ACP checking to exists operations. (#2790) * Allow name write privileges to be withheld (#2773) * Check for same version with backup/restore (#2789) * Revive Cookies. (#2788) * Fixing up the docs deploy script (#2787) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2781) * Update our domain TGT level (#2776) * Fix PIN and MFA Code pam prompts (#2759) * Update design for KRC (#2713) * Add some extra comparisons to the readme (#2768) * strip out some debug messages unless *really* debugging. (#2767) * Update dev version (#2726) * Don't need to check versions when there's an intermediary reporting connectivity issues (#2758) * updating text to fix typo, add more info (#2761) * Changing TOTP "copy" box from form field to code block. (#2765) * chore(deps-dev): bump ruff in /pykanidm in the all group (#2763) * Use fully qualified container URLS (#2754) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2747) * chore(deps-dev): bump jinja2 from 3.1.3 to 3.1.4 in /pykanidm (#2752) * Fixing up build for rust 1.78, hiding things behind cfg(test) etc. (#2753) * Fix broken links in
sections (#2737) * Update Webauthn and Base64 (#2734) * Add some metadata for lib macros (#2735) * chore(deps): bump the all group in /pykanidm with 7 updates (#2729) * Clean up utils password rand generation. (#2727)- Update to version 1.2.2~git0.c4153c9: * Resolve incorrect handling of tokens in logout flow (#2795) (#2803)- Update to version 1.2.1~git0.ba82b1a: * 2756 - resolve dyngroups not loading correctly at startup (#2778)- Update to version 1.2.0~git0.9efa91a: * Release 1.2.0 (#2733) * Prepare 1.2.0 * Release 1.2.0 prep (#2724) * Minor upgrade fixes (#2722) * Resolve OAuth2 client/rs confusion (#2719) * Improve access control doc to describe privilege access mode (#2721) * Support 1.1 attribute in LDAP (#2720) * Add mail support to groups (#2718) * Add session limit (#2714) * added profile and `memberof` search to the basic model (#2712) * chore(deps): bump the all group in /pykanidm with 4 updates (#2717) * Fix typo in oauth2 error message (#2715) * 20240409 rework orca markov (#2699) * Begin the basis of the key provider model (#2640) * chore(deps): bump the all group in /pykanidm with 4 updates (#2707) * chore(deps): bump peaceiris/actions-mdbook from 1 to 2 in the all group (#2706) * chore(deps): bump idna from 3.4 to 3.7 in /pykanidm (#2703) * fix(TotpDigits): fix typo in TryFrom impl (#2702) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2696) * chore(deps): bump h2 from 0.3.25 to 0.3.26 (#2694) * Windows Hello Authentication requirements (#2688) * chore(deps): bump the all group with 1 update (#2690) * chore(deps-dev): bump the all group in /pykanidm with 1 update (#2691) * Require kanidm-unixd before kanidm-unixd-tasks (#2687) * kanidm unixd mfa capabilities (#2672) * Add Grafana integration to OAuth2 documentation (#2685) * [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686) * ldap-sync: allow to use attrs more than once (#2676) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2683) * chore(deps): bump the all group with 1 update (#2682) * fix(docs): packaging section improved (#2677) * Fix developer ethics link (#2674) * fix(docs): filename, header and title mismatch fixes (#2660) * 20240312 concread upgrade (#2668) * fix(docs): capitalization fixes (#2659) * fix(docs): links corrected (#2661) * fix api typo (#2657) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2662) * chore(deps): bump the all group in /pykanidm with 9 updates (#2656) * Update bootstrap 5.0.2 to 5.3.3 & minor UI fixes (#2650) * fix(docs): typos, grammar and broken link fixes (#2644) * increase severity for "{:?} !⊆ allowed: {:?}" (#2648) * Add instructions on how to enable PKCE in Nextcloud (#2647) * 20230224 2437 orca remodel (#2591) * Add initial design for key domains (#2564) * Add upgrade process, improve developer readme (#2635) * Doc unix client support (#2633) * 20240301 systemd uid (#2602) * expose group patch for parity (#2628) * Adding a builtin class for all built-in things (#2603) * apidoc tag fixes (#2625) * chore(deps): bump mio from 0.8.10 to 0.8.11 (#2620) * Fix missing entry managed by on anonymouns (#2623) * Notes on privilege-expiry (#2622) * SPAs really are stupid sometimes (#2609) * apidoc fixes (#2614) * chore(deps): bump the all group in /pykanidm with 4 updates (#2615) * Typo fixes (#2610) * Return consent scope to service account (#2605) * OpenAPI schema fixes (#2590) * WASM test fixing (#2595) * Feature object graph (#2518) * Add domain version test framework (#2576) * Fix the miniflux oauth2 example (#2598) * docs(monitoring): Fix syntax for OpenTelemetry config (#2594) * 20240221 2489 cleanup api v1 (#2573) * Changing to allow startup without a config file (#2582) * Allow /dev/tpmrm0 on older systemd versions (#2587) * Adjust output of claim maps for better parsing (#2566) * chore(deps): bump the all group in /pykanidm with 4 updates (#2585) * improved error description for commit_credential_update (#2579) * Make /status less noisy (#2574) * chore(deps): bump cryptography from 42.0.2 to 42.0.4 in /pykanidm (#2567) * Add system range protection (#2565) * Fix string comparison in Debian build script (#2409) * of course I started looking at clippy things and now I can't stop (#2560) * 20240216 308 resource limits (#2559) * fix(oauth2): typo in basic path (#2562) * Adding duplicate-finder script (#2550) * prctl compile-time fixes, also chasing lints (#2558) * Removing unused constant and updating docstring for LDAP bind address (#2556) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2553) * Support Policy Updates (#2536) * chore(deps): bump cryptography from 42.0.0 to 42.0.2 in /pykanidm (#2548) * Re-enable HW tpm support (#2531) * Add further hardening for system services (#2542) * fixing the test script (#2547) * when the HTTPS server fails, handle that gracefully (#2546) * Fix update intent ttl parameters (#2540) * radius build workflow fixes (#2541) * Conflict nscd, start before sshd (#2539) * Fix incorrect documentation elements (#2533) * Remove replication is in dev flag (#2535) * Ordering auth methods in the CLI (#2508) * Set lowercase owner name in tag (#2534) * Add code_challenge_methods_supported to OIDC discovery (#2525) * Himmelblau requires the machine key for unix_user_get (#2523) * Extend on Apache example (#2524) * chore(deps): bump the all group in /pykanidm with 4 updates (#2520) * List of supported features (#2499) * Update to latest dev version (#2486)- Update to version 1.1.0~rc16~git7.8a1b7b5: * Require kanidm-unixd before kanidm-unixd-tasks (#2687)- Update to version 1.1.0~rc16~git6.e51d0de: * [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686) * return consent map to service account (#2604)- Update to version 1.1.0~rc16~git4.d407844: * Remove zstd feature- Update to version 1.1.0~rc16~git3.81298e8: * Allow /dev/tpmrm0 on older systemd versions (#2587)- Add ipa-sync service - Update to version 1.1.0~rc16~git2.6fb4fac: * List of supported features (#2499)- Update to version 1.1.0~rc16~git1.a917291: * Correct cargo versions * Release 1.1.0-rc.16 (#2483) * Fix for incorrect domain migration rollbacks (#2482) * Add tools for remigration and domain level raising (#2481) * chore(deps): bump cryptography from 41.0.6 to 42.0.0 in /pykanidm (#2480) * Support SPN in groups claim (#2474) * Credential update tweaks (#2475) * Oauth2 pkce faq (#2473) * Fix debian versioning (#2472) * chore(deps): bump the all group in /pykanidm with 7 updates (#2479) * chore(deps): bump the all group with 1 update (#2478) * Fix RUV trim (#2466) * 20240125 2217 client credentials grant (#2456) * docs: Add application passwords design document (#2427) * handling master docs (#2465) * update the artifact name in the download step (#2464) * Book SUMMARY.md: Fix part titles according to mdbook (#2463) * Update chat link, add keywords (#2462) * PyKanidm updates and testing (#2301) * chore(deps): bump aiohttp from 3.9.1 to 3.9.2 in /pykanidm (#2461) * 1222 what rights does anonymous have (#2436) * Fix inverted key/chain logic from TLS error improvement (#2453) * Improve TLS configuration errors (#2447) * chore(deps): bump shlex from 1.2.0 to 1.3.0 (#2445) * chore(deps): bump the all group with 1 update (#2441) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2443) * Return sshkey label to cli fields (#2440) * Add rfc8414 metadata (#2434) * Add test for delete referer invalid (#2435) * Clarify role of WebUI in README.md (#2431) * Adding max_ber_size option in config for ldap sync (#2416) * Debian build fixes (also the book) (#2400) * 2390 1980 allow native applications (#2428) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2430) * cookies (#2426) * Clean RUV (#2424) * chore(deps-dev): bump jinja2 from 3.1.2 to 3.1.3 in /pykanidm (#2425) * Upgrade replication to use anchors (#2423) * Minor fixes for oidc with single page applications (#2420) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2421) * Use case insensitive match on substrings in line with ldap (#2419) * Change OAuth2 RS Origin from the CLI (#2418) * Add design diagrams (#2332) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2410) * Fix deb release flow to find the matrix split artifacts (#2406) * 20231222 piv authentication (#2398) * Update docs, closes SQLite Write-Ahead Logging might make page size immutable #2404 (#2405) * Build the kanidm cli tools deb as well (#2402) * Force apply idm migrations to apply access controls (#2401) * fixing up the integration script (#2392) * chore(deps): bump the all group in /pykanidm with 8 updates (#2396) * chore(deps): bump the all group with 2 updates (#2395) * fix backup filename and regexp pattern for cleanup (#2386) * idprovider: Provide the keystore during auth (#2385) * db: Fix insert_tagged_hsm_key doesn't cache the hsm key (#2389) * daemon: Fix inverted logic on cache dir check (#2388) * Add improved domain migration framework and default MFA (#2382) * Trim and lowecase usernames (#2380) * Add DN as a virtual ldap attr (#2379) * fixing default for oauth2 request_parameter_supported metadata (#2378) * chore(deps): bump the all group in /pykanidm with 6 updates (#2375) * 20231218 ipa sync unix password (#2374) * chore(deps): bump the all group with 2 updates (#2372) * 1481 2024 access control rework (#2366) * chore(deps): bump zerocopy from 0.7.26 to 0.7.31 (#2368) * chore(deps): bump the all group with 3 updates (#2363) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2362) * 249 2024 managed by syntax (#2359) * typo (#2356) * 20231204 ipa sync minor improvements (#2357) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2355) * Unixd build/debugging updates (#2350) * 20231129 webauthn attestation (#2351) * Fix handling of TPM in some trait contexts (#2347) * docs: miniflux added pkce support (#2352) * Using proper axum http headers lib for compatibility (#2348) * Bearer should send with same caps we accept (#2345) * chore(deps): bump cryptography from 41.0.4 to 41.0.6 in /pykanidm (#2341) * docs: improve grammar for book/src/developers/faq.md (#2343) * Expose machine key in auth phase (#2340) * 20231128 freeipa migration (#2338) * Unix crossbuild scripts and docs (#2326) * Expose TPM in more interface places (#2334) * chore(deps): bump the all group in /pykanidm with 6 updates (#2336) * Adding kanidm client config docs and notes ref #2248 (#2333) * Update to the latest compact-jwt version (#2331) * Adding env var configs for the server (#2329) * Better errors when TPM PIN file not found (#2330) * 20231120 2320 sssd compat (#2328) * Resolve future send issue with keystore (#2311) * chore(deps): bump the all group in /pykanidm with 6 updates (#2325) * chore(deps): bump the all group with 3 updates (#2324) * Add test (#2323) * OAuth2 scopes validation logging missing details (#2317) * Add systemd deps for unixd (#2314) * 20231115 oauth2 authreq (#2310) * Docs - Bump Fedora 36 to Fedora 38 (#2309) * chore(deps): bump the all group with 4 updates (#2306) * chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2305) * Remove serde json from wasm (#2304) * Fix spelling (#2303) * 20231109 1122 credential class (#2300) * Moving daemon tracing to OpenTelemetry (#2292) * 20231101 add id cert to unixint (#2284) * Docs fixes for #2296 (#2297) * Update OpenAPI schema gen to actually... be kinda sorta valid. (#2296) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2294) * chore(deps): bump the all group with 8 updates (#2293) * pw min length in account policy (#2289) * WASM troubleshooting docs closes #2286 (#2291) * oauth2 typo (#2290) * Update notes to avoid some possible interpretation errors (#2288) * Feature: kanidm CLI pulling OpenAPI schema (#2285) * Feature: configurable replication poll interval (#2283) * Minor improvements to incoming replication (#2279) * Problems with bash completion autocomplete (#2281) * Remove unused imports and clippy lint (#2276) * Rework ldap bind routine (#2268) * Disable inconsistent test (#2278) * make versions consistent * 1.1.0 rc.15 dev post-release (#2271)- Update to version 1.1.0~rc15~git8.122b6af: * Remove unused import that breaks builds on newer rust versions * Update to latest webauthn-rs version * fix version * Fix maint branch versions * Disable inconsistent test (#2278)- Update to version 1.1.0~rc15~git2.74f5c0f: * make versions consistent * 1.1.0 rc.15 dev post-release (#2271) * Release 1.1.0-rc.15-dev * started writing docs and ended up in another rabbit hole (#2267) * CLI integration test beginnings (#2261) * chore(deps): bump the all group with 7 updates (#2266) * chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2265) * Add book chapter + cli * Cargo fmt and clippy checks * Restrict posix passwords on ldap bind with config * Splitting the SPAs (#2219) * Bug chasing (#2257) * cargo fmt + clippy (#2241) * service-account or person validity show returns for non-existing identity (#2258) * don't need write if we are not writing (#2256) * adding service account patch methods (#2255) * .deb package build and docs fixes (#2252) * Auth flow docs (#2249) * pykanidm test code (#2202) * chore(deps): bump the all group with 5 updates (#2247) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2246) * 20231019 1122 account policy basics (#2245) * Add note on snaps to PAM and nsswitch with link to new section in FAQ (#2244) * 20231014 account policy (#2218) * chore(deps): bump rustix from 0.38.15 to 0.38.19 (#2242) * Fix incorrect references to LDAP in sync (#2239) * Remove unused crate users (#2240) * chore(deps-dev): bump urllib3 from 2.0.6 to 2.0.7 in /pykanidm (#2238) * Windows build fixes and test coverage (#2220) * more space checks (#2234) * Fixing dependabot and its mistakes (#2232) * chore(deps-dev): bump mypy from 1.5.1 to 1.6.0 in /pykanidm (#2231) * chore(deps-dev): bump mkdocs-material from 9.4.4 to 9.4.6 in /pykanidm (#2230) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2229) * chore(deps): bump tokio from 1.32.0 to 1.33.0 (#2228) * chore(deps): bump tss-esapi from 7.3.0 to 7.4.0 (#2227) * chore(deps): bump regex from 1.9.6 to 1.10.1 (#2226) * chore(deps): bump tracing from 0.1.37 to 0.1.39 (#2225) * chore(deps): bump utoipa-swagger-ui from 3.1.5 to 4.0.0 (#2224) * chore(deps): bump proc-macro2 from 1.0.68 to 1.0.69 (#2223) * chore(deps): bump async-trait from 0.1.73 to 0.1.74 (#2222) * chore(deps): bump serde from 1.0.188 to 1.0.189 (#2221) * OpenAPI/swagger docs autogen (#2175) * 20231012 346 name deny list (#2214) * Add file diagnosis (#2210) * fix RUV on startup, improve filter output (#2211) * Chasing yaks down dark alleyways (#2207) * Reduce `pam_kanidm`'s priority in Debian platforms (#2209) * chore(deps-dev): bump ruff from 0.0.291 to 0.0.292 in /pykanidm (#2194) * chore(deps-dev): bump coverage from 7.3.1 to 7.3.2 in /pykanidm (#2195) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2193) * chore(deps-dev): bump mkdocs-material from 9.4.2 to 9.4.4 in /pykanidm (#2197) * chore(deps): bump libc from 0.2.148 to 0.2.149 (#2201) * chore(deps): bump axum-auth from 0.4.0 to 0.4.1 (#2200) * chore(deps): bump syn from 2.0.37 to 2.0.38 (#2199) * chore(deps): bump proc-macro2 from 1.0.67 to 1.0.68 (#2198) * chore(deps): bump aiohttp from 3.8.5 to 3.8.6 in /pykanidm (#2196) * chore(deps-dev): bump pylint-pydantic from 0.2.4 to 0.3.0 in /pykanidm (#2192) * 20231008 remove expect used (#2191) * Thread naming and display (#2190) * Replication tweaks - try the most recent successful one and error less (#2189) * Chasing wooly quadrapeds again (#2163) * 68 20230929 replication finalisation (#2160) * In-system image storage (#2112) * chore(deps-dev): bump urllib3 from 2.0.4 to 2.0.6 in /pykanidm (#2173) * chore(deps-dev): bump mkdocs-material from 9.3.2 to 9.4.2 in /pykanidm (#2165) * chore(deps): bump clap_complete from 4.4.1 to 4.4.3 (#2170) * chore(deps): bump hashbrown from 0.14.0 to 0.14.1 (#2169) * chore(deps): bump clap from 4.4.4 to 4.4.6 (#2168) * chore(deps): bump regex from 1.9.5 to 1.9.6 (#2167) * chore(deps): bump pydantic from 2.3.0 to 2.4.2 in /pykanidm (#2166) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2164) * fix credential update intent defaults (#2162) * 68 20230919 replication configuration (#2131) * Can't build kanidmd using the Ubuntu docker builder scripts - cleanup (#2154) * Enforce TLS key size minimums (#2145) * bindaddress default doesn't match documentation (#2150) * chore(deps-dev): bump ruff from 0.0.290 to 0.0.291 in /pykanidm (#2137) * chore(deps-dev): bump mkdocs from 1.5.2 to 1.5.3 in /pykanidm (#2138) * chore(deps): bump syn from 2.0.32 to 2.0.37 (#2143) * chore(deps): bump tss-esapi from 7.2.0 to 7.3.0 (#2142) * chore(deps): bump tokio-util from 0.7.8 to 0.7.9 (#2141) * chore(deps): bump dyn-clone from 1.0.13 to 1.0.14 (#2140) * chore(deps): bump clap from 4.4.3 to 4.4.4 (#2139) * chore(deps-dev): bump mkdocs-material from 9.3.1 to 9.3.2 in /pykanidm (#2136) * minor changes to speed up WASM tests (#2133) * chore(deps): bump cryptography from 41.0.3 to 41.0.4 in /pykanidm (#2134) * CLI and kanidm_client changes to handle errors and TLS validation changes (#2127) * Typo (#2125) * chore(deps-dev): bump mkdocs-material from 9.2.8 to 9.3.1 in /pykanidm (#2114) * chore(deps-dev): bump ruff from 0.0.287 to 0.0.290 in /pykanidm (#2115) * chore(deps-dev): bump black from 23.9.0 to 23.9.1 in /pykanidm (#2116) * chore(deps): bump chrono from 0.4.30 to 0.4.31 (#2124) * chore(deps): bump docker/setup-qemu-action from 2 to 3 (#2119) * chore(deps): bump proc-macro2 from 1.0.66 to 1.0.67 (#2123) * chore(deps): bump serde_json from 1.0.106 to 1.0.107 (#2122) * chore(deps): bump libc from 0.2.147 to 0.2.148 (#2121) * chore(deps): bump clap from 4.4.2 to 4.4.3 (#2120) * chore(deps): bump docker/build-push-action from 4 to 5 (#2118) * chore(deps): bump docker/setup-buildx-action from 2 to 3 (#2117) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2113) * Yaleman/issue989 (#2111) * Cinco de yakko (#2108) * 68 20230912 session consistency (#2110) * Fix typo (#2109) * Implement DeviceAuthorizationGrant for MFA (#2079) * Schema dooby doo ... yon (#2103) * sqlite3 doesn't need to be installed on dev machines (#2104) * 68 20230908 replication attrunique (#2086) * chore(deps-dev): bump pytest-aiohttp from 1.0.4 to 1.0.5 in /pykanidm (#2092) * chore(deps-dev): bump coverage from 7.3.0 to 7.3.1 in /pykanidm (#2089) * chore(deps-dev): bump mkdocs-material from 9.2.7 to 9.2.8 in /pykanidm (#2090) * chore(deps-dev): bump black from 23.7.0 to 23.9.0 in /pykanidm (#2088) * chore(deps-dev): bump pytest from 7.4.1 to 7.4.2 in /pykanidm (#2091) * chore(deps): bump actions/checkout from 3 to 4 (#2102) * chore(deps): bump walkdir from 2.3.3 to 2.4.0 (#2101) * chore(deps): bump serde_json from 1.0.105 to 1.0.106 (#2100) * chore(deps): bump openssl-sys from 0.9.92 to 0.9.93 (#2099) * chore(deps): bump bytes from 1.4.0 to 1.5.0 (#2097) * chore(deps): bump clap_complete from 4.4.0 to 4.4.1 (#2098) * chore(deps): bump argon2 from 0.5.1 to 0.5.2 (#2096) * chore(deps): bump syn from 2.0.31 to 2.0.32 (#2095) * chore(deps): bump chrono from 0.4.28 to 0.4.30 (#2094) * chore(deps): bump base64 from 0.21.3 to 0.21.4 (#2093) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2087) * move from git2 to gix (#2085) * Schema-dooby-doo-part-trois (#2082) * CLI and test things (#2080) * 68 20230907 replication (#2081) * minor tweaks to Orca (#2077) * Changing build targets for debs (#2076) * Removing default features from git2 package (#2078) * 68 20230829 replication referential integrity (#2048) * Schema dooby doo part two (#2071) * 68 20230831 design replication coordinator (#2051) * improve wording of webauthn cli interaction (#2073) * When an empty body was returned, do request would error incorrectly (#2074) * update bug template, closes #2054 (#2055) * Yak hassling (#2059) * docs: api tokens are managed by idm_admin (#2072) * chore(deps-dev): bump pytest from 7.4.0 to 7.4.1 in /pykanidm (#2062) * chore(deps-dev): bump mkdocstrings from 0.22.0 to 0.23.0 in /pykanidm (#2063) * chore(deps-dev): bump ruff from 0.0.286 to 0.0.287 in /pykanidm (#2061) * chore(deps): bump async-recursion from 1.0.4 to 1.0.5 (#2070) * chore(deps): bump syn from 2.0.29 to 2.0.31 (#2069) * chore(deps): bump clap from 4.4.0 to 4.4.2 (#2068) * chore(deps): bump url from 2.4.0 to 2.4.1 (#2067) * chore(deps): bump regex from 1.9.4 to 1.9.5 (#2066) * chore(deps): bump chrono from 0.4.26 to 0.4.28 (#2065) * chore(deps): bump tower-http from 0.4.3 to 0.4.4 (#2064) * chore(deps-dev): bump mkdocs-material from 9.2.5 to 9.2.7 in /pykanidm (#2060) * Check in missing users crate for SELinux integration (#2050) * Add tests for X-Forwarded-For header (kinda) (#1957) * docs: fix miniflux oauth example (#2046) * Clear cache before verify on some low-level tests (#2044) * 68 20230828 replication of schema (#2045) * Update compact jwt (#2043) * Allow patching of crates from related projects (#2042) * pam multistep auth state machine (#2022) * chore(deps): bump clap from 4.3.23 to 4.4.0 (#2039) * chore(deps): bump reqwest from 0.11.18 to 0.11.20 (#2040) * chore(deps): bump openssl from 0.10.56 to 0.10.57 (#2038) * chore(deps): bump clap_complete from 4.3.2 to 4.4.0 (#2036) * chore(deps): bump base64 from 0.21.2 to 0.21.3 (#2037) * chore(deps): bump regex from 1.9.3 to 1.9.4 (#2035) * chore(deps): bump serde from 1.0.183 to 1.0.188 (#2034) * chore(deps): bump openssl-sys from 0.9.91 to 0.9.92 (#2033) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2032) * chore(deps-dev): bump mkdocs-material from 9.1.21 to 9.2.5 in /pykanidm (#2031) * chore(deps-dev): bump ruff from 0.0.285 to 0.0.286 in /pykanidm (#2030) * chore(deps): bump pydantic from 2.2.1 to 2.3.0 in /pykanidm (#2029) * Authentication shortcut to get a RW session (#1993) * wopsies, missing imports (#2023) * idv cli (#2001) * Trying to fix the (current) container build failures (#2021) * pykanidm updoots (#2019) * 68 20230821 replication (#2020) * Configurable session timeouts (#1965) * fix: output an array in json mode for `kanidm group list` (#2016) * feat: add json output modes for `person list` and `system oauth2 list` (#2017) * docs: Update missed add_members command (#2018) * Less human strings more enums (#1989) * Resolve incorrect time units on timeout (#2014) * chore(deps): bump dyn-clone from 1.0.12 to 1.0.13 (#2013) * chore(deps): bump quote from 1.0.32 to 1.0.33 (#2012) * chore(deps): bump gloo-timers from 0.2.6 to 0.3.0 (#2011) * chore(deps): bump serde_with from 3.2.0 to 3.3.0 (#2010) * chore(deps): bump clap from 4.3.21 to 4.3.23 (#2009) * chore(deps): bump tokio from 1.31.0 to 1.32.0 (#2008) * chore(deps): bump serde_json from 1.0.104 to 1.0.105 (#2007) * chore(deps): bump syn from 2.0.28 to 2.0.29 (#2006) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2005) * chore(deps-dev): bump mypy from 1.5.0 to 1.5.1 in /pykanidm (#2004) * chore(deps-dev): bump ruff from 0.0.284 to 0.0.285 in /pykanidm (#2003) * chore(deps): bump pydantic from 2.1.1 to 2.2.1 in /pykanidm (#2002) * reordering layers so the web server works in non-debug-mode (#1999) * 20230817 idv migration (#1992) * daemon: kanidmd version requires a config file to run (#1959) (#1990) * Resolve issues with dyngroup members (#1986) * Revert "sqlite where IN for id entry (#1988)" (#1991) * sqlite where IN for id entry (#1988) * Identity verification feature (#1819) * 1982 service account access (#1985) * Fixing test release (#1983) * error handling and web server logging fixes (#1960) * Struct-ifying schema things (#1971) * Orca tweaks (#1963) * Fighting with zypper, tagging our images (#1964) * chore(deps-dev): bump coverage from 7.2.7 to 7.3.0 in /pykanidm (#1974) * chore(deps-dev): bump mypy from 1.4.1 to 1.5.0 in /pykanidm (#1973) * chore(deps): bump serde from 1.0.182 to 1.0.183 (#1979) * Are we JSON yet? Kinda. But we're closer. (#1967) * chore(deps): bump clap from 4.3.19 to 4.3.21 (#1978) * chore(deps): bump tokio from 1.29.1 to 1.31.0 (#1977) * chore(deps): bump async-trait from 0.1.72 to 0.1.73 (#1976) * chore(deps): bump selinux from 0.4.1 to 0.4.2 (#1975) * chore(deps-dev): bump ruff from 0.0.282 to 0.0.284 in /pykanidm (#1972) * docs: Fix outdated oauth2 subcommands (#1969) * Allow one-character usernames (#1941) * resolver: Himmelblau needs old token for refresh (#1962) * updating python packages to close dependabot securiity alerts (#1956) * providing server configuration in the testkit::test macro (#1953) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1952) * chore(deps-dev): bump ruff from 0.0.280 to 0.0.282 in /pykanidm (#1951) * chore(deps-dev): bump mkdocs from 1.5.1 to 1.5.2 in /pykanidm (#1950) * chore(deps): bump openssl from 0.10.55 to 0.10.56 (#1949) * chore(deps): bump regex from 1.9.1 to 1.9.3 (#1948) * chore(deps): bump serde from 1.0.180 to 1.0.182 (#1947) * chore(deps): bump filetime from 0.2.21 to 0.2.22 (#1946) * chore(deps): bump openssl-sys from 0.9.90 to 0.9.91 (#1945) * chore(deps): bump serde_with from 3.1.0 to 3.2.0 (#1944) * chore(deps): bump axum from 0.6.19 to 0.6.20 (#1943) * removing debug string (#1937) * Final v3 master x book deployment fix (#1936) * trying a different ref (#1935) * replaced `skip_serializing_if` with `skip_serializing_none` (#1932) * another book round (#1933) * trying again (#1931) * fixed serialization of oauth2 token scope (#1930) * added compression layer for the pkg route (#1928) * Resolve build failiures when selinux is enabled (#1927) * Resolve issue with publishing (#1925) * Set dev version (#1924)- Update to version 1.1.0~beta13~git7.1fb34a9: * Resolve incorrect time units on timeout (#2014) * Update cargo lock, docker fixes * 1982 service account access (#1985) * fixed serialization of oauth2 token scope (#1930) * added compression layer for the pkg route (#1928)- Resolve issues with fedora/centos build- Update to version 1.1.0~beta13~git2.5d1e2f9: * Resolve build failiures when selinux is enabled (#1927) * Resolve issue with publishing (#1925) * Set dev version (#1924) * Release 1.1.0-beta.13 (#1922) * 20230731 release (#1921) * Improve default shells for distros (#1920) * 20230728 techdebt paydown (#1909) * chasing weirdness (#1910) * chore(deps-dev): bump mkdocs-material from 9.1.19 to 9.1.21 in /pykanidm (#1918) * chore(deps): bump serde_json from 1.0.103 to 1.0.104 (#1917) * chore(deps): bump serde from 1.0.174 to 1.0.178 (#1916) * chore(deps): bump tikv-jemallocator from 0.5.0 to 0.5.4 (#1915) * chore(deps-dev): bump mkdocs from 1.4.3 to 1.5.1 in /pykanidm (#1913) * chore(deps-dev): bump pylint-pydantic from 0.2.3 to 0.2.4 in /pykanidm (#1912) * chore(deps): bump pydantic from 2.0.3 to 2.1.1 in /pykanidm (#1911) * 20230727 unix int modularity (#1907) * bumping action version (#1908) * 68 20230720 replication improvements (#1905) * Resolve compilation issue with tpm enabled on linux (#1902) * Improve service file for host installs (#1901) * 20230720 unix int modular (#1881) * fixing up pydantic things (#1885) * 1788 admin unix socket (#1880) * chore(deps-dev): bump pylint-pydantic from 0.2.1 to 0.2.3 in /pykanidm (#1900) * chore(deps-dev): bump ruff from 0.0.278 to 0.0.280 in /pykanidm (#1899) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1898) * chore(deps-dev): bump mkdocs-material from 9.1.18 to 9.1.19 in /pykanidm (#1897) * chore(deps): bump async-trait from 0.1.71 to 0.1.72 (#1895) * chore(deps-dev): bump types-toml from 0.10.8.6 to 0.10.8.7 in /pykanidm (#1896) * chore(deps): bump axum from 0.6.18 to 0.6.19 (#1894) * chore(deps): bump clap from 4.3.12 to 4.3.19 (#1893) * chore(deps): bump axum-macros from 0.3.7 to 0.3.8 (#1892) * chore(deps): bump serde from 1.0.171 to 1.0.174 (#1891) * chore(deps): bump uuid from 1.4.0 to 1.4.1 (#1890) * chore(deps): bump quote from 1.0.31 to 1.0.32 (#1889) * chore(deps): bump tower-http from 0.4.1 to 0.4.3 (#1888) * chore(deps): bump syn from 2.0.26 to 2.0.27 (#1887) * chore(deps): bump urlencoding from 2.1.2 to 2.1.3 (#1886) * added hsts header middleware (#1882) * chore(deps): bump aiohttp from 3.8.4 to 3.8.5 in /pykanidm (#1883) * 1785 allow sync attr yielding via partial write admin (#1879) * Alter filter generation to exclude empty conditions (#1877) * Revert to opensuse based radius container. (#1878) * Unix gid duplicate fix (#1876) * Refactor docker_build_kanidm to be more isolated (v13) (#1872) * Sync account import improvements (#1873) * chore(deps): bump quote from 1.0.29 to 1.0.31 (#1870) * chore(deps-dev): bump black from 23.3.0 to 23.7.0 in /pykanidm (#1859) * Add a newline to fix links in LLDAP section of the README (#1871) * chore(deps): bump dyn-clone from 1.0.11 to 1.0.12 (#1869) * chore(deps): bump pydantic from 1.10.11 to 2.0.3 in /pykanidm (#1858) * chore(deps): bump serde_json from 1.0.102 to 1.0.103 (#1868) * Fix missing slash in tag (#1853) * chore(deps): bump argon2 from 0.5.0 to 0.5.1 (#1867) * chore(deps): bump syn from 2.0.25 to 2.0.26 (#1866) * chore(deps): bump paste from 1.0.13 to 1.0.14 (#1864) * chore(deps-dev): bump pylint-pydantic from 0.2.0 to 0.2.1 in /pykanidm (#1863) * chore(deps): bump clap from 4.3.11 to 4.3.12 (#1862) * chore(deps-dev): bump pytest-asyncio from 0.21.0 to 0.21.1 in /pykanidm (#1861) * chore(deps): bump proc-macro2 from 1.0.64 to 1.0.66 (#1860) * chore(deps-dev): bump ruff from 0.0.277 to 0.0.278 in /pykanidm (#1857) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1856) * chore(deps): bump actions/upload-pages-artifact from 1 to 2 (#1855) * Revert "something something token permissions (#1850)" (#1852) * something something token permissions (#1850) * Upgraded clap, removing atty as a dependency (#1849) * Ensure we dont use std hashmaps (#1848) * Improve selinux in tasks daemon (#1847) * Resolve issue with order of operations causing group memberships to disappear (#1845) * headless webdriver testing, starting on brotli feature (#1844) * chore(deps-dev): bump mkdocs-material from 9.1.17 to 9.1.18 in /pykanidm (#1835) * chore(deps): bump serde from 1.0.166 to 1.0.170 (#1843) * Fix a typo in the unix daemon debug (#1822) * chore(deps-dev): bump ruff from 0.0.275 to 0.0.277 in /pykanidm (#1833) * chore(deps): bump serde-wasm-bindgen from 0.4.5 to 0.5.0 (#1842) * chore(deps): bump proc-macro2 from 1.0.63 to 1.0.64 (#1841) * chore(deps): bump syn from 2.0.23 to 2.0.25 (#1840) * chore(deps): bump async-trait from 0.1.69 to 0.1.71 (#1839) * chore(deps): bump regex from 1.8.4 to 1.9.1 (#1838) * chore(deps): bump is-terminal from 0.4.8 to 0.4.9 (#1837) * chore(deps): bump serde_json from 1.0.99 to 1.0.100 (#1836) * Allow Authorization header in CORS preflight response (#1831) * chore(deps): bump pydantic from 1.10.10 to 1.10.11 in /pykanidm (#1834) * chore(deps-dev): bump pylint-pydantic from 0.1.8 to 0.2.0 in /pykanidm (#1832) * Add preflight headers (#1829) * Persist nonce through refresh to support client (#1826) * Cleanup spa handling (#1825) * 1792 public oauth clients (#1821) * 1812 1813 post axum cleanup (#1817) * Fix diagram colours (#1815) * Converting from tide to axum (#1797) * Add client UX for redirecting to an external portal for synced accounts (#1791) * Add cors policy (#1807) * Improve tasks daemon shutdown (#1806) * Improve durability of migrations (#1804) * clippy-izing an unsafe in pam (#1795) * chore(deps): bump pydantic from 1.10.9 to 1.10.10 in /pykanidm (#1803) * chore(deps): bump uuid from 1.3.4 to 1.4.0 (#1802) * chore(deps): bump tokio from 1.28.2 to 1.29.1 (#1801) * chore(deps): bump syn from 2.0.20 to 2.0.23 (#1800) * chore(deps): bump whoami from 1.4.0 to 1.4.1 (#1799) * chore(deps): bump quote from 1.0.28 to 1.0.29 (#1798) * 20230629 tpm keygen ... again (#1793) * Fixing the kanidmd healthcheck (#1789) * Name change history (#1727) * 20230628 tpm minor issue with key regen (#1790) * Still trying to fix the docs. (#1709) * Improve cli to support multi-domain handling. (#1786) * Started chasing noise, found some code to delete... (#1768) * Improve tpm key generation - improve unix config for tpms. (#1782) * chore(deps-dev): bump pytest from 7.3.2 to 7.4.0 in /pykanidm (#1771) * chore(deps-dev): bump mkdocs-material from 9.1.16 to 9.1.17 in /pykanidm (#1773) * chore(deps-dev): bump mypy from 1.3.0 to 1.4.1 in /pykanidm (#1784) * chore(deps): bump serde_json from 1.0.97 to 1.0.99 (#1778) * chore(deps): bump syn from 2.0.18 to 2.0.20 (#1779) * chore(deps): bump authlib from 1.2.0 to 1.2.1 in /pykanidm (#1777) * chore(deps): bump proc-macro2 from 1.0.60 to 1.0.63 (#1776) * chore(deps): bump libc from 0.2.146 to 0.2.147 (#1774) * chore(deps): bump gloo-net from 0.2.6 to 0.3.0 (#1772) * chore(deps-dev): bump ruff from 0.0.272 to 0.0.275 in /pykanidm (#1770) * Fix debian packaging (#1742) * Remove r2d2 - sad beep noises (#1766) * Kanidmd is a bit noisy (#1765) * Ux improvements - Allow enrolling other devices (#1764) * Make argon2id default pw hasher - improve parameter detection (#1762) * chore(deps): bump openssl from 0.10.54 to 0.10.55 (#1761) * Implement tpm binding of cached password hashes (#1754) * Mention client configuration in tool installation guide (#1756) * Remove scripts that are no longer required (#1759) * OAuth2 secret JSON (#1758) * Allow account locking with expire-at 'epoch' and 'now' (#1757) * Resolve codespell issues (#1753) * Add tls generator to main kanidmd (#1743) * Fix block_on in ssh authorised keys (#1752) * chore(deps-dev): bump mkdocs-material from 9.1.15 to 9.1.16 in /pykanidm (#1751) * chore(deps): bump gloo from 0.8.0 to 0.8.1 (#1750) * chore(deps-dev): bump pytest-mock from 3.10.0 to 3.11.1 in /pykanidm (#1749) * chore(deps): bump hashbrown from 0.13.2 to 0.14.0 (#1748) * 1737 1739 sync - map uidnumbers mail (#1741) * Add support for argon2id (#1736) * Disable neon on linux (#1740) * 20230614 unix account security - move account name deny to unixd (#1733) * fixed return value of add_ava_int (#1735) * unix_integration: also check running SELinux mode (#1704) * added pre_cand entries to both pre_modify and pre_batch_modify plugin functions (#1732) * 20230608 ldap sync (#1728) * Add acp allowing service accounts to clear their own sessions (#1731) * Declare when no applications are available (#1730) * Fix ip addr parse (#1729) * X-Forwarded-For catcher - improve ip addr parsing (#1725) * chore(deps): bump proc-macro2 from 1.0.59 to 1.0.60 (#1723) * chore(deps): bump url from 2.3.1 to 2.4.0 (#1722) * chore(deps-dev): bump pytest from 7.3.1 to 7.3.2 in /pykanidm (#1719) * chore(deps): bump libc from 0.2.145 to 0.2.146 (#1721) * chore(deps-dev): bump ruff from 0.0.270 to 0.0.272 in /pykanidm (#1720) * docs: fix typo in sync concepts (#1715) * chore(deps): bump regex from 1.8.3 to 1.8.4 (#1718) * chore(deps): bump pydantic from 1.10.8 to 1.10.9 in /pykanidm (#1717) * chore(deps): bump serde from 1.0.163 to 1.0.164 (#1716) * Absolutely minimal implementation (#1711) * Add further incremental replication tests (#1707) * Save two more kay strokes (#1708) * Documentation root directory 404 (#1706) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1697) * Improve diagnostic and docs of ldap bind requiring posix password (#1702) * #1680 redux - trying to fix docs again (#1692) * Automatically login & reauth (#1691) * chore(deps-dev): bump coverage from 7.2.6 to 7.2.7 in /pykanidm (#1698) * chore(deps): bump libc from 0.2.144 to 0.2.145 (#1701) * chore(deps): bump openssl from 0.10.52 to 0.10.54 (#1700) * chore(deps): bump csv from 1.2.1 to 1.2.2 (#1699) * chore(deps): bump syn from 2.0.17 to 2.0.18 (#1696) * chore(deps): bump chrono from 0.4.24 to 0.4.26 (#1695) * chore(deps-dev): bump mkdocs-material from 9.1.14 to 9.1.15 in /pykanidm (#1694) * chore(deps): bump openssl-sys from 0.9.87 to 0.9.88 (#1693) * Documentation root directory 404 (#1681) * Crono expression parser fix (#1682) * Document OpenID connect setup for Miniflux (#1683) * chore(deps): bump cryptography from 39.0.1 to 41.0.0 in /pykanidm (#1684) * Improve the readme (#1679) * Move the socket startup to localise it to the acceptor (#1678) * SELinux support for kanidm-unixd-tasks daemon (#1661) * Resolve ability to delete ssh keys with spaces in tags (#1674) * Adding mdbook-template back for bookgen (#1660) * chore(deps-dev): bump coverage from 7.2.5 to 7.2.6 in /pykanidm (#1669) * chore(deps-dev): bump mkdocstrings from 0.21.2 to 0.22.0 in /pykanidm (#1671) * 20230526 incremental replication improvements (#1659) * chore(deps): bump regex from 1.8.1 to 1.8.3 (#1670) * chore(deps): bump hashbrown from 0.12.3 to 0.13.2 (#1668) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1667) * chore(deps): bump tokio from 1.28.1 to 1.28.2 (#1666) * chore(deps-dev): bump ruff from 0.0.269 to 0.0.270 in /pykanidm (#1665) * chore(deps): bump quote from 1.0.27 to 1.0.28 (#1664) * chore(deps): bump pydantic from 1.10.7 to 1.10.8 in /pykanidm (#1663) * fixing get-tags-action in book build (#1657) * Add more replication tests, improve some handling of tombstones. (#1656) * Bring back CpuOptLevel x86_64_v1 (#1590) * Doc fixes (#1658) * Identifiable tokens (#1623) * Add version tag to makefile images (#1654) * during service account recovery, remove incompatible credentials (#1650) * signal handling for tasks daemon (#1651) * Time travelling (#1648) * chore(deps): bump requests from 2.28.2 to 2.31.0 in /pykanidm (#1649) * 20230508 replication incremental (#1620) * chore(deps-dev): bump mkdocs-material from 9.1.12 to 9.1.14 in /pykanidm (#1642) * chore(deps): bump wasm-bindgen from 0.2.85 to 0.2.86 (#1647) * chore(deps): bump js-sys from 0.3.62 to 0.3.63 (#1646) * chore(deps): bump uuid from 1.3.2 to 1.3.3 (#1645) * chore(deps): bump proc-macro2 from 1.0.56 to 1.0.58 (#1644) * chore(deps): bump reqwest from 0.11.17 to 0.11.18 (#1643) * chore(deps-dev): bump ruff from 0.0.267 to 0.0.269 in /pykanidm (#1641) * Fix use-reset-token command hint (#1639) * chore(deps): bump pymdown-extensions from 9.9.2 to 10.0 in /pykanidm (#1638) * chore(deps-dev): bump mypy from 1.2.0 to 1.3.0 in /pykanidm (#1636) * chore(deps): bump wasm-bindgen-test from 0.3.34 to 0.3.35 (#1635) * chore(deps-dev): bump ruff from 0.0.265 to 0.0.267 in /pykanidm (#1634) * chore(deps): bump syn from 2.0.15 to 2.0.16 (#1633) * chore(deps): bump quote from 1.0.26 to 1.0.27 (#1628) * chore(deps): bump serde from 1.0.162 to 1.0.163 (#1632) * chore(deps-dev): bump mkdocs-material from 9.1.9 to 9.1.12 in /pykanidm (#1631) * chore(deps): bump tokio from 1.28.0 to 1.28.1 (#1629) * chore(deps): bump web-sys from 0.3.61 to 0.3.62 (#1627) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1626) * chore(deps): bump libc from 0.2.143 to 0.2.144 (#1625) * chore(deps): bump js-sys from 0.3.61 to 0.3.62 (#1624) * Update policy (#1619) * fixing up some spelling errors (#1618) * Update RELEASE_NOTES.md (#1616) * 20230505 replication groundwork - ruv consistency improvements (#1606) * chore(deps-dev): bump ruff from 0.0.263 to 0.0.265 in /pykanidm (#1608) * chore(deps-dev): bump mkdocs-material from 9.1.8 to 9.1.9 in /pykanidm (#1609) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1611) * chore(deps): bump serde from 1.0.160 to 1.0.162 (#1613) * chore(deps): bump libc from 0.2.142 to 0.2.143 (#1612) * chore(deps): bump pkg-config from 0.3.26 to 0.3.27 (#1610) * chore(deps-dev): bump mkdocs from 1.4.2 to 1.4.3 in /pykanidm (#1607) * github pages ... something is definitely going weird. (#1605) * token permissions! (#1604) * Using github actions might actually push a change (#1603) * looks like that's a bug (#1602) * fix things (#1601) * 20230506 ignore some references (#1600) * Harden migrate session to prevent duplicate migration errors (#1599) * reducing action concurrency load (#1598) * more testing cleanup (#1595) * Document that you need to tell Nginx or other proxies to use HTTP 1.1… (#1592) * sccache github actions fixes (#1593) * Start next dev cycle (#1589)- Update to version 1.1.0~alpha12~git0.bcdbb18: * Release 1.1.0-alpha.12 (#1588) * chore(deps): bump tokio-util from 0.7.7 to 0.7.8 (#1587) * chore(deps): bump reqwest from 0.11.16 to 0.11.17 (#1586) * chore(deps): bump tokio from 1.27.0 to 1.28.0 (#1585) * chore(deps): bump uuid from 1.3.1 to 1.3.2 (#1584) * chore(deps): bump clap from 3.2.23 to 3.2.25 (#1583) * chore(deps-dev): bump coverage from 7.2.3 to 7.2.5 in /pykanidm (#1582) * Correctly prevent start up when https sockets in use (#1579) * Filter rdns and dns for ldap filters (#1576) * use sccache, merge "test" actions into "build", remove homebrew caching (#1578) * Cleanup incorrect log errors of denied entries (#1577) * 20230424 clippppppppppppyyyyyyyy (#1574) * Add exclusive process lock to Kanidm to prevent accidental duplicate commands. (#1575) * more more more unixd build fixes (#1573) * chore(deps-dev): bump mkdocs-material from 9.1.7 to 9.1.8 in /pykanidm (#1572) * chore(deps): bump openssl from 0.10.51 to 0.10.52 (#1571) * chore(deps): bump openssl-sys from 0.9.86 to 0.9.87 (#1570) * chore(deps-dev): bump ruff from 0.0.262 to 0.0.263 in /pykanidm (#1569) * more-merge unixd commands (#1568) * Consolidate unix tools (#1566) * 1553 pam remote or local detection (#1565) * chore(deps): bump openssl from 0.10.50 to 0.10.51 (#1563) * Improve user experince of refreshing with intent tokens during cred update (#1556) * chore(deps): bump tracing-subscriber from 0.3.16 to 0.3.17 (#1562) * chore(deps): bump regex from 1.7.3 to 1.8.1 (#1561) * chore(deps): bump libc from 0.2.141 to 0.2.142 (#1560) * chore(deps-dev): bump ruff from 0.0.261 to 0.0.262 in /pykanidm (#1559) * chore(deps-dev): bump mkdocs-material from 9.1.6 to 9.1.7 in /pykanidm (#1558) * chore(deps): bump actions/upload-artifact from 1 to 3 (#1557) * Fix incompatible future warnings by removing older crates (#1554) * 20230330 oauth2 refresh tokens (#1502) * Sorting documentation builds (#1551) * Add troubleshooting step for pam home dirs (#1550) * AuthSession non empty vec part 2 (#1543) * chore(deps): bump openssl from 0.10.49 to 0.10.50 (#1548) * chore(deps): bump serde from 1.0.159 to 1.0.160 (#1547) * chore(deps): bump syn from 2.0.13 to 2.0.15 (#1546) * chore(deps): bump serde_json from 1.0.95 to 1.0.96 (#1545) * chore(deps-dev): bump pytest from 7.3.0 to 7.3.1 in /pykanidm (#1544) * chore(deps): bump h2 from 0.3.15 to 0.3.17 (#1540) * Improve unicode control character detection (#1539) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1533) * chore(deps-dev): bump mypy from 1.0.1 to 1.2.0 in /pykanidm (#1532) * chore(deps): bump filetime from 0.2.20 to 0.2.21 (#1529) * chore(deps-dev): bump mkdocstrings from 0.20.0 to 0.21.2 in /pykanidm (#1536) * chore(deps-dev): bump mkdocs-material from 9.1.5 to 9.1.6 in /pykanidm (#1535) * chore(deps-dev): bump ruff from 0.0.260 to 0.0.261 in /pykanidm (#1534) * chore(deps-dev): bump coverage from 7.2.2 to 7.2.3 in /pykanidm (#1530) * chore(deps): bump uuid from 1.3.0 to 1.3.1 (#1531) * chore(deps): bump syn from 2.0.12 to 2.0.13 (#1527) * chore(deps): bump dialoguer from 0.10.3 to 0.10.4 (#1526) * chore(deps-dev): bump pytest from 7.2.2 to 7.3.0 in /pykanidm (#1528) * chore(deps): bump libc from 0.2.140 to 0.2.141 (#1525) * chore(deps): bump fernet from 0.2.0 to 0.2.1 (#1524) * Authsession non empty vec (#1522) * chore(deps-dev): bump ruff from 0.0.259 to 0.0.260 in /pykanidm (#1506) * chore(deps-dev): bump mkdocs-material from 9.1.4 to 9.1.5 in /pykanidm (#1510) * chore(deps): bump serde from 1.0.158 to 1.0.159 (#1515) * chore(deps): bump openssl from 0.10.48 to 0.10.49 (#1513) * chore(deps): bump tokio from 1.26.0 to 1.27.0 (#1505) * chore(deps): bump openssl-sys from 0.9.83 to 0.9.84 (#1507) * chore(deps): bump futures from 0.3.27 to 0.3.28 (#1509) * chore(deps): bump reqwest from 0.11.15 to 0.11.16 (#1517) * chore(deps-dev): bump black from 23.1.0 to 23.3.0 in /pykanidm (#1514) * changing from merge to squash (#1521) * chore(deps): bump proc-macro2 from 1.0.54 to 1.0.56 * fixing up auto-merge (#1519) * chore(deps): bump syn from 2.0.10 to 2.0.12 (#1511) * chore(deps-dev): bump types-toml from 0.10.8.5 to 0.10.8.6 in /pykanidm (#1504) * chore(deps): bump serde_json from 1.0.94 to 1.0.95 (#1516) * chore(deps): bump ldap3_proto from 0.3.1 to 0.3.2 (#1518) * chore(deps): bump syn from 1.0.109 to 2.0.10 (#1499) * Be non empty vec (#1501) * 1496 ldap basedn config (#1500) * chore(deps): bump proc-macro2 from 1.0.52 to 1.0.54 (#1494) * chore(deps): bump regex from 1.7.1 to 1.7.3 (#1491) * chore(deps): bump pydantic from 1.10.6 to 1.10.7 in /pykanidm (#1492) * chore(deps-dev): bump mkdocs-material from 9.1.3 to 9.1.4 in /pykanidm (#1487) * chore(deps): bump async-trait from 0.1.67 to 0.1.68 (#1488) * Improve string validation (#1497) * chore(deps): bump reqwest from 0.11.14 to 0.11.15 (#1493) * chore(deps-dev): bump ruff from 0.0.257 to 0.0.259 in /pykanidm (#1489) * chore(deps): bump serde from 1.0.157 to 1.0.158 (#1490) * Adding an auto-merger for dependabot updates (#1486) * Make examples in ldap chapter consistent (#1495) * 1115 priv (reauth, sudo) mode (#1479) * chore(deps): bump openssl from 0.10.47 to 0.10.48 (#1484) * Server daemon logging and exit codes (#1475) * Fix path-relative links in documentation (#1478) * chore(deps): bump openssl from 0.10.45 to 0.10.47 (#1471) * chore(deps): bump serde from 1.0.155 to 1.0.157 (#1473) * chore(deps-dev): bump mkdocs-material from 9.1.2 to 9.1.3 in /pykanidm (#1468) * chore(deps-dev): bump pylint-pydantic from 0.1.7 to 0.1.8 in /pykanidm (#1469) * chore(deps-dev): bump coverage from 7.2.1 to 7.2.2 in /pykanidm (#1463) * chore(deps-dev): bump ruff from 0.0.254 to 0.0.257 in /pykanidm (#1466) * chore(deps): bump async-trait from 0.1.66 to 0.1.67 (#1461) * chore(deps): bump whoami from 1.3.0 to 1.4.0 (#1460) * chore(deps): bump zxcvbn from 2.2.1 to 2.2.2 (#1464) * chore(deps): bump openssl-sys from 0.9.80 to 0.9.82 (#1470) * chore(deps-dev): bump pytest-asyncio from 0.20.3 to 0.21.0 in /pykanidm (#1459) * Add unixd exit code (#1453) * Unixd daemon improvement (#1454) * chore(deps): bump walkdir from 2.3.2 to 2.3.3 (#1458) * checks for a minimum number of arguments (#1452) * chore(deps): bump chrono from 0.4.23 to 0.4.24 (#1444) * chore(deps): bump futures from 0.3.26 to 0.3.27 (#1447) * chore(deps): bump paste from 1.0.11 to 1.0.12 (#1449) * chore(deps-dev): bump mkdocs-material from 9.1.1 to 9.1.2 in /pykanidm (#1450) * chore(deps): bump csv from 1.2.0 to 1.2.1 (#1443) * chore(deps): bump libc from 0.2.139 to 0.2.140 (#1442) * chore(deps): bump serde from 1.0.152 to 1.0.155 (#1446) * chore(deps): bump pydantic from 1.10.5 to 1.10.6 in /pykanidm (#1448) * Image fixes in the build (#1441) * Fix RADIUS docker image file permissions (#1439) * User auth token session display implementation (#1415) * RADIUS container fixes (#1424) * Update book - OAuth2 integration step (#1437) * chore(deps): bump async-trait from 0.1.64 to 0.1.66 (#1433) * Hopefully fix exp issues by making it a stable part of the access token. (#1434) * chore(deps): bump base64 from 0.13.1 to 0.21.0 (#1350) * chore(deps): bump serde_json from 1.0.93 to 1.0.94 (#1427) * chore(deps-dev): bump pytest from 7.2.1 to 7.2.2 in /pykanidm (#1431) * chore(deps-dev): bump pylint-pydantic from 0.1.6 to 0.1.7 in /pykanidm (#1430) * chore(deps-dev): bump ruff from 0.0.253 to 0.0.254 in /pykanidm (#1429) * chore(deps-dev): bump mkdocs-material from 9.0.15 to 9.1.1 in /pykanidm (#1428) * Openssl build fix (#1422) * 1399 some async cleanup (#1421) * Web UI: Sort group memberships of profile (#1410) * Update the dev docs to flow nicer (#1420) * chore(deps): bump dyn-clone from 1.0.10 to 1.0.11 (#1417) * chore(deps): bump tokio from 1.25.0 to 1.26.0 (#1418) * chore(deps-dev): bump coverage from 7.1.0 to 7.2.1 in /pykanidm (#1405) * chore(deps-dev): bump ruff from 0.0.230 to 0.0.253 in /pykanidm (#1419) * 1399 cleanup cli docs (#1413) * 1399 cleanup reorg (#1412) * 1399 cleanup (#1409) * Version output for 4 unix_int tools (#1408) * Windows build fixes (#1388) * chore(deps): bump num_enum from 0.5.10 to 0.5.11 (#1404) * chore(deps-dev): bump types-toml from 0.10.8.4 to 0.10.8.5 in /pykanidm (#1407) * chore(deps): bump syn from 1.0.107 to 1.0.109 (#1406) * chore(deps-dev): bump mkdocs-material from 9.0.13 to 9.0.15 in /pykanidm (#1403) * Mention my Recursing of the Passport (#1402) * Start to add reauth capabilities (#1398) * Add Recursive Logos (#1401) * Prevent invalidation of api tokens (#1397) * chore(deps): bump tokio-util from 0.7.4 to 0.7.7 (#1378) * chore(deps): bump web-sys from 0.3.60 to 0.3.61 (#1362) * chore(deps): bump filetime from 0.2.19 to 0.2.20 (#1375) * chore(deps): bump pydantic from 1.10.4 to 1.10.5 in /pykanidm (#1392) * chore(deps-dev): bump mkdocs-material from 9.0.12 to 9.0.13 in /pykanidm (#1394) * chore(deps): bump num_enum from 0.5.9 to 0.5.10 (#1391) * chore(deps-dev): bump types-toml from 0.10.8.3 to 0.10.8.4 in /pykanidm (#1395) * chore(deps-dev): bump mypy from 1.0.0 to 1.0.1 in /pykanidm (#1390) * chore(deps): bump csv from 1.1.6 to 1.2.0 (#1393) * chore(deps): bump base64urlsafedata from 0.1.2 to 0.1.3 (#1389) * 20230220 passkey cleanup (#1396) * 1115 store credential ids per session (#1386) * Reduce the number of cow cells in idm (#1385) * 1355 docker builds (#1384) * chore(deps): bump proc-macro2 from 1.0.50 to 1.0.51 (#1369) * Improve some small behaviours of login and key management (#1383) * 967 oauth2 implicit search (#1382) * chore(deps): bump wasm-bindgen-test from 0.3.33 to 0.3.34 (#1364) * chore(deps): bump serde_json from 1.0.91 to 1.0.93 (#1376) * chore(deps-dev): bump black from 22.12.0 to 23.1.0 in /pykanidm (#1367) * chore(deps-dev): bump pylint-pydantic from 0.1.5 to 0.1.6 in /pykanidm (#1351) * chore(deps-dev): bump coverage from 7.0.5 to 7.1.0 in /pykanidm (#1352) * 20230130 hackweek replication (#1358) * Improve some diagnostic messages in console (#1381) * chore(deps): bump docker/build-push-action from 3 to 4 (#1360) * chore(deps): bump aiohttp from 3.8.3 to 3.8.4 in /pykanidm (#1377) * chore(deps-dev): bump mypy from 0.991 to 1.0.0 in /pykanidm (#1380) * chore(deps): bump uuid from 1.2.2 to 1.3.0 (#1368) * chore(deps-dev): bump mkdocs-material from 9.0.6 to 9.0.12 in /pykanidm (#1379) * chore(deps-dev): bump types-toml from 0.10.8.1 to 0.10.8.3 in /pykanidm (#1374) * chore(deps): bump cryptography from 39.0.0 to 39.0.1 in /pykanidm (#1371) * Update release docs to prevent forgetting a release step (#1370) * 1355 docker builds (#1357) * Update to 12 dev (#1356)- bsc#1210356 - CVE-2023-26964 - hyper,h2: stream stacking when H2 processing HTTP2 RST_STREAM frames- Automatic update of vendored dependencies- Update to version 1.1.0~alpha11~git0.d3a2a6b: * Release 1.1.0-alpha.11 (#1354) * 20230128 protected to access (#1349) * 20230125 pre rel cleanup (#1348) * 20230125 pre rel cleanup (#1347) * Allow multiple backends to run in parallel for repl tests (#1346) * 20230121 access improvement (#1345) * Fix debian build path (#1331) * Windows-related build fixes (#1344) * chore(deps): bump gloo-net from 0.2.5 to 0.2.6 (#1338) * chore(deps-dev): bump mkdocstrings from 0.19.1 to 0.20.0 in /pykanidm (#1334) * making the robots easier and happier (#1343) * chore(deps): bump tokio from 1.24.1 to 1.24.2 (#1340) * chore(deps): bump toml from 0.5.10 to 0.5.11 (#1337) * chore(deps): bump proc-macro2 from 1.0.49 to 1.0.50 (#1332) * chore(deps): bump reqwest from 0.11.13 to 0.11.14 (#1333) * chore(deps): bump async-trait from 0.1.61 to 0.1.62 (#1335) * 2023 orca improve (#1342) * Adding healthcheck functionality to kanidmd (#1330) * less lint more bark, ruff ruff (#1341) * 1121 SCIM import totp freeipa (#1328) * 1121 multiple totp (#1325) * chore(deps-dev): bump pylint from 2.15.9 to 2.15.10 in /pykanidm (#1324) * chore(deps-dev): bump mkdocs-material from 9.0.3 to 9.0.5 in /pykanidm (#1322) * chore(deps-dev): bump coverage from 7.0.4 to 7.0.5 in /pykanidm (#1323) * chore(deps-dev): bump pytest from 7.2.0 to 7.2.1 in /pykanidm (#1318) * chore(deps): bump regex from 1.7.0 to 1.7.1 (#1316) * chore(deps): bump ldap3_client from `2c9dc31` to `b3c7653` (#1320) * chore(deps-dev): bump pook from 1.0.2 to 1.1.1 in /pykanidm (#1319) * chore(deps): bump dialoguer from 0.10.2 to 0.10.3 (#1317) * Fix ldap vattr search (#1315) * Spell checking and stuff (#1314) * Bump coverage from 7.0.1 to 7.0.4 in /pykanidm (#1311) * Bump mkdocstrings-python from 0.8.2 to 0.8.3 in /pykanidm (#1313) * Bump async-trait from 0.1.60 to 0.1.61 (#1310) * Bump mkdocs-material from 8.5.11 to 9.0.3 in /pykanidm (#1312) * Update yew to 0.20 (#1308) * Bump tokio from 1.23.0 to 1.24.1 (#1309) * Cleanup references to sqlite, add a FAQ section (#1307) * Bump serde from 1.0.151 to 1.0.152 (#1303) * Bump whoami from 1.2.3 to 1.3.0 (#1304) * Bump pydantic from 1.10.2 to 1.10.4 in /pykanidm (#1305) * Fix the book again (#1302) * 20221224 cleanup (#1300) * Bump scim_proto from `cb147c8` to `b5a392f` (#1294) * Bump openssl from 0.10.44 to 0.10.45 (#1295) * Bump openssl-sys from 0.9.79 to 0.9.80 (#1296) * docs: reformat book and introduce workflow to ensure it stays formatted (#1286) * Bump libc from 0.2.138 to 0.2.139 (#1292) * Bump ldap3_proto from `5149451` to `2c9dc31` (#1297) * Bump coverage from 6.5.0 to 7.0.1 in /pykanidm (#1298) * feat(kanidmd): add ldap support for mail primary and alternative address (#1287) * chore(make): co-locate .PHONY declaration and target (#1291) * Can’t build designs private documentation (#1289) * 20221221 sync deploy (#1285) * Bump serde from 1.0.150 to 1.0.151 (#1276) * 20221219 sync polish (#1284) * Bump async-trait from 0.1.59 to 0.1.60 (#1278) * Bump toml from 0.5.9 to 0.5.10 (#1280) * Bump dyn-clone from 1.0.9 to 1.0.10 (#1282) * Bump serde_json from 1.0.89 to 1.0.91 (#1275) * Bump mkdocstrings from 0.19.0 to 0.19.1 in /pykanidm (#1277) * feat(oauth2): add support for a 'groups' claim (#1272) * Bump paste from 1.0.9 to 1.0.11 (#1279) * Bump syn from 1.0.105 to 1.0.107 (#1283) * Bump quote from 1.0.21 to 1.0.23 (#1281) * Bump pylint from 2.15.8 to 2.15.9 in /pykanidm (#1274) * Bump proc-macro2 from 1.0.47 to 1.0.49 (#1273) * 20221216 a little cleanup as a treat (#1266) * fix(make): improve help output and solve warnings (#1269) * fix: set executable flag for shell scripts (#1268) * chore: add jceb to list of contributors (#1267) * docs: correct LDAP DN for token authentication (#1263) * docs: correct command for generating a password (#1261) * docs: replace kanidm account with kanidm person (#1262) * docs: unify representation of dn=token (#1264) * docs: fix link to oauth2 documentation (#1260) * 20221123 iam migration work (#1258) * fix(oauth2): use the short name in the userinfo (#1259) * Bump serde from 1.0.148 to 1.0.150 (#1257) * Bump authlib from 1.1.0 to 1.2.0 in /pykanidm (#1255) * Bump pytest-asyncio from 0.20.2 to 0.20.3 in /pykanidm (#1254) * Bump openssl from 0.10.43 to 0.10.44 (#1251) * Bump certifi from 2022.9.24 to 2022.12.7 in /pykanidm (#1247) * Bump tokio from 1.22.0 to 1.23.0 (#1249) * Bump pylint from 2.15.7 to 2.15.8 in /pykanidm (#1253) * Bump black from 22.10.0 to 22.12.0 in /pykanidm (#1256) * Bump filetime from 0.2.18 to 0.2.19 (#1248) * Bump libc from 0.2.137 to 0.2.138 (#1243) * Bump serde from 1.0.147 to 1.0.148 (#1242) * Bump gloo-net from 0.2.4 to 0.2.5 (#1244) * Bump syn from 1.0.103 to 1.0.105 (#1240) * Bump async-trait from 0.1.58 to 0.1.59 (#1239) * Bump pylint from 2.15.6 to 2.15.7 in /pykanidm (#1246) * Bump mkdocs-material from 8.5.10 to 8.5.11 in /pykanidm (#1245) * Improve ldap sections (#1218) * Bump openssl from 0.10.42 to 0.10.43 (#1235) * Bump serde_json from 1.0.88 to 1.0.89 (#1238) * Bump bytes from 1.2.1 to 1.3.0 (#1236) * Bump jetli/wasm-pack-action from 0.3.0 to 0.4.0 (#1231) * Bump rpassword from 7.1.0 to 7.2.0 (#1233) * Add new mail read group (#1224) * fixing up automation (#1230) * Add signal trapping for a variety of signals (#1223) * docs tweaks, renaming integrations (#1228) * Add ability to bind with token with a dn=token marker (#1225) * 20221121 debug webui (#1217) * Cargo updates (#1219) * Bump reqwest from 0.11.12 to 0.11.13 (#1210) * Abstract webauthn authenticator access, and use Windows API on Windows (#1203) * 20221116 oauth2 app portal 2 (#1201) * Bump pylint from 2.15.5 to 2.15.6 in /pykanidm (#1216) * Bump serde_json from 1.0.87 to 1.0.88 (#1212) * Bump tokio from 1.21.2 to 1.22.0 (#1213) * Bump mkdocstrings-python from 0.8.0 to 0.8.2 in /pykanidm (#1215) * Bump mypy from 0.990 to 0.991 in /pykanidm (#1214) * 20221116 oauth2 app portal (#1200) * Bump pytest-asyncio from 0.20.1 to 0.20.2 in /pykanidm (#1194) * 1116 UI hints (#1199) * Reword security keys (#1196) * Bump mkdocs-material from 8.5.8 to 8.5.10 in /pykanidm (#1193) * remove pam tester (#1197) * Bump mkdocstrings-python from 0.7.1 to 0.8.0 in /pykanidm (#1195) * Bump types-toml from 0.10.8 to 0.10.8.1 in /pykanidm (#1192) * Bump mypy from 0.982 to 0.990 in /pykanidm (#1191) * Bump chrono from 0.4.22 to 0.4.23 (#1188) * Bump actions/dependency-review-action from 2 to 3 (#1187) * Bump base64urlsafedata from 0.1.1 to 0.1.2 (#1190) * Workflow tweaks (#1186) * 1116 UI hint (#1185) * 613 oauth2 logout (#1184) * started working on fixing a log issue and chased some clippy lints (#1182) * 20221103 ipa import driver (#1180) * Review oauth2 best practices document (#1181) * Add tools container support (#1178) * improve webauthn errors (#1179) * Add version header and warnings (#1175) * Bump mkdocs-material from 8.5.7 to 8.5.8 in /pykanidm (#1173) * Bump mkdocs from 1.4.1 to 1.4.2 in /pykanidm (#1174) * Bump regex from 1.6.0 to 1.7.0 (#1172) * Improve handling of openssl3 in md4 tests (#1171) * Add /etc/skel templating and notes adjacent to kanidm-unixd and packaging (#1113) * Further test improvements (#1166) * Setup for next dev cycle (#1165)- Update to version 1.1.0~alpha10~git2.4a03ca5: * Add tools container support (#1178) * Improve handling of openssl3 in md4 tests (#1171)- Update to kanidm 1.1.0-alpha.10 * Management and tracking of authenticated sessions * Make upgrade migrations more robust when upgrading over multiple versions * Add support for service account tokens via ldap for extended read permissions * Unix password management in web ui for posix accounts * Support internal dynamic group entries * Allow selection of name/spn in oidc claims * Admin UI wireframes and basic elements * TLS enforced as a requirement for all servers * Support API service account tokens * Make name rules stricter due to issues found in production * Improve Oauth2 PKCE testing * Add support for new password import hashes * Allow configuration of trusting x forward for headers * Components for account permission elevation modes * Make pam\_unix more robust in high latency environments * Add proc macros for test cases * Improve authentication requests with cookie/token seperation * Cleanup of expired authentication sessions * Improved administration of password badlists- Update to version 1.1.0~alpha9~git6.b20d5312: * Resolve upgrade in place error with cbor to json (#1028)- Update to version 1.1.0~alpha9~git5.98546259: * Remove dependency on git webauthn authentication versions- Update to version 1.1.0~alpha9~git4.33b4e11b: * Resolve issue with migration application order (#986)- Update to version 1.1.0~alpha9~git2.ebab6c5f: * Fix cargo.lock + Docker * Fixing the Github Actions Kanidmd build (#963) * (cargo-release) version 1.1.0-alpha.9 (#962) * Improve radius to support eap-tls with ca-dir (#957) * A pile of Wasm UI tweaks (#958) * Bump types-requests from 2.28.3 to 2.28.6 in /kanidm_rlm_python (#960) * Update validator requirement from ^0.15.0 to ^0.16.0 (#959) * Bump types-requests from 2.28.3 to 2.28.6 in /pykanidm (#961) * 383 164 authentication updates 9 (#956) * Update libsqlite3-sys requirement from 0.24.2 to 0.25.0 in /kanidm_unix_int (#929)- Update to version 1.1.0~alpha8~git1.980f358d: * Push some missed bits to documents * (cargo-release) version 1.1.0-alpha.8 * 20220501 fix logging (#730) * ref #725 - updated comment to note it's still failing (#727) * Remove async references (#724) * 383 170 164 authentication updates 3 (#723) * Making the login path nicer, dev scripting (#721) * Tweak docs generation... (#722) * Docs updates to push all tagged versions + dev (#720) * 20220427 dependency updates (#718)- Automatic update of vendored dependencies- Update to resolve bsc#1196972 CVE-2022-24713 - Regex DOS- resolve bsc#1194119 (CVE-2021-45710)- Update to version 1.1.0~alpha7~git0.c8468199: * (cargo-release) version 1.1.0-alpha.7 * Pre-release update and cleanup (#631) * Improve autofocus to oauth2 (#630) * Finalise email changes for oidc (#629) * Temp use env filter (#628) * 20211216 tracing cleanup (#627) * Art attribution * Refactor of value and addition of base types for business attributes (#626) * Add xmas logo * Add rinstall file (#625)- bsc#1191031 - use _pam_moduledir in spec macros - Update to version 1.1.0~alpha6~git0.c9f4b1d: * (cargo-release) version 1.1.0-alpha.6 * Added an interactive cli dialog to kanidm login (#584) * Add support for storing security token key in domain config (#581) * Remove auditscope for tracing (#580) * Entry Arc Tracking to reduce memory footprint (#579) * Rewrite how we store the internals of valuesets in entries (#578) * Improving logging and docs around unixd/PAM/NSS (#577) * Swap to tide-openssl (#575) * Start to remove audit scope :) (#574) * Fix io capture in tests (#573)- Update to version 1.1.0~alpha5~git0.4be329e: * (cargo-release) version 1.1.0-alpha.5 * Release prep * Fix totp registration workflow with broken authenticators (#516) * Add statistical analysis to indexes (#505) * 511 upgrade failure - add debuging tools and improve debugging of the issue. (#512) * fixes #503 - TOTP prompt no longer drops a newline (#515) * Fixing kanidm windows client build (#507) * Add the ability to configure and provide Oauth2 authentication for Kanidm. (#485) * Change default totp to sha256 (#504) * Fixes #494 - password change user-facing responses (#499) * Fix readonly check (#496) * Update webauthn-authenticator-rs to fix test failures (#493) * Update repo locations and versions in prep for release (#492) * Add workaround for podman subid issue (#491) * 163 account recovery code (#469) * check user shell (#392) (#490) * Removed `OperationResponse` (#489) * Set default shell to `bin/sh` (#488) * 20210607 orca ldap (#470) * `kanidm_client` bool/return values (#479) * Arc cachesize warning fixes (#483) * Closure Refactoring (#482) * Renamed fields in `dbvalue` (#477) * 471 add service files (#474) * fixes #478 - adds note about web ui already being packaged (#480) * unixd will now bail if startup tests fail (#476) * Add email syntax (#465) * Add some openid stubs (#464) * Add auth docs (#463) * 64 120 session claims (#462) * Add ldap vattr mapping (#459) * Fix for unixd issue (#460) * 414 clear stale credentials (#447) * Fix multivalue setting of description attribute (#457) * 445 update pam nsswitch md (#451) * simpler ip logging (#454) * I might have become clippy this time (#449) * Calming clippy's nerves, Friday edition (#448) * 444 - client's config URI missing and more file open handling (#446) * Fix proxy usage in tests (#443) * This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442) * oauth design (#441) * Adding an example config file (#440) * adding env vars, making clippy happier, cleaning up some error messages (#438) * 20210509 cleanup clippy and audit name (#437) * 277 radius pw not accept for main pw (#435) * Orca - a load testing framework for Kanidm (#431) * Add verification of name indexes (#433) * Add ability to pick a server role (#432) * Adding a new verb group remove_members (#434) * 397 Caching password badlist (#425) * User feedback improvements, also handling a permissions issue (#424) * Fix concat issue * Update contributors * Making clippy happy (#420) * Fix 421 - clearer debug messages when doing things (#422) * 62 idm qs cleanup (#419) * Rough working login page (#417) * Make clippy happy (#415) * More debug messages (#413) * merging upstream (#411) * Improve error message when socket not found (#412) * Idlset2, query cache, acp resolve cache (#409) * Add lto thin (#410) * fixing broken action (#405) * Basic documentation for monitoring (#404) * Create design for mfa_backup_code.rst (#402) * phrasing (#401) * Docs update (#400) - Remove un-needed source files: * kanidm-unixd-tasks.service * kanidm-unixd.service * kanidmd.service * server.toml- Update to version 1.1.0~alpha4~git54.675146e: * check user shell (#392) (#490) * Removed `OperationResponse` (#489) * Set default shell to `bin/sh` (#488) * 20210607 orca ldap (#470) * `kanidm_client` bool/return values (#479) * Arc cachesize warning fixes (#483) * Closure Refactoring (#482)- Update to version 1.1.0~alpha4~git47.5e83b68: * Renamed fields in `dbvalue` (#477) * 471 add service files (#474) * fixes #478 - adds note about web ui already being packaged (#480) * unixd will now bail if startup tests fail (#476) * Add email syntax (#465) * Add some openid stubs (#464) * Add auth docs (#463) * 64 120 session claims (#462) * Add ldap vattr mapping (#459)- Update to version 1.1.0~alpha4~git38.d978c9d: * Fix for unixd issue (#460)- Update to version 1.1.0~alpha4~git37.e8b1089: * 414 clear stale credentials (#447) * Fix multivalue setting of description attribute (#457) * 445 update pam nsswitch md (#451) * simpler ip logging (#454) * I might have become clippy this time (#449) * Calming clippy's nerves, Friday edition (#448) * 444 - client's config URI missing and more file open handling (#446) * Fix proxy usage in tests (#443) * This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442) * oauth design (#441) * Adding an example config file (#440) * adding env vars, making clippy happier, cleaning up some error messages (#438) * 20210509 cleanup clippy and audit name (#437) * 277 radius pw not accept for main pw (#435) * Orca - a load testing framework for Kanidm (#431) * Add verification of name indexes (#433) * Add ability to pick a server role (#432) * Adding a new verb group remove_members (#434) * 397 Caching password badlist (#425) * User feedback improvements, also handling a permissions issue (#424) * Fix concat issue * Update contributors * Making clippy happy (#420) * Fix 421 - clearer debug messages when doing things (#422) * 62 idm qs cleanup (#419) * Rough working login page (#417) * Make clippy happy (#415) * More debug messages (#413) * merging upstream (#411) * Improve error message when socket not found (#412) * Idlset2, query cache, acp resolve cache (#409) * Add lto thin (#410) * fixing broken action (#405) * Basic documentation for monitoring (#404) * Create design for mfa_backup_code.rst (#402) * phrasing (#401) * Docs update (#400)- Update to version 1.1.0~alpha4~git0.0ac5da8: * Performance Improvements * TOTP CLI enrollment * Jemalloc in main server instead of system allocator * Command line completion * TLS file handling improvements * Webauthn authentication and enrollment on CLI * Add db vacuum task * Unix tasks daemon that automatically creates home directories * Support for sk-ecdsa public ssh keys * Badlist checked at login to determine account compromise * Minor Fixes for attribute display- Update to version v1.1.0alpha.3~git0.b34c893: * (cargo-release) version 1.1.0-alpha.3 * release notes * Update Dependencies * Unixd - NXCache of unknown items (#338) * WIP - Improve Auth Proto to Support Webauthn (#333) * Follow up on ci fixes * Add port verification to start server in kanidm_client tests * Update CI base image to ubuntu 20.04 * Add libudev to ci * 13 135 webauthn support (#332) * Change root user check to warning due to container run times (#328) * Fixes #324 account softlocking and rate limiting (#326) * Add passpoint link * Update tumbleweed docs * Account valid-from and expiry (#322)- Update to version v1.1.0alpha.2~git0.764e727: * Update * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * gitignore * Update Release Notes * 250 cookie to auth bearer (#321) * 259 reduce clones (#319) * Xxx clippy outdated (#318) * 314 improve async (#316) * Update README.md * On login pw upgrade (#315) * Add python3 support to radius * Dynamic crypto rounds (#311) * tweak book chapter * 67 resource limits impl (#307) * Update based on review * Apply suggestions from code review * doc * Build improvements * Support zfs page size * V large cleanup * Cleanup and improve client error handling * Improve server hardening * Update deps + add simd support in container * Add FAQ + eap selection * Minor updates * tweak release steps- Initial Commith02-ch1a 1723811012  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~1.3.2~git0.229b0cc-bp155.29.11.3.2~git0.229b0cc-bp155.29.1   kanidmdocssrcSUMMARY.mdaccess_controlintro.mdaccountsaccount_policy.mdanonymous_account.mdauthentication_and_credentials.mdgroups.mdintro.mdpeople_accounts.mdposix_accounts_and_groups.mdservice_accounts.mdadministration.mdbackup_and_restore.mdchoosing_a_domain_name.mdclient_tools.mddatabase_maintenance.mddevelopersdesignsaccess_control_defaults.mdaccess_profiles_original.mdaccess_profiles_rework_2022.mdaccount_policy.rstapplication_passwords.mdarchitecture.mdauth.mdauth_proto_rewrite_late_2020.rstauthentication_flow.mdcontent_security_policy.mdcredential-display.rstcredential-update.rstcryptography_key_domains.mddefault_idm_layout.rstdesigns.mddevice-authentication.rstdiagramscombined-flow.graffleidv_api_diagram.drawioidv_api_diagram.drawio.svgidv_generic_responses.drawioidv_generic_responses.drawio.svgidv_state_machine.drawioidv_state_machine.drawio.svgobject-lifecycle-states.graffleobject-lifecycle-states.pngsearch-flow.grafflesearch-flow.pngwrite-flow.grafflewrite-flow.pngdomain_display_name.mddomain_join_machine_accounts.mddowngrade.rstelevated_priv_mode.mdidentifiable_secrets.mdidentity_verification_feature.mdidm_rest_layout.rstindexing.mdkanidm-trust.rstldap_gateway.rstlogging.mdmemberof.rstmfa-device-enrollment-process.rstmfa_backup_code.rstmigration.rstoauth.rstoauth2_app_listing.mdoauth2_refresh_tokens.mdpassword-import.rstradius.rstrecycle_bin.rstrepl_future_considerations.rstreplication.rstreplication_coordinator.mdreplication_design_and_notes.mdresource_limits.rstrest_interface.mdschema_reference_types.rstscim_migration_planning.mdsession_logout.rstsudo.rstsystem_protected_objects.rstuid_gid_generation.rstunixd_homes_task.rstdeveloper_ethics.mdfaq.mdpython_module.mdradius.mdradius_module_development.mdreadme.mdrelease_checklist.mddomain_rename.mdevaluation_quickstart.mdexampleskubernetes_ingress.mdreadme.mdtraefik.mdfrequently_asked_questions.mdglossary.mdimagesKanidmUseCases-Dark.pngKanidmUseCases-Light.pngKanidmUseCases.drawiokani-alert.pngkani-warning.pnginstalling_client_tools.mdinstalling_the_server.mdintegrationsldap.mdoauth2oauth2.mdcustom_claims.mdexamples.mdhow_does_oauth2_work.mdoauth2_claims.mdpam_and_nsswitchpam_and_nsswitch.mdfedora.mdsuse.mdtroubleshooting.mdradius.mdreadme.mdssh_key_distribution.mdsssd.mdintroduction_to_kanidm.mdmonitoring_the_platform.mdpackagingcommunity_packages.mddebian_ubuntu_packaging.mdpackaging.mdppa_packages.mdpreparing_for_your_deployment.mdrecycle_bin.mdrepladministration.mddeployment.mdplanning.mdreadme.mdsecurity_hardening.mdserver_configuration.mdserver_updates.mdsupport.mdsupported_features.mdsyncconcepts.mdfreeipa.mdldap.mdtemplateskani-alert.mdkani-warning.mdtroubleshootingtroubleshooting.mdcurl_connection_test.txt/usr/share//usr/share/kanidm//usr/share/kanidm/docs//usr/share/kanidm/docs/src//usr/share/kanidm/docs/src/access_control//usr/share/kanidm/docs/src/accounts//usr/share/kanidm/docs/src/developers//usr/share/kanidm/docs/src/developers/designs//usr/share/kanidm/docs/src/developers/designs/diagrams//usr/share/kanidm/docs/src/examples//usr/share/kanidm/docs/src/images//usr/share/kanidm/docs/src/integrations//usr/share/kanidm/docs/src/integrations/oauth2//usr/share/kanidm/docs/src/integrations/pam_and_nsswitch//usr/share/kanidm/docs/src/packaging//usr/share/kanidm/docs/src/repl//usr/share/kanidm/docs/src/sync//usr/share/kanidm/docs/src/templates//usr/share/kanidm/docs/src/troubleshooting/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protectionobs://build.opensuse.org/openSUSE:Maintenance:18520/openSUSE_Backports_SLE-15-SP5_Update/c774ca187b274f70453ec192f4069a14-kanidm.openSUSE_Backports_SLE-15-SP5_Updatedrpmxz5x86_64-suse-linux     directoryASCII textUTF-8 Unicode textC source, ASCII textemptyXML 1.0 document, ASCII text (gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT))ASCII text, with very long linesSVG Scalable Vector Graphics imageUTF-8 Unicode text, with very long linesPNG image data, 649 x 599, 8-bit/color RGB, non-interlacedPNG image data, 1976 x 696, 8-bit/color RGB, non-interlacedPNG image data, 1976 x 1223, 8-bit/color RGB, non-interlacedPNG image data, 3792 x 2302, 8-bit/color RGBA, non-interlacedPNG image data, 150 x 127, 8-bit/color RGBA, non-interlacedHTML document, ASCII text:xtz@N~utf-8ad60cb46e5b99692b543e7a6d645770232d416152e97d3f372182d7fe94984d0?P7zXZ !t/j*]"k%fs~ZUឯYQ3D3;ؐ^D.IVy?H'wNNm~`zj%6s7xQ|ÕA51_Ȓ<81cJ42Ss'.c, s(S+arE7ORZc' 1suf\77/l<y_Y`Rm#$*{떟. nLc),ymX3gl㎎_1lYB'Saݧ<Ò'omrtKC*0kE2@@:_"}ڧkSodyoS`pkI^C6I8크K+O8bB%cobfM?`F1_(]H YUb$c[O 6GaΩMq`GyyůVpTNczod 'Kex# ?HJ{9,nU.ԑ{D"Td/7X~yyvrWI PT[IYb!2b`{0IU' &Y8ӫ_s/OBLG5r6W3D uՁc.q)ZzQ]Jidadd!YN-[3&6}^)S3DURn10qϨK otl_s &tL;aV3 @mnj; 6}yf&YNЪ 5UV݉p#߃p ~5GW1 kᗲ/dxZ[ I ޼,av Pl.fD)\lW9hwTM-;m_zlfۙ;L55[ I: p\95fL,o>sGf;?m ZH}ØN? fͥr7)ҙ2#1aS RNu̖*X۷%Km1'0&\}|C%H Z\}lg(!s: ZmJ,CMEF@) ew"+ p [ ?>SM]җ4GFX`KǃD s?9*:Jcf:kćgحX.uj,Ly*wFr;6jw+#`BfA3ֿSi ֨ڈ]w[M}dD6 5}@eJƮU pn^kbmF.#z8((׀HCm6kń7 L ;f6%L|xN'KVLU9BsqCMdn@p9d@LL$\[$}5]*`bk-yC%AF6pachzybFu,!SAZ2-"N00h'2?ujx֙SL8L #KF6+Ff+/)B/045ɔ$ ?ܭXi44\ %$F<ɿsegUG3_<~rphi [>'K,IyUq" dzbjRn &M$g]&de}$Z,0E{X:?,;GrKlCw # To QrHG8~݆UU_<ۂ<XkTęܱD+ޘAln47:V1y?xp[¶`qiXv;jBG4Z7i%攣P媿 %|Cفɏd''{6r;Q6oQ;Y6/5JOLŨ|3]'(6F\ON QF<4:CR;8;rh*t:k[l]mg1=:D- H:glX/zX@<^n9Xئ@S|F+wr^O(26ɐ;[& /rEŦ WCnNO<2,TgD TpsR{쒨/R.m2ulVUj;.2C*v xsf >v93pf=j̹g}Wǥh~H7->߅B6BSkg!~oֲmŪ;pl6.bijC27H^ tc!?u;lN:%iEY8$ۏ\4!~gSH'\L\/i?[0'0 ?yWF` Тk4tqB%#'ZS}?K5UiUX6kBEuo GYs7¶fh^L$B3&`,ݦU*|`AN.᪟לk* U"qn3'"cb\~#WĵItV xj<ιHQOg}':\G1ځeU H~B4* w~[)'_s5>ٯRE! NqG"kJR?1i`}Ny+r>Ô^!RQD`1N}w渎3?\J֢&\/ғ4)F>G汹NĠxjH][rJ1 irxc,dn g*ݜ]Viu_еYtW?݂ӹlٌxG;'*0F9 N{Iv7aH\PrwbUe6J] sD$v**û`Y]WN, 8Pg( =|MhrfG$u&FڲY;s M<@|[!=5t ƆIS s=D '3qrMy=2.P6/k<MDir6cU"#xs%SXOR= xw1"#vln7KPіSwu LwdڏXosT%tNtd DaA3'8q wm?oLN3TZqfu-ev=]W:80\TpYٯoq%ea ٕ"+')yGOlj]ۜt 44uσT.Mep< /O$btD #4beh0&/2/96B)Xt /ta]pI PN\3J"rհt圕ýg[DM j 3`6Q|׊e?=AU@Kq$5 ;yٰ9y[5> wAC#ՖASE/~E<)|ViGP_\~㞇6)t4߽GQ ZqQewyӠ%ٖs&[o!рO\Jݓyg_tl)zn?d@c]GsU+m&eX7\V8՟-_Z؞T)Oq0flosS%~Bu(zý$#ne|E U!%9@gB机 X'[LiB vH/2ѽYR^j8'ٵ96Et5en_yO.xb>K<>Bq>1~{0d=+ǃ]MG<wyPL7n|j,xc9d_ m홒nnjmZŔC.jq7!G/ '<6[:A T@_AZdӺ8-cӐ{ww=sB_CQ9ybEyTqtD3BGV9-@}i;g7ߗ;(P͹} #'tL8@=\RZ rS@%# ^- $Mo`r\ؓ+U$`-ǽI;7C $ңc1OI9E5e1_F\{ X|u7e/ݡ-4@[#7o ci);ΠT匷1^ޚJn.u+i ss?px{!|{J̉67L8(T1J*m8va./ǐyץ}B>x8r9<ކ6nz /{s>Dd#y3H m]#+A]HєXNXy8WeE~1TFSFY nA ?<$xA:X-Z/~F2zDC$n7c-YIN b._Km]I.2 ACqZL'qޅ=X(&kjl$wA<8 O!6lN 'bl 1첣}} s1 |mߪU?Fu'zgE`] j,ÖЦ@WP7 E#W?ndS~JZԤ 2Q!,)F;&R1<gsjd^UbH cOlvDe~$ǡJCzFZ.{dE?yM=} a9JAk6QND_kJs/rL0Lh Ưۭɕm+H)x\PA`&9>\2!TFaWrP})3 $΂Dx_/ǖ(ޥ`NZCYI HY&@C W ﷝k rXW>LC$BrYKO$:Q(= ,t_!HY߻\}ljJ-RM|&:glih-iBܢS\x-M B-#';4WƸݽNđ Gj>B}"vP`A`(i)._bOsM#Hߜ+A"A+٨(/MQkbTMsk7M0v"\6{Y?˚MH 7 GIղZNHK.G0 Cwi4 ]3B(8Em\)1SxL ըе\/" ܝS\b  gջF-,QNawJ8q|0Ḥf$?2)+JĐsYl d"qȿI *Er Z ^-$ >\*Sœֽk`.(Nsʂvè K?. 9{>s]5BJ_3O&SLD n2: OB)xVG[s D Gt/rL!䯈&\TfUM׵T9E-99#ytcp^PO-;B?X8# R௅~S4ĝVR#^> >F `g /xxM0Zub.^Z4Я_}(hǑRyP> LP0ޓUO-%{/%F4U o 7D*̺_l)Ln m1XX130{u\p MeZ\5ip+)(S ~3{{{&غF D*ife^$.VݠP(<,j잆p th<,H\5^LjiW,*6JIW%\@8ͻΦfƏ \9(`z 9ftn`fKCSo7>rPvPh9K=O?ݯ'ޕ8ȥD Ƽ+죭6p^zq|QHl/7,6oatykl?ޭ=, DyE{F+ݏlH,u>îj+ 㣝Idc1V;H>">vFmKR׼wp52?"Ó ؓWu W161Vus)܍rMm9LaIGdsfcp'!lq>#ǍIHjԔkDss{\}kSЯ[[LL*UAG1]Z{9z+ !UQs}J'w.|6yTVj4k8I+^KtBw8Ջn;2T782q[ &fc y_:zqnܸw=jO>!K#ÊqLB2TvΌMtwAoLE e*rsx1[PC*nLa{(7dD/PWdP`L oC19g"@.YxtMf[ޖF"]pʷfP';=Wr9yUohh^h}h̎!)$<{\=+40fSNw% Ð 4'+ÇjM )=\;s5'ݔApʴg:Uι 40- gT`RfchpmvɼdT&[nfAVkFǗջ%1Tc0"csO-Ƭ$Z$~3 Ϯ#IĦ5Er؊al4vi ϵOF y?kgSd(duXLSRnxQ}5)Žc{u#ôTH:pCyL, ]0J'PxM4=%8& *L'Sn pGLhT2wNv:hE^] Y/mLUKӛ??>bXQ!γNݬ!;;!~]@aBSUk$!nPk'3{s_,Xۑ.X3_H2I 6 Q|b,bg߆2B{|C48[#ߢ|ހ7슱eϳ82󵀩/klML_/HR=GZ0U*VA v?= MR,OR D#Nk>q$agX HD.OP-d"'tiw*|8Hl2t|@ݙe0'4 XM|=U sC1?/OSX_ns!|tF%`,ţA/X*Q݌'2ꊒ>ڣaœ; 1=7>)Ցp;h:& 0L r+Lj>" n VPR;'MU9 Fb񏰧hI" b,ISO^a z w/눽ywmi޷@s yEp7٬m5Uћ:4<*Pr6z KE9i1Txe 4wbF1sL0`e wEzQ&߻[QU52;?5s|);V  Ah5Z~RӶiSˈșpuJۚC s}^e_U! "RGUnH9k:q}BQz2W(ۍN `J2A#TL63&zނR]D kp19ܜ.-B\׷S8g}_`?mL^d`.176)i]'h7g8_;Il)QZn>@4bi5̖Z _N$%5*uIΣ"a!lN#8(s jVuXx^7PDRvLwm .@#=8=3:C'-_4QɺS#{ƺ+?ǎJ.uX,d')Г3<Qߏ> ㈝& Fv8OBj#T{+b8#UEWmm@Q(Zye2GI0z-X5l:] {zI%Ǥ 5o=ӋCzFTRI)лc]K!(ּ߽'4V#}&@U-2,aZߺ32.iɯQ؂G^ޠA,40ؑ Le_*0MbGyw0b;YO\O /)MϷ ѮE6.}hedL3A3O~=vt%X(0qŃ-0Ent2HAocmzH)[#_d b"%7⏫@ ̷lگGm+gsE҂59މ~ @|#ٟ}qʂύ_] y*ըV @MuGV/ YZ