kanidm-docs-1.4.4~git0.c3dbf83-bp156.13.1<>,,gR I%z v ]ִg'@}|`@PѤv++3 Px[IX*TdYZ2֨Τ׎s+TO E椟Lm&_)F'Q}HũhNy?¼%-  V@݊8i"O#$yDYLћC@Jbht* ֬kc.mn8!cĨ fgLtcyp3\_5u(_h +ET^C@f^!ڜDAs ĝ(փ=xEX@9'Dq2( 'j]P\^qkcrZڥz^-윀^S&[,\cls((3O*;?d! , T     l + ,$.1447L7p77(8$88,2982:=2FGHLIXXY`\] ^XbcdjeofrltuvzCkanidm-docs1.4.4~git0.c3dbf83bp156.13.1Documentation for Kanidm AdministrationDocumentation for using and configuring Kanidm.gR i01-armsrv37SUSE Linux Enterprise 15openSUSEMPL-2.0http://bugs.opensuse.orgUnspecifiedhttps://github.com/Firstyear/kanidmlinuxaarch64zV tSB7R! *MV!! F -@1HkU@%e92a17wGE '\ *<y \ 1Z? /Y=QRm7- 1W  >=? y p!t & +')u'65sR BX!&  x &9 D  ) < (AAA큤A큤A큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤gRgR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR gR 48d79940aaecb8141e968f2679f5d78cfb1dfe34b7e69ee3f43c02e3e9c3cfd4623503b4bb56558de27f1b4bf87b36defdf64625f5f2b1b4f8f35d61a81f9ad2950288ce01196461ec6497c270ca4a170ed1beeed54f81b4f4c70cd0a06cf486faa8b27a6f05358505bf70ceea26b8ae9ab84469705cdb5ec939e606ba1ef03a5350e05c2cd061031c96fa048a70e3f68f6fc6879fee02590cb96b41fd997ca66ae4786743d89c19010b3ed37561b1c738f2931a046764a2cbc908d6bbc0ee57ea985ff7222e65e800a338b6f762402454cc8ff5754954a654289d99a9e3b9c96bcf2705fa2c42d7a14f8d3f9de1ac39de97f019e7abecf4c3e50d1410b42631f28b04378654078effb6f34cae7e6605a8c7af1bc7f45f27e9ec095ca7860fda442b51f67d61c4a6a9fa7dc1202250c3a5d01310dead3f047fc9033c987795cd6933d58d0da96791a9a5deee6c907565be0cd5bb4aaaf35f0c88f1affcf742ca8fedf7455f634d7bd2877929cd94d9298abdcd0f1b057a430e3f0d996f187a766df6b873b8b83a94aac5579d058ec2fae3ec0682f8c734987ea9c9a546622cbb1e7977dc473d2b9ab4f715299825771852ded79a87a833d2cb902f39f2d8c4bbaf8d8fb7dd56638d306d113671be13bae404d9601940c393b22f84685ac9520e62dfe35450d215edb2c496fc659f6562be094da9a66241e5844a9938bf4973fb1c2bf51f217e5e080ac6c523147b173d36cf87466892aa2b4b4c1927e27d1e999c322642bbb1baa06715f35d0f4ecaaae547d3f037a0a08865c7dee9c04cff420afbe5e48037a94327c69728582ebd6187a334335b00b0e6b9c995ae04892d2cf2944848ebaa6055aef440da1669b926b2eb49da7dd611d3bca679186045d3c45672985cc9a69a8666ab578013e089dfa8a25988bd0624fc27a54b78612cf859bd0c8f3e1b96872198eae5e4c463bf81142ad85a80b1a7838ff6c97202411bbeb9cd72ded7ad1e854d98205230ea5e25d50992a77dece6d8d6c1f0454ad285d7161c2914f1881f19437acb11a173ba2bef3e58f0c6df22627446375b1e9dcdd9e2e2c0b110bfa983b593983cb28ef08cd48f220e3c7a5063819e51ab49cf253c171f6612692236d3705c569a5843e5a4bdc1d3bd520fd46ec03061ffe937445395fa65eee85cd3758f2467679c5e581a72f7e82a60ca631e4eb94e081381b0e3cbfbae0df183699600f8be17948cbb2198d831d4e511b99f516d188a25aed90bd041db276abb6a96bc1edf5967682c05cd17e158e8eb7da49f73b40059dacfe01357261530447ffc00a7e0d10850ff0d07dd5eb7752da3c7caf7a60e94bfd925e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8556694b3f3a3122d01b410ff3565fd6a8eb2b8565af0a367ee4a756ca485a30d5fe4b600f2967f665a4a2c16476293550c0da85ed85068ab43727dc137119ef1f1db7d69a59340751d182d392eb25c554c339f07c32bce53d52f7acbb8a971382549a73fa98465f1bebb068c8b7fdd418a859115c28516044ac10472feced6bf4abd2cea12c073c5676c5de7f0ea5f983fdf3ffa0f7a363ca35ab4e3e386506cdc22429ad31324815e063a0e13cb667725b70de7cfe746eaac8cb5fbcb393b4a16f075d233e913836ac2734bdf32a114c7bb6ed5caf26e1e5bff0ed574e46c5f3b28dcb0b030b79d365954dc435e93494f02bf3b892b3501ceae7c0ad0a28f0f71d3caf0a9ce9a774b882fd5be3bebe916fc5bd52a97cf36599c26c6465ed1168f41cdf5f8f38ae16832c63d7406421a473773bd940f1b6a32b357e6c2a190ae46823fab0bd86677850d5491b2a58fa0eb8c8d205ea88c067ffb6015db7bbb04d7a8919000e9495c73b9f52b473bb057d059246bf7493a76fa5b11a8ad81149cf22a70fed19be0837b2265636308f2614a23f355dbca597e40b400e366d7dcc9edf9f6126f435b24faf3bfea6c4a00573be9aff2a01ddbb7735068968731ad321e4d55de413cd09040d1948a3cce85ab6a81a22f6c8b63e31fc1a3e62c1b7ecd1ee2bccc191cf2112f41dc24b147836ca57057da3ea70c83d886a2a11c4b46dfb7dc5e9d69d5b0ab85488570d1d35b232b8ff547f5c7f9009271ab08fd714d197bd37ee734216b942fc06dad357abbf159a6c3b3b92ddb531b5ebd1e29e642cf5b50ff9e5d0abf919446ae44afca406fdb9155f5d38b0377d43e3889b07079e1f1cc9c1d2955088c0233760d7af1a2ab73dc65cb0f0991ab31d654eafd6a3e900250a2439625505dcaae5bce4487787246a1e9c1997f6750911ad4ab269367ff5ff2363e54e9597eba40424a9cdc8e1d96b3b0b05cd9e5eec18a6feab0138904e42f2b63a5486fbd413c57eab2d3f9be179d93a19d94e1764cc63df14a6ad1eadafc09ccf00d77347901a17574dddd827161c02c352c8413de547b24c28603e82ac1e9d202ad3e76359f5a131c5f5cc2758a77c8868fc3dadc20ebf2e2dc7da22421fa1a06cb0bdbcca209cdb9be1b78a183bb29215f541634884df440adcf12193a4f848b307b86f4828efad8d20879a2c34729e0797b12c1a84a68079333dc1980831f027a47a51075e337ebe828a2484500452639ff127bb8c5a422223c7bfb52fbaf43a11fd4270db73742ac0dbef42ad16223eeb0dcfecb69ddddb840d1ed4ee2f918d924dfa9315bbceb634ee4c2ff98fdbd76e00e4ec99971a53a08049cf7a40bde125b7d48d113059bde79f6246cd44b6103cb7b436ca67237fea6420f9fd80cfb51ef931f4c272cca731ef27f9ba47adbd6a89bc08eb5ae09eec4b79f00d4a9f18f8493914595ed774523633f14c640276068a5b3950fee3f69074b9a1875cf21638400a49354bc884f9ff24bcde52d65c034a21faa8dea3f383a236ea99e1687fc44a76172ab29480bdf9c35af8f172d63805acf135995302ba45082deafbd5be41451bb4efdf77018be644b7c39ca75fd7fe1b4d90afad0c60ba0e8aa620d4d167c5fae4dff9a478a8cd50cc5f0a612a35df32e2ddad99f229f6e02ffebc44d43e938f483c1936ce80782feb239524711cad2eb9087f60136b5800c378bbe80bfeb42c5e06ff2228d04f19b16c1e3d02f69a7c3c7c743f2192ebad429d40d4dcc3b10a28e129bd4f2798b28021227c44df7c492a38cdd445bf26faafdf676c12d4736c3ddb37b90ddf5f873cbf6ea76e508d3cc82738eb843ee1eb84b5838628f9a76be3afe03c2ea183ddb97f07a906d077979f2e3264443d8edbd8bc3045aa3a1558937b32729429cef1f8d25db9447679e82cce4ecef74fe5b3da1a7de784b45ac831afbc25acaa6a5c94a8e2c04c04a5b6348f4c5b7eafc3ce763e84528630de5f0f67e28a9bdc6b0a5bcd15caeff240b71b762bbfe2e1ae1cb78c013d1d618a21adc03edab851d9fdca9f532cf972884825516fa4182fd6c24b8ad1172537c940dd6e783e1d819db69e561318559d37830355be1595797fa8e4377c73bb74c71cfdd698f32606256ba8c479d2b377a9814933bac371fa3fae6544e1c9964ff3f81a1e48f4bd3d67272c18d04733a310106137357b6136c9394f74ced558237f170d19aab317bd5d59ce5b7794205d725af1c4ab8d83d54ce44207cdb19569fa72f2d4d240177341af26e1da6856821a2b0b10525d26bc28554237622a84111bd071913f8b117ab5485d9caec2af6de7a4cbfde41a174093c9f00c44cc18e2f1e49f79c456d536afe57c2ca557921dcf4009cdb0a4fa55a3b02be89cd338f442d738f0749161d39d3c6749a69b45a208419d2aeb6e80c49e80470e1a5e764b760752592b50a57fdb03574ef23687a6464bfb1a4d95162fcb425a34059231cbbc5c516d46067fc684d0ad63dc1d3bdc6852e63e3a5748bf18b827a813c15667d288e6ada6b95a8a17c0d748912379b787c5bc804491ecd58aa3318fb4adae997c242066993d921c9789558582132b94c37622f487f4023879d12ab2fde4b8931afcc6573bb4b941a1e8ff4c48b217e9c0c917c7994dfc7af201628c59c487978e5137dbc10900dcfa3e0e2a516345cc79d013373ecee767afdabaef1f035f2f9dfe2187cf2d16c8b2b1c1c78d6d74708f37405592bba43b3ed5e8cc62b9b2dc9e0137fe0e426315112460d6fc9cd49e1bcdfb58e9bb16c6366983fd0bc865e15977e7add0cb2e41840cd2ed5516bcaf86ac61b1eea526eca14eb1a3c1f74ea8c16c1483173423bdbff12c6a1f082fdfa58762bde09c79af8b7a787bb027715e1f88f18bf97b53f046fce10290967fe9958682b1d43eb5d6c9afa3d46f02eb3fb4a6239baadecf85cd3ab3ae72c3befa62872f9d9306fd976e3a46c9a471a5532330bc996cedb56971c3d711125f5c741bc3d486ded1e1e9bf999eeb1829ac972ee47fac55cb9dfe2d69b824073c017fcccb8625cba3b76b18400ba1a3fa52a1daf7a13e81404339d2113416657f5b10e6e25234d689fc1bc72ef8ed53eb86336d19a1a1c0564c201eb6f2ba3ab7378cc0902dd3f403092f46450e9a31ac6c77a66f55582fb33d55b85fa213c8a2ae03f9b371d4f912c233532374e4fa5492c82c5385d8538e7b147ae32a4f50e44793dd18761430256a8c50ec6262a2cbf191edb520e0f2f63d0566a0afda649d74337802a2c11814a817f8e0f9e4b6546d5a259b78a31739bec18e3fe5bdad8ec274eb121632cd812d734cb66e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b8553e4b5e8280c6e1c7f1285f322d4d870e0a8a8822f67a0e8c5470b8b13e2f52635feb411de2c76a1ca1b69e9b93d10d30a9123dcb390d03d40805bdcea9039ec7fd9e14ee19f91a790b1a207e4227cf9d95c1c9afe2633f22e963c9226f5062743015456f03ccee83f47f4f064e726a5a33710c60d7fde6c5d878f9b6148c05b913e3d2da1073393c130692dd1a1f6b0d4e40bb4c5312c5a811eb78d12e76490ce8db713cc4cda2862ac5df01770e9646890784203e861583e8812489c0f8de20ea8257539506921d9d06bdbcdc2e067d3f7e3e4d71abada2fa8bbdd78b0a91a7644710fd75c8e63e0907cf91eefd47bcba7a7dd0dac9cf54c8cc28f1850de306aac4d283e152241d8ee3269db48c189c1d9300d9d1e5032ec943dd5333f826b63bea36931fb1d328dc61fe76ee6818c68db649724021cbb5b6a99d65977bcdfa0e5c7abe59031b7440f610efee424822106d0461a95401f1060f0d0639790410f4ef57c6bbbc1275d6cda53a7505b70c501eb7f205879bd52d80d4fcf3d6f155fc387d75911426bf88405501a564e674b2d749e402ad1b06d108654373e5347a946447688150bb8038b34b912a10f4ddbe926909f073a9b516074887e8309300f786b5abe2ae9a8cb49feb95b275db68d93adf6e2e0e1633b7cb633dc65ca6a206e4d16b1c8e1296ba73d694ba8344b0695d6954f655736ddaca6fc48925d29454de480bbe084889c2aecb72d8db5b4cd70036d45d4a66fb8a2bd8add89b09f89e81cb2036c98d1278e3092614c70053f178c2950bec6c1e6bf9ecb9bb4be2046403846cfee2647f07f53412bdf9644cdd7500ad9e937d14b5ad69772dc02e4309c4dd0149fc181c083c375881fb1d407acaa2282c3477eb292246e9827e9f21a00ae52ed74dcac8ad2f8959996b387ddebcf862f75cfc8fe19a1fda3c66eec813d6e8bb9e6c8a57565b106b9023fbc6d58079c42caa230304af4040c62484274ed23576bbef4726dd9b4bc25f4a194f17e6eee8481f3514cf30bcd6b2b2e4c461f1b1f99b4309a9566c13fadb82e8f6eda9814bc01edea8d2af6aebc9f158f60867167b6b933036dd27a0303b9424dfa3bb5a5ea4a49a11e1f74ad155da31797bc2e8b37ddeb93221c4c8c1532826864bcd1e924de123b911ce771f5f8685be4c2ba808803ecd2c0308254106373e612dba9493ef774304fc074386dfd47cec0623e4b8a725c5e631dd8105749589d5e90e29ab7dfd29fb932e7a028c89f0e22ea93d05321a8febab42a1df0a1bc5e2fd6746386c174b9c803d7c6ab5c3a0691bda989941bbe08d46cf5f7160f36aa74c0b618769d9af07f2fd5e44e9248d209e54c4799e2df0a1330e039f3e9652875931d8e15e113753163a840420f979dfb187a0619d540bc2980b96a5d2459377906662cc8bb4f7a02b4c4990707e67farootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootkanidm-1.4.4~git0.c3dbf83-bp156.13.1.src.rpmkanidm-docskanidm-docs(aarch-64)     rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)rpmlib(TildeInVersions)3.0.4-14.6.0-14.0-15.2-14.10.0-14.14.3gNg@r@g@r@g*g'eg$ffą@fV@f@fafXj@fH@f2.ffe @eeԔ@epee@@dQd@ddOd9@@cwcT@ck@ca @c*ccbbnv@bL/@b/.@a+@aaV@`@`s```8@`e__u_'@william.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwilliam.brown@suse.comWilliam Brown William Brown william.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comwilliam.brown@suse.comWilliam Brown william.brown@suse.comwbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.dewbrown@suse.deWilliam Brown - Update to version 1.4.4~git0.c3dbf83: * Release 1.4.4 * Check DNS on replication loop start not at task start (#3243) * Work around systemd race condition (#3262) * Clear invalid tokens from unix resolver (#3256) * Allow OAuth2 loopback redirects if the path matches (#3252) * Correctly display domain name on login (#3254) * Display account_id during success/deny paths in unixd (#3253) * s/idm_people_self_write_mail/idm_people_self_mail_write/g (#3250) * handle missing map_group setting in config (#3242) * owncloud: Add SameSite=Lax config for cross-domain auth (#3245) * Yaleman/issue3229 (#3239)- Update to version 1.4.3~git1.078625c: * Update to latest fido-mds-tool (#3230)- Update to version 1.4.3~git0.fb00176: * Release 1.4.3 * Warn when v2 options are used in v1 unixd config (#3228) * Resolve UI Auth Loop with OAuth2 (#3226) * Harden transport in pam unixd (#3227) * Improve warning around invalid JWT deserialisation (#3224) * Update and fix server config files in examples. (#3225) * Change CLI oauth2 command from set-display-name to set-displayname for consistency. (#3212) * Add docs on customising Kanidm. (#3209) * Correct spelling of occurred (#3222) * UI/Feature polish (#3191) * Prevent Invalid MFA Reg States (#3194) * Change CSS for applications so SVG scales nicely in Firefox. (#3200) * 20241109 3185 max age (#3196) * Hoist max_age to prevent incorrect deserialisation (#3190) * Release 1.4.2 * Re-migrate all acps to force updating (#3184) * security - low - fault in migrations (#3182)- Update to version 1.4.1~git0.ad93202: * Release 1.4.1 * Correct missing CSP header (#3177) * Resolve pam services not always having a tty (#3176)- Update to version 1.4.0~git2.770efa8: * Resolve incorrect handling of rhost in pam (#3171)- Update to version 1.4.0~git1.c297c3f: * Docker makefile latest * Release 1.4.0 * chore: Made oauth2 scopes required in CLI (#3165) * More "choosing a domain" revision (#3161) * Update missing inputmode numeric when adding a new TOTP. (#3160) * Improve OAuth2 authorisation ux (#3158) * Fix attribute scim sync attribute naming (#3159) * Change to text input and use numeric mode for TOTP prompts. (#3154) * Fix release note date and typos (#3153) * Release 1.4.0-pre * Release Notes (#3149) * Remove WASM (#3148) * Rewrite "choosing a domain", add other considerations (#3147) * Harmonize UI and remove unused css (#3033) * ripping out some extra packages (#3146) * OAuth2 Device flow foundations (#3098) * htmx by default (#3145) * Support reloading via systemd (#3144) * Chore: Refactor Groups to be more generic (#3136) * 20241024 1271 cert reload on SIGHUP (#3140) * Update docs, improve locking (#3141) * 2856 - use tags for containers on build (#3139) * Fix image when too smol (#3138) * yale's rabbit-hole-chasing-htmx-fixing-megapatch (#3135) * ipinfo should be single value (#3137) * Tidy the reauth ui (#3130) * Add missing schemas to get OpenAPI validation to pass. (#3129) * Change some OperationError into HTTP Bad Request (400). (#3125) * Bump the all group with 11 updates (#3127) * Bump the all group in /pykanidm with 5 updates (#3128) * Fill in some Swagger API docs for a few v1 endpoints. (#3126) * Diagram Improvements in Book (#3124) * Fix passkey auth flow redirects (#3123) * Improve handling of inaccesible shadow file (#3122) * Log HTTP Not Found (404) as info log level. (#3119) * more errors for the people (#3121) * 20241017 unixd home (#3113) * 20241017 3107 token ttl (#3114) * docs: Update kanidm_ppa instructions for new repo logic (#3117) * fix(lint) minor lint fix for unnecessary match use (#3118) * Totp input changes (#3115) * Add the strict flag on client creates for developers (#3111) * Working scim entry get for person (#3088) * Add nss testframework and fallback when daemon offline (#3093) * Improve deb packaging, add aarch64 (#3083) * Cache buster buster (#3091) * fix(http): status content type should be JSON (#3096) * Bump the all group across 1 directory with 7 updates (#3106) * Bump the all group across 1 directory with 10 updates (#3103) * 20241012 attr name SCIM fix (#3102) * Scim add EntryReference (#3079) * Bump the all group across 1 directory with 3 updates (#3094) * Fix Increment Replication Post Upgrade (#3089) * Remove white background from square logo (#3087) * Add support for group extension (#3081) * 20240921 ssh keys and unix password in credential update session (#3056) * Fix landing and redirect URLs for GitLab, add some useful links (#3055) * [htmx] Make it harder to miss the save button on the cred update page (#3013) * Add example Outline config (#3076) * 20240925 cleanups (#3060) * Add instructions for unlinking Homebrew Rust on macOS (#3085) * Don't reprompt for login when no session exists in cli (#3082) * Make good on some TechDebt (#3084) * Feat: Adding POSIX Password fallback (#3067) * Bump the all group across 1 directory with 13 updates (#3080) * Complete the implementation of the posix account cache (#3041) * 20240926 tech debt (#3066) * Fix migration of last mod cid (#3065) * Increase totp secret size (#3061) * Bump mozilla-actions/sccache-action from 0.0.5 to 0.0.6 in the all group (#3075) * Improve pipe handling on linux (#3069) * reformat oauth2 URL list, highlight legacy bits (#3062) * scim_proto: fix incorrect language tag (#3064) * Add ownCloud example config (#3059) * Add example config for JetBrains Hub / YouTrack (#3058) * Bump the all group with 8 updates (#3053) * Bump the all group in /pykanidm with 3 updates (#3054) * Document basic authenticating GitLab to Kanidm (#3050) * fix(doc): updating docker container ref (#3049) * Resolve incorrect SCIM Sync serialisation (#3047) * CLI image error nicening (#3037) * Add rfc7009 and rfc7662 metadata to oidc discovery (#3046) * More openapi tweaks (#3038) * Bump the all group with 6 updates (#3044) * Bump the all group in /pykanidm with 3 updates (#3043) * fix(docs): make it clearer that bearer auth is a thing (#3031) * implements additional traits for filter types (#3036) * 20240810 SCIM entry basic (#3032) * CreatedAt/ModifiedAt fix (#3034) * Pykanidm fixes (#3030) * 20240906 Attribute as an Enum Type (#3025) * Bump the all group with 9 updates (#3029) * Bump the all group in /pykanidm with 4 updates (#3028) * Credentials page/Self cred update flow UI improvements (#3012) * 20240828 Support Larger Images, Allow Custom Domain Icons (#3016) * MemberOf in search implies DirectMemberOf (#3024) * fix(kanidm): don't allow empty string fields on CLI (#3018) * Bump cryptography from 42.0.4 to 43.0.1 in /pykanidm in the pip group (#3023) * generate completions for elvish and fish (#3015) * Bump the all group with 4 updates (#3021) * Bump the all group in /pykanidm with 3 updates (#3022) * 20240820 SCIM value (#2992) * fix(daemon): handling IPv6 addresses in healthcheck (#3004) * fix(webui): Javascript errors after server-side update blocking login. Fixed after cache invalidating (#3011) * OAuth2 Token Type (#3008) * Bump the all group in /pykanidm with 4 updates (#3007) * Bump the all group with 8 updates (#3006) * Spattering of oauth2 stuff (#3000) * Doc multi instance (#2997) * Expose group rename (#2999) * feat: self cred update flow (#2995) * Better Error Message (#2998) * Add missing group for application admin (#2991) * enforcen den clippen (#2990) * 20240817 group mail acp (#2982) * 20240810 application passwords (#2968) * Bump the all group with 17 updates (#2986) * Bump the all group in /pykanidm with 3 updates (#2985) * Mail substr index (#2981) * Doc format, add api-token section (#2975) * [HTMX] small profile improvements (#2974) * Foundations of pam/nss multi resolver * TLS, no seriously. (#2963) * Update suse.md to avoid Authentication token manipulation error (#2973) * Add Alpine Linux installation instructions (#2871) * Bump the all group across 1 directory with 10 updates (#2966) * [HTMX] User settings (#2929) * Bump the all group in /pykanidm with 2 updates (#2965) * Docs updates (#2961) * Bump aiohttp from 3.10.0 to 3.10.2 in /pykanidm in the pip group (#2962) * Prevent bug in pam (#2960) * Improve migration error message (#2959) * Fix incorrect logic in cred update flow (#2956) * Docker-and-docs-fixes (#2954) * Bump the all group in /pykanidm with 5 updates (#2952) * Bump the all group with 10 updates (#2953) * Added orca flag to extend privileged authentication expiry (#2949) * In honour of SebaT, error on db lock acq timeout (#2947) * Add measurement of lock acquisition (#2946) * [htmx] Credential Update page (#2897) * Update to 1.4.0-dev (#2943)- explicitly depend on cargo to pull in latest compiler revision- Update to version 1.3.3~git0.f075d13: * Release 1.3.3 * Mail substr index (#2981)- Update to version 1.3.2~git0.229b0cc: * Release 1.3.2 * Prevent bug in pam (#2960) * Reduce client logging noise * Improve migration error message (#2959)- Update to version 1.3.1~git0.eed7c07: * Fix incorrect logic in cred update flow (#2956) * Resolve maintainer bikeshedding- Update to version 1.3.0~git0.e2a563f: * Release 1.3.0 (#2941) * New orca models (#2909) * Run rust_build CI between multiple Rust versions (#2939) * Bump the all group across 1 directory with 9 updates (#2938) * Bump the all group in /pykanidm with 4 updates (#2937) * fixing println bug (#2935) * Reorganising the daemon startup so it doesn't fail with OTEL configured (#2934) * clippying all the things (#2931) * docs reordering and cleanup (#2932) * Add scim proto to kanidm, refactor to improve serde performance. (#2933) * 20240725 allow connection to older servers (#2930) * Ubuntu/Debian buildy scripty tweaky things (#2928) * kanidm graph graphviz unfit for scripting bc. of non-graphviz output (#2876) * Improve workflow when account policy isnt satisfied (#2927) * Docs rework (#2919) * Bump the all group in /pykanidm with 4 updates (#2924) * Bump the all group with 5 updates (#2925) * Substring Indexing (#2905) * Oauth2 in htmx (#2912) * Strict redirect URL enforcement (#2917) * Bump gix-path from 0.10.8 to 0.10.9 in the cargo group (#2918) * fix typos (#2908) * Add missing groups scope to Grafana example scope-map (#2914) * build profiles: rename release_suse_generic to release_linux (#2907) * 20240716 check mkdir (#2906) * Fix issues with suspend reported by himmelblau (#2911) * Implement home_mount_path logic (#2894) * Forcing the http2 feature on hyper, but also chasing some out of date packages (#2896) * Updating service type per kanidm/kanidm#2892 (#2898) * making the internals of kanidmclientconfig public for other users (#2895) * enable build htmx in docker (#2893) * Fixes the logout flow in htmx and improves the login error dialog (#2889) * htmx logout tidy up (#2884) * Tidy up replication poll interval (#2883) * Bump the all group with 8 updates (#2899) * Bump the all group in /pykanidm with 2 updates (#2900) * Add a migration for future versions that will notify and warn about the removal of security keys. (#2885) * Update mtls cert lifetime (#2886) * Bump zipp from 3.16.2 to 3.19.1 in /pykanidm in the pip group (#2888) * [htmx] Apps page (#2868) * Bump the all group in /pykanidm with 3 updates (#2879) * Bump the all group across 1 directory with 10 updates (#2881) * 20240703 htmx (#2870) * Bump certifi from 2023.7.22 to 2024.7.4 in /pykanidm (#2877) * Offer configuration of images for Oauth2 resources (#2665) * 2818 2511 oauth2 urls (#2867) * Vale Edits 0.1 (#2869) * added orca docker file, make target and credential reset capabilities (#2846) * 20240620 htmx (#2854) * Bump the all group in /pykanidm with 2 updates (#2864) * Bump the all group with 5 updates (#2865) * Fixed link to the developers guide (#2862) * Tweaks to make the makefile make things make easier. * Update sssd.md * adding freebsd target_os * Bump the all group across 1 directory with 8 updates (#2852) * Bump the all group in /pykanidm with 3 updates (#2849) * Bump the all group with 2 updates (#2850) * Configurable thread count (#2847) * 20240613 performance improvements (#2844) * Bump urllib3 from 2.0.7 to 2.2.2 in /pykanidm (#2843) * Allow providers to be box dyn (#2794) * Bump the all group in /pykanidm with 2 updates (#2842) * illumos support (#2838) * 20240611 performance (#2836) * Bump the all group across 1 directory with 3 updates (#2837) * Bump the all group across 1 directory with 5 updates (#2835) * 20240607 2417 piv (#2829) * fix: typos in OpenApi (#2827) * Bump authlib from 1.3.0 to 1.3.1 in /pykanidm (#2834) * Bump the all group with 7 updates (#2811) * Double shutdown doesn't help! (#2828) * Stats collection improvements and a bunch of other stuff (#2820) * Add development taint flag to prevent mismatch of server versions (#2821) * Remove small ambiguity in docs (#2823) * lowering "access search" security log levels (#2819) * Better WebAuthn and other error responses (#2608) * Update examples/server_container.toml (#2814) * Bump the all group in /pykanidm with 3 updates (#2812) * 20240530 nightly warnings (#2806) * Regrets Dot Pee Enn Gee (#2804) * Resolve incorrect handling of tokens in logout flow (#2795) * 2756 - resolve invalid loading of dyngroups at startup (#2779) * WIP: serialization and domain info setting wonkiness (#2791) * Bump the all group in /pykanidm with 3 updates (#2799) * fix DB_PATH variable propagation (#2797) * feat: add support for ldap compare request (#2780) * Add ACP checking to exists operations. (#2790) * Allow name write privileges to be withheld (#2773) * Check for same version with backup/restore (#2789) * Revive Cookies. (#2788) * Fixing up the docs deploy script (#2787) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2781) * Update our domain TGT level (#2776) * Fix PIN and MFA Code pam prompts (#2759) * Update design for KRC (#2713) * Add some extra comparisons to the readme (#2768) * strip out some debug messages unless *really* debugging. (#2767) * Update dev version (#2726) * Don't need to check versions when there's an intermediary reporting connectivity issues (#2758) * updating text to fix typo, add more info (#2761) * Changing TOTP "copy" box from form field to code block. (#2765) * chore(deps-dev): bump ruff in /pykanidm in the all group (#2763) * Use fully qualified container URLS (#2754) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2747) * chore(deps-dev): bump jinja2 from 3.1.3 to 3.1.4 in /pykanidm (#2752) * Fixing up build for rust 1.78, hiding things behind cfg(test) etc. (#2753) * Fix broken links in
sections (#2737) * Update Webauthn and Base64 (#2734) * Add some metadata for lib macros (#2735) * chore(deps): bump the all group in /pykanidm with 7 updates (#2729) * Clean up utils password rand generation. (#2727)- Update to version 1.2.2~git0.c4153c9: * Resolve incorrect handling of tokens in logout flow (#2795) (#2803)- Update to version 1.2.1~git0.ba82b1a: * 2756 - resolve dyngroups not loading correctly at startup (#2778)- Update to version 1.2.0~git0.9efa91a: * Release 1.2.0 (#2733) * Prepare 1.2.0 * Release 1.2.0 prep (#2724) * Minor upgrade fixes (#2722) * Resolve OAuth2 client/rs confusion (#2719) * Improve access control doc to describe privilege access mode (#2721) * Support 1.1 attribute in LDAP (#2720) * Add mail support to groups (#2718) * Add session limit (#2714) * added profile and `memberof` search to the basic model (#2712) * chore(deps): bump the all group in /pykanidm with 4 updates (#2717) * Fix typo in oauth2 error message (#2715) * 20240409 rework orca markov (#2699) * Begin the basis of the key provider model (#2640) * chore(deps): bump the all group in /pykanidm with 4 updates (#2707) * chore(deps): bump peaceiris/actions-mdbook from 1 to 2 in the all group (#2706) * chore(deps): bump idna from 3.4 to 3.7 in /pykanidm (#2703) * fix(TotpDigits): fix typo in TryFrom impl (#2702) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2696) * chore(deps): bump h2 from 0.3.25 to 0.3.26 (#2694) * Windows Hello Authentication requirements (#2688) * chore(deps): bump the all group with 1 update (#2690) * chore(deps-dev): bump the all group in /pykanidm with 1 update (#2691) * Require kanidm-unixd before kanidm-unixd-tasks (#2687) * kanidm unixd mfa capabilities (#2672) * Add Grafana integration to OAuth2 documentation (#2685) * [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686) * ldap-sync: allow to use attrs more than once (#2676) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2683) * chore(deps): bump the all group with 1 update (#2682) * fix(docs): packaging section improved (#2677) * Fix developer ethics link (#2674) * fix(docs): filename, header and title mismatch fixes (#2660) * 20240312 concread upgrade (#2668) * fix(docs): capitalization fixes (#2659) * fix(docs): links corrected (#2661) * fix api typo (#2657) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2662) * chore(deps): bump the all group in /pykanidm with 9 updates (#2656) * Update bootstrap 5.0.2 to 5.3.3 & minor UI fixes (#2650) * fix(docs): typos, grammar and broken link fixes (#2644) * increase severity for "{:?} !⊆ allowed: {:?}" (#2648) * Add instructions on how to enable PKCE in Nextcloud (#2647) * 20230224 2437 orca remodel (#2591) * Add initial design for key domains (#2564) * Add upgrade process, improve developer readme (#2635) * Doc unix client support (#2633) * 20240301 systemd uid (#2602) * expose group patch for parity (#2628) * Adding a builtin class for all built-in things (#2603) * apidoc tag fixes (#2625) * chore(deps): bump mio from 0.8.10 to 0.8.11 (#2620) * Fix missing entry managed by on anonymouns (#2623) * Notes on privilege-expiry (#2622) * SPAs really are stupid sometimes (#2609) * apidoc fixes (#2614) * chore(deps): bump the all group in /pykanidm with 4 updates (#2615) * Typo fixes (#2610) * Return consent scope to service account (#2605) * OpenAPI schema fixes (#2590) * WASM test fixing (#2595) * Feature object graph (#2518) * Add domain version test framework (#2576) * Fix the miniflux oauth2 example (#2598) * docs(monitoring): Fix syntax for OpenTelemetry config (#2594) * 20240221 2489 cleanup api v1 (#2573) * Changing to allow startup without a config file (#2582) * Allow /dev/tpmrm0 on older systemd versions (#2587) * Adjust output of claim maps for better parsing (#2566) * chore(deps): bump the all group in /pykanidm with 4 updates (#2585) * improved error description for commit_credential_update (#2579) * Make /status less noisy (#2574) * chore(deps): bump cryptography from 42.0.2 to 42.0.4 in /pykanidm (#2567) * Add system range protection (#2565) * Fix string comparison in Debian build script (#2409) * of course I started looking at clippy things and now I can't stop (#2560) * 20240216 308 resource limits (#2559) * fix(oauth2): typo in basic path (#2562) * Adding duplicate-finder script (#2550) * prctl compile-time fixes, also chasing lints (#2558) * Removing unused constant and updating docstring for LDAP bind address (#2556) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2553) * Support Policy Updates (#2536) * chore(deps): bump cryptography from 42.0.0 to 42.0.2 in /pykanidm (#2548) * Re-enable HW tpm support (#2531) * Add further hardening for system services (#2542) * fixing the test script (#2547) * when the HTTPS server fails, handle that gracefully (#2546) * Fix update intent ttl parameters (#2540) * radius build workflow fixes (#2541) * Conflict nscd, start before sshd (#2539) * Fix incorrect documentation elements (#2533) * Remove replication is in dev flag (#2535) * Ordering auth methods in the CLI (#2508) * Set lowercase owner name in tag (#2534) * Add code_challenge_methods_supported to OIDC discovery (#2525) * Himmelblau requires the machine key for unix_user_get (#2523) * Extend on Apache example (#2524) * chore(deps): bump the all group in /pykanidm with 4 updates (#2520) * List of supported features (#2499) * Update to latest dev version (#2486)- Update to version 1.1.0~rc16~git7.8a1b7b5: * Require kanidm-unixd before kanidm-unixd-tasks (#2687)- Update to version 1.1.0~rc16~git6.e51d0de: * [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686) * return consent map to service account (#2604)- Update to version 1.1.0~rc16~git4.d407844: * Remove zstd feature- Update to version 1.1.0~rc16~git3.81298e8: * Allow /dev/tpmrm0 on older systemd versions (#2587)- Add ipa-sync service - Update to version 1.1.0~rc16~git2.6fb4fac: * List of supported features (#2499)- Update to version 1.1.0~rc16~git1.a917291: * Correct cargo versions * Release 1.1.0-rc.16 (#2483) * Fix for incorrect domain migration rollbacks (#2482) * Add tools for remigration and domain level raising (#2481) * chore(deps): bump cryptography from 41.0.6 to 42.0.0 in /pykanidm (#2480) * Support SPN in groups claim (#2474) * Credential update tweaks (#2475) * Oauth2 pkce faq (#2473) * Fix debian versioning (#2472) * chore(deps): bump the all group in /pykanidm with 7 updates (#2479) * chore(deps): bump the all group with 1 update (#2478) * Fix RUV trim (#2466) * 20240125 2217 client credentials grant (#2456) * docs: Add application passwords design document (#2427) * handling master docs (#2465) * update the artifact name in the download step (#2464) * Book SUMMARY.md: Fix part titles according to mdbook (#2463) * Update chat link, add keywords (#2462) * PyKanidm updates and testing (#2301) * chore(deps): bump aiohttp from 3.9.1 to 3.9.2 in /pykanidm (#2461) * 1222 what rights does anonymous have (#2436) * Fix inverted key/chain logic from TLS error improvement (#2453) * Improve TLS configuration errors (#2447) * chore(deps): bump shlex from 1.2.0 to 1.3.0 (#2445) * chore(deps): bump the all group with 1 update (#2441) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2443) * Return sshkey label to cli fields (#2440) * Add rfc8414 metadata (#2434) * Add test for delete referer invalid (#2435) * Clarify role of WebUI in README.md (#2431) * Adding max_ber_size option in config for ldap sync (#2416) * Debian build fixes (also the book) (#2400) * 2390 1980 allow native applications (#2428) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2430) * cookies (#2426) * Clean RUV (#2424) * chore(deps-dev): bump jinja2 from 3.1.2 to 3.1.3 in /pykanidm (#2425) * Upgrade replication to use anchors (#2423) * Minor fixes for oidc with single page applications (#2420) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2421) * Use case insensitive match on substrings in line with ldap (#2419) * Change OAuth2 RS Origin from the CLI (#2418) * Add design diagrams (#2332) * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2410) * Fix deb release flow to find the matrix split artifacts (#2406) * 20231222 piv authentication (#2398) * Update docs, closes SQLite Write-Ahead Logging might make page size immutable #2404 (#2405) * Build the kanidm cli tools deb as well (#2402) * Force apply idm migrations to apply access controls (#2401) * fixing up the integration script (#2392) * chore(deps): bump the all group in /pykanidm with 8 updates (#2396) * chore(deps): bump the all group with 2 updates (#2395) * fix backup filename and regexp pattern for cleanup (#2386) * idprovider: Provide the keystore during auth (#2385) * db: Fix insert_tagged_hsm_key doesn't cache the hsm key (#2389) * daemon: Fix inverted logic on cache dir check (#2388) * Add improved domain migration framework and default MFA (#2382) * Trim and lowecase usernames (#2380) * Add DN as a virtual ldap attr (#2379) * fixing default for oauth2 request_parameter_supported metadata (#2378) * chore(deps): bump the all group in /pykanidm with 6 updates (#2375) * 20231218 ipa sync unix password (#2374) * chore(deps): bump the all group with 2 updates (#2372) * 1481 2024 access control rework (#2366) * chore(deps): bump zerocopy from 0.7.26 to 0.7.31 (#2368) * chore(deps): bump the all group with 3 updates (#2363) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2362) * 249 2024 managed by syntax (#2359) * typo (#2356) * 20231204 ipa sync minor improvements (#2357) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2355) * Unixd build/debugging updates (#2350) * 20231129 webauthn attestation (#2351) * Fix handling of TPM in some trait contexts (#2347) * docs: miniflux added pkce support (#2352) * Using proper axum http headers lib for compatibility (#2348) * Bearer should send with same caps we accept (#2345) * chore(deps): bump cryptography from 41.0.4 to 41.0.6 in /pykanidm (#2341) * docs: improve grammar for book/src/developers/faq.md (#2343) * Expose machine key in auth phase (#2340) * 20231128 freeipa migration (#2338) * Unix crossbuild scripts and docs (#2326) * Expose TPM in more interface places (#2334) * chore(deps): bump the all group in /pykanidm with 6 updates (#2336) * Adding kanidm client config docs and notes ref #2248 (#2333) * Update to the latest compact-jwt version (#2331) * Adding env var configs for the server (#2329) * Better errors when TPM PIN file not found (#2330) * 20231120 2320 sssd compat (#2328) * Resolve future send issue with keystore (#2311) * chore(deps): bump the all group in /pykanidm with 6 updates (#2325) * chore(deps): bump the all group with 3 updates (#2324) * Add test (#2323) * OAuth2 scopes validation logging missing details (#2317) * Add systemd deps for unixd (#2314) * 20231115 oauth2 authreq (#2310) * Docs - Bump Fedora 36 to Fedora 38 (#2309) * chore(deps): bump the all group with 4 updates (#2306) * chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2305) * Remove serde json from wasm (#2304) * Fix spelling (#2303) * 20231109 1122 credential class (#2300) * Moving daemon tracing to OpenTelemetry (#2292) * 20231101 add id cert to unixint (#2284) * Docs fixes for #2296 (#2297) * Update OpenAPI schema gen to actually... be kinda sorta valid. (#2296) * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2294) * chore(deps): bump the all group with 8 updates (#2293) * pw min length in account policy (#2289) * WASM troubleshooting docs closes #2286 (#2291) * oauth2 typo (#2290) * Update notes to avoid some possible interpretation errors (#2288) * Feature: kanidm CLI pulling OpenAPI schema (#2285) * Feature: configurable replication poll interval (#2283) * Minor improvements to incoming replication (#2279) * Problems with bash completion autocomplete (#2281) * Remove unused imports and clippy lint (#2276) * Rework ldap bind routine (#2268) * Disable inconsistent test (#2278) * make versions consistent * 1.1.0 rc.15 dev post-release (#2271)- Update to version 1.1.0~rc15~git8.122b6af: * Remove unused import that breaks builds on newer rust versions * Update to latest webauthn-rs version * fix version * Fix maint branch versions * Disable inconsistent test (#2278)- Update to version 1.1.0~rc15~git2.74f5c0f: * make versions consistent * 1.1.0 rc.15 dev post-release (#2271) * Release 1.1.0-rc.15-dev * started writing docs and ended up in another rabbit hole (#2267) * CLI integration test beginnings (#2261) * chore(deps): bump the all group with 7 updates (#2266) * chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2265) * Add book chapter + cli * Cargo fmt and clippy checks * Restrict posix passwords on ldap bind with config * Splitting the SPAs (#2219) * Bug chasing (#2257) * cargo fmt + clippy (#2241) * service-account or person validity show returns for non-existing identity (#2258) * don't need write if we are not writing (#2256) * adding service account patch methods (#2255) * .deb package build and docs fixes (#2252) * Auth flow docs (#2249) * pykanidm test code (#2202) * chore(deps): bump the all group with 5 updates (#2247) * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2246) * 20231019 1122 account policy basics (#2245) * Add note on snaps to PAM and nsswitch with link to new section in FAQ (#2244) * 20231014 account policy (#2218) * chore(deps): bump rustix from 0.38.15 to 0.38.19 (#2242) * Fix incorrect references to LDAP in sync (#2239) * Remove unused crate users (#2240) * chore(deps-dev): bump urllib3 from 2.0.6 to 2.0.7 in /pykanidm (#2238) * Windows build fixes and test coverage (#2220) * more space checks (#2234) * Fixing dependabot and its mistakes (#2232) * chore(deps-dev): bump mypy from 1.5.1 to 1.6.0 in /pykanidm (#2231) * chore(deps-dev): bump mkdocs-material from 9.4.4 to 9.4.6 in /pykanidm (#2230) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2229) * chore(deps): bump tokio from 1.32.0 to 1.33.0 (#2228) * chore(deps): bump tss-esapi from 7.3.0 to 7.4.0 (#2227) * chore(deps): bump regex from 1.9.6 to 1.10.1 (#2226) * chore(deps): bump tracing from 0.1.37 to 0.1.39 (#2225) * chore(deps): bump utoipa-swagger-ui from 3.1.5 to 4.0.0 (#2224) * chore(deps): bump proc-macro2 from 1.0.68 to 1.0.69 (#2223) * chore(deps): bump async-trait from 0.1.73 to 0.1.74 (#2222) * chore(deps): bump serde from 1.0.188 to 1.0.189 (#2221) * OpenAPI/swagger docs autogen (#2175) * 20231012 346 name deny list (#2214) * Add file diagnosis (#2210) * fix RUV on startup, improve filter output (#2211) * Chasing yaks down dark alleyways (#2207) * Reduce `pam_kanidm`'s priority in Debian platforms (#2209) * chore(deps-dev): bump ruff from 0.0.291 to 0.0.292 in /pykanidm (#2194) * chore(deps-dev): bump coverage from 7.3.1 to 7.3.2 in /pykanidm (#2195) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2193) * chore(deps-dev): bump mkdocs-material from 9.4.2 to 9.4.4 in /pykanidm (#2197) * chore(deps): bump libc from 0.2.148 to 0.2.149 (#2201) * chore(deps): bump axum-auth from 0.4.0 to 0.4.1 (#2200) * chore(deps): bump syn from 2.0.37 to 2.0.38 (#2199) * chore(deps): bump proc-macro2 from 1.0.67 to 1.0.68 (#2198) * chore(deps): bump aiohttp from 3.8.5 to 3.8.6 in /pykanidm (#2196) * chore(deps-dev): bump pylint-pydantic from 0.2.4 to 0.3.0 in /pykanidm (#2192) * 20231008 remove expect used (#2191) * Thread naming and display (#2190) * Replication tweaks - try the most recent successful one and error less (#2189) * Chasing wooly quadrapeds again (#2163) * 68 20230929 replication finalisation (#2160) * In-system image storage (#2112) * chore(deps-dev): bump urllib3 from 2.0.4 to 2.0.6 in /pykanidm (#2173) * chore(deps-dev): bump mkdocs-material from 9.3.2 to 9.4.2 in /pykanidm (#2165) * chore(deps): bump clap_complete from 4.4.1 to 4.4.3 (#2170) * chore(deps): bump hashbrown from 0.14.0 to 0.14.1 (#2169) * chore(deps): bump clap from 4.4.4 to 4.4.6 (#2168) * chore(deps): bump regex from 1.9.5 to 1.9.6 (#2167) * chore(deps): bump pydantic from 2.3.0 to 2.4.2 in /pykanidm (#2166) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2164) * fix credential update intent defaults (#2162) * 68 20230919 replication configuration (#2131) * Can't build kanidmd using the Ubuntu docker builder scripts - cleanup (#2154) * Enforce TLS key size minimums (#2145) * bindaddress default doesn't match documentation (#2150) * chore(deps-dev): bump ruff from 0.0.290 to 0.0.291 in /pykanidm (#2137) * chore(deps-dev): bump mkdocs from 1.5.2 to 1.5.3 in /pykanidm (#2138) * chore(deps): bump syn from 2.0.32 to 2.0.37 (#2143) * chore(deps): bump tss-esapi from 7.2.0 to 7.3.0 (#2142) * chore(deps): bump tokio-util from 0.7.8 to 0.7.9 (#2141) * chore(deps): bump dyn-clone from 1.0.13 to 1.0.14 (#2140) * chore(deps): bump clap from 4.4.3 to 4.4.4 (#2139) * chore(deps-dev): bump mkdocs-material from 9.3.1 to 9.3.2 in /pykanidm (#2136) * minor changes to speed up WASM tests (#2133) * chore(deps): bump cryptography from 41.0.3 to 41.0.4 in /pykanidm (#2134) * CLI and kanidm_client changes to handle errors and TLS validation changes (#2127) * Typo (#2125) * chore(deps-dev): bump mkdocs-material from 9.2.8 to 9.3.1 in /pykanidm (#2114) * chore(deps-dev): bump ruff from 0.0.287 to 0.0.290 in /pykanidm (#2115) * chore(deps-dev): bump black from 23.9.0 to 23.9.1 in /pykanidm (#2116) * chore(deps): bump chrono from 0.4.30 to 0.4.31 (#2124) * chore(deps): bump docker/setup-qemu-action from 2 to 3 (#2119) * chore(deps): bump proc-macro2 from 1.0.66 to 1.0.67 (#2123) * chore(deps): bump serde_json from 1.0.106 to 1.0.107 (#2122) * chore(deps): bump libc from 0.2.147 to 0.2.148 (#2121) * chore(deps): bump clap from 4.4.2 to 4.4.3 (#2120) * chore(deps): bump docker/build-push-action from 4 to 5 (#2118) * chore(deps): bump docker/setup-buildx-action from 2 to 3 (#2117) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2113) * Yaleman/issue989 (#2111) * Cinco de yakko (#2108) * 68 20230912 session consistency (#2110) * Fix typo (#2109) * Implement DeviceAuthorizationGrant for MFA (#2079) * Schema dooby doo ... yon (#2103) * sqlite3 doesn't need to be installed on dev machines (#2104) * 68 20230908 replication attrunique (#2086) * chore(deps-dev): bump pytest-aiohttp from 1.0.4 to 1.0.5 in /pykanidm (#2092) * chore(deps-dev): bump coverage from 7.3.0 to 7.3.1 in /pykanidm (#2089) * chore(deps-dev): bump mkdocs-material from 9.2.7 to 9.2.8 in /pykanidm (#2090) * chore(deps-dev): bump black from 23.7.0 to 23.9.0 in /pykanidm (#2088) * chore(deps-dev): bump pytest from 7.4.1 to 7.4.2 in /pykanidm (#2091) * chore(deps): bump actions/checkout from 3 to 4 (#2102) * chore(deps): bump walkdir from 2.3.3 to 2.4.0 (#2101) * chore(deps): bump serde_json from 1.0.105 to 1.0.106 (#2100) * chore(deps): bump openssl-sys from 0.9.92 to 0.9.93 (#2099) * chore(deps): bump bytes from 1.4.0 to 1.5.0 (#2097) * chore(deps): bump clap_complete from 4.4.0 to 4.4.1 (#2098) * chore(deps): bump argon2 from 0.5.1 to 0.5.2 (#2096) * chore(deps): bump syn from 2.0.31 to 2.0.32 (#2095) * chore(deps): bump chrono from 0.4.28 to 0.4.30 (#2094) * chore(deps): bump base64 from 0.21.3 to 0.21.4 (#2093) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2087) * move from git2 to gix (#2085) * Schema-dooby-doo-part-trois (#2082) * CLI and test things (#2080) * 68 20230907 replication (#2081) * minor tweaks to Orca (#2077) * Changing build targets for debs (#2076) * Removing default features from git2 package (#2078) * 68 20230829 replication referential integrity (#2048) * Schema dooby doo part two (#2071) * 68 20230831 design replication coordinator (#2051) * improve wording of webauthn cli interaction (#2073) * When an empty body was returned, do request would error incorrectly (#2074) * update bug template, closes #2054 (#2055) * Yak hassling (#2059) * docs: api tokens are managed by idm_admin (#2072) * chore(deps-dev): bump pytest from 7.4.0 to 7.4.1 in /pykanidm (#2062) * chore(deps-dev): bump mkdocstrings from 0.22.0 to 0.23.0 in /pykanidm (#2063) * chore(deps-dev): bump ruff from 0.0.286 to 0.0.287 in /pykanidm (#2061) * chore(deps): bump async-recursion from 1.0.4 to 1.0.5 (#2070) * chore(deps): bump syn from 2.0.29 to 2.0.31 (#2069) * chore(deps): bump clap from 4.4.0 to 4.4.2 (#2068) * chore(deps): bump url from 2.4.0 to 2.4.1 (#2067) * chore(deps): bump regex from 1.9.4 to 1.9.5 (#2066) * chore(deps): bump chrono from 0.4.26 to 0.4.28 (#2065) * chore(deps): bump tower-http from 0.4.3 to 0.4.4 (#2064) * chore(deps-dev): bump mkdocs-material from 9.2.5 to 9.2.7 in /pykanidm (#2060) * Check in missing users crate for SELinux integration (#2050) * Add tests for X-Forwarded-For header (kinda) (#1957) * docs: fix miniflux oauth example (#2046) * Clear cache before verify on some low-level tests (#2044) * 68 20230828 replication of schema (#2045) * Update compact jwt (#2043) * Allow patching of crates from related projects (#2042) * pam multistep auth state machine (#2022) * chore(deps): bump clap from 4.3.23 to 4.4.0 (#2039) * chore(deps): bump reqwest from 0.11.18 to 0.11.20 (#2040) * chore(deps): bump openssl from 0.10.56 to 0.10.57 (#2038) * chore(deps): bump clap_complete from 4.3.2 to 4.4.0 (#2036) * chore(deps): bump base64 from 0.21.2 to 0.21.3 (#2037) * chore(deps): bump regex from 1.9.3 to 1.9.4 (#2035) * chore(deps): bump serde from 1.0.183 to 1.0.188 (#2034) * chore(deps): bump openssl-sys from 0.9.91 to 0.9.92 (#2033) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2032) * chore(deps-dev): bump mkdocs-material from 9.1.21 to 9.2.5 in /pykanidm (#2031) * chore(deps-dev): bump ruff from 0.0.285 to 0.0.286 in /pykanidm (#2030) * chore(deps): bump pydantic from 2.2.1 to 2.3.0 in /pykanidm (#2029) * Authentication shortcut to get a RW session (#1993) * wopsies, missing imports (#2023) * idv cli (#2001) * Trying to fix the (current) container build failures (#2021) * pykanidm updoots (#2019) * 68 20230821 replication (#2020) * Configurable session timeouts (#1965) * fix: output an array in json mode for `kanidm group list` (#2016) * feat: add json output modes for `person list` and `system oauth2 list` (#2017) * docs: Update missed add_members command (#2018) * Less human strings more enums (#1989) * Resolve incorrect time units on timeout (#2014) * chore(deps): bump dyn-clone from 1.0.12 to 1.0.13 (#2013) * chore(deps): bump quote from 1.0.32 to 1.0.33 (#2012) * chore(deps): bump gloo-timers from 0.2.6 to 0.3.0 (#2011) * chore(deps): bump serde_with from 3.2.0 to 3.3.0 (#2010) * chore(deps): bump clap from 4.3.21 to 4.3.23 (#2009) * chore(deps): bump tokio from 1.31.0 to 1.32.0 (#2008) * chore(deps): bump serde_json from 1.0.104 to 1.0.105 (#2007) * chore(deps): bump syn from 2.0.28 to 2.0.29 (#2006) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2005) * chore(deps-dev): bump mypy from 1.5.0 to 1.5.1 in /pykanidm (#2004) * chore(deps-dev): bump ruff from 0.0.284 to 0.0.285 in /pykanidm (#2003) * chore(deps): bump pydantic from 2.1.1 to 2.2.1 in /pykanidm (#2002) * reordering layers so the web server works in non-debug-mode (#1999) * 20230817 idv migration (#1992) * daemon: kanidmd version requires a config file to run (#1959) (#1990) * Resolve issues with dyngroup members (#1986) * Revert "sqlite where IN for id entry (#1988)" (#1991) * sqlite where IN for id entry (#1988) * Identity verification feature (#1819) * 1982 service account access (#1985) * Fixing test release (#1983) * error handling and web server logging fixes (#1960) * Struct-ifying schema things (#1971) * Orca tweaks (#1963) * Fighting with zypper, tagging our images (#1964) * chore(deps-dev): bump coverage from 7.2.7 to 7.3.0 in /pykanidm (#1974) * chore(deps-dev): bump mypy from 1.4.1 to 1.5.0 in /pykanidm (#1973) * chore(deps): bump serde from 1.0.182 to 1.0.183 (#1979) * Are we JSON yet? Kinda. But we're closer. (#1967) * chore(deps): bump clap from 4.3.19 to 4.3.21 (#1978) * chore(deps): bump tokio from 1.29.1 to 1.31.0 (#1977) * chore(deps): bump async-trait from 0.1.72 to 0.1.73 (#1976) * chore(deps): bump selinux from 0.4.1 to 0.4.2 (#1975) * chore(deps-dev): bump ruff from 0.0.282 to 0.0.284 in /pykanidm (#1972) * docs: Fix outdated oauth2 subcommands (#1969) * Allow one-character usernames (#1941) * resolver: Himmelblau needs old token for refresh (#1962) * updating python packages to close dependabot securiity alerts (#1956) * providing server configuration in the testkit::test macro (#1953) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1952) * chore(deps-dev): bump ruff from 0.0.280 to 0.0.282 in /pykanidm (#1951) * chore(deps-dev): bump mkdocs from 1.5.1 to 1.5.2 in /pykanidm (#1950) * chore(deps): bump openssl from 0.10.55 to 0.10.56 (#1949) * chore(deps): bump regex from 1.9.1 to 1.9.3 (#1948) * chore(deps): bump serde from 1.0.180 to 1.0.182 (#1947) * chore(deps): bump filetime from 0.2.21 to 0.2.22 (#1946) * chore(deps): bump openssl-sys from 0.9.90 to 0.9.91 (#1945) * chore(deps): bump serde_with from 3.1.0 to 3.2.0 (#1944) * chore(deps): bump axum from 0.6.19 to 0.6.20 (#1943) * removing debug string (#1937) * Final v3 master x book deployment fix (#1936) * trying a different ref (#1935) * replaced `skip_serializing_if` with `skip_serializing_none` (#1932) * another book round (#1933) * trying again (#1931) * fixed serialization of oauth2 token scope (#1930) * added compression layer for the pkg route (#1928) * Resolve build failiures when selinux is enabled (#1927) * Resolve issue with publishing (#1925) * Set dev version (#1924)- Update to version 1.1.0~beta13~git7.1fb34a9: * Resolve incorrect time units on timeout (#2014) * Update cargo lock, docker fixes * 1982 service account access (#1985) * fixed serialization of oauth2 token scope (#1930) * added compression layer for the pkg route (#1928)- Resolve issues with fedora/centos build- Update to version 1.1.0~beta13~git2.5d1e2f9: * Resolve build failiures when selinux is enabled (#1927) * Resolve issue with publishing (#1925) * Set dev version (#1924) * Release 1.1.0-beta.13 (#1922) * 20230731 release (#1921) * Improve default shells for distros (#1920) * 20230728 techdebt paydown (#1909) * chasing weirdness (#1910) * chore(deps-dev): bump mkdocs-material from 9.1.19 to 9.1.21 in /pykanidm (#1918) * chore(deps): bump serde_json from 1.0.103 to 1.0.104 (#1917) * chore(deps): bump serde from 1.0.174 to 1.0.178 (#1916) * chore(deps): bump tikv-jemallocator from 0.5.0 to 0.5.4 (#1915) * chore(deps-dev): bump mkdocs from 1.4.3 to 1.5.1 in /pykanidm (#1913) * chore(deps-dev): bump pylint-pydantic from 0.2.3 to 0.2.4 in /pykanidm (#1912) * chore(deps): bump pydantic from 2.0.3 to 2.1.1 in /pykanidm (#1911) * 20230727 unix int modularity (#1907) * bumping action version (#1908) * 68 20230720 replication improvements (#1905) * Resolve compilation issue with tpm enabled on linux (#1902) * Improve service file for host installs (#1901) * 20230720 unix int modular (#1881) * fixing up pydantic things (#1885) * 1788 admin unix socket (#1880) * chore(deps-dev): bump pylint-pydantic from 0.2.1 to 0.2.3 in /pykanidm (#1900) * chore(deps-dev): bump ruff from 0.0.278 to 0.0.280 in /pykanidm (#1899) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1898) * chore(deps-dev): bump mkdocs-material from 9.1.18 to 9.1.19 in /pykanidm (#1897) * chore(deps): bump async-trait from 0.1.71 to 0.1.72 (#1895) * chore(deps-dev): bump types-toml from 0.10.8.6 to 0.10.8.7 in /pykanidm (#1896) * chore(deps): bump axum from 0.6.18 to 0.6.19 (#1894) * chore(deps): bump clap from 4.3.12 to 4.3.19 (#1893) * chore(deps): bump axum-macros from 0.3.7 to 0.3.8 (#1892) * chore(deps): bump serde from 1.0.171 to 1.0.174 (#1891) * chore(deps): bump uuid from 1.4.0 to 1.4.1 (#1890) * chore(deps): bump quote from 1.0.31 to 1.0.32 (#1889) * chore(deps): bump tower-http from 0.4.1 to 0.4.3 (#1888) * chore(deps): bump syn from 2.0.26 to 2.0.27 (#1887) * chore(deps): bump urlencoding from 2.1.2 to 2.1.3 (#1886) * added hsts header middleware (#1882) * chore(deps): bump aiohttp from 3.8.4 to 3.8.5 in /pykanidm (#1883) * 1785 allow sync attr yielding via partial write admin (#1879) * Alter filter generation to exclude empty conditions (#1877) * Revert to opensuse based radius container. (#1878) * Unix gid duplicate fix (#1876) * Refactor docker_build_kanidm to be more isolated (v13) (#1872) * Sync account import improvements (#1873) * chore(deps): bump quote from 1.0.29 to 1.0.31 (#1870) * chore(deps-dev): bump black from 23.3.0 to 23.7.0 in /pykanidm (#1859) * Add a newline to fix links in LLDAP section of the README (#1871) * chore(deps): bump dyn-clone from 1.0.11 to 1.0.12 (#1869) * chore(deps): bump pydantic from 1.10.11 to 2.0.3 in /pykanidm (#1858) * chore(deps): bump serde_json from 1.0.102 to 1.0.103 (#1868) * Fix missing slash in tag (#1853) * chore(deps): bump argon2 from 0.5.0 to 0.5.1 (#1867) * chore(deps): bump syn from 2.0.25 to 2.0.26 (#1866) * chore(deps): bump paste from 1.0.13 to 1.0.14 (#1864) * chore(deps-dev): bump pylint-pydantic from 0.2.0 to 0.2.1 in /pykanidm (#1863) * chore(deps): bump clap from 4.3.11 to 4.3.12 (#1862) * chore(deps-dev): bump pytest-asyncio from 0.21.0 to 0.21.1 in /pykanidm (#1861) * chore(deps): bump proc-macro2 from 1.0.64 to 1.0.66 (#1860) * chore(deps-dev): bump ruff from 0.0.277 to 0.0.278 in /pykanidm (#1857) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1856) * chore(deps): bump actions/upload-pages-artifact from 1 to 2 (#1855) * Revert "something something token permissions (#1850)" (#1852) * something something token permissions (#1850) * Upgraded clap, removing atty as a dependency (#1849) * Ensure we dont use std hashmaps (#1848) * Improve selinux in tasks daemon (#1847) * Resolve issue with order of operations causing group memberships to disappear (#1845) * headless webdriver testing, starting on brotli feature (#1844) * chore(deps-dev): bump mkdocs-material from 9.1.17 to 9.1.18 in /pykanidm (#1835) * chore(deps): bump serde from 1.0.166 to 1.0.170 (#1843) * Fix a typo in the unix daemon debug (#1822) * chore(deps-dev): bump ruff from 0.0.275 to 0.0.277 in /pykanidm (#1833) * chore(deps): bump serde-wasm-bindgen from 0.4.5 to 0.5.0 (#1842) * chore(deps): bump proc-macro2 from 1.0.63 to 1.0.64 (#1841) * chore(deps): bump syn from 2.0.23 to 2.0.25 (#1840) * chore(deps): bump async-trait from 0.1.69 to 0.1.71 (#1839) * chore(deps): bump regex from 1.8.4 to 1.9.1 (#1838) * chore(deps): bump is-terminal from 0.4.8 to 0.4.9 (#1837) * chore(deps): bump serde_json from 1.0.99 to 1.0.100 (#1836) * Allow Authorization header in CORS preflight response (#1831) * chore(deps): bump pydantic from 1.10.10 to 1.10.11 in /pykanidm (#1834) * chore(deps-dev): bump pylint-pydantic from 0.1.8 to 0.2.0 in /pykanidm (#1832) * Add preflight headers (#1829) * Persist nonce through refresh to support client (#1826) * Cleanup spa handling (#1825) * 1792 public oauth clients (#1821) * 1812 1813 post axum cleanup (#1817) * Fix diagram colours (#1815) * Converting from tide to axum (#1797) * Add client UX for redirecting to an external portal for synced accounts (#1791) * Add cors policy (#1807) * Improve tasks daemon shutdown (#1806) * Improve durability of migrations (#1804) * clippy-izing an unsafe in pam (#1795) * chore(deps): bump pydantic from 1.10.9 to 1.10.10 in /pykanidm (#1803) * chore(deps): bump uuid from 1.3.4 to 1.4.0 (#1802) * chore(deps): bump tokio from 1.28.2 to 1.29.1 (#1801) * chore(deps): bump syn from 2.0.20 to 2.0.23 (#1800) * chore(deps): bump whoami from 1.4.0 to 1.4.1 (#1799) * chore(deps): bump quote from 1.0.28 to 1.0.29 (#1798) * 20230629 tpm keygen ... again (#1793) * Fixing the kanidmd healthcheck (#1789) * Name change history (#1727) * 20230628 tpm minor issue with key regen (#1790) * Still trying to fix the docs. (#1709) * Improve cli to support multi-domain handling. (#1786) * Started chasing noise, found some code to delete... (#1768) * Improve tpm key generation - improve unix config for tpms. (#1782) * chore(deps-dev): bump pytest from 7.3.2 to 7.4.0 in /pykanidm (#1771) * chore(deps-dev): bump mkdocs-material from 9.1.16 to 9.1.17 in /pykanidm (#1773) * chore(deps-dev): bump mypy from 1.3.0 to 1.4.1 in /pykanidm (#1784) * chore(deps): bump serde_json from 1.0.97 to 1.0.99 (#1778) * chore(deps): bump syn from 2.0.18 to 2.0.20 (#1779) * chore(deps): bump authlib from 1.2.0 to 1.2.1 in /pykanidm (#1777) * chore(deps): bump proc-macro2 from 1.0.60 to 1.0.63 (#1776) * chore(deps): bump libc from 0.2.146 to 0.2.147 (#1774) * chore(deps): bump gloo-net from 0.2.6 to 0.3.0 (#1772) * chore(deps-dev): bump ruff from 0.0.272 to 0.0.275 in /pykanidm (#1770) * Fix debian packaging (#1742) * Remove r2d2 - sad beep noises (#1766) * Kanidmd is a bit noisy (#1765) * Ux improvements - Allow enrolling other devices (#1764) * Make argon2id default pw hasher - improve parameter detection (#1762) * chore(deps): bump openssl from 0.10.54 to 0.10.55 (#1761) * Implement tpm binding of cached password hashes (#1754) * Mention client configuration in tool installation guide (#1756) * Remove scripts that are no longer required (#1759) * OAuth2 secret JSON (#1758) * Allow account locking with expire-at 'epoch' and 'now' (#1757) * Resolve codespell issues (#1753) * Add tls generator to main kanidmd (#1743) * Fix block_on in ssh authorised keys (#1752) * chore(deps-dev): bump mkdocs-material from 9.1.15 to 9.1.16 in /pykanidm (#1751) * chore(deps): bump gloo from 0.8.0 to 0.8.1 (#1750) * chore(deps-dev): bump pytest-mock from 3.10.0 to 3.11.1 in /pykanidm (#1749) * chore(deps): bump hashbrown from 0.13.2 to 0.14.0 (#1748) * 1737 1739 sync - map uidnumbers mail (#1741) * Add support for argon2id (#1736) * Disable neon on linux (#1740) * 20230614 unix account security - move account name deny to unixd (#1733) * fixed return value of add_ava_int (#1735) * unix_integration: also check running SELinux mode (#1704) * added pre_cand entries to both pre_modify and pre_batch_modify plugin functions (#1732) * 20230608 ldap sync (#1728) * Add acp allowing service accounts to clear their own sessions (#1731) * Declare when no applications are available (#1730) * Fix ip addr parse (#1729) * X-Forwarded-For catcher - improve ip addr parsing (#1725) * chore(deps): bump proc-macro2 from 1.0.59 to 1.0.60 (#1723) * chore(deps): bump url from 2.3.1 to 2.4.0 (#1722) * chore(deps-dev): bump pytest from 7.3.1 to 7.3.2 in /pykanidm (#1719) * chore(deps): bump libc from 0.2.145 to 0.2.146 (#1721) * chore(deps-dev): bump ruff from 0.0.270 to 0.0.272 in /pykanidm (#1720) * docs: fix typo in sync concepts (#1715) * chore(deps): bump regex from 1.8.3 to 1.8.4 (#1718) * chore(deps): bump pydantic from 1.10.8 to 1.10.9 in /pykanidm (#1717) * chore(deps): bump serde from 1.0.163 to 1.0.164 (#1716) * Absolutely minimal implementation (#1711) * Add further incremental replication tests (#1707) * Save two more kay strokes (#1708) * Documentation root directory 404 (#1706) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1697) * Improve diagnostic and docs of ldap bind requiring posix password (#1702) * #1680 redux - trying to fix docs again (#1692) * Automatically login & reauth (#1691) * chore(deps-dev): bump coverage from 7.2.6 to 7.2.7 in /pykanidm (#1698) * chore(deps): bump libc from 0.2.144 to 0.2.145 (#1701) * chore(deps): bump openssl from 0.10.52 to 0.10.54 (#1700) * chore(deps): bump csv from 1.2.1 to 1.2.2 (#1699) * chore(deps): bump syn from 2.0.17 to 2.0.18 (#1696) * chore(deps): bump chrono from 0.4.24 to 0.4.26 (#1695) * chore(deps-dev): bump mkdocs-material from 9.1.14 to 9.1.15 in /pykanidm (#1694) * chore(deps): bump openssl-sys from 0.9.87 to 0.9.88 (#1693) * Documentation root directory 404 (#1681) * Crono expression parser fix (#1682) * Document OpenID connect setup for Miniflux (#1683) * chore(deps): bump cryptography from 39.0.1 to 41.0.0 in /pykanidm (#1684) * Improve the readme (#1679) * Move the socket startup to localise it to the acceptor (#1678) * SELinux support for kanidm-unixd-tasks daemon (#1661) * Resolve ability to delete ssh keys with spaces in tags (#1674) * Adding mdbook-template back for bookgen (#1660) * chore(deps-dev): bump coverage from 7.2.5 to 7.2.6 in /pykanidm (#1669) * chore(deps-dev): bump mkdocstrings from 0.21.2 to 0.22.0 in /pykanidm (#1671) * 20230526 incremental replication improvements (#1659) * chore(deps): bump regex from 1.8.1 to 1.8.3 (#1670) * chore(deps): bump hashbrown from 0.12.3 to 0.13.2 (#1668) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1667) * chore(deps): bump tokio from 1.28.1 to 1.28.2 (#1666) * chore(deps-dev): bump ruff from 0.0.269 to 0.0.270 in /pykanidm (#1665) * chore(deps): bump quote from 1.0.27 to 1.0.28 (#1664) * chore(deps): bump pydantic from 1.10.7 to 1.10.8 in /pykanidm (#1663) * fixing get-tags-action in book build (#1657) * Add more replication tests, improve some handling of tombstones. (#1656) * Bring back CpuOptLevel x86_64_v1 (#1590) * Doc fixes (#1658) * Identifiable tokens (#1623) * Add version tag to makefile images (#1654) * during service account recovery, remove incompatible credentials (#1650) * signal handling for tasks daemon (#1651) * Time travelling (#1648) * chore(deps): bump requests from 2.28.2 to 2.31.0 in /pykanidm (#1649) * 20230508 replication incremental (#1620) * chore(deps-dev): bump mkdocs-material from 9.1.12 to 9.1.14 in /pykanidm (#1642) * chore(deps): bump wasm-bindgen from 0.2.85 to 0.2.86 (#1647) * chore(deps): bump js-sys from 0.3.62 to 0.3.63 (#1646) * chore(deps): bump uuid from 1.3.2 to 1.3.3 (#1645) * chore(deps): bump proc-macro2 from 1.0.56 to 1.0.58 (#1644) * chore(deps): bump reqwest from 0.11.17 to 0.11.18 (#1643) * chore(deps-dev): bump ruff from 0.0.267 to 0.0.269 in /pykanidm (#1641) * Fix use-reset-token command hint (#1639) * chore(deps): bump pymdown-extensions from 9.9.2 to 10.0 in /pykanidm (#1638) * chore(deps-dev): bump mypy from 1.2.0 to 1.3.0 in /pykanidm (#1636) * chore(deps): bump wasm-bindgen-test from 0.3.34 to 0.3.35 (#1635) * chore(deps-dev): bump ruff from 0.0.265 to 0.0.267 in /pykanidm (#1634) * chore(deps): bump syn from 2.0.15 to 2.0.16 (#1633) * chore(deps): bump quote from 1.0.26 to 1.0.27 (#1628) * chore(deps): bump serde from 1.0.162 to 1.0.163 (#1632) * chore(deps-dev): bump mkdocs-material from 9.1.9 to 9.1.12 in /pykanidm (#1631) * chore(deps): bump tokio from 1.28.0 to 1.28.1 (#1629) * chore(deps): bump web-sys from 0.3.61 to 0.3.62 (#1627) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1626) * chore(deps): bump libc from 0.2.143 to 0.2.144 (#1625) * chore(deps): bump js-sys from 0.3.61 to 0.3.62 (#1624) * Update policy (#1619) * fixing up some spelling errors (#1618) * Update RELEASE_NOTES.md (#1616) * 20230505 replication groundwork - ruv consistency improvements (#1606) * chore(deps-dev): bump ruff from 0.0.263 to 0.0.265 in /pykanidm (#1608) * chore(deps-dev): bump mkdocs-material from 9.1.8 to 9.1.9 in /pykanidm (#1609) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1611) * chore(deps): bump serde from 1.0.160 to 1.0.162 (#1613) * chore(deps): bump libc from 0.2.142 to 0.2.143 (#1612) * chore(deps): bump pkg-config from 0.3.26 to 0.3.27 (#1610) * chore(deps-dev): bump mkdocs from 1.4.2 to 1.4.3 in /pykanidm (#1607) * github pages ... something is definitely going weird. (#1605) * token permissions! (#1604) * Using github actions might actually push a change (#1603) * looks like that's a bug (#1602) * fix things (#1601) * 20230506 ignore some references (#1600) * Harden migrate session to prevent duplicate migration errors (#1599) * reducing action concurrency load (#1598) * more testing cleanup (#1595) * Document that you need to tell Nginx or other proxies to use HTTP 1.1… (#1592) * sccache github actions fixes (#1593) * Start next dev cycle (#1589)- Update to version 1.1.0~alpha12~git0.bcdbb18: * Release 1.1.0-alpha.12 (#1588) * chore(deps): bump tokio-util from 0.7.7 to 0.7.8 (#1587) * chore(deps): bump reqwest from 0.11.16 to 0.11.17 (#1586) * chore(deps): bump tokio from 1.27.0 to 1.28.0 (#1585) * chore(deps): bump uuid from 1.3.1 to 1.3.2 (#1584) * chore(deps): bump clap from 3.2.23 to 3.2.25 (#1583) * chore(deps-dev): bump coverage from 7.2.3 to 7.2.5 in /pykanidm (#1582) * Correctly prevent start up when https sockets in use (#1579) * Filter rdns and dns for ldap filters (#1576) * use sccache, merge "test" actions into "build", remove homebrew caching (#1578) * Cleanup incorrect log errors of denied entries (#1577) * 20230424 clippppppppppppyyyyyyyy (#1574) * Add exclusive process lock to Kanidm to prevent accidental duplicate commands. (#1575) * more more more unixd build fixes (#1573) * chore(deps-dev): bump mkdocs-material from 9.1.7 to 9.1.8 in /pykanidm (#1572) * chore(deps): bump openssl from 0.10.51 to 0.10.52 (#1571) * chore(deps): bump openssl-sys from 0.9.86 to 0.9.87 (#1570) * chore(deps-dev): bump ruff from 0.0.262 to 0.0.263 in /pykanidm (#1569) * more-merge unixd commands (#1568) * Consolidate unix tools (#1566) * 1553 pam remote or local detection (#1565) * chore(deps): bump openssl from 0.10.50 to 0.10.51 (#1563) * Improve user experince of refreshing with intent tokens during cred update (#1556) * chore(deps): bump tracing-subscriber from 0.3.16 to 0.3.17 (#1562) * chore(deps): bump regex from 1.7.3 to 1.8.1 (#1561) * chore(deps): bump libc from 0.2.141 to 0.2.142 (#1560) * chore(deps-dev): bump ruff from 0.0.261 to 0.0.262 in /pykanidm (#1559) * chore(deps-dev): bump mkdocs-material from 9.1.6 to 9.1.7 in /pykanidm (#1558) * chore(deps): bump actions/upload-artifact from 1 to 3 (#1557) * Fix incompatible future warnings by removing older crates (#1554) * 20230330 oauth2 refresh tokens (#1502) * Sorting documentation builds (#1551) * Add troubleshooting step for pam home dirs (#1550) * AuthSession non empty vec part 2 (#1543) * chore(deps): bump openssl from 0.10.49 to 0.10.50 (#1548) * chore(deps): bump serde from 1.0.159 to 1.0.160 (#1547) * chore(deps): bump syn from 2.0.13 to 2.0.15 (#1546) * chore(deps): bump serde_json from 1.0.95 to 1.0.96 (#1545) * chore(deps-dev): bump pytest from 7.3.0 to 7.3.1 in /pykanidm (#1544) * chore(deps): bump h2 from 0.3.15 to 0.3.17 (#1540) * Improve unicode control character detection (#1539) * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1533) * chore(deps-dev): bump mypy from 1.0.1 to 1.2.0 in /pykanidm (#1532) * chore(deps): bump filetime from 0.2.20 to 0.2.21 (#1529) * chore(deps-dev): bump mkdocstrings from 0.20.0 to 0.21.2 in /pykanidm (#1536) * chore(deps-dev): bump mkdocs-material from 9.1.5 to 9.1.6 in /pykanidm (#1535) * chore(deps-dev): bump ruff from 0.0.260 to 0.0.261 in /pykanidm (#1534) * chore(deps-dev): bump coverage from 7.2.2 to 7.2.3 in /pykanidm (#1530) * chore(deps): bump uuid from 1.3.0 to 1.3.1 (#1531) * chore(deps): bump syn from 2.0.12 to 2.0.13 (#1527) * chore(deps): bump dialoguer from 0.10.3 to 0.10.4 (#1526) * chore(deps-dev): bump pytest from 7.2.2 to 7.3.0 in /pykanidm (#1528) * chore(deps): bump libc from 0.2.140 to 0.2.141 (#1525) * chore(deps): bump fernet from 0.2.0 to 0.2.1 (#1524) * Authsession non empty vec (#1522) * chore(deps-dev): bump ruff from 0.0.259 to 0.0.260 in /pykanidm (#1506) * chore(deps-dev): bump mkdocs-material from 9.1.4 to 9.1.5 in /pykanidm (#1510) * chore(deps): bump serde from 1.0.158 to 1.0.159 (#1515) * chore(deps): bump openssl from 0.10.48 to 0.10.49 (#1513) * chore(deps): bump tokio from 1.26.0 to 1.27.0 (#1505) * chore(deps): bump openssl-sys from 0.9.83 to 0.9.84 (#1507) * chore(deps): bump futures from 0.3.27 to 0.3.28 (#1509) * chore(deps): bump reqwest from 0.11.15 to 0.11.16 (#1517) * chore(deps-dev): bump black from 23.1.0 to 23.3.0 in /pykanidm (#1514) * changing from merge to squash (#1521) * chore(deps): bump proc-macro2 from 1.0.54 to 1.0.56 * fixing up auto-merge (#1519) * chore(deps): bump syn from 2.0.10 to 2.0.12 (#1511) * chore(deps-dev): bump types-toml from 0.10.8.5 to 0.10.8.6 in /pykanidm (#1504) * chore(deps): bump serde_json from 1.0.94 to 1.0.95 (#1516) * chore(deps): bump ldap3_proto from 0.3.1 to 0.3.2 (#1518) * chore(deps): bump syn from 1.0.109 to 2.0.10 (#1499) * Be non empty vec (#1501) * 1496 ldap basedn config (#1500) * chore(deps): bump proc-macro2 from 1.0.52 to 1.0.54 (#1494) * chore(deps): bump regex from 1.7.1 to 1.7.3 (#1491) * chore(deps): bump pydantic from 1.10.6 to 1.10.7 in /pykanidm (#1492) * chore(deps-dev): bump mkdocs-material from 9.1.3 to 9.1.4 in /pykanidm (#1487) * chore(deps): bump async-trait from 0.1.67 to 0.1.68 (#1488) * Improve string validation (#1497) * chore(deps): bump reqwest from 0.11.14 to 0.11.15 (#1493) * chore(deps-dev): bump ruff from 0.0.257 to 0.0.259 in /pykanidm (#1489) * chore(deps): bump serde from 1.0.157 to 1.0.158 (#1490) * Adding an auto-merger for dependabot updates (#1486) * Make examples in ldap chapter consistent (#1495) * 1115 priv (reauth, sudo) mode (#1479) * chore(deps): bump openssl from 0.10.47 to 0.10.48 (#1484) * Server daemon logging and exit codes (#1475) * Fix path-relative links in documentation (#1478) * chore(deps): bump openssl from 0.10.45 to 0.10.47 (#1471) * chore(deps): bump serde from 1.0.155 to 1.0.157 (#1473) * chore(deps-dev): bump mkdocs-material from 9.1.2 to 9.1.3 in /pykanidm (#1468) * chore(deps-dev): bump pylint-pydantic from 0.1.7 to 0.1.8 in /pykanidm (#1469) * chore(deps-dev): bump coverage from 7.2.1 to 7.2.2 in /pykanidm (#1463) * chore(deps-dev): bump ruff from 0.0.254 to 0.0.257 in /pykanidm (#1466) * chore(deps): bump async-trait from 0.1.66 to 0.1.67 (#1461) * chore(deps): bump whoami from 1.3.0 to 1.4.0 (#1460) * chore(deps): bump zxcvbn from 2.2.1 to 2.2.2 (#1464) * chore(deps): bump openssl-sys from 0.9.80 to 0.9.82 (#1470) * chore(deps-dev): bump pytest-asyncio from 0.20.3 to 0.21.0 in /pykanidm (#1459) * Add unixd exit code (#1453) * Unixd daemon improvement (#1454) * chore(deps): bump walkdir from 2.3.2 to 2.3.3 (#1458) * checks for a minimum number of arguments (#1452) * chore(deps): bump chrono from 0.4.23 to 0.4.24 (#1444) * chore(deps): bump futures from 0.3.26 to 0.3.27 (#1447) * chore(deps): bump paste from 1.0.11 to 1.0.12 (#1449) * chore(deps-dev): bump mkdocs-material from 9.1.1 to 9.1.2 in /pykanidm (#1450) * chore(deps): bump csv from 1.2.0 to 1.2.1 (#1443) * chore(deps): bump libc from 0.2.139 to 0.2.140 (#1442) * chore(deps): bump serde from 1.0.152 to 1.0.155 (#1446) * chore(deps): bump pydantic from 1.10.5 to 1.10.6 in /pykanidm (#1448) * Image fixes in the build (#1441) * Fix RADIUS docker image file permissions (#1439) * User auth token session display implementation (#1415) * RADIUS container fixes (#1424) * Update book - OAuth2 integration step (#1437) * chore(deps): bump async-trait from 0.1.64 to 0.1.66 (#1433) * Hopefully fix exp issues by making it a stable part of the access token. (#1434) * chore(deps): bump base64 from 0.13.1 to 0.21.0 (#1350) * chore(deps): bump serde_json from 1.0.93 to 1.0.94 (#1427) * chore(deps-dev): bump pytest from 7.2.1 to 7.2.2 in /pykanidm (#1431) * chore(deps-dev): bump pylint-pydantic from 0.1.6 to 0.1.7 in /pykanidm (#1430) * chore(deps-dev): bump ruff from 0.0.253 to 0.0.254 in /pykanidm (#1429) * chore(deps-dev): bump mkdocs-material from 9.0.15 to 9.1.1 in /pykanidm (#1428) * Openssl build fix (#1422) * 1399 some async cleanup (#1421) * Web UI: Sort group memberships of profile (#1410) * Update the dev docs to flow nicer (#1420) * chore(deps): bump dyn-clone from 1.0.10 to 1.0.11 (#1417) * chore(deps): bump tokio from 1.25.0 to 1.26.0 (#1418) * chore(deps-dev): bump coverage from 7.1.0 to 7.2.1 in /pykanidm (#1405) * chore(deps-dev): bump ruff from 0.0.230 to 0.0.253 in /pykanidm (#1419) * 1399 cleanup cli docs (#1413) * 1399 cleanup reorg (#1412) * 1399 cleanup (#1409) * Version output for 4 unix_int tools (#1408) * Windows build fixes (#1388) * chore(deps): bump num_enum from 0.5.10 to 0.5.11 (#1404) * chore(deps-dev): bump types-toml from 0.10.8.4 to 0.10.8.5 in /pykanidm (#1407) * chore(deps): bump syn from 1.0.107 to 1.0.109 (#1406) * chore(deps-dev): bump mkdocs-material from 9.0.13 to 9.0.15 in /pykanidm (#1403) * Mention my Recursing of the Passport (#1402) * Start to add reauth capabilities (#1398) * Add Recursive Logos (#1401) * Prevent invalidation of api tokens (#1397) * chore(deps): bump tokio-util from 0.7.4 to 0.7.7 (#1378) * chore(deps): bump web-sys from 0.3.60 to 0.3.61 (#1362) * chore(deps): bump filetime from 0.2.19 to 0.2.20 (#1375) * chore(deps): bump pydantic from 1.10.4 to 1.10.5 in /pykanidm (#1392) * chore(deps-dev): bump mkdocs-material from 9.0.12 to 9.0.13 in /pykanidm (#1394) * chore(deps): bump num_enum from 0.5.9 to 0.5.10 (#1391) * chore(deps-dev): bump types-toml from 0.10.8.3 to 0.10.8.4 in /pykanidm (#1395) * chore(deps-dev): bump mypy from 1.0.0 to 1.0.1 in /pykanidm (#1390) * chore(deps): bump csv from 1.1.6 to 1.2.0 (#1393) * chore(deps): bump base64urlsafedata from 0.1.2 to 0.1.3 (#1389) * 20230220 passkey cleanup (#1396) * 1115 store credential ids per session (#1386) * Reduce the number of cow cells in idm (#1385) * 1355 docker builds (#1384) * chore(deps): bump proc-macro2 from 1.0.50 to 1.0.51 (#1369) * Improve some small behaviours of login and key management (#1383) * 967 oauth2 implicit search (#1382) * chore(deps): bump wasm-bindgen-test from 0.3.33 to 0.3.34 (#1364) * chore(deps): bump serde_json from 1.0.91 to 1.0.93 (#1376) * chore(deps-dev): bump black from 22.12.0 to 23.1.0 in /pykanidm (#1367) * chore(deps-dev): bump pylint-pydantic from 0.1.5 to 0.1.6 in /pykanidm (#1351) * chore(deps-dev): bump coverage from 7.0.5 to 7.1.0 in /pykanidm (#1352) * 20230130 hackweek replication (#1358) * Improve some diagnostic messages in console (#1381) * chore(deps): bump docker/build-push-action from 3 to 4 (#1360) * chore(deps): bump aiohttp from 3.8.3 to 3.8.4 in /pykanidm (#1377) * chore(deps-dev): bump mypy from 0.991 to 1.0.0 in /pykanidm (#1380) * chore(deps): bump uuid from 1.2.2 to 1.3.0 (#1368) * chore(deps-dev): bump mkdocs-material from 9.0.6 to 9.0.12 in /pykanidm (#1379) * chore(deps-dev): bump types-toml from 0.10.8.1 to 0.10.8.3 in /pykanidm (#1374) * chore(deps): bump cryptography from 39.0.0 to 39.0.1 in /pykanidm (#1371) * Update release docs to prevent forgetting a release step (#1370) * 1355 docker builds (#1357) * Update to 12 dev (#1356)- bsc#1210356 - CVE-2023-26964 - hyper,h2: stream stacking when H2 processing HTTP2 RST_STREAM frames- Automatic update of vendored dependencies- Update to version 1.1.0~alpha11~git0.d3a2a6b: * Release 1.1.0-alpha.11 (#1354) * 20230128 protected to access (#1349) * 20230125 pre rel cleanup (#1348) * 20230125 pre rel cleanup (#1347) * Allow multiple backends to run in parallel for repl tests (#1346) * 20230121 access improvement (#1345) * Fix debian build path (#1331) * Windows-related build fixes (#1344) * chore(deps): bump gloo-net from 0.2.5 to 0.2.6 (#1338) * chore(deps-dev): bump mkdocstrings from 0.19.1 to 0.20.0 in /pykanidm (#1334) * making the robots easier and happier (#1343) * chore(deps): bump tokio from 1.24.1 to 1.24.2 (#1340) * chore(deps): bump toml from 0.5.10 to 0.5.11 (#1337) * chore(deps): bump proc-macro2 from 1.0.49 to 1.0.50 (#1332) * chore(deps): bump reqwest from 0.11.13 to 0.11.14 (#1333) * chore(deps): bump async-trait from 0.1.61 to 0.1.62 (#1335) * 2023 orca improve (#1342) * Adding healthcheck functionality to kanidmd (#1330) * less lint more bark, ruff ruff (#1341) * 1121 SCIM import totp freeipa (#1328) * 1121 multiple totp (#1325) * chore(deps-dev): bump pylint from 2.15.9 to 2.15.10 in /pykanidm (#1324) * chore(deps-dev): bump mkdocs-material from 9.0.3 to 9.0.5 in /pykanidm (#1322) * chore(deps-dev): bump coverage from 7.0.4 to 7.0.5 in /pykanidm (#1323) * chore(deps-dev): bump pytest from 7.2.0 to 7.2.1 in /pykanidm (#1318) * chore(deps): bump regex from 1.7.0 to 1.7.1 (#1316) * chore(deps): bump ldap3_client from `2c9dc31` to `b3c7653` (#1320) * chore(deps-dev): bump pook from 1.0.2 to 1.1.1 in /pykanidm (#1319) * chore(deps): bump dialoguer from 0.10.2 to 0.10.3 (#1317) * Fix ldap vattr search (#1315) * Spell checking and stuff (#1314) * Bump coverage from 7.0.1 to 7.0.4 in /pykanidm (#1311) * Bump mkdocstrings-python from 0.8.2 to 0.8.3 in /pykanidm (#1313) * Bump async-trait from 0.1.60 to 0.1.61 (#1310) * Bump mkdocs-material from 8.5.11 to 9.0.3 in /pykanidm (#1312) * Update yew to 0.20 (#1308) * Bump tokio from 1.23.0 to 1.24.1 (#1309) * Cleanup references to sqlite, add a FAQ section (#1307) * Bump serde from 1.0.151 to 1.0.152 (#1303) * Bump whoami from 1.2.3 to 1.3.0 (#1304) * Bump pydantic from 1.10.2 to 1.10.4 in /pykanidm (#1305) * Fix the book again (#1302) * 20221224 cleanup (#1300) * Bump scim_proto from `cb147c8` to `b5a392f` (#1294) * Bump openssl from 0.10.44 to 0.10.45 (#1295) * Bump openssl-sys from 0.9.79 to 0.9.80 (#1296) * docs: reformat book and introduce workflow to ensure it stays formatted (#1286) * Bump libc from 0.2.138 to 0.2.139 (#1292) * Bump ldap3_proto from `5149451` to `2c9dc31` (#1297) * Bump coverage from 6.5.0 to 7.0.1 in /pykanidm (#1298) * feat(kanidmd): add ldap support for mail primary and alternative address (#1287) * chore(make): co-locate .PHONY declaration and target (#1291) * Can’t build designs private documentation (#1289) * 20221221 sync deploy (#1285) * Bump serde from 1.0.150 to 1.0.151 (#1276) * 20221219 sync polish (#1284) * Bump async-trait from 0.1.59 to 0.1.60 (#1278) * Bump toml from 0.5.9 to 0.5.10 (#1280) * Bump dyn-clone from 1.0.9 to 1.0.10 (#1282) * Bump serde_json from 1.0.89 to 1.0.91 (#1275) * Bump mkdocstrings from 0.19.0 to 0.19.1 in /pykanidm (#1277) * feat(oauth2): add support for a 'groups' claim (#1272) * Bump paste from 1.0.9 to 1.0.11 (#1279) * Bump syn from 1.0.105 to 1.0.107 (#1283) * Bump quote from 1.0.21 to 1.0.23 (#1281) * Bump pylint from 2.15.8 to 2.15.9 in /pykanidm (#1274) * Bump proc-macro2 from 1.0.47 to 1.0.49 (#1273) * 20221216 a little cleanup as a treat (#1266) * fix(make): improve help output and solve warnings (#1269) * fix: set executable flag for shell scripts (#1268) * chore: add jceb to list of contributors (#1267) * docs: correct LDAP DN for token authentication (#1263) * docs: correct command for generating a password (#1261) * docs: replace kanidm account with kanidm person (#1262) * docs: unify representation of dn=token (#1264) * docs: fix link to oauth2 documentation (#1260) * 20221123 iam migration work (#1258) * fix(oauth2): use the short name in the userinfo (#1259) * Bump serde from 1.0.148 to 1.0.150 (#1257) * Bump authlib from 1.1.0 to 1.2.0 in /pykanidm (#1255) * Bump pytest-asyncio from 0.20.2 to 0.20.3 in /pykanidm (#1254) * Bump openssl from 0.10.43 to 0.10.44 (#1251) * Bump certifi from 2022.9.24 to 2022.12.7 in /pykanidm (#1247) * Bump tokio from 1.22.0 to 1.23.0 (#1249) * Bump pylint from 2.15.7 to 2.15.8 in /pykanidm (#1253) * Bump black from 22.10.0 to 22.12.0 in /pykanidm (#1256) * Bump filetime from 0.2.18 to 0.2.19 (#1248) * Bump libc from 0.2.137 to 0.2.138 (#1243) * Bump serde from 1.0.147 to 1.0.148 (#1242) * Bump gloo-net from 0.2.4 to 0.2.5 (#1244) * Bump syn from 1.0.103 to 1.0.105 (#1240) * Bump async-trait from 0.1.58 to 0.1.59 (#1239) * Bump pylint from 2.15.6 to 2.15.7 in /pykanidm (#1246) * Bump mkdocs-material from 8.5.10 to 8.5.11 in /pykanidm (#1245) * Improve ldap sections (#1218) * Bump openssl from 0.10.42 to 0.10.43 (#1235) * Bump serde_json from 1.0.88 to 1.0.89 (#1238) * Bump bytes from 1.2.1 to 1.3.0 (#1236) * Bump jetli/wasm-pack-action from 0.3.0 to 0.4.0 (#1231) * Bump rpassword from 7.1.0 to 7.2.0 (#1233) * Add new mail read group (#1224) * fixing up automation (#1230) * Add signal trapping for a variety of signals (#1223) * docs tweaks, renaming integrations (#1228) * Add ability to bind with token with a dn=token marker (#1225) * 20221121 debug webui (#1217) * Cargo updates (#1219) * Bump reqwest from 0.11.12 to 0.11.13 (#1210) * Abstract webauthn authenticator access, and use Windows API on Windows (#1203) * 20221116 oauth2 app portal 2 (#1201) * Bump pylint from 2.15.5 to 2.15.6 in /pykanidm (#1216) * Bump serde_json from 1.0.87 to 1.0.88 (#1212) * Bump tokio from 1.21.2 to 1.22.0 (#1213) * Bump mkdocstrings-python from 0.8.0 to 0.8.2 in /pykanidm (#1215) * Bump mypy from 0.990 to 0.991 in /pykanidm (#1214) * 20221116 oauth2 app portal (#1200) * Bump pytest-asyncio from 0.20.1 to 0.20.2 in /pykanidm (#1194) * 1116 UI hints (#1199) * Reword security keys (#1196) * Bump mkdocs-material from 8.5.8 to 8.5.10 in /pykanidm (#1193) * remove pam tester (#1197) * Bump mkdocstrings-python from 0.7.1 to 0.8.0 in /pykanidm (#1195) * Bump types-toml from 0.10.8 to 0.10.8.1 in /pykanidm (#1192) * Bump mypy from 0.982 to 0.990 in /pykanidm (#1191) * Bump chrono from 0.4.22 to 0.4.23 (#1188) * Bump actions/dependency-review-action from 2 to 3 (#1187) * Bump base64urlsafedata from 0.1.1 to 0.1.2 (#1190) * Workflow tweaks (#1186) * 1116 UI hint (#1185) * 613 oauth2 logout (#1184) * started working on fixing a log issue and chased some clippy lints (#1182) * 20221103 ipa import driver (#1180) * Review oauth2 best practices document (#1181) * Add tools container support (#1178) * improve webauthn errors (#1179) * Add version header and warnings (#1175) * Bump mkdocs-material from 8.5.7 to 8.5.8 in /pykanidm (#1173) * Bump mkdocs from 1.4.1 to 1.4.2 in /pykanidm (#1174) * Bump regex from 1.6.0 to 1.7.0 (#1172) * Improve handling of openssl3 in md4 tests (#1171) * Add /etc/skel templating and notes adjacent to kanidm-unixd and packaging (#1113) * Further test improvements (#1166) * Setup for next dev cycle (#1165)- Update to version 1.1.0~alpha10~git2.4a03ca5: * Add tools container support (#1178) * Improve handling of openssl3 in md4 tests (#1171)- Update to kanidm 1.1.0-alpha.10 * Management and tracking of authenticated sessions * Make upgrade migrations more robust when upgrading over multiple versions * Add support for service account tokens via ldap for extended read permissions * Unix password management in web ui for posix accounts * Support internal dynamic group entries * Allow selection of name/spn in oidc claims * Admin UI wireframes and basic elements * TLS enforced as a requirement for all servers * Support API service account tokens * Make name rules stricter due to issues found in production * Improve Oauth2 PKCE testing * Add support for new password import hashes * Allow configuration of trusting x forward for headers * Components for account permission elevation modes * Make pam\_unix more robust in high latency environments * Add proc macros for test cases * Improve authentication requests with cookie/token seperation * Cleanup of expired authentication sessions * Improved administration of password badlists- Update to version 1.1.0~alpha9~git6.b20d5312: * Resolve upgrade in place error with cbor to json (#1028)- Update to version 1.1.0~alpha9~git5.98546259: * Remove dependency on git webauthn authentication versions- Update to version 1.1.0~alpha9~git4.33b4e11b: * Resolve issue with migration application order (#986)- Update to version 1.1.0~alpha9~git2.ebab6c5f: * Fix cargo.lock + Docker * Fixing the Github Actions Kanidmd build (#963) * (cargo-release) version 1.1.0-alpha.9 (#962) * Improve radius to support eap-tls with ca-dir (#957) * A pile of Wasm UI tweaks (#958) * Bump types-requests from 2.28.3 to 2.28.6 in /kanidm_rlm_python (#960) * Update validator requirement from ^0.15.0 to ^0.16.0 (#959) * Bump types-requests from 2.28.3 to 2.28.6 in /pykanidm (#961) * 383 164 authentication updates 9 (#956) * Update libsqlite3-sys requirement from 0.24.2 to 0.25.0 in /kanidm_unix_int (#929)- Update to version 1.1.0~alpha8~git1.980f358d: * Push some missed bits to documents * (cargo-release) version 1.1.0-alpha.8 * 20220501 fix logging (#730) * ref #725 - updated comment to note it's still failing (#727) * Remove async references (#724) * 383 170 164 authentication updates 3 (#723) * Making the login path nicer, dev scripting (#721) * Tweak docs generation... (#722) * Docs updates to push all tagged versions + dev (#720) * 20220427 dependency updates (#718)- Automatic update of vendored dependencies- Update to resolve bsc#1196972 CVE-2022-24713 - Regex DOS- resolve bsc#1194119 (CVE-2021-45710)- Update to version 1.1.0~alpha7~git0.c8468199: * (cargo-release) version 1.1.0-alpha.7 * Pre-release update and cleanup (#631) * Improve autofocus to oauth2 (#630) * Finalise email changes for oidc (#629) * Temp use env filter (#628) * 20211216 tracing cleanup (#627) * Art attribution * Refactor of value and addition of base types for business attributes (#626) * Add xmas logo * Add rinstall file (#625)- bsc#1191031 - use _pam_moduledir in spec macros - Update to version 1.1.0~alpha6~git0.c9f4b1d: * (cargo-release) version 1.1.0-alpha.6 * Added an interactive cli dialog to kanidm login (#584) * Add support for storing security token key in domain config (#581) * Remove auditscope for tracing (#580) * Entry Arc Tracking to reduce memory footprint (#579) * Rewrite how we store the internals of valuesets in entries (#578) * Improving logging and docs around unixd/PAM/NSS (#577) * Swap to tide-openssl (#575) * Start to remove audit scope :) (#574) * Fix io capture in tests (#573)- Update to version 1.1.0~alpha5~git0.4be329e: * (cargo-release) version 1.1.0-alpha.5 * Release prep * Fix totp registration workflow with broken authenticators (#516) * Add statistical analysis to indexes (#505) * 511 upgrade failure - add debuging tools and improve debugging of the issue. (#512) * fixes #503 - TOTP prompt no longer drops a newline (#515) * Fixing kanidm windows client build (#507) * Add the ability to configure and provide Oauth2 authentication for Kanidm. (#485) * Change default totp to sha256 (#504) * Fixes #494 - password change user-facing responses (#499) * Fix readonly check (#496) * Update webauthn-authenticator-rs to fix test failures (#493) * Update repo locations and versions in prep for release (#492) * Add workaround for podman subid issue (#491) * 163 account recovery code (#469) * check user shell (#392) (#490) * Removed `OperationResponse` (#489) * Set default shell to `bin/sh` (#488) * 20210607 orca ldap (#470) * `kanidm_client` bool/return values (#479) * Arc cachesize warning fixes (#483) * Closure Refactoring (#482) * Renamed fields in `dbvalue` (#477) * 471 add service files (#474) * fixes #478 - adds note about web ui already being packaged (#480) * unixd will now bail if startup tests fail (#476) * Add email syntax (#465) * Add some openid stubs (#464) * Add auth docs (#463) * 64 120 session claims (#462) * Add ldap vattr mapping (#459) * Fix for unixd issue (#460) * 414 clear stale credentials (#447) * Fix multivalue setting of description attribute (#457) * 445 update pam nsswitch md (#451) * simpler ip logging (#454) * I might have become clippy this time (#449) * Calming clippy's nerves, Friday edition (#448) * 444 - client's config URI missing and more file open handling (#446) * Fix proxy usage in tests (#443) * This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442) * oauth design (#441) * Adding an example config file (#440) * adding env vars, making clippy happier, cleaning up some error messages (#438) * 20210509 cleanup clippy and audit name (#437) * 277 radius pw not accept for main pw (#435) * Orca - a load testing framework for Kanidm (#431) * Add verification of name indexes (#433) * Add ability to pick a server role (#432) * Adding a new verb group remove_members (#434) * 397 Caching password badlist (#425) * User feedback improvements, also handling a permissions issue (#424) * Fix concat issue * Update contributors * Making clippy happy (#420) * Fix 421 - clearer debug messages when doing things (#422) * 62 idm qs cleanup (#419) * Rough working login page (#417) * Make clippy happy (#415) * More debug messages (#413) * merging upstream (#411) * Improve error message when socket not found (#412) * Idlset2, query cache, acp resolve cache (#409) * Add lto thin (#410) * fixing broken action (#405) * Basic documentation for monitoring (#404) * Create design for mfa_backup_code.rst (#402) * phrasing (#401) * Docs update (#400) - Remove un-needed source files: * kanidm-unixd-tasks.service * kanidm-unixd.service * kanidmd.service * server.toml- Update to version 1.1.0~alpha4~git54.675146e: * check user shell (#392) (#490) * Removed `OperationResponse` (#489) * Set default shell to `bin/sh` (#488) * 20210607 orca ldap (#470) * `kanidm_client` bool/return values (#479) * Arc cachesize warning fixes (#483) * Closure Refactoring (#482)- Update to version 1.1.0~alpha4~git47.5e83b68: * Renamed fields in `dbvalue` (#477) * 471 add service files (#474) * fixes #478 - adds note about web ui already being packaged (#480) * unixd will now bail if startup tests fail (#476) * Add email syntax (#465) * Add some openid stubs (#464) * Add auth docs (#463) * 64 120 session claims (#462) * Add ldap vattr mapping (#459)- Update to version 1.1.0~alpha4~git38.d978c9d: * Fix for unixd issue (#460)- Update to version 1.1.0~alpha4~git37.e8b1089: * 414 clear stale credentials (#447) * Fix multivalue setting of description attribute (#457) * 445 update pam nsswitch md (#451) * simpler ip logging (#454) * I might have become clippy this time (#449) * Calming clippy's nerves, Friday edition (#448) * 444 - client's config URI missing and more file open handling (#446) * Fix proxy usage in tests (#443) * This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442) * oauth design (#441) * Adding an example config file (#440) * adding env vars, making clippy happier, cleaning up some error messages (#438) * 20210509 cleanup clippy and audit name (#437) * 277 radius pw not accept for main pw (#435) * Orca - a load testing framework for Kanidm (#431) * Add verification of name indexes (#433) * Add ability to pick a server role (#432) * Adding a new verb group remove_members (#434) * 397 Caching password badlist (#425) * User feedback improvements, also handling a permissions issue (#424) * Fix concat issue * Update contributors * Making clippy happy (#420) * Fix 421 - clearer debug messages when doing things (#422) * 62 idm qs cleanup (#419) * Rough working login page (#417) * Make clippy happy (#415) * More debug messages (#413) * merging upstream (#411) * Improve error message when socket not found (#412) * Idlset2, query cache, acp resolve cache (#409) * Add lto thin (#410) * fixing broken action (#405) * Basic documentation for monitoring (#404) * Create design for mfa_backup_code.rst (#402) * phrasing (#401) * Docs update (#400)- Update to version 1.1.0~alpha4~git0.0ac5da8: * Performance Improvements * TOTP CLI enrollment * Jemalloc in main server instead of system allocator * Command line completion * TLS file handling improvements * Webauthn authentication and enrollment on CLI * Add db vacuum task * Unix tasks daemon that automatically creates home directories * Support for sk-ecdsa public ssh keys * Badlist checked at login to determine account compromise * Minor Fixes for attribute display- Update to version v1.1.0alpha.3~git0.b34c893: * (cargo-release) version 1.1.0-alpha.3 * release notes * Update Dependencies * Unixd - NXCache of unknown items (#338) * WIP - Improve Auth Proto to Support Webauthn (#333) * Follow up on ci fixes * Add port verification to start server in kanidm_client tests * Update CI base image to ubuntu 20.04 * Add libudev to ci * 13 135 webauthn support (#332) * Change root user check to warning due to container run times (#328) * Fixes #324 account softlocking and rate limiting (#326) * Add passpoint link * Update tumbleweed docs * Account valid-from and expiry (#322)- Update to version v1.1.0alpha.2~git0.764e727: * Update * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * (cargo-release) version 1.1.0-alpha.2 * gitignore * Update Release Notes * 250 cookie to auth bearer (#321) * 259 reduce clones (#319) * Xxx clippy outdated (#318) * 314 improve async (#316) * Update README.md * On login pw upgrade (#315) * Add python3 support to radius * Dynamic crypto rounds (#311) * tweak book chapter * 67 resource limits impl (#307) * Update based on review * Apply suggestions from code review * doc * Build improvements * Support zfs page size * V large cleanup * Cleanup and improve client error handling * Improve server hardening * Update deps + add simd support in container * Add FAQ + eap selection * Minor updates * tweak release steps- Initial Commiti01-armsrv3 1733480461  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~1.4.4~git0.c3dbf83-bp156.13.11.4.4~git0.c3dbf83-bp156.13.1   kanidmdocssrcSUMMARY.mdaccess_controlintro.mdaccountsaccount_policy.mdanonymous_account.mdauthentication_and_credentials.mdgroups.mdintro.mdpeople_accounts.mdposix_accounts_and_groups.mdservice_accounts.mdadministration.mdbackup_and_restore.mdchoosing_a_domain_name.mdclient_tools.mdcustomising.mddatabase_maintenance.mddevelopersdesignsaccess_control_defaults.mdaccess_profiles_original.mdaccess_profiles_rework_2022.mdaccount_policy.rstapplication_passwords.mdarchitecture.mdauth.mdauth_proto_rewrite_late_2020.rstauthentication_flow.mdcontent_security_policy.mdcredential-display.rstcredential-update.rstcryptography_key_domains.mddefault_idm_layout.rstdesigns.mddevice-authentication.rstdiagramscombined-flow.graffleidv_api_diagram.drawioidv_api_diagram.drawio.svgidv_generic_responses.drawioidv_generic_responses.drawio.svgidv_state_machine.drawioidv_state_machine.drawio.svgobject-lifecycle-states.graffleobject-lifecycle-states.pngsearch-flow.grafflesearch-flow.pngwrite-flow.grafflewrite-flow.pngdomain_display_name.mddomain_join_machine_accounts.mddowngrade.rstelevated_priv_mode.mdidentifiable_secrets.mdidentity_verification_feature.mdidm_rest_layout.rstindexing.mdkanidm-trust.rstldap_gateway.rstlogging.mdmemberof.rstmfa-device-enrollment-process.rstmfa_backup_code.rstmigration.rstoauth.rstoauth2_app_listing.mdoauth2_device_flow.mdoauth2_refresh_tokens.mdpassword-import.rstprofile_display.mdradius.rstrecycle_bin.rstrepl_future_considerations.rstreplication.rstreplication_coordinator.mdreplication_design_and_notes.mdresource_limits.rstrest_interface.mdschema_reference_types.rstscim_migration_planning.mdsession_logout.rstsudo.rstsystem_protected_objects.rstuid_gid_generation.rstunixd_homes_task.rstunixd_multi_resolver_2024.mddeveloper_ethics.mdfaq.mdpython_module.mdradius.mdradius_module_development.mdreadme.mdrelease_checklist.mddomain_rename.mdevaluation_quickstart.mdexampleskubernetes_ingress.mdreadme.mdtraefik.mdfrequently_asked_questions.mdglossary.mdimageskani-alert.pngkani-warning.pnginstalling_client_tools.mdinstalling_the_server.mdintegrationsldap.mdoauth2oauth2.mdcustom_claims.mdexamples.mdhow_does_oauth2_work.mdoauth2_claims.mdpam_and_nsswitchpam_and_nsswitch.mdfedora.mdsuse.mdtroubleshooting.mdradius.mdreadme.mdssh_key_distribution.mdsssd.mdintroduction_to_kanidm.mdmonitoring_the_platform.mdpackagingcommunity_packages.mddebian_ubuntu_packaging.mdpackaging.mdppa_packages.mdpreparing_for_your_deployment.mdrecycle_bin.mdrepladministration.mddeployment.mdplanning.mdreadme.mdsecurity_hardening.mdserver_configuration.mdserver_updates.mdsupport.mdsupported_features.mdsyncconcepts.mdfreeipa.mdldap.mdtemplateskani-alert.mdkani-warning.mdtroubleshootingtroubleshooting.mdcurl_connection_test.txt/usr/share//usr/share/kanidm//usr/share/kanidm/docs//usr/share/kanidm/docs/src//usr/share/kanidm/docs/src/access_control//usr/share/kanidm/docs/src/accounts//usr/share/kanidm/docs/src/developers//usr/share/kanidm/docs/src/developers/designs//usr/share/kanidm/docs/src/developers/designs/diagrams//usr/share/kanidm/docs/src/examples//usr/share/kanidm/docs/src/images//usr/share/kanidm/docs/src/integrations//usr/share/kanidm/docs/src/integrations/oauth2//usr/share/kanidm/docs/src/integrations/pam_and_nsswitch//usr/share/kanidm/docs/src/packaging//usr/share/kanidm/docs/src/repl//usr/share/kanidm/docs/src/sync//usr/share/kanidm/docs/src/templates//usr/share/kanidm/docs/src/troubleshooting/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protectionobs://build.opensuse.org/openSUSE:Maintenance:18694/openSUSE_Backports_SLE-15-SP6_Update/12c36acd4f23c462569a0c8622701c9d-kanidm.openSUSE_Backports_SLE-15-SP6_Updatedrpmxz5aarch64-suse-linux       directoryexported SGML document, ASCII textASCII textUTF-8 Unicode textexported SGML document, UTF-8 Unicode textC source, ASCII textemptyXML 1.0 document, ASCII text (gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT))ASCII text, with very long linesSVG Scalable Vector Graphics imageUTF-8 Unicode text, with very long linesPNG image data, 649 x 599, 8-bit/color RGB, non-interlacedPNG image data, 1976 x 696, 8-bit/color RGB, non-interlacedPNG image data, 1976 x 1223, 8-bit/color RGB, non-interlacedHTML document, ASCII textPNG image data, 150 x 127, 8-bit/color RGBA, non-interlacedexported SGML document, ASCII text, with very long lines OS Y@d4utf-869792a6fc23d18b499712857ffd5b38c428852206f4fe9028b70045eb6e7e080?P7zXZ !t/ ]"k%fs~ZUឯYQ5i"B:ze32)*!>l?2"9ݶ,M\jۀ~juT|Koa%gK?KXsGcs]jشR{l] ܍]¼)K^,3>jk!ͺ S/pN]E\>2QZ9x@-xn ;<1(g>|pj  j݉` D=UWb `{۳MЅ=;Ӧ螺z"=6S Hp`J|ډf*@^ kHw[ a,ikhxȝ2ghPC;ĕK(fvATEl7E 7R߁ci6u9hInN܍&B#M\#}Leg^0rICXPf qJ h&r&+%ؑܺAT!-ӯ2Z {y x{td:7CQ(${rsǓL]FoTiob iC?z!td}}VFfrzʫR[AcaIZ9177. @q7V˶|"IV.4"\]=w{cX($F.kZXsk-B ND(eU?WWn|&#EN bJÌ`F}cecmӷ-I9nt>FzKٯ|#-DD@@59}i5DfA6֬x^ޑ5]H`ED#plz Dw MܘPT|8W=^KyؗF.6`~aN@#APtMA"x])^\vucغs/:U8-"0ۖ#߈ZJ:!B ]ixVj -ʾ&Ryء^j=w%Ws躳hyt9M`vqȱx3~r]L_$YN0>L@צnsAʋ&u~rJ{h]=pZCjb5-!9b(kԯn&cU6ÊTV'?ɣf1ލRq"*/kd."TMAXRgڷ?F4n?!}fЙ!ta}4w\ wKk١x*/[8MWDL_mnL| <34Ű!kJ:LğrĎ0#u* /&ڌ& ?LRqC4zy;/>C=CA\~k&f>W.駀 ]CjB#"mE*}E5t~5t2hYYg_ev߀LxiO~%~k!i!~&)WE11$ozgc7d=Ga;-\$?e@-SMMO/%DG<X­8nN:W]WgSjBˏmI\YB.?@K=5d4LCd'Lj7 Q art@Әn tSj)y$&~C;~k@>(c-/`KbOU $,&g5wDy[ MפkV D&§4o)3%xK n 71^20TXC[UXxj_F7R| . x]5ߘ7KcUYtl94"5oLāޢڌM|Y~P38Ћѯw% +rkkPL.^!iyzWui`!֬5V"U:/OYu/G¾k gTI+,^9 .2@eFoEUc w7[a[-LRF61UQ Apݕ6M^R,)J?!a`}AWJ5!Z1ۘX.󱿏 emrl^)ȥAҳ=E Bcg~vqVpf:pZd ɾ bcτWAT~󝴼W3iIW*Vc(BI _9|`W ": '4qrX(?*{2$%P1:[Brzjݳ!'H ug #FEd'!D`|@@kڥ+%K};50ؠ21_N'|uD2lr`:X;c KbYnjOM&V_p7tA;Oz+l\՝ek>]"54L>R˜Qxo's^xϑ Rʪxʶ+ӌ\Ա2oȏI_:a%l+?yH> s$cJkiPE,3S.}o(Ͼ&BQ jzʵ?i?$DOQ?HN2嵐]?4n^E[nM #=BTD;p4c^r"`}N-R@9|u2nd܏_Nd T0'f3q|qS/Em8Nq3vn>/=cfl12.|̟7Z5.[/G.E(\KlRueGRw 9z YZ