pool/kanidm
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
factory
kanidm/kanidm.changes

1876 lines
92 KiB
Plaintext
Raw Permalink Normal View History

- Update to version 1.4.5~git0.a7fabde: * Release 1.4.5 * nss/pam resolver should reauth faster (#3309) * Further SCIM sync testing, minor fixes (#3305) * Automatically trigger passkeys on login view (#3307) * Re-add enrol another device flow * Improved Cookie Removal * Allow reseting account policy values to defaults (#3306) * Incorrect member name in groups (#3302) * SCIM Sync Missing Annotation (#3300) * Ignore system users for UPG synthesiseation (#3297) * Limit OAuth2 resumption to session (#3296) * Use specific errors for intent token revoked (#3291) * Autocomplete password during reauth with TOTP (#3290) * Add CORS headers to jwks and userinfo (#3283) - Require system-user-nobody to prevent install ordering issue with invalid rpc/statd users OBS-URL: https://build.opensuse.org/package/show/network:idm/kanidm?expand=0&rev=75
2024-12-21 09:21:33 +01:00
-------------------------------------------------------------------
Sat Dec 21 07:57:16 UTC 2024 - william.brown@suse.com
- Update to version 1.4.5~git0.a7fabde:
* Release 1.4.5
* nss/pam resolver should reauth faster (#3309)
* Further SCIM sync testing, minor fixes (#3305)
* Automatically trigger passkeys on login view (#3307)
* Re-add enrol another device flow
* Improved Cookie Removal
* Allow reseting account policy values to defaults (#3306)
* Incorrect member name in groups (#3302)
* SCIM Sync Missing Annotation (#3300)
* Ignore system users for UPG synthesiseation (#3297)
* Limit OAuth2 resumption to session (#3296)
* Use specific errors for intent token revoked (#3291)
* Autocomplete password during reauth with TOTP (#3290)
* Add CORS headers to jwks and userinfo (#3283)
-------------------------------------------------------------------
Wed Dec 11 03:12:47 UTC 2024 - William Brown <william.brown@suse.com>
- Require system-user-nobody to prevent install ordering issue with
invalid rpc/statd users
-------------------------------------------------------------------
Tue Dec 03 05:55:52 UTC 2024 - william.brown@suse.com
- Update to version 1.4.4~git0.c3dbf83:
* Release 1.4.4
* Check DNS on replication loop start not at task start (#3243)
* Work around systemd race condition (#3262)
* Clear invalid tokens from unix resolver (#3256)
* Allow OAuth2 loopback redirects if the path matches (#3252)
* Correctly display domain name on login (#3254)
* Display account_id during success/deny paths in unixd (#3253)
* s/idm_people_self_write_mail/idm_people_self_mail_write/g (#3250)
* handle missing map_group setting in config (#3242)
* owncloud: Add SameSite=Lax config for cross-domain auth (#3245)
* Yaleman/issue3229 (#3239)
-------------------------------------------------------------------
Fri Nov 22 07:08:34 UTC 2024 - william.brown@suse.com
- Update to version 1.4.3~git1.078625c:
* Update to latest fido-mds-tool (#3230)
-------------------------------------------------------------------
Fri Nov 22 06:52:53 UTC 2024 - william.brown@suse.com
- Update to version 1.4.3~git0.fb00176:
* Release 1.4.3
* Warn when v2 options are used in v1 unixd config (#3228)
* Resolve UI Auth Loop with OAuth2 (#3226)
* Harden transport in pam unixd (#3227)
* Improve warning around invalid JWT deserialisation (#3224)
* Update and fix server config files in examples. (#3225)
* Change CLI oauth2 command from set-display-name to set-displayname for consistency. (#3212)
* Add docs on customising Kanidm. (#3209)
* Correct spelling of occurred (#3222)
* UI/Feature polish (#3191)
* Prevent Invalid MFA Reg States (#3194)
* Change CSS for applications so SVG scales nicely in Firefox. (#3200)
* 20241109 3185 max age (#3196)
* Hoist max_age to prevent incorrect deserialisation (#3190)
* Release 1.4.2
* Re-migrate all acps to force updating (#3184)
* security - low - fault in migrations (#3182)
-------------------------------------------------------------------
Tue Nov 05 05:13:11 UTC 2024 - william.brown@suse.com
- Update to version 1.4.1~git0.ad93202:
* Release 1.4.1
* Correct missing CSP header (#3177)
* Resolve pam services not always having a tty (#3176)
-------------------------------------------------------------------
Sun Nov 03 00:17:17 UTC 2024 - william.brown@suse.com
- Update to version 1.4.0~git2.770efa8:
* Resolve incorrect handling of rhost in pam (#3171)
-------------------------------------------------------------------
Fri Nov 01 02:24:42 UTC 2024 - william.brown@suse.com
- Update to version 1.4.0~git1.c297c3f:
* Docker makefile latest
* Release 1.4.0
* chore: Made oauth2 scopes required in CLI (#3165)
* More "choosing a domain" revision (#3161)
* Update missing inputmode numeric when adding a new TOTP. (#3160)
* Improve OAuth2 authorisation ux (#3158)
* Fix attribute scim sync attribute naming (#3159)
* Change to text input and use numeric mode for TOTP prompts. (#3154)
* Fix release note date and typos (#3153)
* Release 1.4.0-pre
* Release Notes (#3149)
* Remove WASM (#3148)
* Rewrite "choosing a domain", add other considerations (#3147)
* Harmonize UI and remove unused css (#3033)
* ripping out some extra packages (#3146)
* OAuth2 Device flow foundations (#3098)
* htmx by default (#3145)
* Support reloading via systemd (#3144)
* Chore: Refactor Groups to be more generic (#3136)
* 20241024 1271 cert reload on SIGHUP (#3140)
* Update docs, improve locking (#3141)
* 2856 - use tags for containers on build (#3139)
* Fix image when too smol (#3138)
* yale's rabbit-hole-chasing-htmx-fixing-megapatch (#3135)
* ipinfo should be single value (#3137)
* Tidy the reauth ui (#3130)
* Add missing schemas to get OpenAPI validation to pass. (#3129)
* Change some OperationError into HTTP Bad Request (400). (#3125)
* Bump the all group with 11 updates (#3127)
* Bump the all group in /pykanidm with 5 updates (#3128)
* Fill in some Swagger API docs for a few v1 endpoints. (#3126)
* Diagram Improvements in Book (#3124)
* Fix passkey auth flow redirects (#3123)
* Improve handling of inaccesible shadow file (#3122)
* Log HTTP Not Found (404) as info log level. (#3119)
* more errors for the people (#3121)
* 20241017 unixd home (#3113)
* 20241017 3107 token ttl (#3114)
* docs: Update kanidm_ppa instructions for new repo logic (#3117)
* fix(lint) minor lint fix for unnecessary match use (#3118)
* Totp input changes (#3115)
* Add the strict flag on client creates for developers (#3111)
* Working scim entry get for person (#3088)
* Add nss testframework and fallback when daemon offline (#3093)
* Improve deb packaging, add aarch64 (#3083)
* Cache buster buster (#3091)
* fix(http): status content type should be JSON (#3096)
* Bump the all group across 1 directory with 7 updates (#3106)
* Bump the all group across 1 directory with 10 updates (#3103)
* 20241012 attr name SCIM fix (#3102)
* Scim add EntryReference (#3079)
* Bump the all group across 1 directory with 3 updates (#3094)
* Fix Increment Replication Post Upgrade (#3089)
* Remove white background from square logo (#3087)
* Add support for group extension (#3081)
* 20240921 ssh keys and unix password in credential update session (#3056)
* Fix landing and redirect URLs for GitLab, add some useful links (#3055)
* [htmx] Make it harder to miss the save button on the cred update page (#3013)
* Add example Outline config (#3076)
* 20240925 cleanups (#3060)
* Add instructions for unlinking Homebrew Rust on macOS (#3085)
* Don't reprompt for login when no session exists in cli (#3082)
* Make good on some TechDebt (#3084)
* Feat: Adding POSIX Password fallback (#3067)
* Bump the all group across 1 directory with 13 updates (#3080)
* Complete the implementation of the posix account cache (#3041)
* 20240926 tech debt (#3066)
* Fix migration of last mod cid (#3065)
* Increase totp secret size (#3061)
* Bump mozilla-actions/sccache-action from 0.0.5 to 0.0.6 in the all group (#3075)
* Improve pipe handling on linux (#3069)
* reformat oauth2 URL list, highlight legacy bits (#3062)
* scim_proto: fix incorrect language tag (#3064)
* Add ownCloud example config (#3059)
* Add example config for JetBrains Hub / YouTrack (#3058)
* Bump the all group with 8 updates (#3053)
* Bump the all group in /pykanidm with 3 updates (#3054)
* Document basic authenticating GitLab to Kanidm (#3050)
* fix(doc): updating docker container ref (#3049)
* Resolve incorrect SCIM Sync serialisation (#3047)
* CLI image error nicening (#3037)
* Add rfc7009 and rfc7662 metadata to oidc discovery (#3046)
* More openapi tweaks (#3038)
* Bump the all group with 6 updates (#3044)
* Bump the all group in /pykanidm with 3 updates (#3043)
* fix(docs): make it clearer that bearer auth is a thing (#3031)
* implements additional traits for filter types (#3036)
* 20240810 SCIM entry basic (#3032)
* CreatedAt/ModifiedAt fix (#3034)
* Pykanidm fixes (#3030)
* 20240906 Attribute as an Enum Type (#3025)
* Bump the all group with 9 updates (#3029)
* Bump the all group in /pykanidm with 4 updates (#3028)
* Credentials page/Self cred update flow UI improvements (#3012)
* 20240828 Support Larger Images, Allow Custom Domain Icons (#3016)
* MemberOf in search implies DirectMemberOf (#3024)
* fix(kanidm): don't allow empty string fields on CLI (#3018)
* Bump cryptography from 42.0.4 to 43.0.1 in /pykanidm in the pip group (#3023)
* generate completions for elvish and fish (#3015)
* Bump the all group with 4 updates (#3021)
* Bump the all group in /pykanidm with 3 updates (#3022)
* 20240820 SCIM value (#2992)
* fix(daemon): handling IPv6 addresses in healthcheck (#3004)
* fix(webui): Javascript errors after server-side update blocking login. Fixed after cache invalidating (#3011)
* OAuth2 Token Type (#3008)
* Bump the all group in /pykanidm with 4 updates (#3007)
* Bump the all group with 8 updates (#3006)
* Spattering of oauth2 stuff (#3000)
* Doc multi instance (#2997)
* Expose group rename (#2999)
* feat: self cred update flow (#2995)
* Better Error Message (#2998)
* Add missing group for application admin (#2991)
* enforcen den clippen (#2990)
* 20240817 group mail acp (#2982)
* 20240810 application passwords (#2968)
* Bump the all group with 17 updates (#2986)
* Bump the all group in /pykanidm with 3 updates (#2985)
* Mail substr index (#2981)
* Doc format, add api-token section (#2975)
* [HTMX] small profile improvements (#2974)
* Foundations of pam/nss multi resolver
* TLS, no seriously. (#2963)
* Update suse.md to avoid Authentication token manipulation error (#2973)
* Add Alpine Linux installation instructions (#2871)
* Bump the all group across 1 directory with 10 updates (#2966)
* [HTMX] User settings (#2929)
* Bump the all group in /pykanidm with 2 updates (#2965)
* Docs updates (#2961)
* Bump aiohttp from 3.10.0 to 3.10.2 in /pykanidm in the pip group (#2962)
* Prevent bug in pam (#2960)
* Improve migration error message (#2959)
* Fix incorrect logic in cred update flow (#2956)
* Docker-and-docs-fixes (#2954)
* Bump the all group in /pykanidm with 5 updates (#2952)
* Bump the all group with 10 updates (#2953)
* Added orca flag to extend privileged authentication expiry (#2949)
* In honour of SebaT, error on db lock acq timeout (#2947)
* Add measurement of lock acquisition (#2946)
* [htmx] Credential Update page (#2897)
* Update to 1.4.0-dev (#2943)
-------------------------------------------------------------------
Thu Sep 12 00:23:51 UTC 2024 - William Brown <william.brown@suse.com>
- explicitly depend on cargo to pull in latest compiler revision
-------------------------------------------------------------------
Tue Aug 20 02:20:12 UTC 2024 - william.brown@suse.com
- Update to version 1.3.3~git0.f075d13:
* Release 1.3.3
* Mail substr index (#2981)
-------------------------------------------------------------------
Sat Aug 10 00:14:34 UTC 2024 - william.brown@suse.com
- Update to version 1.3.2~git0.229b0cc:
* Release 1.3.2
* Prevent bug in pam (#2960)
* Reduce client logging noise
* Improve migration error message (#2959)
-------------------------------------------------------------------
Thu Aug 08 02:16:57 UTC 2024 - william.brown@suse.com
- Update to version 1.3.1~git0.eed7c07:
* Fix incorrect logic in cred update flow (#2956)
* Resolve maintainer bikeshedding
-------------------------------------------------------------------
Wed Aug 07 03:15:00 UTC 2024 - william.brown@suse.com
- Update to version 1.3.0~git0.e2a563f:
* Release 1.3.0 (#2941)
* New orca models (#2909)
* Run rust_build CI between multiple Rust versions (#2939)
* Bump the all group across 1 directory with 9 updates (#2938)
* Bump the all group in /pykanidm with 4 updates (#2937)
* fixing println bug (#2935)
* Reorganising the daemon startup so it doesn't fail with OTEL configured (#2934)
* clippying all the things (#2931)
* docs reordering and cleanup (#2932)
* Add scim proto to kanidm, refactor to improve serde performance. (#2933)
* 20240725 allow connection to older servers (#2930)
* Ubuntu/Debian buildy scripty tweaky things (#2928)
* kanidm graph graphviz unfit for scripting bc. of non-graphviz output (#2876)
* Improve workflow when account policy isnt satisfied (#2927)
* Docs rework (#2919)
* Bump the all group in /pykanidm with 4 updates (#2924)
* Bump the all group with 5 updates (#2925)
* Substring Indexing (#2905)
* Oauth2 in htmx (#2912)
* Strict redirect URL enforcement (#2917)
* Bump gix-path from 0.10.8 to 0.10.9 in the cargo group (#2918)
* fix typos (#2908)
* Add missing groups scope to Grafana example scope-map (#2914)
* build profiles: rename release_suse_generic to release_linux (#2907)
* 20240716 check mkdir (#2906)
* Fix issues with suspend reported by himmelblau (#2911)
* Implement home_mount_path logic (#2894)
* Forcing the http2 feature on hyper, but also chasing some out of date packages (#2896)
* Updating service type per kanidm/kanidm#2892 (#2898)
* making the internals of kanidmclientconfig public for other users (#2895)
* enable build htmx in docker (#2893)
* Fixes the logout flow in htmx and improves the login error dialog (#2889)
* htmx logout tidy up (#2884)
* Tidy up replication poll interval (#2883)
* Bump the all group with 8 updates (#2899)
* Bump the all group in /pykanidm with 2 updates (#2900)
* Add a migration for future versions that will notify and warn about the removal of security keys. (#2885)
* Update mtls cert lifetime (#2886)
* Bump zipp from 3.16.2 to 3.19.1 in /pykanidm in the pip group (#2888)
* [htmx] Apps page (#2868)
* Bump the all group in /pykanidm with 3 updates (#2879)
* Bump the all group across 1 directory with 10 updates (#2881)
* 20240703 htmx (#2870)
* Bump certifi from 2023.7.22 to 2024.7.4 in /pykanidm (#2877)
* Offer configuration of images for Oauth2 resources (#2665)
* 2818 2511 oauth2 urls (#2867)
* Vale Edits 0.1 (#2869)
* added orca docker file, make target and credential reset capabilities (#2846)
* 20240620 htmx (#2854)
* Bump the all group in /pykanidm with 2 updates (#2864)
* Bump the all group with 5 updates (#2865)
* Fixed link to the developers guide (#2862)
* Tweaks to make the makefile make things make easier.
* Update sssd.md
* adding freebsd target_os
* Bump the all group across 1 directory with 8 updates (#2852)
* Bump the all group in /pykanidm with 3 updates (#2849)
* Bump the all group with 2 updates (#2850)
* Configurable thread count (#2847)
* 20240613 performance improvements (#2844)
* Bump urllib3 from 2.0.7 to 2.2.2 in /pykanidm (#2843)
* Allow providers to be box dyn (#2794)
* Bump the all group in /pykanidm with 2 updates (#2842)
* illumos support (#2838)
* 20240611 performance (#2836)
* Bump the all group across 1 directory with 3 updates (#2837)
* Bump the all group across 1 directory with 5 updates (#2835)
* 20240607 2417 piv (#2829)
* fix: typos in OpenApi (#2827)
* Bump authlib from 1.3.0 to 1.3.1 in /pykanidm (#2834)
* Bump the all group with 7 updates (#2811)
* Double shutdown doesn't help! (#2828)
* Stats collection improvements and a bunch of other stuff (#2820)
* Add development taint flag to prevent mismatch of server versions (#2821)
* Remove small ambiguity in docs (#2823)
* lowering "access search" security log levels (#2819)
* Better WebAuthn and other error responses (#2608)
* Update examples/server_container.toml (#2814)
* Bump the all group in /pykanidm with 3 updates (#2812)
* 20240530 nightly warnings (#2806)
* Regrets Dot Pee Enn Gee (#2804)
* Resolve incorrect handling of tokens in logout flow (#2795)
* 2756 - resolve invalid loading of dyngroups at startup (#2779)
* WIP: serialization and domain info setting wonkiness (#2791)
* Bump the all group in /pykanidm with 3 updates (#2799)
* fix DB_PATH variable propagation (#2797)
* feat: add support for ldap compare request (#2780)
* Add ACP checking to exists operations. (#2790)
* Allow name write privileges to be withheld (#2773)
* Check for same version with backup/restore (#2789)
* Revive Cookies. (#2788)
* Fixing up the docs deploy script (#2787)
* chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2781)
* Update our domain TGT level (#2776)
* Fix PIN and MFA Code pam prompts (#2759)
* Update design for KRC (#2713)
* Add some extra comparisons to the readme (#2768)
* strip out some debug messages unless *really* debugging. (#2767)
* Update dev version (#2726)
* Don't need to check versions when there's an intermediary reporting connectivity issues (#2758)
* updating text to fix typo, add more info (#2761)
* Changing TOTP "copy" box from form field to code block. (#2765)
* chore(deps-dev): bump ruff in /pykanidm in the all group (#2763)
* Use fully qualified container URLS (#2754)
* chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2747)
* chore(deps-dev): bump jinja2 from 3.1.3 to 3.1.4 in /pykanidm (#2752)
* Fixing up build for rust 1.78, hiding things behind cfg(test) etc. (#2753)
* Fix broken links in <details> sections (#2737)
* Update Webauthn and Base64 (#2734)
* Add some metadata for lib macros (#2735)
* chore(deps): bump the all group in /pykanidm with 7 updates (#2729)
* Clean up utils password rand generation. (#2727)
-------------------------------------------------------------------
Thu May 30 02:47:22 UTC 2024 - william.brown@suse.com
- Update to version 1.2.2~git0.c4153c9:
* Resolve incorrect handling of tokens in logout flow (#2795) (#2803)
-------------------------------------------------------------------
Sat May 18 03:11:05 UTC 2024 - william.brown@suse.com
- Update to version 1.2.1~git0.ba82b1a:
* 2756 - resolve dyngroups not loading correctly at startup (#2778)
-------------------------------------------------------------------
Wed May 01 04:20:10 UTC 2024 - william.brown@suse.com
- Update to version 1.2.0~git0.9efa91a:
* Release 1.2.0 (#2733)
* Prepare 1.2.0
* Release 1.2.0 prep (#2724)
* Minor upgrade fixes (#2722)
* Resolve OAuth2 client/rs confusion (#2719)
* Improve access control doc to describe privilege access mode (#2721)
* Support 1.1 attribute in LDAP (#2720)
* Add mail support to groups (#2718)
* Add session limit (#2714)
* added profile and `memberof` search to the basic model (#2712)
* chore(deps): bump the all group in /pykanidm with 4 updates (#2717)
* Fix typo in oauth2 error message (#2715)
* 20240409 rework orca markov (#2699)
* Begin the basis of the key provider model (#2640)
* chore(deps): bump the all group in /pykanidm with 4 updates (#2707)
* chore(deps): bump peaceiris/actions-mdbook from 1 to 2 in the all group (#2706)
* chore(deps): bump idna from 3.4 to 3.7 in /pykanidm (#2703)
* fix(TotpDigits): fix typo in TryFrom impl (#2702)
* chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2696)
* chore(deps): bump h2 from 0.3.25 to 0.3.26 (#2694)
* Windows Hello Authentication requirements (#2688)
* chore(deps): bump the all group with 1 update (#2690)
* chore(deps-dev): bump the all group in /pykanidm with 1 update (#2691)
* Require kanidm-unixd before kanidm-unixd-tasks (#2687)
* kanidm unixd mfa capabilities (#2672)
* Add Grafana integration to OAuth2 documentation (#2685)
* [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686)
* ldap-sync: allow to use attrs more than once (#2676)
* chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2683)
* chore(deps): bump the all group with 1 update (#2682)
* fix(docs): packaging section improved (#2677)
* Fix developer ethics link (#2674)
* fix(docs): filename, header and title mismatch fixes (#2660)
* 20240312 concread upgrade (#2668)
* fix(docs): capitalization fixes (#2659)
* fix(docs): links corrected (#2661)
* fix api typo (#2657)
* chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2662)
* chore(deps): bump the all group in /pykanidm with 9 updates (#2656)
* Update bootstrap 5.0.2 to 5.3.3 & minor UI fixes (#2650)
* fix(docs): typos, grammar and broken link fixes (#2644)
* increase severity for "{:?} !⊆ allowed: {:?}" (#2648)
* Add instructions on how to enable PKCE in Nextcloud (#2647)
* 20230224 2437 orca remodel (#2591)
* Add initial design for key domains (#2564)
* Add upgrade process, improve developer readme (#2635)
* Doc unix client support (#2633)
* 20240301 systemd uid (#2602)
* expose group patch for parity (#2628)
* Adding a builtin class for all built-in things (#2603)
* apidoc tag fixes (#2625)
* chore(deps): bump mio from 0.8.10 to 0.8.11 (#2620)
* Fix missing entry managed by on anonymouns (#2623)
* Notes on privilege-expiry (#2622)
* SPAs really are stupid sometimes (#2609)
* apidoc fixes (#2614)
* chore(deps): bump the all group in /pykanidm with 4 updates (#2615)
* Typo fixes (#2610)
* Return consent scope to service account (#2605)
* OpenAPI schema fixes (#2590)
* WASM test fixing (#2595)
* Feature object graph (#2518)
* Add domain version test framework (#2576)
* Fix the miniflux oauth2 example (#2598)
* docs(monitoring): Fix syntax for OpenTelemetry config (#2594)
* 20240221 2489 cleanup api v1 (#2573)
* Changing to allow startup without a config file (#2582)
* Allow /dev/tpmrm0 on older systemd versions (#2587)
* Adjust output of claim maps for better parsing (#2566)
* chore(deps): bump the all group in /pykanidm with 4 updates (#2585)
* improved error description for commit_credential_update (#2579)
* Make /status less noisy (#2574)
* chore(deps): bump cryptography from 42.0.2 to 42.0.4 in /pykanidm (#2567)
* Add system range protection (#2565)
* Fix string comparison in Debian build script (#2409)
* of course I started looking at clippy things and now I can't stop (#2560)
* 20240216 308 resource limits (#2559)
* fix(oauth2): typo in basic path (#2562)
* Adding duplicate-finder script (#2550)
* prctl compile-time fixes, also chasing lints (#2558)
* Removing unused constant and updating docstring for LDAP bind address (#2556)
* chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2553)
* Support Policy Updates (#2536)
* chore(deps): bump cryptography from 42.0.0 to 42.0.2 in /pykanidm (#2548)
* Re-enable HW tpm support (#2531)
* Add further hardening for system services (#2542)
* fixing the test script (#2547)
* when the HTTPS server fails, handle that gracefully (#2546)
* Fix update intent ttl parameters (#2540)
* radius build workflow fixes (#2541)
* Conflict nscd, start before sshd (#2539)
* Fix incorrect documentation elements (#2533)
* Remove replication is in dev flag (#2535)
* Ordering auth methods in the CLI (#2508)
* Set lowercase owner name in tag (#2534)
* Add code_challenge_methods_supported to OIDC discovery (#2525)
* Himmelblau requires the machine key for unix_user_get (#2523)
* Extend on Apache example (#2524)
* chore(deps): bump the all group in /pykanidm with 4 updates (#2520)
* List of supported features (#2499)
* Update to latest dev version (#2486)
-------------------------------------------------------------------
Sat Mar 30 04:03:52 UTC 2024 - william.brown@suse.com
- Update to version 1.1.0~rc16~git7.8a1b7b5:
* Require kanidm-unixd before kanidm-unixd-tasks (#2687)
-------------------------------------------------------------------
Tue Mar 26 01:59:01 UTC 2024 - william.brown@suse.com
- Update to version 1.1.0~rc16~git6.e51d0de:
* [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686)
* return consent map to service account (#2604)
-------------------------------------------------------------------
Wed Feb 28 01:10:20 UTC 2024 - william.brown@suse.com
- Update to version 1.1.0~rc16~git4.d407844:
* Remove zstd feature
-------------------------------------------------------------------
Tue Feb 27 03:03:35 UTC 2024 - william.brown@suse.com
- Update to version 1.1.0~rc16~git3.81298e8:
* Allow /dev/tpmrm0 on older systemd versions (#2587)
-------------------------------------------------------------------
Tue Feb 20 04:31:01 UTC 2024 - william.brown@suse.com
- Add ipa-sync service
- Update to version 1.1.0~rc16~git2.6fb4fac:
* List of supported features (#2499)
-------------------------------------------------------------------
Wed Feb 07 05:35:09 UTC 2024 - william.brown@suse.com
- Update to version 1.1.0~rc16~git1.a917291:
* Correct cargo versions
* Release 1.1.0-rc.16 (#2483)
* Fix for incorrect domain migration rollbacks (#2482)
* Add tools for remigration and domain level raising (#2481)
* chore(deps): bump cryptography from 41.0.6 to 42.0.0 in /pykanidm (#2480)
* Support SPN in groups claim (#2474)
* Credential update tweaks (#2475)
* Oauth2 pkce faq (#2473)
* Fix debian versioning (#2472)
* chore(deps): bump the all group in /pykanidm with 7 updates (#2479)
* chore(deps): bump the all group with 1 update (#2478)
* Fix RUV trim (#2466)
* 20240125 2217 client credentials grant (#2456)
* docs: Add application passwords design document (#2427)
* handling master docs (#2465)
* update the artifact name in the download step (#2464)
* Book SUMMARY.md: Fix part titles according to mdbook (#2463)
* Update chat link, add keywords (#2462)
* PyKanidm updates and testing (#2301)
* chore(deps): bump aiohttp from 3.9.1 to 3.9.2 in /pykanidm (#2461)
* 1222 what rights does anonymous have (#2436)
* Fix inverted key/chain logic from TLS error improvement (#2453)
* Improve TLS configuration errors (#2447)
* chore(deps): bump shlex from 1.2.0 to 1.3.0 (#2445)
* chore(deps): bump the all group with 1 update (#2441)
* chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2443)
* Return sshkey label to cli fields (#2440)
* Add rfc8414 metadata (#2434)
* Add test for delete referer invalid (#2435)
* Clarify role of WebUI in README.md (#2431)
* Adding max_ber_size option in config for ldap sync (#2416)
* Debian build fixes (also the book) (#2400)
* 2390 1980 allow native applications (#2428)
* chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2430)
* cookies (#2426)
* Clean RUV (#2424)
* chore(deps-dev): bump jinja2 from 3.1.2 to 3.1.3 in /pykanidm (#2425)
* Upgrade replication to use anchors (#2423)
* Minor fixes for oidc with single page applications (#2420)
* chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2421)
* Use case insensitive match on substrings in line with ldap (#2419)
* Change OAuth2 RS Origin from the CLI (#2418)
* Add design diagrams (#2332)
* chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2410)
* Fix deb release flow to find the matrix split artifacts (#2406)
* 20231222 piv authentication (#2398)
* Update docs, closes SQLite Write-Ahead Logging might make page size immutable #2404 (#2405)
* Build the kanidm cli tools deb as well (#2402)
* Force apply idm migrations to apply access controls (#2401)
* fixing up the integration script (#2392)
* chore(deps): bump the all group in /pykanidm with 8 updates (#2396)
* chore(deps): bump the all group with 2 updates (#2395)
* fix backup filename and regexp pattern for cleanup (#2386)
* idprovider: Provide the keystore during auth (#2385)
* db: Fix insert_tagged_hsm_key doesn't cache the hsm key (#2389)
* daemon: Fix inverted logic on cache dir check (#2388)
* Add improved domain migration framework and default MFA (#2382)
* Trim and lowecase usernames (#2380)
* Add DN as a virtual ldap attr (#2379)
* fixing default for oauth2 request_parameter_supported metadata (#2378)
* chore(deps): bump the all group in /pykanidm with 6 updates (#2375)
* 20231218 ipa sync unix password (#2374)
* chore(deps): bump the all group with 2 updates (#2372)
* 1481 2024 access control rework (#2366)
* chore(deps): bump zerocopy from 0.7.26 to 0.7.31 (#2368)
* chore(deps): bump the all group with 3 updates (#2363)
* chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2362)
* 249 2024 managed by syntax (#2359)
* typo (#2356)
* 20231204 ipa sync minor improvements (#2357)
* chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2355)
* Unixd build/debugging updates (#2350)
* 20231129 webauthn attestation (#2351)
* Fix handling of TPM in some trait contexts (#2347)
* docs: miniflux added pkce support (#2352)
* Using proper axum http headers lib for compatibility (#2348)
* Bearer should send with same caps we accept (#2345)
* chore(deps): bump cryptography from 41.0.4 to 41.0.6 in /pykanidm (#2341)
* docs: improve grammar for book/src/developers/faq.md (#2343)
* Expose machine key in auth phase (#2340)
* 20231128 freeipa migration (#2338)
* Unix crossbuild scripts and docs (#2326)
* Expose TPM in more interface places (#2334)
* chore(deps): bump the all group in /pykanidm with 6 updates (#2336)
* Adding kanidm client config docs and notes ref #2248 (#2333)
* Update to the latest compact-jwt version (#2331)
* Adding env var configs for the server (#2329)
* Better errors when TPM PIN file not found (#2330)
* 20231120 2320 sssd compat (#2328)
* Resolve future send issue with keystore (#2311)
* chore(deps): bump the all group in /pykanidm with 6 updates (#2325)
* chore(deps): bump the all group with 3 updates (#2324)
* Add test (#2323)
* OAuth2 scopes validation logging missing details (#2317)
* Add systemd deps for unixd (#2314)
* 20231115 oauth2 authreq (#2310)
* Docs - Bump Fedora 36 to Fedora 38 (#2309)
* chore(deps): bump the all group with 4 updates (#2306)
* chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2305)
* Remove serde json from wasm (#2304)
* Fix spelling (#2303)
* 20231109 1122 credential class (#2300)
* Moving daemon tracing to OpenTelemetry (#2292)
* 20231101 add id cert to unixint (#2284)
* Docs fixes for #2296 (#2297)
* Update OpenAPI schema gen to actually... be kinda sorta valid. (#2296)
* chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2294)
* chore(deps): bump the all group with 8 updates (#2293)
* pw min length in account policy (#2289)
* WASM troubleshooting docs closes #2286 (#2291)
* oauth2 typo (#2290)
* Update notes to avoid some possible interpretation errors (#2288)
* Feature: kanidm CLI pulling OpenAPI schema (#2285)
* Feature: configurable replication poll interval (#2283)
* Minor improvements to incoming replication (#2279)
* Problems with bash completion autocomplete (#2281)
* Remove unused imports and clippy lint (#2276)
* Rework ldap bind routine (#2268)
* Disable inconsistent test (#2278)
* make versions consistent
* 1.1.0 rc.15 dev post-release (#2271)
-------------------------------------------------------------------
Wed Jan 24 01:18:23 UTC 2024 - william.brown@suse.com
- Update to version 1.1.0~rc15~git8.122b6af:
* Remove unused import that breaks builds on newer rust versions
* Update to latest webauthn-rs version
* fix version
* Fix maint branch versions
* Disable inconsistent test (#2278)
-------------------------------------------------------------------
Tue Oct 31 12:02:37 UTC 2023 - william.brown@suse.com
- Update to version 1.1.0~rc15~git2.74f5c0f:
* make versions consistent
* 1.1.0 rc.15 dev post-release (#2271)
* Release 1.1.0-rc.15-dev
* started writing docs and ended up in another rabbit hole (#2267)
* CLI integration test beginnings (#2261)
* chore(deps): bump the all group with 7 updates (#2266)
* chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2265)
* Add book chapter + cli
* Cargo fmt and clippy checks
* Restrict posix passwords on ldap bind with config
* Splitting the SPAs (#2219)
* Bug chasing (#2257)
* cargo fmt + clippy (#2241)
* service-account or person validity show returns for non-existing identity (#2258)
* don't need write if we are not writing (#2256)
* adding service account patch methods (#2255)
* .deb package build and docs fixes (#2252)
* Auth flow docs (#2249)
* pykanidm test code (#2202)
* chore(deps): bump the all group with 5 updates (#2247)
* chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2246)
* 20231019 1122 account policy basics (#2245)
* Add note on snaps to PAM and nsswitch with link to new section in FAQ (#2244)
* 20231014 account policy (#2218)
* chore(deps): bump rustix from 0.38.15 to 0.38.19 (#2242)
* Fix incorrect references to LDAP in sync (#2239)
* Remove unused crate users (#2240)
* chore(deps-dev): bump urllib3 from 2.0.6 to 2.0.7 in /pykanidm (#2238)
* Windows build fixes and test coverage (#2220)
* more space checks (#2234)
* Fixing dependabot and its mistakes (#2232)
* chore(deps-dev): bump mypy from 1.5.1 to 1.6.0 in /pykanidm (#2231)
* chore(deps-dev): bump mkdocs-material from 9.4.4 to 9.4.6 in /pykanidm (#2230)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2229)
* chore(deps): bump tokio from 1.32.0 to 1.33.0 (#2228)
* chore(deps): bump tss-esapi from 7.3.0 to 7.4.0 (#2227)
* chore(deps): bump regex from 1.9.6 to 1.10.1 (#2226)
* chore(deps): bump tracing from 0.1.37 to 0.1.39 (#2225)
* chore(deps): bump utoipa-swagger-ui from 3.1.5 to 4.0.0 (#2224)
* chore(deps): bump proc-macro2 from 1.0.68 to 1.0.69 (#2223)
* chore(deps): bump async-trait from 0.1.73 to 0.1.74 (#2222)
* chore(deps): bump serde from 1.0.188 to 1.0.189 (#2221)
* OpenAPI/swagger docs autogen (#2175)
* 20231012 346 name deny list (#2214)
* Add file diagnosis (#2210)
* fix RUV on startup, improve filter output (#2211)
* Chasing yaks down dark alleyways (#2207)
* Reduce `pam_kanidm`'s priority in Debian platforms (#2209)
* chore(deps-dev): bump ruff from 0.0.291 to 0.0.292 in /pykanidm (#2194)
* chore(deps-dev): bump coverage from 7.3.1 to 7.3.2 in /pykanidm (#2195)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2193)
* chore(deps-dev): bump mkdocs-material from 9.4.2 to 9.4.4 in /pykanidm (#2197)
* chore(deps): bump libc from 0.2.148 to 0.2.149 (#2201)
* chore(deps): bump axum-auth from 0.4.0 to 0.4.1 (#2200)
* chore(deps): bump syn from 2.0.37 to 2.0.38 (#2199)
* chore(deps): bump proc-macro2 from 1.0.67 to 1.0.68 (#2198)
* chore(deps): bump aiohttp from 3.8.5 to 3.8.6 in /pykanidm (#2196)
* chore(deps-dev): bump pylint-pydantic from 0.2.4 to 0.3.0 in /pykanidm (#2192)
* 20231008 remove expect used (#2191)
* Thread naming and display (#2190)
* Replication tweaks - try the most recent successful one and error less (#2189)
* Chasing wooly quadrapeds again (#2163)
* 68 20230929 replication finalisation (#2160)
* In-system image storage (#2112)
* chore(deps-dev): bump urllib3 from 2.0.4 to 2.0.6 in /pykanidm (#2173)
* chore(deps-dev): bump mkdocs-material from 9.3.2 to 9.4.2 in /pykanidm (#2165)
* chore(deps): bump clap_complete from 4.4.1 to 4.4.3 (#2170)
* chore(deps): bump hashbrown from 0.14.0 to 0.14.1 (#2169)
* chore(deps): bump clap from 4.4.4 to 4.4.6 (#2168)
* chore(deps): bump regex from 1.9.5 to 1.9.6 (#2167)
* chore(deps): bump pydantic from 2.3.0 to 2.4.2 in /pykanidm (#2166)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2164)
* fix credential update intent defaults (#2162)
* 68 20230919 replication configuration (#2131)
* Can't build kanidmd using the Ubuntu docker builder scripts - cleanup (#2154)
* Enforce TLS key size minimums (#2145)
* bindaddress default doesn't match documentation (#2150)
* chore(deps-dev): bump ruff from 0.0.290 to 0.0.291 in /pykanidm (#2137)
* chore(deps-dev): bump mkdocs from 1.5.2 to 1.5.3 in /pykanidm (#2138)
* chore(deps): bump syn from 2.0.32 to 2.0.37 (#2143)
* chore(deps): bump tss-esapi from 7.2.0 to 7.3.0 (#2142)
* chore(deps): bump tokio-util from 0.7.8 to 0.7.9 (#2141)
* chore(deps): bump dyn-clone from 1.0.13 to 1.0.14 (#2140)
* chore(deps): bump clap from 4.4.3 to 4.4.4 (#2139)
* chore(deps-dev): bump mkdocs-material from 9.3.1 to 9.3.2 in /pykanidm (#2136)
* minor changes to speed up WASM tests (#2133)
* chore(deps): bump cryptography from 41.0.3 to 41.0.4 in /pykanidm (#2134)
* CLI and kanidm_client changes to handle errors and TLS validation changes (#2127)
* Typo (#2125)
* chore(deps-dev): bump mkdocs-material from 9.2.8 to 9.3.1 in /pykanidm (#2114)
* chore(deps-dev): bump ruff from 0.0.287 to 0.0.290 in /pykanidm (#2115)
* chore(deps-dev): bump black from 23.9.0 to 23.9.1 in /pykanidm (#2116)
* chore(deps): bump chrono from 0.4.30 to 0.4.31 (#2124)
* chore(deps): bump docker/setup-qemu-action from 2 to 3 (#2119)
* chore(deps): bump proc-macro2 from 1.0.66 to 1.0.67 (#2123)
* chore(deps): bump serde_json from 1.0.106 to 1.0.107 (#2122)
* chore(deps): bump libc from 0.2.147 to 0.2.148 (#2121)
* chore(deps): bump clap from 4.4.2 to 4.4.3 (#2120)
* chore(deps): bump docker/build-push-action from 4 to 5 (#2118)
* chore(deps): bump docker/setup-buildx-action from 2 to 3 (#2117)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2113)
* Yaleman/issue989 (#2111)
* Cinco de yakko (#2108)
* 68 20230912 session consistency (#2110)
* Fix typo (#2109)
* Implement DeviceAuthorizationGrant for MFA (#2079)
* Schema dooby doo ... yon (#2103)
* sqlite3 doesn't need to be installed on dev machines (#2104)
* 68 20230908 replication attrunique (#2086)
* chore(deps-dev): bump pytest-aiohttp from 1.0.4 to 1.0.5 in /pykanidm (#2092)
* chore(deps-dev): bump coverage from 7.3.0 to 7.3.1 in /pykanidm (#2089)
* chore(deps-dev): bump mkdocs-material from 9.2.7 to 9.2.8 in /pykanidm (#2090)
* chore(deps-dev): bump black from 23.7.0 to 23.9.0 in /pykanidm (#2088)
* chore(deps-dev): bump pytest from 7.4.1 to 7.4.2 in /pykanidm (#2091)
* chore(deps): bump actions/checkout from 3 to 4 (#2102)
* chore(deps): bump walkdir from 2.3.3 to 2.4.0 (#2101)
* chore(deps): bump serde_json from 1.0.105 to 1.0.106 (#2100)
* chore(deps): bump openssl-sys from 0.9.92 to 0.9.93 (#2099)
* chore(deps): bump bytes from 1.4.0 to 1.5.0 (#2097)
* chore(deps): bump clap_complete from 4.4.0 to 4.4.1 (#2098)
* chore(deps): bump argon2 from 0.5.1 to 0.5.2 (#2096)
* chore(deps): bump syn from 2.0.31 to 2.0.32 (#2095)
* chore(deps): bump chrono from 0.4.28 to 0.4.30 (#2094)
* chore(deps): bump base64 from 0.21.3 to 0.21.4 (#2093)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2087)
* move from git2 to gix (#2085)
* Schema-dooby-doo-part-trois (#2082)
* CLI and test things (#2080)
* 68 20230907 replication (#2081)
* minor tweaks to Orca (#2077)
* Changing build targets for debs (#2076)
* Removing default features from git2 package (#2078)
* 68 20230829 replication referential integrity (#2048)
* Schema dooby doo part two (#2071)
* 68 20230831 design replication coordinator (#2051)
* improve wording of webauthn cli interaction (#2073)
* When an empty body was returned, do request would error incorrectly (#2074)
* update bug template, closes #2054 (#2055)
* Yak hassling (#2059)
* docs: api tokens are managed by idm_admin (#2072)
* chore(deps-dev): bump pytest from 7.4.0 to 7.4.1 in /pykanidm (#2062)
* chore(deps-dev): bump mkdocstrings from 0.22.0 to 0.23.0 in /pykanidm (#2063)
* chore(deps-dev): bump ruff from 0.0.286 to 0.0.287 in /pykanidm (#2061)
* chore(deps): bump async-recursion from 1.0.4 to 1.0.5 (#2070)
* chore(deps): bump syn from 2.0.29 to 2.0.31 (#2069)
* chore(deps): bump clap from 4.4.0 to 4.4.2 (#2068)
* chore(deps): bump url from 2.4.0 to 2.4.1 (#2067)
* chore(deps): bump regex from 1.9.4 to 1.9.5 (#2066)
* chore(deps): bump chrono from 0.4.26 to 0.4.28 (#2065)
* chore(deps): bump tower-http from 0.4.3 to 0.4.4 (#2064)
* chore(deps-dev): bump mkdocs-material from 9.2.5 to 9.2.7 in /pykanidm (#2060)
* Check in missing users crate for SELinux integration (#2050)
* Add tests for X-Forwarded-For header (kinda) (#1957)
* docs: fix miniflux oauth example (#2046)
* Clear cache before verify on some low-level tests (#2044)
* 68 20230828 replication of schema (#2045)
* Update compact jwt (#2043)
* Allow patching of crates from related projects (#2042)
* pam multistep auth state machine (#2022)
* chore(deps): bump clap from 4.3.23 to 4.4.0 (#2039)
* chore(deps): bump reqwest from 0.11.18 to 0.11.20 (#2040)
* chore(deps): bump openssl from 0.10.56 to 0.10.57 (#2038)
* chore(deps): bump clap_complete from 4.3.2 to 4.4.0 (#2036)
* chore(deps): bump base64 from 0.21.2 to 0.21.3 (#2037)
* chore(deps): bump regex from 1.9.3 to 1.9.4 (#2035)
* chore(deps): bump serde from 1.0.183 to 1.0.188 (#2034)
* chore(deps): bump openssl-sys from 0.9.91 to 0.9.92 (#2033)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2032)
* chore(deps-dev): bump mkdocs-material from 9.1.21 to 9.2.5 in /pykanidm (#2031)
* chore(deps-dev): bump ruff from 0.0.285 to 0.0.286 in /pykanidm (#2030)
* chore(deps): bump pydantic from 2.2.1 to 2.3.0 in /pykanidm (#2029)
* Authentication shortcut to get a RW session (#1993)
* wopsies, missing imports (#2023)
* idv cli (#2001)
* Trying to fix the (current) container build failures (#2021)
* pykanidm updoots (#2019)
* 68 20230821 replication (#2020)
* Configurable session timeouts (#1965)
* fix: output an array in json mode for `kanidm group list` (#2016)
* feat: add json output modes for `person list` and `system oauth2 list` (#2017)
* docs: Update missed add_members command (#2018)
* Less human strings more enums (#1989)
* Resolve incorrect time units on timeout (#2014)
* chore(deps): bump dyn-clone from 1.0.12 to 1.0.13 (#2013)
* chore(deps): bump quote from 1.0.32 to 1.0.33 (#2012)
* chore(deps): bump gloo-timers from 0.2.6 to 0.3.0 (#2011)
* chore(deps): bump serde_with from 3.2.0 to 3.3.0 (#2010)
* chore(deps): bump clap from 4.3.21 to 4.3.23 (#2009)
* chore(deps): bump tokio from 1.31.0 to 1.32.0 (#2008)
* chore(deps): bump serde_json from 1.0.104 to 1.0.105 (#2007)
* chore(deps): bump syn from 2.0.28 to 2.0.29 (#2006)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2005)
* chore(deps-dev): bump mypy from 1.5.0 to 1.5.1 in /pykanidm (#2004)
* chore(deps-dev): bump ruff from 0.0.284 to 0.0.285 in /pykanidm (#2003)
* chore(deps): bump pydantic from 2.1.1 to 2.2.1 in /pykanidm (#2002)
* reordering layers so the web server works in non-debug-mode (#1999)
* 20230817 idv migration (#1992)
* daemon: kanidmd version requires a config file to run (#1959) (#1990)
* Resolve issues with dyngroup members (#1986)
* Revert "sqlite where IN for id entry (#1988)" (#1991)
* sqlite where IN for id entry (#1988)
* Identity verification feature (#1819)
* 1982 service account access (#1985)
* Fixing test release (#1983)
* error handling and web server logging fixes (#1960)
* Struct-ifying schema things (#1971)
* Orca tweaks (#1963)
* Fighting with zypper, tagging our images (#1964)
* chore(deps-dev): bump coverage from 7.2.7 to 7.3.0 in /pykanidm (#1974)
* chore(deps-dev): bump mypy from 1.4.1 to 1.5.0 in /pykanidm (#1973)
* chore(deps): bump serde from 1.0.182 to 1.0.183 (#1979)
* Are we JSON yet? Kinda. But we're closer. (#1967)
* chore(deps): bump clap from 4.3.19 to 4.3.21 (#1978)
* chore(deps): bump tokio from 1.29.1 to 1.31.0 (#1977)
* chore(deps): bump async-trait from 0.1.72 to 0.1.73 (#1976)
* chore(deps): bump selinux from 0.4.1 to 0.4.2 (#1975)
* chore(deps-dev): bump ruff from 0.0.282 to 0.0.284 in /pykanidm (#1972)
* docs: Fix outdated oauth2 subcommands (#1969)
* Allow one-character usernames (#1941)
* resolver: Himmelblau needs old token for refresh (#1962)
* updating python packages to close dependabot securiity alerts (#1956)
* providing server configuration in the testkit::test macro (#1953)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1952)
* chore(deps-dev): bump ruff from 0.0.280 to 0.0.282 in /pykanidm (#1951)
* chore(deps-dev): bump mkdocs from 1.5.1 to 1.5.2 in /pykanidm (#1950)
* chore(deps): bump openssl from 0.10.55 to 0.10.56 (#1949)
* chore(deps): bump regex from 1.9.1 to 1.9.3 (#1948)
* chore(deps): bump serde from 1.0.180 to 1.0.182 (#1947)
* chore(deps): bump filetime from 0.2.21 to 0.2.22 (#1946)
* chore(deps): bump openssl-sys from 0.9.90 to 0.9.91 (#1945)
* chore(deps): bump serde_with from 3.1.0 to 3.2.0 (#1944)
* chore(deps): bump axum from 0.6.19 to 0.6.20 (#1943)
* removing debug string (#1937)
* Final v3 master x book deployment fix (#1936)
* trying a different ref (#1935)
* replaced `skip_serializing_if` with `skip_serializing_none` (#1932)
* another book round (#1933)
* trying again (#1931)
* fixed serialization of oauth2 token scope (#1930)
* added compression layer for the pkg route (#1928)
* Resolve build failiures when selinux is enabled (#1927)
* Resolve issue with publishing (#1925)
* Set dev version (#1924)
-------------------------------------------------------------------
Mon Aug 21 04:41:21 UTC 2023 - william.brown@suse.com
- Update to version 1.1.0~beta13~git7.1fb34a9:
* Resolve incorrect time units on timeout (#2014)
* Update cargo lock, docker fixes
* 1982 service account access (#1985)
* fixed serialization of oauth2 token scope (#1930)
* added compression layer for the pkg route (#1928)
-------------------------------------------------------------------
Mon Aug 14 04:31:37 UTC 2023 - William Brown <william.brown@suse.com>
- Resolve issues with fedora/centos build
-------------------------------------------------------------------
Tue Aug 01 09:12:42 UTC 2023 - william.brown@suse.com
- Update to version 1.1.0~beta13~git2.5d1e2f9:
* Resolve build failiures when selinux is enabled (#1927)
* Resolve issue with publishing (#1925)
* Set dev version (#1924)
* Release 1.1.0-beta.13 (#1922)
* 20230731 release (#1921)
* Improve default shells for distros (#1920)
* 20230728 techdebt paydown (#1909)
* chasing weirdness (#1910)
* chore(deps-dev): bump mkdocs-material from 9.1.19 to 9.1.21 in /pykanidm (#1918)
* chore(deps): bump serde_json from 1.0.103 to 1.0.104 (#1917)
* chore(deps): bump serde from 1.0.174 to 1.0.178 (#1916)
* chore(deps): bump tikv-jemallocator from 0.5.0 to 0.5.4 (#1915)
* chore(deps-dev): bump mkdocs from 1.4.3 to 1.5.1 in /pykanidm (#1913)
* chore(deps-dev): bump pylint-pydantic from 0.2.3 to 0.2.4 in /pykanidm (#1912)
* chore(deps): bump pydantic from 2.0.3 to 2.1.1 in /pykanidm (#1911)
* 20230727 unix int modularity (#1907)
* bumping action version (#1908)
* 68 20230720 replication improvements (#1905)
* Resolve compilation issue with tpm enabled on linux (#1902)
* Improve service file for host installs (#1901)
* 20230720 unix int modular (#1881)
* fixing up pydantic things (#1885)
* 1788 admin unix socket (#1880)
* chore(deps-dev): bump pylint-pydantic from 0.2.1 to 0.2.3 in /pykanidm (#1900)
* chore(deps-dev): bump ruff from 0.0.278 to 0.0.280 in /pykanidm (#1899)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1898)
* chore(deps-dev): bump mkdocs-material from 9.1.18 to 9.1.19 in /pykanidm (#1897)
* chore(deps): bump async-trait from 0.1.71 to 0.1.72 (#1895)
* chore(deps-dev): bump types-toml from 0.10.8.6 to 0.10.8.7 in /pykanidm (#1896)
* chore(deps): bump axum from 0.6.18 to 0.6.19 (#1894)
* chore(deps): bump clap from 4.3.12 to 4.3.19 (#1893)
* chore(deps): bump axum-macros from 0.3.7 to 0.3.8 (#1892)
* chore(deps): bump serde from 1.0.171 to 1.0.174 (#1891)
* chore(deps): bump uuid from 1.4.0 to 1.4.1 (#1890)
* chore(deps): bump quote from 1.0.31 to 1.0.32 (#1889)
* chore(deps): bump tower-http from 0.4.1 to 0.4.3 (#1888)
* chore(deps): bump syn from 2.0.26 to 2.0.27 (#1887)
* chore(deps): bump urlencoding from 2.1.2 to 2.1.3 (#1886)
* added hsts header middleware (#1882)
* chore(deps): bump aiohttp from 3.8.4 to 3.8.5 in /pykanidm (#1883)
* 1785 allow sync attr yielding via partial write admin (#1879)
* Alter filter generation to exclude empty conditions (#1877)
* Revert to opensuse based radius container. (#1878)
* Unix gid duplicate fix (#1876)
* Refactor docker_build_kanidm to be more isolated (v13) (#1872)
* Sync account import improvements (#1873)
* chore(deps): bump quote from 1.0.29 to 1.0.31 (#1870)
* chore(deps-dev): bump black from 23.3.0 to 23.7.0 in /pykanidm (#1859)
* Add a newline to fix links in LLDAP section of the README (#1871)
* chore(deps): bump dyn-clone from 1.0.11 to 1.0.12 (#1869)
* chore(deps): bump pydantic from 1.10.11 to 2.0.3 in /pykanidm (#1858)
* chore(deps): bump serde_json from 1.0.102 to 1.0.103 (#1868)
* Fix missing slash in tag (#1853)
* chore(deps): bump argon2 from 0.5.0 to 0.5.1 (#1867)
* chore(deps): bump syn from 2.0.25 to 2.0.26 (#1866)
* chore(deps): bump paste from 1.0.13 to 1.0.14 (#1864)
* chore(deps-dev): bump pylint-pydantic from 0.2.0 to 0.2.1 in /pykanidm (#1863)
* chore(deps): bump clap from 4.3.11 to 4.3.12 (#1862)
* chore(deps-dev): bump pytest-asyncio from 0.21.0 to 0.21.1 in /pykanidm (#1861)
* chore(deps): bump proc-macro2 from 1.0.64 to 1.0.66 (#1860)
* chore(deps-dev): bump ruff from 0.0.277 to 0.0.278 in /pykanidm (#1857)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1856)
* chore(deps): bump actions/upload-pages-artifact from 1 to 2 (#1855)
* Revert "something something token permissions (#1850)" (#1852)
* something something token permissions (#1850)
* Upgraded clap, removing atty as a dependency (#1849)
* Ensure we dont use std hashmaps (#1848)
* Improve selinux in tasks daemon (#1847)
* Resolve issue with order of operations causing group memberships to disappear (#1845)
* headless webdriver testing, starting on brotli feature (#1844)
* chore(deps-dev): bump mkdocs-material from 9.1.17 to 9.1.18 in /pykanidm (#1835)
* chore(deps): bump serde from 1.0.166 to 1.0.170 (#1843)
* Fix a typo in the unix daemon debug (#1822)
* chore(deps-dev): bump ruff from 0.0.275 to 0.0.277 in /pykanidm (#1833)
* chore(deps): bump serde-wasm-bindgen from 0.4.5 to 0.5.0 (#1842)
* chore(deps): bump proc-macro2 from 1.0.63 to 1.0.64 (#1841)
* chore(deps): bump syn from 2.0.23 to 2.0.25 (#1840)
* chore(deps): bump async-trait from 0.1.69 to 0.1.71 (#1839)
* chore(deps): bump regex from 1.8.4 to 1.9.1 (#1838)
* chore(deps): bump is-terminal from 0.4.8 to 0.4.9 (#1837)
* chore(deps): bump serde_json from 1.0.99 to 1.0.100 (#1836)
* Allow Authorization header in CORS preflight response (#1831)
* chore(deps): bump pydantic from 1.10.10 to 1.10.11 in /pykanidm (#1834)
* chore(deps-dev): bump pylint-pydantic from 0.1.8 to 0.2.0 in /pykanidm (#1832)
* Add preflight headers (#1829)
* Persist nonce through refresh to support client (#1826)
* Cleanup spa handling (#1825)
* 1792 public oauth clients (#1821)
* 1812 1813 post axum cleanup (#1817)
* Fix diagram colours (#1815)
* Converting from tide to axum (#1797)
* Add client UX for redirecting to an external portal for synced accounts (#1791)
* Add cors policy (#1807)
* Improve tasks daemon shutdown (#1806)
* Improve durability of migrations (#1804)
* clippy-izing an unsafe in pam (#1795)
* chore(deps): bump pydantic from 1.10.9 to 1.10.10 in /pykanidm (#1803)
* chore(deps): bump uuid from 1.3.4 to 1.4.0 (#1802)
* chore(deps): bump tokio from 1.28.2 to 1.29.1 (#1801)
* chore(deps): bump syn from 2.0.20 to 2.0.23 (#1800)
* chore(deps): bump whoami from 1.4.0 to 1.4.1 (#1799)
* chore(deps): bump quote from 1.0.28 to 1.0.29 (#1798)
* 20230629 tpm keygen ... again (#1793)
* Fixing the kanidmd healthcheck (#1789)
* Name change history (#1727)
* 20230628 tpm minor issue with key regen (#1790)
* Still trying to fix the docs. (#1709)
* Improve cli to support multi-domain handling. (#1786)
* Started chasing noise, found some code to delete... (#1768)
* Improve tpm key generation - improve unix config for tpms. (#1782)
* chore(deps-dev): bump pytest from 7.3.2 to 7.4.0 in /pykanidm (#1771)
* chore(deps-dev): bump mkdocs-material from 9.1.16 to 9.1.17 in /pykanidm (#1773)
* chore(deps-dev): bump mypy from 1.3.0 to 1.4.1 in /pykanidm (#1784)
* chore(deps): bump serde_json from 1.0.97 to 1.0.99 (#1778)
* chore(deps): bump syn from 2.0.18 to 2.0.20 (#1779)
* chore(deps): bump authlib from 1.2.0 to 1.2.1 in /pykanidm (#1777)
* chore(deps): bump proc-macro2 from 1.0.60 to 1.0.63 (#1776)
* chore(deps): bump libc from 0.2.146 to 0.2.147 (#1774)
* chore(deps): bump gloo-net from 0.2.6 to 0.3.0 (#1772)
* chore(deps-dev): bump ruff from 0.0.272 to 0.0.275 in /pykanidm (#1770)
* Fix debian packaging (#1742)
* Remove r2d2 - sad beep noises (#1766)
* Kanidmd is a bit noisy (#1765)
* Ux improvements - Allow enrolling other devices (#1764)
* Make argon2id default pw hasher - improve parameter detection (#1762)
* chore(deps): bump openssl from 0.10.54 to 0.10.55 (#1761)
* Implement tpm binding of cached password hashes (#1754)
* Mention client configuration in tool installation guide (#1756)
* Remove scripts that are no longer required (#1759)
* OAuth2 secret JSON (#1758)
* Allow account locking with expire-at 'epoch' and 'now' (#1757)
* Resolve codespell issues (#1753)
* Add tls generator to main kanidmd (#1743)
* Fix block_on in ssh authorised keys (#1752)
* chore(deps-dev): bump mkdocs-material from 9.1.15 to 9.1.16 in /pykanidm (#1751)
* chore(deps): bump gloo from 0.8.0 to 0.8.1 (#1750)
* chore(deps-dev): bump pytest-mock from 3.10.0 to 3.11.1 in /pykanidm (#1749)
* chore(deps): bump hashbrown from 0.13.2 to 0.14.0 (#1748)
* 1737 1739 sync - map uidnumbers mail (#1741)
* Add support for argon2id (#1736)
* Disable neon on linux (#1740)
* 20230614 unix account security - move account name deny to unixd (#1733)
* fixed return value of add_ava_int (#1735)
* unix_integration: also check running SELinux mode (#1704)
* added pre_cand entries to both pre_modify and pre_batch_modify plugin functions (#1732)
* 20230608 ldap sync (#1728)
* Add acp allowing service accounts to clear their own sessions (#1731)
* Declare when no applications are available (#1730)
* Fix ip addr parse (#1729)
* X-Forwarded-For catcher - improve ip addr parsing (#1725)
* chore(deps): bump proc-macro2 from 1.0.59 to 1.0.60 (#1723)
* chore(deps): bump url from 2.3.1 to 2.4.0 (#1722)
* chore(deps-dev): bump pytest from 7.3.1 to 7.3.2 in /pykanidm (#1719)
* chore(deps): bump libc from 0.2.145 to 0.2.146 (#1721)
* chore(deps-dev): bump ruff from 0.0.270 to 0.0.272 in /pykanidm (#1720)
* docs: fix typo in sync concepts (#1715)
* chore(deps): bump regex from 1.8.3 to 1.8.4 (#1718)
* chore(deps): bump pydantic from 1.10.8 to 1.10.9 in /pykanidm (#1717)
* chore(deps): bump serde from 1.0.163 to 1.0.164 (#1716)
* Absolutely minimal implementation (#1711)
* Add further incremental replication tests (#1707)
* Save two more kay strokes (#1708)
* Documentation root directory 404 (#1706)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1697)
* Improve diagnostic and docs of ldap bind requiring posix password (#1702)
* #1680 redux - trying to fix docs again (#1692)
* Automatically login & reauth (#1691)
* chore(deps-dev): bump coverage from 7.2.6 to 7.2.7 in /pykanidm (#1698)
* chore(deps): bump libc from 0.2.144 to 0.2.145 (#1701)
* chore(deps): bump openssl from 0.10.52 to 0.10.54 (#1700)
* chore(deps): bump csv from 1.2.1 to 1.2.2 (#1699)
* chore(deps): bump syn from 2.0.17 to 2.0.18 (#1696)
* chore(deps): bump chrono from 0.4.24 to 0.4.26 (#1695)
* chore(deps-dev): bump mkdocs-material from 9.1.14 to 9.1.15 in /pykanidm (#1694)
* chore(deps): bump openssl-sys from 0.9.87 to 0.9.88 (#1693)
* Documentation root directory 404 (#1681)
* Crono expression parser fix (#1682)
* Document OpenID connect setup for Miniflux (#1683)
* chore(deps): bump cryptography from 39.0.1 to 41.0.0 in /pykanidm (#1684)
* Improve the readme (#1679)
* Move the socket startup to localise it to the acceptor (#1678)
* SELinux support for kanidm-unixd-tasks daemon (#1661)
* Resolve ability to delete ssh keys with spaces in tags (#1674)
* Adding mdbook-template back for bookgen (#1660)
* chore(deps-dev): bump coverage from 7.2.5 to 7.2.6 in /pykanidm (#1669)
* chore(deps-dev): bump mkdocstrings from 0.21.2 to 0.22.0 in /pykanidm (#1671)
* 20230526 incremental replication improvements (#1659)
* chore(deps): bump regex from 1.8.1 to 1.8.3 (#1670)
* chore(deps): bump hashbrown from 0.12.3 to 0.13.2 (#1668)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1667)
* chore(deps): bump tokio from 1.28.1 to 1.28.2 (#1666)
* chore(deps-dev): bump ruff from 0.0.269 to 0.0.270 in /pykanidm (#1665)
* chore(deps): bump quote from 1.0.27 to 1.0.28 (#1664)
* chore(deps): bump pydantic from 1.10.7 to 1.10.8 in /pykanidm (#1663)
* fixing get-tags-action in book build (#1657)
* Add more replication tests, improve some handling of tombstones. (#1656)
* Bring back CpuOptLevel x86_64_v1 (#1590)
* Doc fixes (#1658)
* Identifiable tokens (#1623)
* Add version tag to makefile images (#1654)
* during service account recovery, remove incompatible credentials (#1650)
* signal handling for tasks daemon (#1651)
* Time travelling (#1648)
* chore(deps): bump requests from 2.28.2 to 2.31.0 in /pykanidm (#1649)
* 20230508 replication incremental (#1620)
* chore(deps-dev): bump mkdocs-material from 9.1.12 to 9.1.14 in /pykanidm (#1642)
* chore(deps): bump wasm-bindgen from 0.2.85 to 0.2.86 (#1647)
* chore(deps): bump js-sys from 0.3.62 to 0.3.63 (#1646)
* chore(deps): bump uuid from 1.3.2 to 1.3.3 (#1645)
* chore(deps): bump proc-macro2 from 1.0.56 to 1.0.58 (#1644)
* chore(deps): bump reqwest from 0.11.17 to 0.11.18 (#1643)
* chore(deps-dev): bump ruff from 0.0.267 to 0.0.269 in /pykanidm (#1641)
* Fix use-reset-token command hint (#1639)
* chore(deps): bump pymdown-extensions from 9.9.2 to 10.0 in /pykanidm (#1638)
* chore(deps-dev): bump mypy from 1.2.0 to 1.3.0 in /pykanidm (#1636)
* chore(deps): bump wasm-bindgen-test from 0.3.34 to 0.3.35 (#1635)
* chore(deps-dev): bump ruff from 0.0.265 to 0.0.267 in /pykanidm (#1634)
* chore(deps): bump syn from 2.0.15 to 2.0.16 (#1633)
* chore(deps): bump quote from 1.0.26 to 1.0.27 (#1628)
* chore(deps): bump serde from 1.0.162 to 1.0.163 (#1632)
* chore(deps-dev): bump mkdocs-material from 9.1.9 to 9.1.12 in /pykanidm (#1631)
* chore(deps): bump tokio from 1.28.0 to 1.28.1 (#1629)
* chore(deps): bump web-sys from 0.3.61 to 0.3.62 (#1627)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1626)
* chore(deps): bump libc from 0.2.143 to 0.2.144 (#1625)
* chore(deps): bump js-sys from 0.3.61 to 0.3.62 (#1624)
* Update policy (#1619)
* fixing up some spelling errors (#1618)
* Update RELEASE_NOTES.md (#1616)
* 20230505 replication groundwork - ruv consistency improvements (#1606)
* chore(deps-dev): bump ruff from 0.0.263 to 0.0.265 in /pykanidm (#1608)
* chore(deps-dev): bump mkdocs-material from 9.1.8 to 9.1.9 in /pykanidm (#1609)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1611)
* chore(deps): bump serde from 1.0.160 to 1.0.162 (#1613)
* chore(deps): bump libc from 0.2.142 to 0.2.143 (#1612)
* chore(deps): bump pkg-config from 0.3.26 to 0.3.27 (#1610)
* chore(deps-dev): bump mkdocs from 1.4.2 to 1.4.3 in /pykanidm (#1607)
* github pages ... something is definitely going weird. (#1605)
* token permissions! (#1604)
* Using github actions might actually push a change (#1603)
* looks like that's a bug (#1602)
* fix things (#1601)
* 20230506 ignore some references (#1600)
* Harden migrate session to prevent duplicate migration errors (#1599)
* reducing action concurrency load (#1598)
* more testing cleanup (#1595)
* Document that you need to tell Nginx or other proxies to use HTTP 1.1… (#1592)
* sccache github actions fixes (#1593)
* Start next dev cycle (#1589)
-------------------------------------------------------------------
Mon May 01 01:18:44 UTC 2023 - william.brown@suse.com
- Update to version 1.1.0~alpha12~git0.bcdbb18:
* Release 1.1.0-alpha.12 (#1588)
* chore(deps): bump tokio-util from 0.7.7 to 0.7.8 (#1587)
* chore(deps): bump reqwest from 0.11.16 to 0.11.17 (#1586)
* chore(deps): bump tokio from 1.27.0 to 1.28.0 (#1585)
* chore(deps): bump uuid from 1.3.1 to 1.3.2 (#1584)
* chore(deps): bump clap from 3.2.23 to 3.2.25 (#1583)
* chore(deps-dev): bump coverage from 7.2.3 to 7.2.5 in /pykanidm (#1582)
* Correctly prevent start up when https sockets in use (#1579)
* Filter rdns and dns for ldap filters (#1576)
* use sccache, merge "test" actions into "build", remove homebrew caching (#1578)
* Cleanup incorrect log errors of denied entries (#1577)
* 20230424 clippppppppppppyyyyyyyy (#1574)
* Add exclusive process lock to Kanidm to prevent accidental duplicate commands. (#1575)
* more more more unixd build fixes (#1573)
* chore(deps-dev): bump mkdocs-material from 9.1.7 to 9.1.8 in /pykanidm (#1572)
* chore(deps): bump openssl from 0.10.51 to 0.10.52 (#1571)
* chore(deps): bump openssl-sys from 0.9.86 to 0.9.87 (#1570)
* chore(deps-dev): bump ruff from 0.0.262 to 0.0.263 in /pykanidm (#1569)
* more-merge unixd commands (#1568)
* Consolidate unix tools (#1566)
* 1553 pam remote or local detection (#1565)
* chore(deps): bump openssl from 0.10.50 to 0.10.51 (#1563)
* Improve user experince of refreshing with intent tokens during cred update (#1556)
* chore(deps): bump tracing-subscriber from 0.3.16 to 0.3.17 (#1562)
* chore(deps): bump regex from 1.7.3 to 1.8.1 (#1561)
* chore(deps): bump libc from 0.2.141 to 0.2.142 (#1560)
* chore(deps-dev): bump ruff from 0.0.261 to 0.0.262 in /pykanidm (#1559)
* chore(deps-dev): bump mkdocs-material from 9.1.6 to 9.1.7 in /pykanidm (#1558)
* chore(deps): bump actions/upload-artifact from 1 to 3 (#1557)
* Fix incompatible future warnings by removing older crates (#1554)
* 20230330 oauth2 refresh tokens (#1502)
* Sorting documentation builds (#1551)
* Add troubleshooting step for pam home dirs (#1550)
* AuthSession non empty vec part 2 (#1543)
* chore(deps): bump openssl from 0.10.49 to 0.10.50 (#1548)
* chore(deps): bump serde from 1.0.159 to 1.0.160 (#1547)
* chore(deps): bump syn from 2.0.13 to 2.0.15 (#1546)
* chore(deps): bump serde_json from 1.0.95 to 1.0.96 (#1545)
* chore(deps-dev): bump pytest from 7.3.0 to 7.3.1 in /pykanidm (#1544)
* chore(deps): bump h2 from 0.3.15 to 0.3.17 (#1540)
* Improve unicode control character detection (#1539)
* chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1533)
* chore(deps-dev): bump mypy from 1.0.1 to 1.2.0 in /pykanidm (#1532)
* chore(deps): bump filetime from 0.2.20 to 0.2.21 (#1529)
* chore(deps-dev): bump mkdocstrings from 0.20.0 to 0.21.2 in /pykanidm (#1536)
* chore(deps-dev): bump mkdocs-material from 9.1.5 to 9.1.6 in /pykanidm (#1535)
* chore(deps-dev): bump ruff from 0.0.260 to 0.0.261 in /pykanidm (#1534)
* chore(deps-dev): bump coverage from 7.2.2 to 7.2.3 in /pykanidm (#1530)
* chore(deps): bump uuid from 1.3.0 to 1.3.1 (#1531)
* chore(deps): bump syn from 2.0.12 to 2.0.13 (#1527)
* chore(deps): bump dialoguer from 0.10.3 to 0.10.4 (#1526)
* chore(deps-dev): bump pytest from 7.2.2 to 7.3.0 in /pykanidm (#1528)
* chore(deps): bump libc from 0.2.140 to 0.2.141 (#1525)
* chore(deps): bump fernet from 0.2.0 to 0.2.1 (#1524)
* Authsession non empty vec (#1522)
* chore(deps-dev): bump ruff from 0.0.259 to 0.0.260 in /pykanidm (#1506)
* chore(deps-dev): bump mkdocs-material from 9.1.4 to 9.1.5 in /pykanidm (#1510)
* chore(deps): bump serde from 1.0.158 to 1.0.159 (#1515)
* chore(deps): bump openssl from 0.10.48 to 0.10.49 (#1513)
* chore(deps): bump tokio from 1.26.0 to 1.27.0 (#1505)
* chore(deps): bump openssl-sys from 0.9.83 to 0.9.84 (#1507)
* chore(deps): bump futures from 0.3.27 to 0.3.28 (#1509)
* chore(deps): bump reqwest from 0.11.15 to 0.11.16 (#1517)
* chore(deps-dev): bump black from 23.1.0 to 23.3.0 in /pykanidm (#1514)
* changing from merge to squash (#1521)
* chore(deps): bump proc-macro2 from 1.0.54 to 1.0.56
* fixing up auto-merge (#1519)
* chore(deps): bump syn from 2.0.10 to 2.0.12 (#1511)
* chore(deps-dev): bump types-toml from 0.10.8.5 to 0.10.8.6 in /pykanidm (#1504)
* chore(deps): bump serde_json from 1.0.94 to 1.0.95 (#1516)
* chore(deps): bump ldap3_proto from 0.3.1 to 0.3.2 (#1518)
* chore(deps): bump syn from 1.0.109 to 2.0.10 (#1499)
* Be non empty vec (#1501)
* 1496 ldap basedn config (#1500)
* chore(deps): bump proc-macro2 from 1.0.52 to 1.0.54 (#1494)
* chore(deps): bump regex from 1.7.1 to 1.7.3 (#1491)
* chore(deps): bump pydantic from 1.10.6 to 1.10.7 in /pykanidm (#1492)
* chore(deps-dev): bump mkdocs-material from 9.1.3 to 9.1.4 in /pykanidm (#1487)
* chore(deps): bump async-trait from 0.1.67 to 0.1.68 (#1488)
* Improve string validation (#1497)
* chore(deps): bump reqwest from 0.11.14 to 0.11.15 (#1493)
* chore(deps-dev): bump ruff from 0.0.257 to 0.0.259 in /pykanidm (#1489)
* chore(deps): bump serde from 1.0.157 to 1.0.158 (#1490)
* Adding an auto-merger for dependabot updates (#1486)
* Make examples in ldap chapter consistent (#1495)
* 1115 priv (reauth, sudo) mode (#1479)
* chore(deps): bump openssl from 0.10.47 to 0.10.48 (#1484)
* Server daemon logging and exit codes (#1475)
* Fix path-relative links in documentation (#1478)
* chore(deps): bump openssl from 0.10.45 to 0.10.47 (#1471)
* chore(deps): bump serde from 1.0.155 to 1.0.157 (#1473)
* chore(deps-dev): bump mkdocs-material from 9.1.2 to 9.1.3 in /pykanidm (#1468)
* chore(deps-dev): bump pylint-pydantic from 0.1.7 to 0.1.8 in /pykanidm (#1469)
* chore(deps-dev): bump coverage from 7.2.1 to 7.2.2 in /pykanidm (#1463)
* chore(deps-dev): bump ruff from 0.0.254 to 0.0.257 in /pykanidm (#1466)
* chore(deps): bump async-trait from 0.1.66 to 0.1.67 (#1461)
* chore(deps): bump whoami from 1.3.0 to 1.4.0 (#1460)
* chore(deps): bump zxcvbn from 2.2.1 to 2.2.2 (#1464)
* chore(deps): bump openssl-sys from 0.9.80 to 0.9.82 (#1470)
* chore(deps-dev): bump pytest-asyncio from 0.20.3 to 0.21.0 in /pykanidm (#1459)
* Add unixd exit code (#1453)
* Unixd daemon improvement (#1454)
* chore(deps): bump walkdir from 2.3.2 to 2.3.3 (#1458)
* checks for a minimum number of arguments (#1452)
* chore(deps): bump chrono from 0.4.23 to 0.4.24 (#1444)
* chore(deps): bump futures from 0.3.26 to 0.3.27 (#1447)
* chore(deps): bump paste from 1.0.11 to 1.0.12 (#1449)
* chore(deps-dev): bump mkdocs-material from 9.1.1 to 9.1.2 in /pykanidm (#1450)
* chore(deps): bump csv from 1.2.0 to 1.2.1 (#1443)
* chore(deps): bump libc from 0.2.139 to 0.2.140 (#1442)
* chore(deps): bump serde from 1.0.152 to 1.0.155 (#1446)
* chore(deps): bump pydantic from 1.10.5 to 1.10.6 in /pykanidm (#1448)
* Image fixes in the build (#1441)
* Fix RADIUS docker image file permissions (#1439)
* User auth token session display implementation (#1415)
* RADIUS container fixes (#1424)
* Update book - OAuth2 integration step (#1437)
* chore(deps): bump async-trait from 0.1.64 to 0.1.66 (#1433)
* Hopefully fix exp issues by making it a stable part of the access token. (#1434)
* chore(deps): bump base64 from 0.13.1 to 0.21.0 (#1350)
* chore(deps): bump serde_json from 1.0.93 to 1.0.94 (#1427)
* chore(deps-dev): bump pytest from 7.2.1 to 7.2.2 in /pykanidm (#1431)
* chore(deps-dev): bump pylint-pydantic from 0.1.6 to 0.1.7 in /pykanidm (#1430)
* chore(deps-dev): bump ruff from 0.0.253 to 0.0.254 in /pykanidm (#1429)
* chore(deps-dev): bump mkdocs-material from 9.0.15 to 9.1.1 in /pykanidm (#1428)
* Openssl build fix (#1422)
* 1399 some async cleanup (#1421)
* Web UI: Sort group memberships of profile (#1410)
* Update the dev docs to flow nicer (#1420)
* chore(deps): bump dyn-clone from 1.0.10 to 1.0.11 (#1417)
* chore(deps): bump tokio from 1.25.0 to 1.26.0 (#1418)
* chore(deps-dev): bump coverage from 7.1.0 to 7.2.1 in /pykanidm (#1405)
* chore(deps-dev): bump ruff from 0.0.230 to 0.0.253 in /pykanidm (#1419)
* 1399 cleanup cli docs (#1413)
* 1399 cleanup reorg (#1412)
* 1399 cleanup (#1409)
* Version output for 4 unix_int tools (#1408)
* Windows build fixes (#1388)
* chore(deps): bump num_enum from 0.5.10 to 0.5.11 (#1404)
* chore(deps-dev): bump types-toml from 0.10.8.4 to 0.10.8.5 in /pykanidm (#1407)
* chore(deps): bump syn from 1.0.107 to 1.0.109 (#1406)
* chore(deps-dev): bump mkdocs-material from 9.0.13 to 9.0.15 in /pykanidm (#1403)
* Mention my Recursing of the Passport (#1402)
* Start to add reauth capabilities (#1398)
* Add Recursive Logos (#1401)
* Prevent invalidation of api tokens (#1397)
* chore(deps): bump tokio-util from 0.7.4 to 0.7.7 (#1378)
* chore(deps): bump web-sys from 0.3.60 to 0.3.61 (#1362)
* chore(deps): bump filetime from 0.2.19 to 0.2.20 (#1375)
* chore(deps): bump pydantic from 1.10.4 to 1.10.5 in /pykanidm (#1392)
* chore(deps-dev): bump mkdocs-material from 9.0.12 to 9.0.13 in /pykanidm (#1394)
* chore(deps): bump num_enum from 0.5.9 to 0.5.10 (#1391)
* chore(deps-dev): bump types-toml from 0.10.8.3 to 0.10.8.4 in /pykanidm (#1395)
* chore(deps-dev): bump mypy from 1.0.0 to 1.0.1 in /pykanidm (#1390)
* chore(deps): bump csv from 1.1.6 to 1.2.0 (#1393)
* chore(deps): bump base64urlsafedata from 0.1.2 to 0.1.3 (#1389)
* 20230220 passkey cleanup (#1396)
* 1115 store credential ids per session (#1386)
* Reduce the number of cow cells in idm (#1385)
* 1355 docker builds (#1384)
* chore(deps): bump proc-macro2 from 1.0.50 to 1.0.51 (#1369)
* Improve some small behaviours of login and key management (#1383)
* 967 oauth2 implicit search (#1382)
* chore(deps): bump wasm-bindgen-test from 0.3.33 to 0.3.34 (#1364)
* chore(deps): bump serde_json from 1.0.91 to 1.0.93 (#1376)
* chore(deps-dev): bump black from 22.12.0 to 23.1.0 in /pykanidm (#1367)
* chore(deps-dev): bump pylint-pydantic from 0.1.5 to 0.1.6 in /pykanidm (#1351)
* chore(deps-dev): bump coverage from 7.0.5 to 7.1.0 in /pykanidm (#1352)
* 20230130 hackweek replication (#1358)
* Improve some diagnostic messages in console (#1381)
* chore(deps): bump docker/build-push-action from 3 to 4 (#1360)
* chore(deps): bump aiohttp from 3.8.3 to 3.8.4 in /pykanidm (#1377)
* chore(deps-dev): bump mypy from 0.991 to 1.0.0 in /pykanidm (#1380)
* chore(deps): bump uuid from 1.2.2 to 1.3.0 (#1368)
* chore(deps-dev): bump mkdocs-material from 9.0.6 to 9.0.12 in /pykanidm (#1379)
* chore(deps-dev): bump types-toml from 0.10.8.1 to 0.10.8.3 in /pykanidm (#1374)
* chore(deps): bump cryptography from 39.0.0 to 39.0.1 in /pykanidm (#1371)
* Update release docs to prevent forgetting a release step (#1370)
* 1355 docker builds (#1357)
* Update to 12 dev (#1356)
-------------------------------------------------------------------
Fri Apr 14 00:02:31 UTC 2023 - William Brown <william.brown@suse.com>
- bsc#1210356 - CVE-2023-26964 - hyper,h2: stream stacking when H2 processing HTTP2 RST_STREAM frames
-------------------------------------------------------------------
Tue Feb 14 01:43:11 UTC 2023 - William Brown <william.brown@suse.com>
- Automatic update of vendored dependencies
-------------------------------------------------------------------
Wed Feb 01 03:34:08 UTC 2023 - william.brown@suse.com
- Update to version 1.1.0~alpha11~git0.d3a2a6b:
* Release 1.1.0-alpha.11 (#1354)
* 20230128 protected to access (#1349)
* 20230125 pre rel cleanup (#1348)
* 20230125 pre rel cleanup (#1347)
* Allow multiple backends to run in parallel for repl tests (#1346)
* 20230121 access improvement (#1345)
* Fix debian build path (#1331)
* Windows-related build fixes (#1344)
* chore(deps): bump gloo-net from 0.2.5 to 0.2.6 (#1338)
* chore(deps-dev): bump mkdocstrings from 0.19.1 to 0.20.0 in /pykanidm (#1334)
* making the robots easier and happier (#1343)
* chore(deps): bump tokio from 1.24.1 to 1.24.2 (#1340)
* chore(deps): bump toml from 0.5.10 to 0.5.11 (#1337)
* chore(deps): bump proc-macro2 from 1.0.49 to 1.0.50 (#1332)
* chore(deps): bump reqwest from 0.11.13 to 0.11.14 (#1333)
* chore(deps): bump async-trait from 0.1.61 to 0.1.62 (#1335)
* 2023 orca improve (#1342)
* Adding healthcheck functionality to kanidmd (#1330)
* less lint more bark, ruff ruff (#1341)
* 1121 SCIM import totp freeipa (#1328)
* 1121 multiple totp (#1325)
* chore(deps-dev): bump pylint from 2.15.9 to 2.15.10 in /pykanidm (#1324)
* chore(deps-dev): bump mkdocs-material from 9.0.3 to 9.0.5 in /pykanidm (#1322)
* chore(deps-dev): bump coverage from 7.0.4 to 7.0.5 in /pykanidm (#1323)
* chore(deps-dev): bump pytest from 7.2.0 to 7.2.1 in /pykanidm (#1318)
* chore(deps): bump regex from 1.7.0 to 1.7.1 (#1316)
* chore(deps): bump ldap3_client from `2c9dc31` to `b3c7653` (#1320)
* chore(deps-dev): bump pook from 1.0.2 to 1.1.1 in /pykanidm (#1319)
* chore(deps): bump dialoguer from 0.10.2 to 0.10.3 (#1317)
* Fix ldap vattr search (#1315)
* Spell checking and stuff (#1314)
* Bump coverage from 7.0.1 to 7.0.4 in /pykanidm (#1311)
* Bump mkdocstrings-python from 0.8.2 to 0.8.3 in /pykanidm (#1313)
* Bump async-trait from 0.1.60 to 0.1.61 (#1310)
* Bump mkdocs-material from 8.5.11 to 9.0.3 in /pykanidm (#1312)
* Update yew to 0.20 (#1308)
* Bump tokio from 1.23.0 to 1.24.1 (#1309)
* Cleanup references to sqlite, add a FAQ section (#1307)
* Bump serde from 1.0.151 to 1.0.152 (#1303)
* Bump whoami from 1.2.3 to 1.3.0 (#1304)
* Bump pydantic from 1.10.2 to 1.10.4 in /pykanidm (#1305)
* Fix the book again (#1302)
* 20221224 cleanup (#1300)
* Bump scim_proto from `cb147c8` to `b5a392f` (#1294)
* Bump openssl from 0.10.44 to 0.10.45 (#1295)
* Bump openssl-sys from 0.9.79 to 0.9.80 (#1296)
* docs: reformat book and introduce workflow to ensure it stays formatted (#1286)
* Bump libc from 0.2.138 to 0.2.139 (#1292)
* Bump ldap3_proto from `5149451` to `2c9dc31` (#1297)
* Bump coverage from 6.5.0 to 7.0.1 in /pykanidm (#1298)
* feat(kanidmd): add ldap support for mail primary and alternative address (#1287)
* chore(make): co-locate .PHONY declaration and target (#1291)
* Cant build designs private documentation (#1289)
* 20221221 sync deploy (#1285)
* Bump serde from 1.0.150 to 1.0.151 (#1276)
* 20221219 sync polish (#1284)
* Bump async-trait from 0.1.59 to 0.1.60 (#1278)
* Bump toml from 0.5.9 to 0.5.10 (#1280)
* Bump dyn-clone from 1.0.9 to 1.0.10 (#1282)
* Bump serde_json from 1.0.89 to 1.0.91 (#1275)
* Bump mkdocstrings from 0.19.0 to 0.19.1 in /pykanidm (#1277)
* feat(oauth2): add support for a 'groups' claim (#1272)
* Bump paste from 1.0.9 to 1.0.11 (#1279)
* Bump syn from 1.0.105 to 1.0.107 (#1283)
* Bump quote from 1.0.21 to 1.0.23 (#1281)
* Bump pylint from 2.15.8 to 2.15.9 in /pykanidm (#1274)
* Bump proc-macro2 from 1.0.47 to 1.0.49 (#1273)
* 20221216 a little cleanup as a treat (#1266)
* fix(make): improve help output and solve warnings (#1269)
* fix: set executable flag for shell scripts (#1268)
* chore: add jceb to list of contributors (#1267)
* docs: correct LDAP DN for token authentication (#1263)
* docs: correct command for generating a password (#1261)
* docs: replace kanidm account with kanidm person (#1262)
* docs: unify representation of dn=token (#1264)
* docs: fix link to oauth2 documentation (#1260)
* 20221123 iam migration work (#1258)
* fix(oauth2): use the short name in the userinfo (#1259)
* Bump serde from 1.0.148 to 1.0.150 (#1257)
* Bump authlib from 1.1.0 to 1.2.0 in /pykanidm (#1255)
* Bump pytest-asyncio from 0.20.2 to 0.20.3 in /pykanidm (#1254)
* Bump openssl from 0.10.43 to 0.10.44 (#1251)
* Bump certifi from 2022.9.24 to 2022.12.7 in /pykanidm (#1247)
* Bump tokio from 1.22.0 to 1.23.0 (#1249)
* Bump pylint from 2.15.7 to 2.15.8 in /pykanidm (#1253)
* Bump black from 22.10.0 to 22.12.0 in /pykanidm (#1256)
* Bump filetime from 0.2.18 to 0.2.19 (#1248)
* Bump libc from 0.2.137 to 0.2.138 (#1243)
* Bump serde from 1.0.147 to 1.0.148 (#1242)
* Bump gloo-net from 0.2.4 to 0.2.5 (#1244)
* Bump syn from 1.0.103 to 1.0.105 (#1240)
* Bump async-trait from 0.1.58 to 0.1.59 (#1239)
* Bump pylint from 2.15.6 to 2.15.7 in /pykanidm (#1246)
* Bump mkdocs-material from 8.5.10 to 8.5.11 in /pykanidm (#1245)
* Improve ldap sections (#1218)
* Bump openssl from 0.10.42 to 0.10.43 (#1235)
* Bump serde_json from 1.0.88 to 1.0.89 (#1238)
* Bump bytes from 1.2.1 to 1.3.0 (#1236)
* Bump jetli/wasm-pack-action from 0.3.0 to 0.4.0 (#1231)
* Bump rpassword from 7.1.0 to 7.2.0 (#1233)
* Add new mail read group (#1224)
* fixing up automation (#1230)
* Add signal trapping for a variety of signals (#1223)
* docs tweaks, renaming integrations (#1228)
* Add ability to bind with token with a dn=token marker (#1225)
* 20221121 debug webui (#1217)
* Cargo updates (#1219)
* Bump reqwest from 0.11.12 to 0.11.13 (#1210)
* Abstract webauthn authenticator access, and use Windows API on Windows (#1203)
* 20221116 oauth2 app portal 2 (#1201)
* Bump pylint from 2.15.5 to 2.15.6 in /pykanidm (#1216)
* Bump serde_json from 1.0.87 to 1.0.88 (#1212)
* Bump tokio from 1.21.2 to 1.22.0 (#1213)
* Bump mkdocstrings-python from 0.8.0 to 0.8.2 in /pykanidm (#1215)
* Bump mypy from 0.990 to 0.991 in /pykanidm (#1214)
* 20221116 oauth2 app portal (#1200)
* Bump pytest-asyncio from 0.20.1 to 0.20.2 in /pykanidm (#1194)
* 1116 UI hints (#1199)
* Reword security keys (#1196)
* Bump mkdocs-material from 8.5.8 to 8.5.10 in /pykanidm (#1193)
* remove pam tester (#1197)
* Bump mkdocstrings-python from 0.7.1 to 0.8.0 in /pykanidm (#1195)
* Bump types-toml from 0.10.8 to 0.10.8.1 in /pykanidm (#1192)
* Bump mypy from 0.982 to 0.990 in /pykanidm (#1191)
* Bump chrono from 0.4.22 to 0.4.23 (#1188)
* Bump actions/dependency-review-action from 2 to 3 (#1187)
* Bump base64urlsafedata from 0.1.1 to 0.1.2 (#1190)
* Workflow tweaks (#1186)
* 1116 UI hint (#1185)
* 613 oauth2 logout (#1184)
* started working on fixing a log issue and chased some clippy lints (#1182)
* 20221103 ipa import driver (#1180)
* Review oauth2 best practices document (#1181)
* Add tools container support (#1178)
* improve webauthn errors (#1179)
* Add version header and warnings (#1175)
* Bump mkdocs-material from 8.5.7 to 8.5.8 in /pykanidm (#1173)
* Bump mkdocs from 1.4.1 to 1.4.2 in /pykanidm (#1174)
* Bump regex from 1.6.0 to 1.7.0 (#1172)
* Improve handling of openssl3 in md4 tests (#1171)
* Add /etc/skel templating and notes adjacent to kanidm-unixd and packaging (#1113)
* Further test improvements (#1166)
* Setup for next dev cycle (#1165)
-------------------------------------------------------------------
Wed Nov 09 21:48:25 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha10~git2.4a03ca5:
* Add tools container support (#1178)
* Improve handling of openssl3 in md4 tests (#1171)
-------------------------------------------------------------------
Tue Nov 1 04:31:58 UTC 2022 - William Brown <william.brown@suse.com>
- Update to kanidm 1.1.0-alpha.10
* Management and tracking of authenticated sessions
* Make upgrade migrations more robust when upgrading over multiple versions
* Add support for service account tokens via ldap for extended read permissions
* Unix password management in web ui for posix accounts
* Support internal dynamic group entries
* Allow selection of name/spn in oidc claims
* Admin UI wireframes and basic elements
* TLS enforced as a requirement for all servers
* Support API service account tokens
* Make name rules stricter due to issues found in production
* Improve Oauth2 PKCE testing
* Add support for new password import hashes
* Allow configuration of trusting x forward for headers
* Components for account permission elevation modes
* Make pam\_unix more robust in high latency environments
* Add proc macros for test cases
* Improve authentication requests with cookie/token seperation
* Cleanup of expired authentication sessions
* Improved administration of password badlists
-------------------------------------------------------------------
Fri Sep 09 02:33:47 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha9~git6.b20d5312:
* Resolve upgrade in place error with cbor to json (#1028)
-------------------------------------------------------------------
Fri Aug 26 06:03:26 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha9~git5.98546259:
* Remove dependency on git webauthn authentication versions
-------------------------------------------------------------------
Fri Aug 26 04:28:35 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha9~git4.33b4e11b:
* Resolve issue with migration application order (#986)
-------------------------------------------------------------------
Tue Aug 02 04:58:28 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha9~git2.ebab6c5f:
* Fix cargo.lock + Docker
* Fixing the Github Actions Kanidmd build (#963)
* (cargo-release) version 1.1.0-alpha.9 (#962)
* Improve radius to support eap-tls with ca-dir (#957)
* A pile of Wasm UI tweaks (#958)
* Bump types-requests from 2.28.3 to 2.28.6 in /kanidm_rlm_python (#960)
* Update validator requirement from ^0.15.0 to ^0.16.0 (#959)
* Bump types-requests from 2.28.3 to 2.28.6 in /pykanidm (#961)
* 383 164 authentication updates 9 (#956)
* Update libsqlite3-sys requirement from 0.24.2 to 0.25.0 in /kanidm_unix_int (#929)
-------------------------------------------------------------------
Sun May 01 05:33:09 UTC 2022 - william.brown@suse.com
- Update to version 1.1.0~alpha8~git1.980f358d:
* Push some missed bits to documents
* (cargo-release) version 1.1.0-alpha.8
* 20220501 fix logging (#730)
* ref #725 - updated comment to note it's still failing (#727)
* Remove async references (#724)
* 383 170 164 authentication updates 3 (#723)
* Making the login path nicer, dev scripting (#721)
* Tweak docs generation... (#722)
* Docs updates to push all tagged versions + dev (#720)
* 20220427 dependency updates (#718)
-------------------------------------------------------------------
Tue Apr 5 05:35:55 UTC 2022 - William Brown <william.brown@suse.com>
- Automatic update of vendored dependencies
-------------------------------------------------------------------
Mon Mar 14 06:58:28 UTC 2022 - william.brown@suse.com
- Update to resolve bsc#1196972 CVE-2022-24713 - Regex DOS
-------------------------------------------------------------------
Fri Jan 07 00:59:36 UTC 2022 - wbrown@suse.de
- resolve bsc#1194119 (CVE-2021-45710)
-------------------------------------------------------------------
Fri Dec 31 00:11:55 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha7~git0.c8468199:
* (cargo-release) version 1.1.0-alpha.7
* Pre-release update and cleanup (#631)
* Improve autofocus to oauth2 (#630)
* Finalise email changes for oidc (#629)
* Temp use env filter (#628)
* 20211216 tracing cleanup (#627)
* Art attribution
* Refactor of value and addition of base types for business attributes (#626)
* Add xmas logo
* Add rinstall file (#625)
-------------------------------------------------------------------
Fri Oct 01 02:10:02 UTC 2021 - wbrown@suse.de
- bsc#1191031 - use _pam_moduledir in spec macros
- Update to version 1.1.0~alpha6~git0.c9f4b1d:
* (cargo-release) version 1.1.0-alpha.6
* Added an interactive cli dialog to kanidm login (#584)
* Add support for storing security token key in domain config (#581)
* Remove auditscope for tracing (#580)
* Entry Arc Tracking to reduce memory footprint (#579)
* Rewrite how we store the internals of valuesets in entries (#578)
* Improving logging and docs around unixd/PAM/NSS (#577)
* Swap to tide-openssl (#575)
* Start to remove audit scope :) (#574)
* Fix io capture in tests (#573)
-------------------------------------------------------------------
Wed Jul 07 02:36:51 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha5~git0.4be329e:
* (cargo-release) version 1.1.0-alpha.5
* Release prep
* Fix totp registration workflow with broken authenticators (#516)
* Add statistical analysis to indexes (#505)
* 511 upgrade failure - add debuging tools and improve debugging of the issue. (#512)
* fixes #503 - TOTP prompt no longer drops a newline (#515)
* Fixing kanidm windows client build (#507)
* Add the ability to configure and provide Oauth2 authentication for Kanidm. (#485)
* Change default totp to sha256 (#504)
* Fixes #494 - password change user-facing responses (#499)
* Fix readonly check (#496)
* Update webauthn-authenticator-rs to fix test failures (#493)
* Update repo locations and versions in prep for release (#492)
* Add workaround for podman subid issue (#491)
* 163 account recovery code (#469)
* check user shell (#392) (#490)
* Removed `OperationResponse` (#489)
* Set default shell to `bin/sh` (#488)
* 20210607 orca ldap (#470)
* `kanidm_client` bool/return values (#479)
* Arc cachesize warning fixes (#483)
* Closure Refactoring (#482)
* Renamed fields in `dbvalue` (#477)
* 471 add service files (#474)
* fixes #478 - adds note about web ui already being packaged (#480)
* unixd will now bail if startup tests fail (#476)
* Add email syntax (#465)
* Add some openid stubs (#464)
* Add auth docs (#463)
* 64 120 session claims (#462)
* Add ldap vattr mapping (#459)
* Fix for unixd issue (#460)
* 414 clear stale credentials (#447)
* Fix multivalue setting of description attribute (#457)
* 445 update pam nsswitch md (#451)
* simpler ip logging (#454)
* I might have become clippy this time (#449)
* Calming clippy's nerves, Friday edition (#448)
* 444 - client's config URI missing and more file open handling (#446)
* Fix proxy usage in tests (#443)
* This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442)
* oauth design (#441)
* Adding an example config file (#440)
* adding env vars, making clippy happier, cleaning up some error messages (#438)
* 20210509 cleanup clippy and audit name (#437)
* 277 radius pw not accept for main pw (#435)
* Orca - a load testing framework for Kanidm (#431)
* Add verification of name indexes (#433)
* Add ability to pick a server role (#432)
* Adding a new verb group remove_members (#434)
* 397 Caching password badlist (#425)
* User feedback improvements, also handling a permissions issue (#424)
* Fix concat issue
* Update contributors
* Making clippy happy (#420)
* Fix 421 - clearer debug messages when doing things (#422)
* 62 idm qs cleanup (#419)
* Rough working login page (#417)
* Make clippy happy (#415)
* More debug messages (#413)
* merging upstream (#411)
* Improve error message when socket not found (#412)
* Idlset2, query cache, acp resolve cache (#409)
* Add lto thin (#410)
* fixing broken action (#405)
* Basic documentation for monitoring (#404)
* Create design for mfa_backup_code.rst (#402)
* phrasing (#401)
* Docs update (#400)
- Remove un-needed source files:
* kanidm-unixd-tasks.service
* kanidm-unixd.service
* kanidmd.service
* server.toml
-------------------------------------------------------------------
Thu Jun 24 02:54:31 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha4~git54.675146e:
* check user shell (#392) (#490)
* Removed `OperationResponse` (#489)
* Set default shell to `bin/sh` (#488)
* 20210607 orca ldap (#470)
* `kanidm_client` bool/return values (#479)
* Arc cachesize warning fixes (#483)
* Closure Refactoring (#482)
-------------------------------------------------------------------
Wed Jun 16 02:38:11 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha4~git47.5e83b68:
* Renamed fields in `dbvalue` (#477)
* 471 add service files (#474)
* fixes #478 - adds note about web ui already being packaged (#480)
* unixd will now bail if startup tests fail (#476)
* Add email syntax (#465)
* Add some openid stubs (#464)
* Add auth docs (#463)
* 64 120 session claims (#462)
* Add ldap vattr mapping (#459)
-------------------------------------------------------------------
Thu May 27 11:18:43 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha4~git38.d978c9d:
* Fix for unixd issue (#460)
-------------------------------------------------------------------
Wed May 26 06:12:04 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha4~git37.e8b1089:
* 414 clear stale credentials (#447)
* Fix multivalue setting of description attribute (#457)
* 445 update pam nsswitch md (#451)
* simpler ip logging (#454)
* I might have become clippy this time (#449)
* Calming clippy's nerves, Friday edition (#448)
* 444 - client's config URI missing and more file open handling (#446)
* Fix proxy usage in tests (#443)
* This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442)
* oauth design (#441)
* Adding an example config file (#440)
* adding env vars, making clippy happier, cleaning up some error messages (#438)
* 20210509 cleanup clippy and audit name (#437)
* 277 radius pw not accept for main pw (#435)
* Orca - a load testing framework for Kanidm (#431)
* Add verification of name indexes (#433)
* Add ability to pick a server role (#432)
* Adding a new verb group remove_members (#434)
* 397 Caching password badlist (#425)
* User feedback improvements, also handling a permissions issue (#424)
* Fix concat issue
* Update contributors
* Making clippy happy (#420)
* Fix 421 - clearer debug messages when doing things (#422)
* 62 idm qs cleanup (#419)
* Rough working login page (#417)
* Make clippy happy (#415)
* More debug messages (#413)
* merging upstream (#411)
* Improve error message when socket not found (#412)
* Idlset2, query cache, acp resolve cache (#409)
* Add lto thin (#410)
* fixing broken action (#405)
* Basic documentation for monitoring (#404)
* Create design for mfa_backup_code.rst (#402)
* phrasing (#401)
* Docs update (#400)
-------------------------------------------------------------------
Thu Apr 01 01:11:04 UTC 2021 - wbrown@suse.de
- Update to version 1.1.0~alpha4~git0.0ac5da8:
* Performance Improvements
* TOTP CLI enrollment
* Jemalloc in main server instead of system allocator
* Command line completion
* TLS file handling improvements
* Webauthn authentication and enrollment on CLI
* Add db vacuum task
* Unix tasks daemon that automatically creates home directories
* Support for sk-ecdsa public ssh keys
* Badlist checked at login to determine account compromise
* Minor Fixes for attribute display
-------------------------------------------------------------------
Mon Dec 28 00:15:25 UTC 2020 - wbrown@suse.de
- Update to version v1.1.0alpha.3~git0.b34c893:
* (cargo-release) version 1.1.0-alpha.3
* release notes
* Update Dependencies
* Unixd - NXCache of unknown items (#338)
* WIP - Improve Auth Proto to Support Webauthn (#333)
* Follow up on ci fixes
* Add port verification to start server in kanidm_client tests
* Update CI base image to ubuntu 20.04
* Add libudev to ci
* 13 135 webauthn support (#332)
* Change root user check to warning due to container run times (#328)
* Fixes #324 account softlocking and rate limiting (#326)
* Add passpoint link
* Update tumbleweed docs
* Account valid-from and expiry (#322)
-------------------------------------------------------------------
Thu Oct 01 00:19:19 UTC 2020 - wbrown@suse.de
- Update to version v1.1.0alpha.2~git0.764e727:
* Update
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* (cargo-release) version 1.1.0-alpha.2
* gitignore
* Update Release Notes
* 250 cookie to auth bearer (#321)
* 259 reduce clones (#319)
* Xxx clippy outdated (#318)
* 314 improve async (#316)
* Update README.md
* On login pw upgrade (#315)
* Add python3 support to radius
* Dynamic crypto rounds (#311)
* tweak book chapter
* 67 resource limits impl (#307)
* Update based on review
* Apply suggestions from code review
* doc
* Build improvements
* Support zfs page size
* V large cleanup
* Cleanup and improve client error handling
* Improve server hardening
* Update deps + add simd support in container
* Add FAQ + eap selection
* Minor updates
* tweak release steps
-------------------------------------------------------------------
Mon Aug 3 00:38:29 UTC 2020 - William Brown <william.brown@suse.com>
- Initial Commit
Reference in New Issue Copy Permalink