From deea43b744982258f2ce0a56c38743fa5d03d47f4977abde9d3a4e8a41fadd49 Mon Sep 17 00:00:00 2001 From: William Brown Date: Wed, 12 Feb 2025 04:04:00 +0000 Subject: [PATCH] - Update to version 1.5.0~git1.0fa57fc: * Update makefile for docker * Release 1.5.0 * 20250209 pre release (#3409) * 20250206 freebsd ports (#3404) * Resolve kanidm-unix auth-test bug (#3405) * chore: Remove empty scopemaps (#3170) * Feat: Allowing spn query with non-spn structured data in LDAP (#3400) * SSH Keys in Credentials Update (#3027) * 20250205 3369 firefox pin (#3403) * Correctly return that uuid2spn changed on domain rename (#3402) * Fix the password reset form and possible resolver issue (#3398) * Add handle_group_error to cli client (#3399) * Improve spans in unixd (#3397) * Allow OAuth2 with empty state parameter (#3396) * #3387 - RADIUS Startup fixin's (#3388) * Allow POST on oauth userinfo (#3395) * OpenBSD support (#3381) * Bump openssl from 0.10.69 to 0.10.70 in the cargo group (#3391) * Add /.well-known/change-password endpoint (#3382) * Bump the all group across 1 directory with 7 updates (#3385) * extend oauth2 examples with gitea (#3351) * Bump the all group with 22 updates (#3376) * Book: Added small section on primary cred fallback (#3365) * Added shell.nix to create dev environment (#3362) * fix(ci): Add setup-oras step to include ORAS CLI for container builds on ubuntu-24.04. (#3368) * 20250114 3325 SCIM access control (#3359) * Small UI updates. (#3361) * Bump the all group in /pykanidm with 2 updates (#3366) * Repair systemd reload notifications (#3355) OBS-URL: https://build.opensuse.org/package/show/network:idm/kanidm?expand=0&rev=79 --- _service | 2 +- _servicedata | 2 +- kanidm-1.4.6~git0.3ce4e0f.tar.zst | 3 - kanidm-1.5.0~git1.0fa57fc.tar.zst | 3 + kanidm.changes | 147 ++++++++++++++++++++++++++++++ kanidm.spec | 2 +- vendor.tar.zst | 4 +- 7 files changed, 155 insertions(+), 8 deletions(-) delete mode 100644 kanidm-1.4.6~git0.3ce4e0f.tar.zst create mode 100644 kanidm-1.5.0~git1.0fa57fc.tar.zst diff --git a/_service b/_service index 73bc92e..2b2b64b 100644 --- a/_service +++ b/_service @@ -3,7 +3,7 @@ https://github.com/kanidm/kanidm.git @PARENT_TAG@~git@TAG_OFFSET@.%h git - 1.4.0 + 1.5.0 v* v(\d+\.\d+\.\d+) \1 diff --git a/_servicedata b/_servicedata index 1ed8927..2090144 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/kanidm/kanidm.git - 3ce4e0ff87632ed6e549bc2ae174ebb0dd02809c \ No newline at end of file + 0fa57fcf49a5e3cff55d10f84cbf77c89ce971ce \ No newline at end of file diff --git a/kanidm-1.4.6~git0.3ce4e0f.tar.zst b/kanidm-1.4.6~git0.3ce4e0f.tar.zst deleted file mode 100644 index 1730a64..0000000 --- a/kanidm-1.4.6~git0.3ce4e0f.tar.zst +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:93a94da8a2f7e82cf12bf3f5d5584ff5b8645e23923b5baa2c539bfc796412bc -size 6833256 diff --git a/kanidm-1.5.0~git1.0fa57fc.tar.zst b/kanidm-1.5.0~git1.0fa57fc.tar.zst new file mode 100644 index 0000000..dcb3174 --- /dev/null +++ b/kanidm-1.5.0~git1.0fa57fc.tar.zst @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0f88596a5b14dd93fa51ac05f0d56519c6f2473dfe2977c1fca535a760112391 +size 6864273 diff --git a/kanidm.changes b/kanidm.changes index e52904e..9caae46 100644 --- a/kanidm.changes +++ b/kanidm.changes @@ -1,3 +1,150 @@ +------------------------------------------------------------------- +Tue Feb 11 06:37:21 UTC 2025 - william.brown@suse.com + +- Update to version 1.5.0~git1.0fa57fc: + * Update makefile for docker + * Release 1.5.0 + * 20250209 pre release (#3409) + * 20250206 freebsd ports (#3404) + * Resolve kanidm-unix auth-test bug (#3405) + * chore: Remove empty scopemaps (#3170) + * Feat: Allowing spn query with non-spn structured data in LDAP (#3400) + * SSH Keys in Credentials Update (#3027) + * 20250205 3369 firefox pin (#3403) + * Correctly return that uuid2spn changed on domain rename (#3402) + * Fix the password reset form and possible resolver issue (#3398) + * Add handle_group_error to cli client (#3399) + * Improve spans in unixd (#3397) + * Allow OAuth2 with empty state parameter (#3396) + * #3387 - RADIUS Startup fixin's (#3388) + * Allow POST on oauth userinfo (#3395) + * OpenBSD support (#3381) + * Bump openssl from 0.10.69 to 0.10.70 in the cargo group (#3391) + * Add /.well-known/change-password endpoint (#3382) + * Bump the all group across 1 directory with 7 updates (#3385) + * extend oauth2 examples with gitea (#3351) + * Bump the all group with 22 updates (#3376) + * Book: Added small section on primary cred fallback (#3365) + * Added shell.nix to create dev environment (#3362) + * fix(ci): Add setup-oras step to include ORAS CLI for container builds on ubuntu-24.04. (#3368) + * 20250114 3325 SCIM access control (#3359) + * Small UI updates. (#3361) + * Bump the all group in /pykanidm with 2 updates (#3366) + * Repair systemd reload notifications (#3355) + * fix: unrecoverable error page doesn't include logo or domain name (#3352) + * Bump jinja2 from 3.1.4 to 3.1.5 in /pykanidm in the pip group (#3358) + * Bump the all group in /pykanidm with 4 updates (#3356) + * 20250110 eo fixes (#3353) + * fix(server/config): reduce string allocations (#3350) + * Add ssh_publickeys as a claim for oauth2 (#3346) + * Allow modification of password minimum length (#3345) + * Add OAuth2 `response_mode=fragment` (#3335) + * Resolve passkey regression (#3343) + * Renaming "TOTP" in the login flow (#3338) + * Bump the all group in /pykanidm with 3 updates (#3339) + * Bump actions/checkout from 2 to 4 in the all group (#3341) + * Add support for prefers-color-scheme using Bootstrap classes. (#3327) + * Fix /var/run/kanidm-unixd permission (#3342) + * Javascript linting (#3329) + * Ignore anonymous in oauth2 read allow access (#3336) + * cookies don't clear unless you set domain (#3332) + * 20250102 freebsd client (#3333) + * fix: PAM on Debian, enable use_first_pass by default (#3326) + * Bump the all group with 6 updates (#3324) + * Bump the all group in /pykanidm with 2 updates (#3323) + * Bump the all group with 3 updates (#3317) + * Bump the all group in /pykanidm with 7 updates (#3316) + * nss/pam resolver should reauth faster (#3309) + * Update to latest webauthn-rs/time (#3315) + * kanidm-unixd example config enfixening (#3314) + * Further SCIM sync testing, minor fixes (#3305) + * book: explain how to use fido-mds-tool (#3231) + * client: read attestation CA list JSON from file (#3232) + * Automatically trigger passkeys on login view (#3307) + * Re-add enrol another device flow + * Improved Cookie Removal + * Allow opt-in of easter eggs (#3308) + * Allow reseting account policy values to defaults (#3306) + * Incorrect member name in groups (#3302) + * SCIM Sync Missing Annotation (#3300) + * Ignore system users for UPG synthesiseation (#3297) + * Limit OAuth2 resumption to session (#3296) + * Use specific errors for intent token revoked (#3291) + * Autocomplete password during reauth with TOTP (#3290) + * Bump the all group with 6 updates (#3294) + * Bump mozilla-actions/sccache-action from 0.0.6 to 0.0.7 in the all group (#3295) + * Bump the all group in /pykanidm with 2 updates (#3293) + * remove unused webauthn features. (#3286) + * Add CORS headers to jwks and userinfo (#3283) + * Cleanup webauthn features (#3285) + * Minor tweaks to cred reset ui (#3284) + * Bump the all group across 1 directory with 6 updates (#3280) + * Allow group managers to modify entry-managed-by (#3272) + * pykanidm: Make a little dry. (#3281) + * Bump the all group with 5 updates (#3278) + * pykanidm: Add retrieving credential reset token for a person. (#3279) + * Cleanup of println and other outputs (#3266) + * Canonicalize path for user shell check (#3265) + * Check DNS on replication loop start not at task start (#3243) + * Work around systemd race condition (#3262) + * fix(docstrings): minor lack of formatting breaking things (#3260) + * Devcontainertainertainer (#3251) + * grafana: update example to work with strict redirect uri checking (#3259) + * Bump the all group in /pykanidm with 5 updates (#3257) + * Bump the all group with 6 updates (#3258) + * 20240927 SCIM put (#3151) + * Clear invalid tokens from unix resolver (#3256) + * Clippy Lints (#3255) + * Allow OAuth2 loopback redirects if the path matches (#3252) + * Correctly display domain name on login (#3254) + * Display account_id during success/deny paths in unixd (#3253) + * s/idm_people_self_write_mail/idm_people_self_mail_write/g (#3250) + * handle missing map_group setting in config (#3242) + * owncloud: Add SameSite=Lax config for cross-domain auth (#3245) + * Bump the all group across 1 directory with 7 updates (#3238) + * Yaleman/issue3229 (#3239) + * Bump the all group across 1 directory with 12 updates (#3235) + * Update to latest fido-mds-tool (#3230) + * Warn when v2 options are used in v1 unixd config (#3228) + * Bump aiohttp from 3.10.10 to 3.10.11 in /pykanidm in the pip group (#3223) + * Resolve UI Auth Loop with OAuth2 (#3226) + * Harden transport in pam unixd (#3227) + * Improve warning around invalid JWT deserialisation (#3224) + * Update and fix server config files in examples. (#3225) + * Change CLI oauth2 command from set-display-name to set-displayname for consistency. (#3212) + * Add docs on customising Kanidm. (#3209) + * Correct spelling of occurred (#3222) + * Bump the all group across 1 directory with 13 updates (#3202) + * UI/Feature polish (#3191) + * Prevent Invalid MFA Reg States (#3194) + * Change CSS for applications so SVG scales nicely in Firefox. (#3200) + * 20241109 3185 max age (#3196) + * Hoist max_age to prevent incorrect deserialisation (#3190) + * Use correct oauth2 manage acp (#3186) + * Re-migrate all acps to force updating (#3184) + * Bump the all group across 1 directory with 2 updates (#3180) + * security - low - fault in migrations (#3182) + * fix(kanidmd): Print replication cert to stdout (#3179) + * Correct missing CSP header (#3177) + * Resolve pam services not always having a tty (#3176) + * Resolve incorrect handling of rhost in pam (#3171) + * chore: Made oauth2 scopes required in CLI (#3165) + * More "choosing a domain" revision (#3161) + * Bump jsonschema from 0.21.0 to 0.26.0 in the all group (#3157) + * Update missing inputmode numeric when adding a new TOTP. (#3160) + * Improve OAuth2 authorisation ux (#3158) + * Fix attribute scim sync attribute naming (#3159) + * Change to text input and use numeric mode for TOTP prompts. (#3154) + * Bump the all group in /pykanidm with 3 updates (#3156) + * Fix release note date and typos (#3153) + * Begin 1.5.0 Development Cycle (#3150) + +------------------------------------------------------------------- +Tue Feb 11 06:35:23 UTC 2025 - william.brown@suse.com + +- Update to version 1.4.6~git1.3f47d7f: + * fix: PAM on Debian, enable use_first_pass by default (#3326) + ------------------------------------------------------------------- Thu Jan 23 23:42:52 UTC 2025 - william.brown@suse.com diff --git a/kanidm.spec b/kanidm.spec index e87b1e9..e54caf4 100644 --- a/kanidm.spec +++ b/kanidm.spec @@ -20,7 +20,7 @@ %define configdir %{_sysconfdir}/kanidm Name: kanidm -Version: 1.4.6~git0.3ce4e0f +Version: 1.5.0~git1.0fa57fc Release: 0 Summary: A identity management service and clients. License: ( Apache-2.0 OR BSL-1.0 ) AND ( Apache-2.0 OR ISC OR MIT ) AND ( Apache-2.0 OR MIT ) AND ( Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT ) AND ( CC0-1.0 OR Apache-2.0 ) AND ( MIT OR Apache-2.0 OR Zlib ) AND ( Unlicense OR MIT ) AND ( Zlib OR Apache-2.0 OR MIT ) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC0-1.0 AND ISC AND MIT AND MPL-2.0 AND MPL-2.0+ diff --git a/vendor.tar.zst b/vendor.tar.zst index fc148b6..41ff68f 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:2a546aeeebbf670cb0002c33fdf2d03c4f1d6734d7b500dc81aab64d297517d2 -size 68810823 +oid sha256:05428f574f79d690fd606394ec17e25c96ae9cf66e6233893f62e9b7b53a9e97 +size 68777550