* Update makefile for docker
* Release 1.5.0
* 20250209 pre release (#3409)
* 20250206 freebsd ports (#3404)
* Resolve kanidm-unix auth-test bug (#3405)
* chore: Remove empty scopemaps (#3170)
* Feat: Allowing spn query with non-spn structured data in LDAP (#3400)
* SSH Keys in Credentials Update (#3027)
* 20250205 3369 firefox pin (#3403)
* Correctly return that uuid2spn changed on domain rename (#3402)
* Fix the password reset form and possible resolver issue (#3398)
* Add handle_group_error to cli client (#3399)
* Improve spans in unixd (#3397)
* Allow OAuth2 with empty state parameter (#3396)
* #3387 - RADIUS Startup fixin's (#3388)
* Allow POST on oauth userinfo (#3395)
* OpenBSD support (#3381)
* Bump openssl from 0.10.69 to 0.10.70 in the cargo group (#3391)
* Add /.well-known/change-password endpoint (#3382)
* Bump the all group across 1 directory with 7 updates (#3385)
* extend oauth2 examples with gitea (#3351)
* Bump the all group with 22 updates (#3376)
* Book: Added small section on primary cred fallback (#3365)
* Added shell.nix to create dev environment (#3362)
* fix(ci): Add setup-oras step to include ORAS CLI for container builds on ubuntu-24.04. (#3368)
* 20250114 3325 SCIM access control (#3359)
* Small UI updates. (#3361)
* Bump the all group in /pykanidm with 2 updates (#3366)
* Repair systemd reload notifications (#3355)
OBS-URL: https://build.opensuse.org/package/show/network:idm/kanidm?expand=0&rev=79
* Release 1.4.5
* nss/pam resolver should reauth faster (#3309)
* Further SCIM sync testing, minor fixes (#3305)
* Automatically trigger passkeys on login view (#3307)
* Re-add enrol another device flow
* Improved Cookie Removal
* Allow reseting account policy values to defaults (#3306)
* Incorrect member name in groups (#3302)
* SCIM Sync Missing Annotation (#3300)
* Ignore system users for UPG synthesiseation (#3297)
* Limit OAuth2 resumption to session (#3296)
* Use specific errors for intent token revoked (#3291)
* Autocomplete password during reauth with TOTP (#3290)
* Add CORS headers to jwks and userinfo (#3283)
- Require system-user-nobody to prevent install ordering issue with
invalid rpc/statd users
OBS-URL: https://build.opensuse.org/package/show/network:idm/kanidm?expand=0&rev=75
* Update to latest fido-mds-tool (#3230)
- Update to version 1.4.3~git0.fb00176:
* Release 1.4.3
* Warn when v2 options are used in v1 unixd config (#3228)
* Resolve UI Auth Loop with OAuth2 (#3226)
* Harden transport in pam unixd (#3227)
* Improve warning around invalid JWT deserialisation (#3224)
* Update and fix server config files in examples. (#3225)
* Change CLI oauth2 command from set-display-name to set-displayname for consistency. (#3212)
* Add docs on customising Kanidm. (#3209)
* Correct spelling of occurred (#3222)
* UI/Feature polish (#3191)
* Prevent Invalid MFA Reg States (#3194)
* Change CSS for applications so SVG scales nicely in Firefox. (#3200)
* 20241109 3185 max age (#3196)
* Hoist max_age to prevent incorrect deserialisation (#3190)
* Release 1.4.2
* Re-migrate all acps to force updating (#3184)
* security - low - fault in migrations (#3182)
OBS-URL: https://build.opensuse.org/package/show/network:idm/kanidm?expand=0&rev=71
* Docker makefile latest
* Release 1.4.0
* chore: Made oauth2 scopes required in CLI (#3165)
* More "choosing a domain" revision (#3161)
* Update missing inputmode numeric when adding a new TOTP. (#3160)
* Improve OAuth2 authorisation ux (#3158)
* Fix attribute scim sync attribute naming (#3159)
* Change to text input and use numeric mode for TOTP prompts. (#3154)
* Fix release note date and typos (#3153)
* Release 1.4.0-pre
* Release Notes (#3149)
* Remove WASM (#3148)
* Rewrite "choosing a domain", add other considerations (#3147)
* Harmonize UI and remove unused css (#3033)
* ripping out some extra packages (#3146)
* OAuth2 Device flow foundations (#3098)
* htmx by default (#3145)
* Support reloading via systemd (#3144)
* Chore: Refactor Groups to be more generic (#3136)
* 20241024 1271 cert reload on SIGHUP (#3140)
* Update docs, improve locking (#3141)
* 2856 - use tags for containers on build (#3139)
* Fix image when too smol (#3138)
* yale's rabbit-hole-chasing-htmx-fixing-megapatch (#3135)
* ipinfo should be single value (#3137)
* Tidy the reauth ui (#3130)
* Add missing schemas to get OpenAPI validation to pass. (#3129)
* Change some OperationError into HTTP Bad Request (400). (#3125)
* Bump the all group with 11 updates (#3127)
OBS-URL: https://build.opensuse.org/package/show/network:idm/kanidm?expand=0&rev=65
- Update to version 1.3.1~git0.eed7c07:
* Fix incorrect logic in cred update flow (#2956)
* Resolve maintainer bikeshedding
- Update to version 1.3.0~git0.e2a563f:
* Release 1.3.0 (#2941)
* New orca models (#2909)
* Run rust_build CI between multiple Rust versions (#2939)
* Bump the all group across 1 directory with 9 updates (#2938)
* Bump the all group in /pykanidm with 4 updates (#2937)
* fixing println bug (#2935)
* Reorganising the daemon startup so it doesn't fail with OTEL configured (#2934)
* clippying all the things (#2931)
* docs reordering and cleanup (#2932)
* Add scim proto to kanidm, refactor to improve serde performance. (#2933)
* 20240725 allow connection to older servers (#2930)
* Ubuntu/Debian buildy scripty tweaky things (#2928)
* kanidm graph graphviz unfit for scripting bc. of non-graphviz output (#2876)
* Improve workflow when account policy isnt satisfied (#2927)
* Docs rework (#2919)
* Bump the all group in /pykanidm with 4 updates (#2924)
* Bump the all group with 5 updates (#2925)
* Substring Indexing (#2905)
* Oauth2 in htmx (#2912)
* Strict redirect URL enforcement (#2917)
* Bump gix-path from 0.10.8 to 0.10.9 in the cargo group (#2918)
* fix typos (#2908)
* Add missing groups scope to Grafana example scope-map (#2914)
* build profiles: rename release_suse_generic to release_linux (#2907)
* 20240716 check mkdir (#2906)
OBS-URL: https://build.opensuse.org/request/show/1192442
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/kanidm?expand=0&rev=33
* Release 1.3.0
* Release 1.3.0-pre
* Release 1.3.0 (#2941)
* New orca models (#2909)
* Run rust_build CI between multiple Rust versions (#2939)
* Bump the all group across 1 directory with 9 updates (#2938)
* Bump the all group in /pykanidm with 4 updates (#2937)
* fixing println bug (#2935)
* Reorganising the daemon startup so it doesn't fail with OTEL configured (#2934)
* clippying all the things (#2931)
* docs reordering and cleanup (#2932)
* Add scim proto to kanidm, refactor to improve serde performance. (#2933)
* 20240725 allow connection to older servers (#2930)
* Ubuntu/Debian buildy scripty tweaky things (#2928)
* kanidm graph graphviz unfit for scripting bc. of non-graphviz output (#2876)
* Improve workflow when account policy isnt satisfied (#2927)
* Docs rework (#2919)
* Bump the all group in /pykanidm with 4 updates (#2924)
* Bump the all group with 5 updates (#2925)
* Substring Indexing (#2905)
* Oauth2 in htmx (#2912)
* Strict redirect URL enforcement (#2917)
* Bump gix-path from 0.10.8 to 0.10.9 in the cargo group (#2918)
* fix typos (#2908)
* Add missing groups scope to Grafana example scope-map (#2914)
* build profiles: rename release_suse_generic to release_linux (#2907)
* 20240716 check mkdir (#2906)
* Fix issues with suspend reported by himmelblau (#2911)
* Implement home_mount_path logic (#2894)
OBS-URL: https://build.opensuse.org/package/show/network:idm/kanidm?expand=0&rev=56
- Update to version 1.2.0~git0.9efa91a:
* Release 1.2.0 (#2733)
* Prepare 1.2.0
* Release 1.2.0 prep (#2724)
* Minor upgrade fixes (#2722)
* Resolve OAuth2 client/rs confusion (#2719)
* Improve access control doc to describe privilege access mode (#2721)
* Support 1.1 attribute in LDAP (#2720)
* Add mail support to groups (#2718)
* Add session limit (#2714)
* added profile and `memberof` search to the basic model (#2712)
* chore(deps): bump the all group in /pykanidm with 4 updates (#2717)
* Fix typo in oauth2 error message (#2715)
* 20240409 rework orca markov (#2699)
* Begin the basis of the key provider model (#2640)
* chore(deps): bump the all group in /pykanidm with 4 updates (#2707)
* chore(deps): bump peaceiris/actions-mdbook from 1 to 2 in the all group (#2706)
* chore(deps): bump idna from 3.4 to 3.7 in /pykanidm (#2703)
* fix(TotpDigits): fix typo in TryFrom impl (#2702)
* chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2696)
* chore(deps): bump h2 from 0.3.25 to 0.3.26 (#2694)
* Windows Hello Authentication requirements (#2688)
* chore(deps): bump the all group with 1 update (#2690)
* chore(deps-dev): bump the all group in /pykanidm with 1 update (#2691)
* Require kanidm-unixd before kanidm-unixd-tasks (#2687)
* kanidm unixd mfa capabilities (#2672)
* Add Grafana integration to OAuth2 documentation (#2685)
* [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686)
* ldap-sync: allow to use attrs more than once (#2676)
* chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2683)
OBS-URL: https://build.opensuse.org/request/show/1171074
OBS-URL: https://build.opensuse.org/package/show/network:idm/kanidm?expand=0&rev=50
- Update to version 1.1.0~rc16~git1.a917291:
* Correct cargo versions
* Release 1.1.0-rc.16 (#2483)
* Fix for incorrect domain migration rollbacks (#2482)
* Add tools for remigration and domain level raising (#2481)
* chore(deps): bump cryptography from 41.0.6 to 42.0.0 in /pykanidm (#2480)
* Support SPN in groups claim (#2474)
* Credential update tweaks (#2475)
* Oauth2 pkce faq (#2473)
* Fix debian versioning (#2472)
* chore(deps): bump the all group in /pykanidm with 7 updates (#2479)
* chore(deps): bump the all group with 1 update (#2478)
* Fix RUV trim (#2466)
* 20240125 2217 client credentials grant (#2456)
* docs: Add application passwords design document (#2427)
* handling master docs (#2465)
* update the artifact name in the download step (#2464)
* Book SUMMARY.md: Fix part titles according to mdbook (#2463)
* Update chat link, add keywords (#2462)
* PyKanidm updates and testing (#2301)
* chore(deps): bump aiohttp from 3.9.1 to 3.9.2 in /pykanidm (#2461)
* 1222 what rights does anonymous have (#2436)
* Fix inverted key/chain logic from TLS error improvement (#2453)
* Improve TLS configuration errors (#2447)
* chore(deps): bump shlex from 1.2.0 to 1.3.0 (#2445)
* chore(deps): bump the all group with 1 update (#2441)
* chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2443)
* Return sshkey label to cli fields (#2440)
* Add rfc8414 metadata (#2434)
* Add test for delete referer invalid (#2435)
OBS-URL: https://build.opensuse.org/request/show/1144782
OBS-URL: https://build.opensuse.org/package/show/network:idm/kanidm?expand=0&rev=40
- Update to version 1.1.0~rc15~git2.74f5c0f:
* make versions consistent
* 1.1.0 rc.15 dev post-release (#2271)
* Release 1.1.0-rc.15-dev
* started writing docs and ended up in another rabbit hole (#2267)
* CLI integration test beginnings (#2261)
* chore(deps): bump the all group with 7 updates (#2266)
* chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2265)
* Add book chapter + cli
* Cargo fmt and clippy checks
* Restrict posix passwords on ldap bind with config
* Splitting the SPAs (#2219)
* Bug chasing (#2257)
* cargo fmt + clippy (#2241)
* service-account or person validity show returns for non-existing identity (#2258)
* don't need write if we are not writing (#2256)
* adding service account patch methods (#2255)
* .deb package build and docs fixes (#2252)
* Auth flow docs (#2249)
* pykanidm test code (#2202)
* chore(deps): bump the all group with 5 updates (#2247)
* chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2246)
* 20231019 1122 account policy basics (#2245)
* Add note on snaps to PAM and nsswitch with link to new section in FAQ (#2244)
* 20231014 account policy (#2218)
* chore(deps): bump rustix from 0.38.15 to 0.38.19 (#2242)
* Fix incorrect references to LDAP in sync (#2239)
* Remove unused crate users (#2240)
* chore(deps-dev): bump urllib3 from 2.0.6 to 2.0.7 in /pykanidm (#2238)
* Windows build fixes and test coverage (#2220)
OBS-URL: https://build.opensuse.org/request/show/1121430
OBS-URL: https://build.opensuse.org/package/show/network:idm/kanidm?expand=0&rev=36
