mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
2005 commits 17 branches 59 tags 246 MiB
Commit graph

415 commits

Author SHA1 Message Date
William Brown f075d13e16 Release 1.3.3 2024-08-20 12:13:03 +10:00
William Brown 229b0ccf52 Release 1.3.2 2024-08-10 10:05:13 +10:00
William Brown e2a563f309 Release 1.3.0 2024-08-07 11:51:34 +10:00
William Brown 91b8406488 Release 1.3.0-pre 2024-07-31 13:20:21 +10:00
Firstyear a365312076
Release 1.3.0 (#2941) 2024-07-31 03:13:00 +00:00
dependabot[bot] b669a681f1
Bump the all group across 1 directory with 9 updates (#2938) 
Bumps the all group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [clap](https://github.com/clap-rs/clap) | `4.5.9` | `4.5.11` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.8` | `4.5.11` |
| [peg](https://github.com/kevinmehall/rust-peg) | `0.8.3` | `0.8.4` |
| selinux | `0.4.4` | `0.4.5` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.120` | `1.0.121` |
| [syn](https://github.com/dtolnay/syn) | `2.0.71` | `2.0.72` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.38.1` | `1.39.2` |
| [assert_cmd](https://github.com/assert-rs/assert_cmd) | `2.0.14` | `2.0.15` |
| [escargot](https://github.com/crate-ci/escargot) | `0.5.11` | `0.5.12` |



Updates `clap` from 4.5.9 to 4.5.11
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.9...clap_complete-v4.5.11)

Updates `clap_complete` from 4.5.8 to 4.5.11
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.8...clap_complete-v4.5.11)

Updates `peg` from 0.8.3 to 0.8.4
- [Release notes](https://github.com/kevinmehall/rust-peg/releases)
- [Commits](https://github.com/kevinmehall/rust-peg/compare/0.8.3...0.8.4)

Updates `selinux` from 0.4.4 to 0.4.5

Updates `serde_json` from 1.0.120 to 1.0.121
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.120...v1.0.121)

Updates `syn` from 2.0.71 to 2.0.72
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.71...2.0.72)

Updates `tokio` from 1.38.1 to 1.39.2
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.38.1...tokio-1.39.2)

Updates `assert_cmd` from 2.0.14 to 2.0.15
- [Changelog](https://github.com/assert-rs/assert_cmd/blob/master/CHANGELOG.md)
- [Commits](https://github.com/assert-rs/assert_cmd/compare/v2.0.14...v2.0.15)

Updates `escargot` from 0.5.11 to 0.5.12
- [Changelog](https://github.com/crate-ci/escargot/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/escargot/compare/v0.5.11...v0.5.12)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: clap_complete
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: peg
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: selinux
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: assert_cmd
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: escargot
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-29 12:02:59 +10:00
Firstyear 21d3f82aa1
Add scim proto to kanidm, refactor to improve serde performance. (#2933) 2024-07-26 15:54:28 +10:00
dependabot[bot] fb6c4a889e
Bump the all group with 5 updates (#2925) 
Bumps the all group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [base32](https://github.com/andreasots/base32) | `0.5.0` | `0.5.1` |
| [compact_jwt](https://github.com/kanidm/compact-jwt) | `0.4.1` | `0.4.2` |
| [openssl-sys](https://github.com/sfackler/rust-openssl) | `0.9.102` | `0.9.103` |
| [openssl](https://github.com/sfackler/rust-openssl) | `0.10.64` | `0.10.66` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.38.0` | `1.38.1` |


Updates `base32` from 0.5.0 to 0.5.1
- [Commits](https://github.com/andreasots/base32/compare/v0.5.0...v0.5.1)

Updates `compact_jwt` from 0.4.1 to 0.4.2
- [Commits](https://github.com/kanidm/compact-jwt/commits)

Updates `openssl-sys` from 0.9.102 to 0.9.103
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.102...openssl-sys-v0.9.103)

Updates `openssl` from 0.10.64 to 0.10.66
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.64...openssl-v0.10.66)

Updates `tokio` from 1.38.0 to 1.38.1
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.38.0...tokio-1.38.1)

---
updated-dependencies:
- dependency-name: base32
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: compact_jwt
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: openssl-sys
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: openssl
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-22 09:12:56 +10:00
Firstyear faef3d0a4b
Fix issues with suspend reported by himmelblau (#2911) 2024-07-17 10:33:04 +10:00
James Hodgkinson 7373d9abbe
Forcing the http2 feature on hyper, but also chasing some out of date packages (#2896) 
* Forcing the http2 feature on hyper, but also chasing some out of date packages
 2024-07-16 10:10:46 +10:00
dependabot[bot] 404f9de47e
Bump the all group with 8 updates (#2899) 
Bumps the all group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [bytes](https://github.com/tokio-rs/bytes) | `1.6.0` | `1.6.1` |
| [clap](https://github.com/clap-rs/clap) | `4.5.8` | `4.5.9` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.7` | `4.5.8` |
| [hyper](https://github.com/hyperium/hyper) | `1.4.0` | `1.4.1` |
| [serde_with](https://github.com/jonasbb/serde_with) | `3.8.3` | `3.9.0` |
| [syn](https://github.com/dtolnay/syn) | `2.0.69` | `2.0.71` |
| [uuid](https://github.com/uuid-rs/uuid) | `1.9.1` | `1.10.0` |
| [fantoccini](https://github.com/jonhoo/fantoccini) | `0.19.3` | `0.21.0` |


Updates `bytes` from 1.6.0 to 1.6.1
- [Release notes](https://github.com/tokio-rs/bytes/releases)
- [Changelog](https://github.com/tokio-rs/bytes/blob/master/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/bytes/compare/v1.6.0...v1.6.1)

Updates `clap` from 4.5.8 to 4.5.9
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.8...v4.5.9)

Updates `clap_complete` from 4.5.7 to 4.5.8
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.7...clap_complete-v4.5.8)

Updates `hyper` from 1.4.0 to 1.4.1
- [Release notes](https://github.com/hyperium/hyper/releases)
- [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/hyper/compare/v1.4.0...v1.4.1)

Updates `serde_with` from 3.8.3 to 3.9.0
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.8.3...v3.9.0)

Updates `syn` from 2.0.69 to 2.0.71
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.69...2.0.71)

Updates `uuid` from 1.9.1 to 1.10.0
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.9.1...1.10.0)

Updates `fantoccini` from 0.19.3 to 0.21.0
- [Commits](https://github.com/jonhoo/fantoccini/compare/v0.19.3...v0.21.0)

---
updated-dependencies:
- dependency-name: bytes
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: clap_complete
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: hyper
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: fantoccini
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2024-07-14 15:22:08 -07:00
dependabot[bot] 34abdc2e24
Bump the all group across 1 directory with 10 updates (#2881) 
Bumps the all group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [async-trait](https://github.com/dtolnay/async-trait) | `0.1.80` | `0.1.81` |
| [hyper](https://github.com/hyperium/hyper) | `1.3.1` | `1.4.0` |
| [hyper-util](https://github.com/hyperium/hyper-util) | `0.1.5` | `0.1.6` |
| [lodepng](https://github.com/kornelski/lodepng-rust) | `3.10.1` | `3.10.2` |
| [sd-notify](https://github.com/lnicola/sd-notify) | `0.4.1` | `0.4.2` |
| [serde](https://github.com/serde-rs/serde) | `1.0.203` | `1.0.204` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.119` | `1.0.120` |
| [serde_with](https://github.com/jonasbb/serde_with) | `3.8.1` | `3.8.3` |
| [syn](https://github.com/dtolnay/syn) | `2.0.68` | `2.0.69` |
| [gethostname](https://github.com/swsnr/gethostname.rs) | `0.4.3` | `0.5.0` |



Updates `async-trait` from 0.1.80 to 0.1.81
- [Release notes](https://github.com/dtolnay/async-trait/releases)
- [Commits](https://github.com/dtolnay/async-trait/compare/0.1.80...0.1.81)

Updates `hyper` from 1.3.1 to 1.4.0
- [Release notes](https://github.com/hyperium/hyper/releases)
- [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/hyper/compare/v1.3.1...v1.4.0)

Updates `hyper-util` from 0.1.5 to 0.1.6
- [Release notes](https://github.com/hyperium/hyper-util/releases)
- [Changelog](https://github.com/hyperium/hyper-util/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/hyper-util/compare/v0.1.5...v0.1.6)

Updates `lodepng` from 3.10.1 to 3.10.2
- [Commits](https://github.com/kornelski/lodepng-rust/compare/v3.10.1...v3.10.2)

Updates `sd-notify` from 0.4.1 to 0.4.2
- [Changelog](https://github.com/lnicola/sd-notify/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lnicola/sd-notify/compare/v0.4.1...v0.4.2)

Updates `serde` from 1.0.203 to 1.0.204
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.203...v1.0.204)

Updates `serde_json` from 1.0.119 to 1.0.120
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.119...v1.0.120)

Updates `serde_with` from 3.8.1 to 3.8.3
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.8.1...v3.8.3)

Updates `syn` from 2.0.68 to 2.0.69
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.68...2.0.69)

Updates `gethostname` from 0.4.3 to 0.5.0
- [Changelog](https://github.com/swsnr/gethostname.rs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/swsnr/gethostname.rs/compare/v0.4.3...v0.5.0)

---
updated-dependencies:
- dependency-name: async-trait
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: hyper
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: hyper-util
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: lodepng
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sd-notify
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: gethostname
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-08 08:44:52 +10:00
Merlijn 4795541719
Offer configuration of images for Oauth2 resources (#2665) 2024-07-06 12:25:55 +10:00
Firstyear 3ec9b320a1
20240620 htmx (#2854) 
* progress
* Okay, main swap works and can login with pw+totp
* Feedback
* bypassing docs tests temporarily
 2024-07-02 10:59:06 +00:00
dependabot[bot] 6a211f9065
Bump the all group with 5 updates (#2865) 
Bumps the all group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [bitflags](https://github.com/bitflags/bitflags) | `2.5.0` | `2.6.0` |
| [clap](https://github.com/clap-rs/clap) | `4.5.7` | `4.5.8` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.6` | `4.5.7` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.117` | `1.0.119` |
| [uuid](https://github.com/uuid-rs/uuid) | `1.9.0` | `1.9.1` |


Updates `bitflags` from 2.5.0 to 2.6.0
- [Release notes](https://github.com/bitflags/bitflags/releases)
- [Changelog](https://github.com/bitflags/bitflags/blob/main/CHANGELOG.md)
- [Commits](https://github.com/bitflags/bitflags/compare/2.5.0...2.6.0)

Updates `clap` from 4.5.7 to 4.5.8
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.7...v4.5.8)

Updates `clap_complete` from 4.5.6 to 4.5.7
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.6...clap_complete-v4.5.7)

Updates `serde_json` from 1.0.117 to 1.0.119
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.117...v1.0.119)

Updates `uuid` from 1.9.0 to 1.9.1
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.9.0...1.9.1)

---
updated-dependencies:
- dependency-name: bitflags
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: clap_complete
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: uuid
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-01 08:49:43 +10:00
dependabot[bot] 94e246e1cb
Bump the all group across 1 directory with 8 updates (#2852) 
Bumps the all group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.5` | `4.5.6` |
| [lazy_static](https://github.com/rust-lang-nursery/lazy-static.rs) | `1.4.0` | `1.5.0` |
| [mimalloc](https://github.com/purpleprotocol/mimalloc_rust) | `0.1.42` | `0.1.43` |
| [proc-macro2](https://github.com/dtolnay/proc-macro2) | `1.0.85` | `1.0.86` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.12.4` | `0.12.5` |
| [syn](https://github.com/dtolnay/syn) | `2.0.66` | `2.0.68` |
| [url](https://github.com/servo/rust-url) | `2.5.1` | `2.5.2` |
| [uuid](https://github.com/uuid-rs/uuid) | `1.8.0` | `1.9.0` |



Updates `clap_complete` from 4.5.5 to 4.5.6
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.5...clap_complete-v4.5.6)

Updates `lazy_static` from 1.4.0 to 1.5.0
- [Release notes](https://github.com/rust-lang-nursery/lazy-static.rs/releases)
- [Commits](https://github.com/rust-lang-nursery/lazy-static.rs/compare/1.4.0...1.5.0)

Updates `mimalloc` from 0.1.42 to 0.1.43
- [Release notes](https://github.com/purpleprotocol/mimalloc_rust/releases)
- [Commits](https://github.com/purpleprotocol/mimalloc_rust/compare/v0.1.42...v0.1.43)

Updates `proc-macro2` from 1.0.85 to 1.0.86
- [Release notes](https://github.com/dtolnay/proc-macro2/releases)
- [Commits](https://github.com/dtolnay/proc-macro2/compare/1.0.85...1.0.86)

Updates `reqwest` from 0.12.4 to 0.12.5
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/seanmonstar/reqwest/compare/v0.12.4...v0.12.5)

Updates `syn` from 2.0.66 to 2.0.68
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.66...2.0.68)

Updates `url` from 2.5.1 to 2.5.2
- [Release notes](https://github.com/servo/rust-url/releases)
- [Commits](https://github.com/servo/rust-url/compare/v2.5.1...v2.5.2)

Updates `uuid` from 1.8.0 to 1.9.0
- [Release notes](https://github.com/uuid-rs/uuid/releases)
- [Commits](https://github.com/uuid-rs/uuid/compare/1.8.0...1.9.0)

---
updated-dependencies:
- dependency-name: clap_complete
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: lazy_static
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: mimalloc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: proc-macro2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: reqwest
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: url
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-24 22:47:32 +10:00
Firstyear 10e15fd6b3
20240613 performance improvements (#2844) 
Thanks to @Seba-T's work with Orca, we were able to identify a number of performance issues in certain high load conditions.

This commit contains fixes for the following issues

* Unbounded Memory Growth - due to how ARCache works, to maintain temporal consistency it must retain copies of keys (not values) in a special data set for tracking. The Filter Resolve Cache was using unresolved filters as keys. This caused memory explosions when refint or memberof were updating a group with a large number of members because they would emit a query with hundreds of filter terms that would only be used once and never again, causing the ARCache haunted set to grow without bound. To limit this, we no longer cache large/complex queries for resolution, and in future we may implement some other methods to reduce this like sha256/hmac of the queries.

* When creating a new account, dyngroups would be engaged to add the account as a member due to the matching scope. However the change to the dyngroup was triggering an update of all the dyngroups *members* related memberof attributes. This would mean that adding an account would trigger every other account to be loaded an updated.

* When memberof would iterate over leaf entries and update them one at a time. This mean a large number of small fragmented queries in the case of a lot of leaf entries being updated. Now leaf entries are updated in a single stripe once groups are stabilised.

* Member of would always trigger it's members to always update. Instead, we should only update members where a difference is observed, or all members if the group's memberof itself has changed since this needs to propogate to all leaf entries. This significantly reduces the amount of writes and operations to examine the changed member of set.

* Referential integrity would examine all reference uuids on entries for validity rather than just the reference uuids that were altered within the transaction. This change means that only uuids that were *added* are validated during an operation. 

* During async write backs (delayed actions) these were performed one at a time. Instead, when possible this should be done in a single transaction as the write transaction caches all writes in memory until the commit meaning that by batching we reduce overall latency.

* In the server there can only be one write transaction and many readers. These are guarded by tokio semaphores that act as fair queues - first in gets the lock next. Due to the design of the server readers would be blocked on the *database* semaphore, and writers would block on the write semaphore and THEN the database semaphore. This arrangement was creating a situation which unfairly advantaged readers over writers, as any write would first have to become the head of it's queue, and then compete with all readers to access a db transaction. Instead, we now have a reader semaphore with size threads minus 1, clamped at a minimum of 1. This means that provided there are two or more threads, then a writer will *always* have a database handle available, and readers will pre-queue with each other before queueing on the db ticket. If there is only one thread, then writes and reads will alternate between each other fairly.
 2024-06-20 02:50:00 +00:00
Firstyear 0ce333ff5a
Allow providers to be box dyn (#2794) 
* Allow providers to be box dyn in kanidm_unixd
* Massive refactor
 2024-06-16 22:21:25 +00:00
Joshua M. Clulow e591b5f2cc
illumos support (#2838) 
* disable mimalloc on illumos, in part because it immediately segfaults,
  but also because we prefer libumem and link it into all Rust binaries

* switch from fs2 (unmaintained crate) to fs4 which provides the same
  interface and has wider platform support
 2024-06-15 05:20:11 +00:00
Firstyear 9c4e8bb90a
20240611 performance (#2836) 
While basking under the shade of the coolabah tree, I was overcome by an intense desire to improve the performance and memory usage of Kanidm.

This pr reduces a major source of repeated small clones, lowers default log level in testing, removes some trace fields that are both large and probably shouldn't be traced, and also changes some lto settings for release builds.
 2024-06-12 16:48:49 -07:00
dependabot[bot] ea7e52326d
Bump the all group across 1 directory with 5 updates (#2835) 
Bumps the all group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [clap](https://github.com/clap-rs/clap) | `4.5.4` | `4.5.7` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.2` | `4.5.5` |
| [regex](https://github.com/rust-lang/regex) | `1.10.4` | `1.10.5` |
| [url](https://github.com/servo/rust-url) | `2.5.0` | `2.5.1` |
| [escargot](https://github.com/crate-ci/escargot) | `0.5.10` | `0.5.11` |



Updates `clap` from 4.5.4 to 4.5.7
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.4...v4.5.7)

Updates `clap_complete` from 4.5.2 to 4.5.5
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.2...clap_complete-v4.5.5)

Updates `regex` from 1.10.4 to 1.10.5
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.10.4...1.10.5)

Updates `url` from 2.5.0 to 2.5.1
- [Release notes](https://github.com/servo/rust-url/releases)
- [Commits](https://github.com/servo/rust-url/compare/v2.5.0...v2.5.1)

Updates `escargot` from 0.5.10 to 0.5.11
- [Changelog](https://github.com/crate-ci/escargot/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/escargot/compare/v0.5.10...v0.5.11)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: clap_complete
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: regex
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: url
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: escargot
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-11 07:47:49 -07:00
Firstyear bd6d9284c0
20240607 2417 piv (#2829) 
Add some more ground work for future PIV/x509 authentication.
 2024-06-11 00:54:57 +00:00
dependabot[bot] a3f66225de
Bump the all group with 7 updates (#2811) 
* Bump the all group with 7 updates

Bumps the all group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [kanidm-hsm-crypto](https://github.com/kanidm/hsm-crypto) | `0.1.6` | `0.2.0` |
| [base64](https://github.com/marshallpierce/rust-base64) | `0.21.7` | `0.22.1` |
| [lru](https://github.com/jeromefroe/lru-rs) | `0.8.1` | `0.12.3` |
| [proc-macro2](https://github.com/dtolnay/proc-macro2) | `1.0.84` | `1.0.85` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.37.0` | `1.38.0` |
| [axum-auth](https://github.com/owez/axum-auth) | `0.4.1` | `0.7.0` |
| [jsonschema](https://github.com/Stranger6667/jsonschema-rs) | `0.17.1` | `0.18.0` |


Updates `kanidm-hsm-crypto` from 0.1.6 to 0.2.0
- [Commits](https://github.com/kanidm/hsm-crypto/commits)

Updates `base64` from 0.21.7 to 0.22.1
- [Changelog](https://github.com/marshallpierce/rust-base64/blob/master/RELEASE-NOTES.md)
- [Commits](https://github.com/marshallpierce/rust-base64/compare/v0.21.7...v0.22.1)

Updates `lru` from 0.8.1 to 0.12.3
- [Changelog](https://github.com/jeromefroe/lru-rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jeromefroe/lru-rs/compare/0.8.1...0.12.3)

Updates `proc-macro2` from 1.0.84 to 1.0.85
- [Release notes](https://github.com/dtolnay/proc-macro2/releases)
- [Commits](https://github.com/dtolnay/proc-macro2/compare/1.0.84...1.0.85)

Updates `tokio` from 1.37.0 to 1.38.0
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.37.0...tokio-1.38.0)

Updates `axum-auth` from 0.4.1 to 0.7.0
- [Commits](https://github.com/owez/axum-auth/commits)

Updates `jsonschema` from 0.17.1 to 0.18.0
- [Release notes](https://github.com/Stranger6667/jsonschema-rs/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema-rs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stranger6667/jsonschema-rs/compare/rust-v0.17.1...rust-v0.18.0)

---
updated-dependencies:
- dependency-name: kanidm-hsm-crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: base64
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: lru
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: proc-macro2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: axum-auth
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* updating for kanidm-hsm change

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2024-06-08 11:25:09 +00:00
Firstyear 2c0ff46a32
20240530 nightly warnings (#2806) 
* Cleaneup
* Lots of ram saving
 2024-05-30 20:22:19 +10:00
Firstyear 1e7b94b7cf
Regrets Dot Pee Enn Gee (#2804) 
Upgrade Axum

Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2024-05-30 12:50:45 +10:00
Firstyear 1e4f6e85ca
Revive Cookies. (#2788) 
* Revive Cookies.
* change from tikv-jemalloc to mimalloc.
 2024-05-23 00:45:42 +00:00
Firstyear 1fb8165825
Update Webauthn and Base64 (#2734) 2024-05-01 04:10:18 +00:00
Firstyear 2e206b2488
Release 1.2.0 prep (#2724) 
* Release 1.2.0 prep

* Update release notes based on feedback
 2024-04-26 06:56:47 +00:00
Firstyear 62bbd7e3ea
20240409 rework orca markov (#2699) 
Improve the models and what can be performed in the orca benchmarks.

---------

Co-authored-by: Sebastiano Tocci <seba.tocci@gmail.com>
Co-authored-by: Sebastiano Tocci <sebastiano.tocci@proton.me>
 2024-04-16 23:35:16 +00:00
Firstyear d7834b52e6
Begin the basis of the key provider model (#2640) 
This completely reworks how we approach and handle cryptographic keys in Kanidm. This is needed as a foundation for replication coordination which will require handling and rotation of cryptographic keys in automated ways. 

This change influences many other parts of the code base in it's implementation.

The primary influences are:

* Modification of how domain user signing keys are revoked or rotated.
* Merging of all existing service-account token keys are retired (retained) keys into the domain to simplify token signing and validation
* Allowing multiple configurations of local command line tools to swap between instances using disparate signing keys.
* Modification of key retrieval to be key id based (KID), removing the need to embed the JWK into tokens

A side effect of this change is that most user authentication sessions and oauth2 sessions will have to be re-established after upgrade. However we feel that session renewal after upgrade is an expected side effect of an upgrade. 

In the future this lays the ground work to remove a large number of legacy key handling processes that have evolved, which will allow large parts of code to be removed.
 2024-04-15 23:44:37 +00:00
Firstyear 10ad183732
[SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686) 
When an admin configured oauth2 custom claims during the creation it
was not enforced that at least one value must be present. This led to
an incorrect logic flaw in str_concat! which didn't handle the 0 case.

This hardens str_concat! to prevent the thread crash by using itertools
for the join instead, and it enforces stricter validation on the valueset
to deny creation of empty claims.

This fix has a low security impact as only an administrator or high
level user can trigger this as a possible denial of service.

Fixes #2680 Fixes #2681
 2024-03-26 01:43:03 +00:00
Dustin Frisch e5702909d0
ldap-sync: allow to use attrs more than once (#2676) 2024-03-25 09:41:24 +00:00
Firstyear fcc65e6fbe
20240312 concread upgrade (#2668) 
* Update concread
 2024-03-19 12:06:52 +07:00
Firstyear 285f4362b2
20230224 2437 orca remodel (#2591) 2024-03-09 16:09:15 +10:00
Firstyear cc28fb2c4b
Re-enable HW tpm support (#2531) 2024-02-17 01:30:08 +00:00
Firstyear 62dff7565e
Add further hardening for system services (#2542) 2024-02-17 00:11:32 +00:00
Firstyear e3e77fe7b4
Update to latest dev version (#2486) 2024-02-08 09:54:07 +10:00
Firstyear 7567514044
Release 1.1.0-rc.16 (#2483) 2024-02-07 04:39:02 +00:00
Firstyear 23cc2e7745
Fix RUV trim (#2466) 
Fixes two major issues with replication.

The first was related to server refreshes. When a server was refreshed it would retain it's server unique id. If the server had lagged and was disconnected from replication and administrator would naturally then refresh it's database. This meant that on next tombstone purge of the server, it's RUV would jump ahead causing it's refresh-supplier to now believe it was lagging (which was not the case).

In the situation where a server is refreshed, we reset the servers unique replication ID which avoids the RUV having "jumps".

The second issue was related to RUV trimming. A server which had older RUV entries (say from servers that have been trimmed) would "taint" and re-supply those server ID's back to nodes that wanted to trim them. This also meant that on a restart of the server, that if the node had correctly trimmed the server ID, it would be re-added in memory.

This improves RUV trimming by limiting what what compare and check as a supplier to only CID's that are within the valid changelog window. This itself presented challenges with "how to determine if a server should be removed from the RUV". To achieve this we now check for "overlap" of the RUVS. If overlap isn't occurring it indicates split brain or node isolation, and replication is stopped in these cases.
 2024-02-02 15:38:45 +10:00
James Hodgkinson e02e0501eb
Adding max_ber_size option in config for ldap sync (#2416) 2024-01-19 10:42:04 +10:00
Firstyear 76269f9de2
20231129 webauthn attestation (#2351) 
This adds full support for attestation of webauthn/passkeys.
 2023-12-03 06:13:52 +00:00
Firstyear 85022e5e8a
Fix handling of TPM in some trait contexts (#2347) 2023-12-03 05:33:25 +00:00
Firstyear 31b939fca3
20231128 freeipa migration (#2338) 
* Add more weak password formats for freeipa
* Verification of freeipa migration from older ipa versions
 2023-11-29 10:43:15 +10:00
Firstyear 060cb729a7
Expose TPM in more interface places (#2334) 2023-11-27 14:35:59 +10:00
Firstyear ac299b5286
Update to the latest compact-jwt version (#2331) 2023-11-24 02:53:22 +00:00
dependabot[bot] b817eb6e11
chore(deps): bump the all group with 3 updates (#2324) 
Bumps the all group with 3 updates: [http](https://github.com/hyperium/http), [tracing-subscriber](https://github.com/tokio-rs/tracing) and [utoipa](https://github.com/juhaku/utoipa).


Updates `http` from 0.2.10 to 0.2.11
- [Release notes](https://github.com/hyperium/http/releases)
- [Changelog](https://github.com/hyperium/http/blob/v0.2.11/CHANGELOG.md)
- [Commits](https://github.com/hyperium/http/compare/v0.2.10...v0.2.11)

Updates `tracing-subscriber` from 0.3.17 to 0.3.18
- [Release notes](https://github.com/tokio-rs/tracing/releases)
- [Commits](https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.17...tracing-subscriber-0.3.18)

Updates `utoipa` from 4.0.0 to 4.1.0
- [Release notes](https://github.com/juhaku/utoipa/releases)
- [Commits](https://github.com/juhaku/utoipa/compare/utoipa-4.0.0...utoipa-4.1.0)

---
updated-dependencies:
- dependency-name: http
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: tracing-subscriber
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: utoipa
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-19 20:44:45 +00:00
dependabot[bot] 3225310fcd
chore(deps): bump the all group with 4 updates (#2306) 
Bumps the all group with 4 updates: [clap](https://github.com/clap-rs/clap), [http](https://github.com/hyperium/http), [rpassword](https://github.com/conradkleinespel/rpassword) and [tokio](https://github.com/tokio-rs/tokio).


Updates `clap` from 4.4.7 to 4.4.8
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/v4.4.7...v4.4.8)

Updates `http` from 0.2.9 to 0.2.10
- [Release notes](https://github.com/hyperium/http/releases)
- [Changelog](https://github.com/hyperium/http/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/http/compare/v0.2.9...v0.2.10)

Updates `rpassword` from 7.2.0 to 7.3.1
- [Release notes](https://github.com/conradkleinespel/rpassword/releases)
- [Commits](https://github.com/conradkleinespel/rpassword/compare/v7.2.0...v7.3.1)

Updates `tokio` from 1.33.0 to 1.34.0
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.33.0...tokio-1.34.0)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: http
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: rpassword
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-13 01:47:02 +00:00
James Hodgkinson 60e5935faa
Moving daemon tracing to OpenTelemetry (#2292) 
* sally forth into the great otel unknown
* make the build env identification slightly more durable
* docs updates
* wasm recompile
 2023-11-09 05:15:12 +00:00
Firstyear 3bd2cc8a9f
20231101 add id cert to unixint (#2284) 2023-11-09 13:11:23 +10:00
dependabot[bot] 9a2e588dfa
chore(deps): bump the all group with 8 updates (#2293) 
Bumps the all group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [dyn-clone](https://github.com/dtolnay/dyn-clone) | `1.0.14` | `1.0.16` |
| [js-sys](https://github.com/rustwasm/wasm-bindgen) | `0.3.64` | `0.3.65` |
| [libc](https://github.com/rust-lang/libc) | `0.2.149` | `0.2.150` |
| [openssl-sys](https://github.com/sfackler/rust-openssl) | `0.9.93` | `0.9.95` |
| [openssl](https://github.com/sfackler/rust-openssl) | `0.10.57` | `0.10.59` |
| [wasm-bindgen-futures](https://github.com/rustwasm/wasm-bindgen) | `0.4.37` | `0.4.38` |
| [wasm-bindgen-test](https://github.com/rustwasm/wasm-bindgen) | `0.3.37` | `0.3.38` |
| [web-sys](https://github.com/rustwasm/wasm-bindgen) | `0.3.64` | `0.3.65` |


Updates `dyn-clone` from 1.0.14 to 1.0.16
- [Release notes](https://github.com/dtolnay/dyn-clone/releases)
- [Commits](https://github.com/dtolnay/dyn-clone/compare/1.0.14...1.0.16)

Updates `js-sys` from 0.3.64 to 0.3.65
- [Release notes](https://github.com/rustwasm/wasm-bindgen/releases)
- [Changelog](https://github.com/rustwasm/wasm-bindgen/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustwasm/wasm-bindgen/commits)

Updates `libc` from 0.2.149 to 0.2.150
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.149...0.2.150)

Updates `openssl-sys` from 0.9.93 to 0.9.95
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-sys-v0.9.93...openssl-sys-v0.9.95)

Updates `openssl` from 0.10.57 to 0.10.59
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.57...openssl-v0.10.59)

Updates `wasm-bindgen-futures` from 0.4.37 to 0.4.38
- [Release notes](https://github.com/rustwasm/wasm-bindgen/releases)
- [Changelog](https://github.com/rustwasm/wasm-bindgen/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustwasm/wasm-bindgen/commits)

Updates `wasm-bindgen-test` from 0.3.37 to 0.3.38
- [Release notes](https://github.com/rustwasm/wasm-bindgen/releases)
- [Changelog](https://github.com/rustwasm/wasm-bindgen/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustwasm/wasm-bindgen/commits)

Updates `web-sys` from 0.3.64 to 0.3.65
- [Release notes](https://github.com/rustwasm/wasm-bindgen/releases)
- [Changelog](https://github.com/rustwasm/wasm-bindgen/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustwasm/wasm-bindgen/commits)

---
updated-dependencies:
- dependency-name: dyn-clone
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: js-sys
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: openssl-sys
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: openssl
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: wasm-bindgen-futures
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: wasm-bindgen-test
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: web-sys
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-05 21:24:21 +00:00