mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions 16 Packages Projects Releases Wiki Activity
2272 commits 17 branches 59 tags 246 MiB
Commit graph

2272 commits

This branch
This branch
All branches
Author SHA1 Message Date
Firstyear ea0e63cc2a
20240927 SCIM put (#3151) 2024-11-30 06:56:17 +00:00
Firstyear 8bbdf6bd6a
Clear invalid tokens from unix resolver (#3256) 2024-11-30 06:32:10 +00:00
Firstyear db101e6d26
Clippy Lints (#3255) 2024-11-30 06:13:26 +00:00
James Hodgkinson c1ed939c28
Allow OAuth2 loopback redirects if the path matches (#3252) 2024-11-30 05:40:05 +00:00
Firstyear 4528a1bda0
Correctly display domain name on login (#3254) 2024-11-30 04:13:27 +00:00
Firstyear 52987ab8b2
Display account_id during success/deny paths in unixd (#3253) 2024-11-30 13:57:01 +10:00
George Wu 974fec1d93
s/idm_people_self_write_mail/idm_people_self_mail_write/g (#3250) 2024-11-30 09:13:34 +10:00
James Hodgkinson a5adf8bcad
handle missing map_group setting in config (#3242) 2024-11-29 02:03:48 +00:00
micolous fa77076a95
owncloud: Add SameSite=Lax config for cross-domain auth (#3245) 2024-11-28 17:44:12 +10:00
dependabot[bot] 615f07f7d3
Bump the all group across 1 directory with 7 updates (#3238) 
* Bump the all group across 1 directory with 7 updates

Bumps the all group with 7 updates in the /pykanidm directory:

| Package | From | To |
| --- | --- | --- |
| [pydantic](https://github.com/pydantic/pydantic) | `2.9.2` | `2.10.1` |
| [aiohttp](https://github.com/aio-libs/aiohttp) | `3.10.11` | `3.11.7` |
| [coverage](https://github.com/nedbat/coveragepy) | `7.6.4` | `7.6.8` |
| [mkdocs-material](https://github.com/squidfunk/mkdocs-material) | `9.5.44` | `9.5.45` |
| [mkdocstrings](https://github.com/mkdocstrings/mkdocstrings) | `0.26.2` | `0.27.0` |
| [pook](https://github.com/h2non/pook) | `2.1.1` | `2.1.2` |
| [ruff](https://github.com/astral-sh/ruff) | `0.7.2` | `0.8.0` |



Updates `pydantic` from 2.9.2 to 2.10.1
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](https://github.com/pydantic/pydantic/compare/v2.9.2...v2.10.1)

Updates `aiohttp` from 3.10.11 to 3.11.7
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.10.11...v3.11.7)

Updates `coverage` from 7.6.4 to 7.6.8
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.6.4...7.6.8)

Updates `mkdocs-material` from 9.5.44 to 9.5.45
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.44...9.5.45)

Updates `mkdocstrings` from 0.26.2 to 0.27.0
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mkdocstrings/mkdocstrings/compare/0.26.2...0.27.0)

Updates `pook` from 2.1.1 to 2.1.2
- [Release notes](https://github.com/h2non/pook/releases)
- [Changelog](https://github.com/h2non/pook/blob/master/History.rst)
- [Commits](https://github.com/h2non/pook/compare/v2.1.1...v2.1.2)

Updates `ruff` from 0.7.2 to 0.8.0
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.7.2...0.8.0)

---
updated-dependencies:
- dependency-name: pydantic
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: aiohttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: mkdocs-material
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: mkdocstrings
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: pook
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* fixing minor mypy issue

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2024-11-25 20:33:18 +10:00
James Hodgkinson 0054fe17fe
Yaleman/issue3229 (#3239) 
* Fix wrong success message on kanidm group set-entry-manager #3229
 2024-11-25 09:38:46 +10:00
dependabot[bot] 767c5014d5
Bump the all group across 1 directory with 12 updates (#3235) 
Bumps the all group with 12 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [axum](https://github.com/tokio-rs/axum) | `0.7.7` | `0.7.9` |
| [clap](https://github.com/clap-rs/clap) | `4.5.20` | `4.5.21` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.37` | `4.5.38` |
| [hyper](https://github.com/hyperium/hyper) | `1.5.0` | `1.5.1` |
| [libc](https://github.com/rust-lang/libc) | `0.2.162` | `0.2.164` |
| [proc-macro2](https://github.com/dtolnay/proc-macro2) | `1.0.89` | `1.0.92` |
| [rustls](https://github.com/rustls/rustls) | `0.23.16` | `0.23.18` |
| [serde](https://github.com/serde-rs/serde) | `1.0.214` | `1.0.215` |
| [serde_json](https://github.com/serde-rs/json) | `1.0.132` | `1.0.133` |
| [syn](https://github.com/dtolnay/syn) | `2.0.87` | `2.0.89` |
| [axum-extra](https://github.com/tokio-rs/axum) | `0.9.4` | `0.9.6` |
| [tower-http](https://github.com/tower-rs/tower-http) | `0.6.1` | `0.6.2` |



Updates `axum` from 0.7.7 to 0.7.9
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-v0.7.7...axum-v0.7.9)

Updates `clap` from 4.5.20 to 4.5.21
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.20...clap_complete-v4.5.21)

Updates `clap_complete` from 4.5.37 to 4.5.38
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.37...clap_complete-v4.5.38)

Updates `hyper` from 1.5.0 to 1.5.1
- [Release notes](https://github.com/hyperium/hyper/releases)
- [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/hyper/compare/v1.5.0...v1.5.1)

Updates `libc` from 0.2.162 to 0.2.164
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.162...0.2.164)

Updates `proc-macro2` from 1.0.89 to 1.0.92
- [Release notes](https://github.com/dtolnay/proc-macro2/releases)
- [Commits](https://github.com/dtolnay/proc-macro2/compare/1.0.89...1.0.92)

Updates `rustls` from 0.23.16 to 0.23.18
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.23.16...v/0.23.18)

Updates `serde` from 1.0.214 to 1.0.215
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.214...v1.0.215)

Updates `serde_json` from 1.0.132 to 1.0.133
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.132...v1.0.133)

Updates `syn` from 2.0.87 to 2.0.89
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.87...2.0.89)

Updates `axum-extra` from 0.9.4 to 0.9.6
- [Release notes](https://github.com/tokio-rs/axum/releases)
- [Changelog](https://github.com/tokio-rs/axum/blob/main/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/axum/compare/axum-extra-v0.9.4...axum-extra-v0.9.6)

Updates `tower-http` from 0.6.1 to 0.6.2
- [Release notes](https://github.com/tower-rs/tower-http/releases)
- [Commits](https://github.com/tower-rs/tower-http/compare/tower-http-0.6.1...tower-http-0.6.2)

---
updated-dependencies:
- dependency-name: axum
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: clap_complete
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: hyper
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: proc-macro2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: axum-extra
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: tower-http
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-24 23:18:24 +10:00
Firstyear bd53c88229
Update to latest fido-mds-tool (#3230) 2024-11-22 06:57:39 +00:00
Firstyear d2f5e13c97
Warn when v2 options are used in v1 unixd config (#3228) 
Options like map_group would fail silently when version=2 wasn't
set in our unix config. this detects that case and warns that it
is occuring.

To prevent this in the future, we deny unknown keys in v2 so that
if (when?) we add v3, new keys will cause an error.
 2024-11-22 02:02:04 +00:00
dependabot[bot] 5393891ea8
Bump aiohttp from 3.10.10 to 3.10.11 in /pykanidm in the pip group (#3223) 
Bumps the pip group in /pykanidm with 1 update: [aiohttp](https://github.com/aio-libs/aiohttp).


Updates `aiohttp` from 3.10.10 to 3.10.11
- [Release notes](https://github.com/aio-libs/aiohttp/releases)
- [Changelog](https://github.com/aio-libs/aiohttp/blob/master/CHANGES.rst)
- [Commits](https://github.com/aio-libs/aiohttp/compare/v3.10.10...v3.10.11)

---
updated-dependencies:
- dependency-name: aiohttp
  dependency-type: direct:production
  dependency-group: pip
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-21 10:27:43 +00:00
Firstyear 809cacdb85
Resolve UI Auth Loop with OAuth2 (#3226) 
If an OAuth2 auth request resume cookie was present, and at the same
time the kani instance was restarted, the cookie would now fail
to validate on the instance. This caused the user to experience an auth
loop where after every authentication they would see an error *despite*
logging in correctly, and then a refresh would show the correct
apps page.

This removes the auth_req cookie correctly even if it fails to
deserialise.
 2024-11-21 09:29:35 +00:00
Firstyear ce0ad8f854
Harden transport in pam unixd (#3227) 
In some cases if the transport drops out from underneath unixd,
it can be difficult to diagnose and leads to inconsistent errors
and output such as prompting for a password multiple times when
it can't succeed.

This makes it clearer that the transport had an error, and it
denies the inflight authsession to prevent spurious password
prompts.
 2024-11-21 07:43:14 +00:00
Firstyear 7348c0348a
Improve warning around invalid JWT deserialisation (#3224) 
* Improve warning around invalid JWT deserialisation

* typo
 2024-11-21 06:52:43 +00:00
George Wu 505e7d9530
Update and fix server config files in examples. (#3225) 2024-11-20 16:57:49 +10:00
George Wu ed38e92448
Change CLI oauth2 command from set-display-name to set-displayname for consistency. (#3212) 
* Change CLI domain command from set-display-name to set-displayname for consistency.

* Also fix CLI.
 2024-11-19 04:28:07 +00:00
George Wu 155225c0f9
Add docs on customising Kanidm. (#3209) 
* Add docs on customising Kanidm.

* Add more info about images that can be used.

* s/set-display-name/set-displayname/g
 2024-11-19 01:37:44 +00:00
Georg 77e13b817a
Correct spelling of occurred (#3222) 
Signed-off-by: Georg Pfuetzenreuter <mail@georg-pfuetzenreuter.net>
 2024-11-19 00:37:51 +00:00
dependabot[bot] 9c49c831c1
Bump the all group across 1 directory with 13 updates (#3202) 
Bumps the all group with 13 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [anyhow](https://github.com/dtolnay/anyhow) | `1.0.91` | `1.0.93` |
| [clap_complete](https://github.com/clap-rs/clap) | `4.5.35` | `4.5.37` |
| [csv](https://github.com/BurntSushi/rust-csv) | `1.3.0` | `1.3.1` |
| [hyper-util](https://github.com/hyperium/hyper-util) | `0.1.9` | `0.1.10` |
| [libc](https://github.com/rust-lang/libc) | `0.2.161` | `0.2.162` |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.12.8` | `0.12.9` |
| [rustls](https://github.com/rustls/rustls) | `0.23.15` | `0.23.16` |
| [serde](https://github.com/serde-rs/serde) | `1.0.213` | `1.0.214` |
| [syn](https://github.com/dtolnay/syn) | `2.0.85` | `2.0.87` |
| [tempfile](https://github.com/Stebalien/tempfile) | `3.13.0` | `3.14.0` |
| [tokio](https://github.com/tokio-rs/tokio) | `1.41.0` | `1.41.1` |
| [escargot](https://github.com/crate-ci/escargot) | `0.5.12` | `0.5.13` |
| [jsonschema](https://github.com/Stranger6667/jsonschema) | `0.26.0` | `0.26.1` |



Updates `anyhow` from 1.0.91 to 1.0.93
- [Release notes](https://github.com/dtolnay/anyhow/releases)
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.91...1.0.93)

Updates `clap_complete` from 4.5.35 to 4.5.37
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/clap-rs/clap/compare/clap_complete-v4.5.35...clap_complete-v4.5.37)

Updates `csv` from 1.3.0 to 1.3.1
- [Commits](https://github.com/BurntSushi/rust-csv/compare/1.3.0...1.3.1)

Updates `hyper-util` from 0.1.9 to 0.1.10
- [Release notes](https://github.com/hyperium/hyper-util/releases)
- [Changelog](https://github.com/hyperium/hyper-util/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hyperium/hyper-util/compare/v0.1.9...v0.1.10)

Updates `libc` from 0.2.161 to 0.2.162
- [Release notes](https://github.com/rust-lang/libc/releases)
- [Changelog](https://github.com/rust-lang/libc/blob/0.2.162/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/libc/compare/0.2.161...0.2.162)

Updates `reqwest` from 0.12.8 to 0.12.9
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](https://github.com/seanmonstar/reqwest/compare/v0.12.8...v0.12.9)

Updates `rustls` from 0.23.15 to 0.23.16
- [Release notes](https://github.com/rustls/rustls/releases)
- [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md)
- [Commits](https://github.com/rustls/rustls/compare/v/0.23.15...v/0.23.16)

Updates `serde` from 1.0.213 to 1.0.214
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.213...v1.0.214)

Updates `syn` from 2.0.85 to 2.0.87
- [Release notes](https://github.com/dtolnay/syn/releases)
- [Commits](https://github.com/dtolnay/syn/compare/2.0.85...2.0.87)

Updates `tempfile` from 3.13.0 to 3.14.0
- [Changelog](https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stebalien/tempfile/compare/v3.13.0...v3.14.0)

Updates `tokio` from 1.41.0 to 1.41.1
- [Release notes](https://github.com/tokio-rs/tokio/releases)
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.41.0...tokio-1.41.1)

Updates `escargot` from 0.5.12 to 0.5.13
- [Changelog](https://github.com/crate-ci/escargot/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/escargot/compare/v0.5.12...v0.5.13)

Updates `jsonschema` from 0.26.0 to 0.26.1
- [Release notes](https://github.com/Stranger6667/jsonschema/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stranger6667/jsonschema/compare/rust-v0.26.0...rust-v0.26.1)

---
updated-dependencies:
- dependency-name: anyhow
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: clap_complete
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: csv
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: hyper-util
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: libc
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: reqwest
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: rustls
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: syn
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: tempfile
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: tokio
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: escargot
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-12 20:01:35 +09:00
Firstyear dfbcfa865f
UI/Feature polish (#3191) 
Post release some small user issues arose

* Optimise the autofocus for logins with passkeys to limit clicks
* Sort login mechs by strength
* Fix cookies to persist between browser restarts
 2024-11-10 04:02:27 +00:00
Firstyear 1218abd8c6
Prevent Invalid MFA Reg States (#3194) 2024-11-10 03:36:28 +00:00
George Wu ab4291e8d2
Change CSS for applications so SVG scales nicely in Firefox. (#3200) 2024-11-10 00:00:31 +00:00
Firstyear 9973385381
20241109 3185 max age (#3196) 2024-11-10 06:20:15 +09:00
Firstyear 0f3f604ba0
Hoist max_age to prevent incorrect deserialisation (#3190) 2024-11-09 13:28:29 +09:00
Firstyear 4f87ee2fc8
Use correct oauth2 manage acp (#3186) 2024-11-08 01:31:35 +00:00
Firstyear a7394e8875
Re-migrate all acps to force updating (#3184) 
* Re-migrate all acps to force updating

* Update server/lib/src/server/migrations.rs

---------

Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
 2024-11-07 18:52:42 +09:00
dependabot[bot] b3c6eea4e9
Bump the all group across 1 directory with 2 updates (#3180) 
Bumps the all group with 2 updates in the /pykanidm directory: [mkdocs-material](https://github.com/squidfunk/mkdocs-material) and [ruff](https://github.com/astral-sh/ruff).


Updates `mkdocs-material` from 9.5.42 to 9.5.44
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.5.42...9.5.44)

Updates `ruff` from 0.7.1 to 0.7.2
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.7.1...0.7.2)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-07 04:53:05 +00:00
Firstyear 853f787327
security - low - fault in migrations (#3182) 
A fault existed in the server's internal migration code, where attributes
that were multivalued would be merged rather than replaced in certain
contexts. This migration path is used for access controls, meaning that
on upgrades, attributes that were meant to be removed from access
controls or changes to access control target groups were not reflected
during the upgrade process.

This has a potentially low security impact as it may have allowed
users to change their name/displayname even if the administrator
had disable the name_self_write access control.
 2024-11-07 14:32:37 +10:00
pando85 5572497909
fix(kanidmd): Print replication cert to stdout (#3179) 
ShowReplicationCertificate was printing the certificate to stderr
which is not consistent with the rest of the output commands.
 2024-11-07 00:30:24 +00:00
Firstyear fbbe10e295
Correct missing CSP header (#3177) 2024-11-05 14:48:11 +10:00
Firstyear c96e9772c7
Resolve pam services not always having a tty (#3176) 2024-11-05 00:49:33 +00:00
Firstyear ea1fcf59e5
Resolve incorrect handling of rhost in pam (#3171) 2024-11-03 00:13:26 +00:00
CEbbinghaus 1b58e4169a
chore: Made oauth2 scopes required in CLI (#3165) 2024-11-01 01:59:27 +00:00
micolous cc7530aa65
More "choosing a domain" revision (#3161) 
* More "choosing a domain" revision:

* Link to the domain rename process
* Add some hyphens to make things easier to read
* Move the OAuth 2.0 domain sharing guidance into the origin section
* Add DNS -> IP as a potential issue
* Discourage requesting public suffix list inclusion as a workaround

* Add "own hostname" section
 2024-10-30 01:48:46 +00:00
dependabot[bot] d174cbfd72
Bump jsonschema from 0.21.0 to 0.26.0 in the all group (#3157) 
* Bump jsonschema from 0.21.0 to 0.26.0 in the all group

Bumps the all group with 1 update: [jsonschema](https://github.com/Stranger6667/jsonschema).


Updates `jsonschema` from 0.21.0 to 0.26.0
- [Release notes](https://github.com/Stranger6667/jsonschema/releases)
- [Changelog](https://github.com/Stranger6667/jsonschema/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Stranger6667/jsonschema/compare/rust-v0.21.0...rust-v0.26.0)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>

* fixing up change in JSONschema errors

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
Co-authored-by: Firstyear <william@blackhats.net.au>
 2024-10-30 01:31:48 +00:00
George Wu fbb3b6b2db
Update missing inputmode numeric when adding a new TOTP. (#3160) 2024-10-29 12:57:24 +00:00
Firstyear ce31abeeb0
Improve OAuth2 authorisation ux (#3158) 
- Resolve an issue where oauth2 could trigger the login page to
  incorrectly redirect to an oauth2 application instead of apps
- Add indication of what client application we are accessing
  if the session is not yet authenticated
 2024-10-29 04:56:28 +00:00
Firstyear 53dcb5265a
Fix attribute scim sync attribute naming (#3159) 2024-10-29 14:26:51 +10:00
George Wu d2c329f330
Change to text input and use numeric mode for TOTP prompts. (#3154) 
* Change to text input and use inputmode numeric for TOTP prompts.

* Fix some typos.
 2024-10-27 23:57:28 +00:00
dependabot[bot] 44ddfb98f1
Bump the all group in /pykanidm with 3 updates (#3156) 
Bumps the all group in /pykanidm with 3 updates: [mypy](https://github.com/python/mypy), [coverage](https://github.com/nedbat/coveragepy) and [ruff](https://github.com/astral-sh/ruff).


Updates `mypy` from 1.12.1 to 1.13.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.12.1...v1.13.0)

Updates `coverage` from 7.6.3 to 7.6.4
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.6.3...7.6.4)

Updates `ruff` from 0.7.0 to 0.7.1
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.7.0...0.7.1)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: coverage
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-28 09:18:11 +10:00
Firstyear f7d701c344
Fix release note date and typos (#3153) 2024-10-27 13:06:11 +10:00
Firstyear a76a0f5a6e
Begin 1.5.0 Development Cycle (#3150) 2024-10-27 01:53:24 +00:00
Firstyear 243a020bdb
Release Notes (#3149) 
* Update RELEASE_NOTES.md
 2024-10-27 00:46:25 +00:00
Firstyear 2e6d940691
Remove WASM (#3148) 
liberal party took over, more cuts
 2024-10-26 17:19:13 +10:00
micolous 5c9eb87a75
Rewrite "choosing a domain", add other considerations (#3147) 
Co-authored-by: Firstyear <william@blackhats.net.au>
 2024-10-26 05:31:01 +00:00
Wei Jian Gan bc55313d87
Harmonize UI and remove unused css (#3033) 
-------

Co-authored-by: Wei Jian Gan <wg@danicapension.dk>
Co-authored-by: William Brown <william@blackhats.net.au>
 2024-10-26 04:47:44 +00:00