Release 1.1.0-beta.13 (#1922)

kanidm · Aug 1, 2023 · 689c7c7 · 689c7c7
1 parent cccc20e
commit 689c7c7
Show file tree

Hide file tree

Showing 9 changed files with 207 additions and 152 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -28,7 +28,7 @@ members = [
 ]
 
 [workspace.package]
-version = "1.1.0-beta.13-dev"
+version = "1.1.0-beta.13"
 authors = [
     "William Brown <william@blackhats.net.au>",
     "James Hodgkinson <james@terminaloutcomes.com>",
@@ -151,7 +151,8 @@ tracing = { version = "^0.1.37" }
 tracing-subscriber = { version = "^0.3.17", features = ["env-filter"] }
 
 # tracing-forest = { path = "/Users/william/development/tracing-forest/tracing-forest" }
-tracing-forest = { git = "https://github.com/QnnOkabayashi/tracing-forest.git", rev = "77daf8c8abf010b87d45ece2bf656983c6f8cecb" }
+# tracing-forest = { git = "https://github.com/QnnOkabayashi/tracing-forest.git", rev = "77daf8c8abf010b87d45ece2bf656983c6f8cecb" }
+tracing-forest = "^0.1.6"
 
 tss-esapi = "^7.2.0"
 

diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
 IMAGE_BASE ?= kanidm
 IMAGE_VERSION ?= devel
-IMAGE_EXT_VERSION ?= 1.1.0-beta.13-dev
+IMAGE_EXT_VERSION ?= 1.1.0-beta.13
 CONTAINER_TOOL_ARGS ?=
 IMAGE_ARCH ?= "linux/amd64,linux/arm64"
 CONTAINER_BUILD_ARGS ?=

diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
@@ -14,6 +14,56 @@ report it to our [issue tracker].
 
 # Release Notes
 
+## 2023-05-01 - Kanidm 1.1.0-beta13
+
+This is the thirteenth pre-release of the Kanidm Identity Management project. Pre-releases are to
+help get feedback and ideas from the community on how we can continue to make this project better.
+
+At this point we believe we are on the final stretch to making something we consider "release
+ready". After this we will start to ship release candidates as our focus will now be changing to
+finish our production components and the stability of the API's for longer term support.
+
+### Release Highlights
+
+- Replication foundations
+  - Full implementation of replication refresh
+  - Full implementation of incremental replication
+  - RUV consistency is now stricter
+- Allow tpm binding unixd password hash cache
+- Use argon2id for all password hash types
+- Allow distros to set default shell
+- Convert from tide to axum
+- Modularise unix integration for third party modules
+- Improve account recovery by performing over unix socket for live changes
+- Support hsts in all responses
+- Allow sync agreements to yield some attrs to kanidm
+- Fix bug with posix account gid setting causing gid to be randomised
+- Improve account sync import, including mail attrs and better session handling
+- Bug fix in unixd when certain operation orders could cause group cache to be ignored
+- pre-compress all wasm to improve loading times
+- Add preflight headers for SPA oauth2 clients
+- Persist nonce through refresh tokens to support public clients
+- Allow public (pkce) oauth2 clients
+- Add client UX for external credential portals for synchronised accounts
+- Improve migration durability with a global transaction
+- Cli now shows spn instead of username to allow better multidomain admin
+- Add qrcode for self-enrolling other devices with auth methods
+- Add tls certgen to main binary to improve developer and quickstart setup
+- Unixd now blocks all local account names and id's resolving prevent priv-esc
+- Fix bug with service-account session logout access
+- Oauth2 app list shows when no applications are available
+- Improve ip audit logging
+- Improve cli with re-auth when session is expired
+- Support legacy cron syntax in backup config
+- Improve socket startup in main daemon
+- Add support for selinux labeling of home dirs by tasks daemon
+- Resolve bug in ssh key management if key tag has a space in it
+- Allow tokens to be identified
+- Remove incompatible credentials for service accounts during recovery
+- Fix issues with signal handling for unix tasks daemon
+- Improve create-reset-token user experience
+- Improve self-healing for some reference issues
+
 ## 2023-05-01 - Kanidm 1.1.0-alpha12
 
 This is the twelfth alpha series release of the Kanidm Identity Management project. Alpha releases

diff --git a/server/lib/src/constants/mod.rs b/server/lib/src/constants/mod.rs
@@ -17,7 +17,7 @@ pub use crate::constants::values::*;
 use std::time::Duration;
 
 // Increment this as we add new schema types and values!!!
-pub const SYSTEM_INDEX_VERSION: i64 = 29;
+pub const SYSTEM_INDEX_VERSION: i64 = 30;
 
 /*
  * domain functional levels

diff --git a/server/web_ui/pkg/README.md b/server/web_ui/pkg/README.md
@@ -73,6 +73,7 @@ Kanidm is pronounced as "kar - nee - dee - em".
 ## Comparison with other services
 
 <details><summary>LLDAP</summary>
+
 [LLDAP](https://github.com/nitnelave/lldap) is a similar project aiming for a small and easy to
 administer LDAP server with a web administration portal. Both projects use the
 [Kanidm LDAP bindings](https://github.com/kanidm/ldap3), and have many similar ideas.
@@ -128,7 +129,7 @@ start with in many cases.
 Kanidm does NOT require Keycloak to provide services such as Oauth2 and integrates many of the
 elements in a simpler and correct way out of the box in comparison.
 
-<details>
+</details>
 
 ## Developer Getting Started