From 1a4d54c7a52b658ea02d260952cc943476325e43 Mon Sep 17 00:00:00 2001 From: James Hodgkinson Date: Wed, 7 Aug 2024 12:07:19 +1000 Subject: [PATCH] bloggy mcblogpost for v1.3.0 - updating makefile/autobuild --- .github/workflows/zola_build.yml | 2 +- Makefile | 6 +++- config.toml | 4 +-- content/blog/2024-08-07-1.3.0.md | 55 ++++++++++++++++++++++++++++++++ 4 files changed, 63 insertions(+), 4 deletions(-) create mode 100644 content/blog/2024-08-07-1.3.0.md diff --git a/.github/workflows/zola_build.yml b/.github/workflows/zola_build.yml index e5c2890..7e2edde 100644 --- a/.github/workflows/zola_build.yml +++ b/.github/workflows/zola_build.yml @@ -18,7 +18,7 @@ jobs: - name: Install zola uses: taiki-e/install-action@v2 with: - tool: zola@0.18.0 + tool: zola@0.19.1 - name: Install Deno uses: denoland/setup-deno@v1 with: diff --git a/Makefile b/Makefile index 98531c9..b745481 100644 --- a/Makefile +++ b/Makefile @@ -28,4 +28,8 @@ deno/apply: ## Apply the deno suggestions .PHONY: check check: ## Lint the things check: codespell deno/check - zola check \ No newline at end of file + zola check + +.PHONY: serve +serve: ## Serve the site + zola serve \ No newline at end of file diff --git a/config.toml b/config.toml index 093baf4..4caf891 100644 --- a/config.toml +++ b/config.toml @@ -20,13 +20,13 @@ minify_html = false # When set to "true", a feed is automatically generated. -generate_feed = true +generate_feeds = true # The filename to use for the feed. Used as the template filename, too. # Defaults to "atom.xml", which has a built-in template that renders an Atom 1.0 feed. # There is also a built-in template "rss.xml" that renders an RSS 2.0 feed. -feed_filename = "rss.xml" +feed_filenames = ["rss.xml"] # When set to "true", files in the `static` directory are hard-linked. Useful for large diff --git a/content/blog/2024-08-07-1.3.0.md b/content/blog/2024-08-07-1.3.0.md new file mode 100644 index 0000000..ee191df --- /dev/null +++ b/content/blog/2024-08-07-1.3.0.md @@ -0,0 +1,55 @@ +--- +layout: "post" +title: "Kanidm 1.3.0" +date: "2024-08-04T12:00:05+10:00" +author: "James Hodgkinson" +categories: ["blog", "release"] +--- + +v1.3.0! Woo! + +This is the latest stable release of the Kanidm Identity Management project. Every release is the combined effort of our +community and we appreciate their invaluable contributions, comments, questions, feedback and support. + +You should review our [support documentation](https://github.com/kanidm/kanidm/blob/master/book/src/support.md) as this +may have important effects on your distribution or upgrades in future. + +Before upgrading you should review our +[upgrade documentation](https://github.com/kanidm/kanidm/blob/master/book/src/server_updates.md#general-update-notes). + +## Important Changes + +- New GID number constraints are now enforced in this version. To upgrade from 1.2.0 all accounts and groups must adhere + to these rules. See + [our upgrade documentation](https://github.com/kanidm/kanidm/blob/master/book/src/server_updates.md#general-update-notes). + about tools to help you detect and correct affected entries. +- OAuth2 URIs require stricter matching rules to be applied from 1.4.0. +- Security Keys will be removed as a second factor alternative to TOTP from accounts in 1.4.0. It has not been possible + to register a new security for more than 1 year. Security Keys are surpassed by PassKeys which give a better user + experience. +- Kanidm now supports FreeBSD and Illumos in addition to Linux. + +## Release Highlights + +- TOTP update user interface improvements +- Improved error messages when a load balancer is failing +- Reduced server log noise to improve event clarity +- Replace jemalloc with mimalloc +- User session storage can optionally use cookies +- Strictly enforce same-version for backup/restore processes +- Allow name self-write to be withheld +- Add support for LDAP Compare operations +- Reduced memory usage +- Improved update flow when changing from dev to stable server versions +- PIV authentication foundations +- Significant improvements to performance for write and search operations +- Support Illumos +- Begin rewrite of the webui +- OAuth2 allows multiple origins +- Strict redirect URI enforcement in OAuth2 +- Lengthen replication MTLS certificate lifetime +- UNIX daemon allows home paths to be in an external mount folder +- Substring indexing for improved search performance +- Upgrade Axum HTTP framework to the latest stable + +[View the release on GitHub](https://github.com/kanidm/kanidm/releases/tag/v1.3.0)