í«îÛ    kanidm-docs-1.4.0~git2.770efa8-bp156.7.1                                            Ž­è         <   >     ,     è            ê          ì         ‰ g+jpŠIë%Ûzà
I„ÿdpˆãµRƒÚün°>šl¾JßD³~Ü1Ê‘o½‚¿{h)(/ÐÍ*ûÕ’Á!˜D€¤ñ&É\[|R‡ŽM„Ýd¼Îá-‰JG³$l–ßèåÍe€4ªd‹ÝS“¡;®®Ì~½k•<X·p!ñ¡¬Ô-l^„xíÞCÜ™ k¿®Ë"_ËÖë Øº÷â@šdUeZyXZ³ÓË$ˆ\÷¨¬Ø`z£Þ8(^!'t"xÉà7îšlá*BØÝâ —þÀ§U±8c§”Ij
Iüã6N¡óz¼óœ.?'âáHí¤ÄãÚÖ^û»ä};“@âë úi‘Q:¬à‰lúò%I|¿‘èÛMÕÉ¬E‚(;vF/óÒ£˜,µQôI•UJAÛQ3kµTCªÂøwJe—o9$ÑøTÿí¸ÉÝò‚å†^¿„&g\ÐR±æàw3Ê4Âûu|º´Išèäé£#W<]ù8e€SxÖ_]Îð¹FýcÀ¥Sæ‘“æ,Tm,itt)×Ÿ¨ƒiÃS6w…¥¦ê‡ÃU³¶IÄ~mÞúclï 9-ì+DëNð…“²”™$-ul4
½fm¾q‰_ñæT}`I'óÝßàÞ')‚µ_ÿgÈ)þ£9¾Ì¤;w^«í_ßlzH¤€D 8¶ù¼8Iè‘‡fk­   >   ÿÿÿÀ       Ž­è       ; ¦L   ?    ¦<      d            è           é           ê      !     ì   	   +     í   	   S     î      „     ï      ˆ     ñ      ”     ò      ˜     ó      ±     ö      º     ÷      Â     ø   	   Û     ü      ç     ý          þ                  ›       „   ›  	     º   ›  
     ð   ›       \   ›       +7   ›       +Ô   ›       .@   ›       1G   ›       4N          4|   ›       6è          7          7          7—     (     7¼     8     7Ä   .  9     8|   .  :     <¶   .  F    ‰)     G    ‰@   ›  H    ‹¬   ›  I    Ž   ›  X    Ž´     Y    Ž¼     \    Žø   ›  ]    ‘d   ›  ^    œ¡     b    Ÿg     c          d     ³     e     ¸     f     »     l     ½     u     Ð   ›  v    £<     z    ¥Ù     “    ¥ì     Æ    ¥ð     ä    ¥ö     å    ¦8   C kanidm-docs 1.4.0~git2.770efa8 bp156.7.1 Documentation for Kanidm Administration Documentation for using and configuring Kanidm.  g+jpi04-ch4c     É7SUSE Linux Enterprise 15 openSUSE MPL-2.0 http://bugs.opensuse.org Unspecified https://github.com/Firstyear/kanidm linux x86_64               ¾      ·      z  V   ‚  
  ÷  t  S  Å    B  7¬  R  	Û          *  MV  !    !   ì  F   ô  ø   €  ¾  à  -  @      1ù     Hk U@ %e 9¯ Ž2 a 1º 7w  Ÿ…  »–  ü¡  ¾G œÏ  E  æ  
³  '\  ¡  ¿  ²  *±  <  y    ç  ñ  Ý   €  \      1   Z  ?  §  	÷  /Y  Œ¿  =Q  RÞ    m  ¼  7ç  -Ð  ›  1    ›  Wé  	  Ë  º     	>  =?  	â  y  
p      !t    	—  &  	¸      +'  )Ÿ     u      '6      4–  œ  n×  
Ö          ÿ  B  ý  X  !&   Í  ›  »  ¸        ß      	x  §  
&      9  Ú  D  
Á  î  ‰  )  ¼  
Ö      <  ˆ  ´       ¿   Ã      (  AíAíAí¤Aí¤Aí¤¤¤¤¤¤¤¤¤¤¤¤¤AíAí¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤Aí¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤Aí¤¤¤¤¤Aí¤¤¤¤Aí¤Aí¤¤¤¤¤Aí¤¤¤¤¤¤¤¤¤¤Aí¤¤¤¤¤¤Aí¤¤¤¤¤¤¤¤¤Aí¤¤¤Aí¤¤Aí¤¤                                                                                                                                                                                                                                                                                                                      g+jkg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jmg+jm   9aa937a67da7db8b4f560d7284a8ac3cde089434ceaf59ecfedd2173bb719099  623503b4bb56558de27f1b4bf87b36defdf64625f5f2b1b4f8f35d61a81f9ad2  950288ce01196461ec6497c270ca4a170ed1beeed54f81b4f4c70cd0a06cf486 faa8b27a6f05358505bf70ceea26b8ae9ab84469705cdb5ec939e606ba1ef03a 5350e05c2cd061031c96fa048a70e3f68f6fc6879fee02590cb96b41fd997ca6 6ae4786743d89c19010b3ed37561b1c738f2931a046764a2cbc908d6bbc0ee57 ea985ff7222e65e800a338b6f762402454cc8ff5754954a654289d99a9e3b9c9 bd6c4659d8e1600239b86e437942a4c74cea8ccaad9f369f30a4087c04032ca6 f28b04378654078effb6f34cae7e6605a8c7af1bc7f45f27e9ec095ca7860fda 442b51f67d61c4a6a9fa7dc1202250c3a5d01310dead3f047fc9033c987795cd 6933d58d0da96791a9a5deee6c907565be0cd5bb4aaaf35f0c88f1affcf742ca 8fedf7455f634d7bd2877929cd94d9298abdcd0f1b057a430e3f0d996f187a76 6df6b873b8b83a94aac5579d058ec2fae3ec0682f8c734987ea9c9a546622cbb 1e7977dc473d2b9ab4f715299825771852ded79a87a833d2cb902f39f2d8c4bb 62dfe35450d215edb2c496fc659f6562be094da9a66241e5844a9938bf4973fb   1c2bf51f217e5e080ac6c523147b173d36cf87466892aa2b4b4c1927e27d1e99 9c322642bbb1baa06715f35d0f4ecaaae547d3f037a0a08865c7dee9c04cff42 0afbe5e48037a94327c69728582ebd6187a334335b00b0e6b9c995ae04892d2c f2944848ebaa6055aef440da1669b926b2eb49da7dd611d3bca679186045d3c4 5672985cc9a69a8666ab578013e089dfa8a25988bd0624fc27a54b78612cf859 bd0c8f3e1b96872198eae5e4c463bf81142ad85a80b1a7838ff6c97202411bbe b9cd72ded7ad1e854d98205230ea5e25d50992a77dece6d8d6c1f0454ad285d7 161c2914f1881f19437acb11a173ba2bef3e58f0c6df22627446375b1e9dcdd9 e2e2c0b110bfa983b593983cb28ef08cd48f220e3c7a5063819e51ab49cf253c 171f6612692236d3705c569a5843e5a4bdc1d3bd520fd46ec03061ffe9374453 95fa65eee85cd3758f2467679c5e581a72f7e82a60ca631e4eb94e081381b0e3 cbfbae0df183699600f8be17948cbb2198d831d4e511b99f516d188a25aed90b d041db276abb6a96bc1edf5967682c05cd17e158e8eb7da49f73b40059dacfe0 1357261530447ffc00a7e0d10850ff0d07dd5eb7752da3c7caf7a60e94bfd925 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 6694b3f3a3122d01b410ff3565fd6a8eb2b8565af0a367ee4a756ca485a30d5f  e4b600f2967f665a4a2c16476293550c0da85ed85068ab43727dc137119ef1f1 db7d69a59340751d182d392eb25c554c339f07c32bce53d52f7acbb8a9713825 49a73fa98465f1bebb068c8b7fdd418a859115c28516044ac10472feced6bf4a bd2cea12c073c5676c5de7f0ea5f983fdf3ffa0f7a363ca35ab4e3e386506cdc 22429ad31324815e063a0e13cb667725b70de7cfe746eaac8cb5fbcb393b4a16 f075d233e913836ac2734bdf32a114c7bb6ed5caf26e1e5bff0ed574e46c5f3b 28dcb0b030b79d365954dc435e93494f02bf3b892b3501ceae7c0ad0a28f0f71 d3caf0a9ce9a774b882fd5be3bebe916fc5bd52a97cf36599c26c6465ed1168f 41cdf5f8f38ae16832c63d7406421a473773bd940f1b6a32b357e6c2a190ae46 823fab0bd86677850d5491b2a58fa0eb8c8d205ea88c067ffb6015db7bbb04d7 a8919000e9495c73b9f52b473bb057d059246bf7493a76fa5b11a8ad81149cf2 2a70fed19be0837b2265636308f2614a23f355dbca597e40b400e366d7dcc9ed f9f6126f435b24faf3bfea6c4a00573be9aff2a01ddbb7735068968731ad321e 4d55de413cd09040d1948a3cce85ab6a81a22f6c8b63e31fc1a3e62c1b7ecd1e e2bccc191cf2112f41dc24b147836ca57057da3ea70c83d886a2a11c4b46dfb7 dc5e9d69d5b0ab85488570d1d35b232b8ff547f5c7f9009271ab08fd714d197b d37ee734216b942fc06dad357abbf159a6c3b3b92ddb531b5ebd1e29e642cf5b 50ff9e5d0abf919446ae44afca406fdb9155f5d38b0377d43e3889b07079e1f1 cc9c1d2955088c0233760d7af1a2ab73dc65cb0f0991ab31d654eafd6a3e9002 50a2439625505dcaae5bce4487787246a1e9c1997f6750911ad4ab269367ff5f f2363e54e9597eba40424a9cdc8e1d96b3b0b05cd9e5eec18a6feab0138904e4 2f2b63a5486fbd413c57eab2d3f9be179d93a19d94e1764cc63df14a6ad1eada fc09ccf00d77347901a17574dddd827161c02c352c8413de547b24c28603e82a c1e9d202ad3e76359f5a131c5f5cc2758a77c8868fc3dadc20ebf2e2dc7da224 21fa1a06cb0bdbcca209cdb9be1b78a183bb29215f541634884df440adcf1219 3a4f848b307b86f4828efad8d20879a2c34729e0797b12c1a84a68079333dc19 80831f027a47a51075e337ebe828a2484500452639ff127bb8c5a422223c7bfb 52fbaf43a11fd4270db73742ac0dbef42ad16223eeb0dcfecb69ddddb840d1ed 4ee2f918d924dfa9315bbceb634ee4c2ff98fdbd76e00e4ec99971a53a08049c f7a40bde125b7d48d113059bde79f6246cd44b6103cb7b436ca67237fea6420f 9fd80cfb51ef931f4c272cca731ef27f9ba47adbd6a89bc08eb5ae09eec4b79f 00d4a9f18f8493914595ed774523633f14c640276068a5b3950fee3f69074b9a 1875cf21638400a49354bc884f9ff24bcde52d65c034a21faa8dea3f383a236e a99e1687fc44a76172ab29480bdf9c35af8f172d63805acf135995302ba45082 deafbd5be41451bb4efdf77018be644b7c39ca75fd7fe1b4d90afad0c60ba0e8 aa620d4d167c5fae4dff9a478a8cd50cc5f0a612a35df32e2ddad99f229f6e02 ffebc44d43e938f483c1936ce80782feb239524711cad2eb9087f60136b5800c 378bbe80bfeb42c5e06ff2228d04f19b16c1e3d02f69a7c3c7c743f2192ebad4 29d40d4dcc3b10a28e129bd4f2798b28021227c44df7c492a38cdd445bf26faa fdf676c12d4736c3ddb37b90ddf5f873cbf6ea76e508d3cc82738eb843ee1eb8 4b5838628f9a76be3afe03c2ea183ddb97f07a906d077979f2e3264443d8edbd 8bc3045aa3a1558937b32729429cef1f8d25db9447679e82cce4ecef74fe5b3d a1a7de784b45ac831afbc25acaa6a5c94a8e2c04c04a5b6348f4c5b7eafc3ce7 63e84528630de5f0f67e28a9bdc6b0a5bcd15caeff240b71b762bbfe2e1ae1cb 78c013d1d618a21adc03edab851d9fdca9f532cf972884825516fa4182fd6c24 b8ad1172537c940dd6e783e1d819db69e561318559d37830355be1595797fa8e 4377c73bb74c71cfdd698f32606256ba8c479d2b377a9814933bac371fa3fae6 544e1c9964ff3f81a1e48f4bd3d67272c18d04733a310106137357b6136c9394 f74ced558237f170d19aab317bd5d59ce5b7794205d725af1c4ab8d83d54ce44 207cdb19569fa72f2d4d240177341af26e1da6856821a2b0b10525d26bc28554 237622a84111bd071913f8b117ab5485d9caec2af6de7a4cbfde41a174093c9f 00c44cc18e2f1e49f79c456d536afe57c2ca557921dcf4009cdb0a4fa55a3b02 be89cd338f442d738f0749161d39d3c6749a69b45a208419d2aeb6e80c49e804 70e1a5e764b760752592b50a57fdb03574ef23687a6464bfb1a4d95162fcb425 a34059231cbbc5c516d46067fc684d0ad63dc1d3bdc6852e63e3a5748bf18b82 7a813c15667d288e6ada6b95a8a17c0d748912379b787c5bc804491ecd58aa33 18fb4adae997c242066993d921c9789558582132b94c37622f487f4023879d12 ab2fde4b8931afcc6573bb4b941a1e8ff4c48b217e9c0c917c7994dfc7af2016 28c59c487978e5137dbc10900dcfa3e0e2a516345cc79d013373ecee767afdab  aef1f035f2f9dfe2187cf2d16c8b2b1c1c78d6d74708f37405592bba43b3ed5e 8cc62b9b2dc9e0137fe0e426315112460d6fc9cd49e1bcdfb58e9bb16c636698 3fd0bc865e15977e7add0cb2e41840cd2ed5516bcaf86ac61b1eea526eca14eb 1a3c1f74ea8c16c1483173423bdbff12c6a1f082fdfa58762bde09c79af8b7a7 87bb027715e1f88f18bf97b53f046fce10290967fe9958682b1d43eb5d6c9afa  3d46f02eb3fb4a6239baadecf85cd3ab3ae72c3befa62872f9d9306fd976e3a4 6c9a471a5532330bc996cedb56971c3d711125f5c741bc3d486ded1e1e9bf999 eeb1829ac972ee47fac55cb9dfe2d69b824073c017fcccb8625cba3b76b18400 ba1a3fa52a1daf7a13e81404339d2113416657f5b10e6e25234d689fc1bc72ef  8ed53eb86336d19a1a1c0564c201eb6f2ba3ab7378cc0902dd3f403092f46450  d1653a3479643a31a34dc1822b0a87fd992aefd8418c7f2a32ecc66c655325b4 4e4fa5492c82c5385d8538e7b147ae32a4f50e44793dd18761430256a8c50ec6 06f9901e0ed90695a34584c0a59346a5fd0e58e3f06852a1c0b7f06de7e1edc5 9e4b6546d5a259b78a31739bec18e3fe5bdad8ec274eb121632cd812d734cb66 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855  3e4b5e8280c6e1c7f1285f322d4d870e0a8a8822f67a0e8c5470b8b13e2f5263 5feb411de2c76a1ca1b69e9b93d10d30a9123dcb390d03d40805bdcea9039ec7 fd9e14ee19f91a790b1a207e4227cf9d95c1c9afe2633f22e963c9226f506274 3015456f03ccee83f47f4f064e726a5a33710c60d7fde6c5d878f9b6148c05b9 13e3d2da1073393c130692dd1a1f6b0d4e40bb4c5312c5a811eb78d12e76490c e8db713cc4cda2862ac5df01770e9646890784203e861583e8812489c0f8de20 ea8257539506921d9d06bdbcdc2e067d3f7e3e4d71abada2fa8bbdd78b0a91a7 644710fd75c8e63e0907cf91eefd47bcba7a7dd0dac9cf54c8cc28f1850de306 aac4d283e152241d8ee3269db48c189c1d9300d9d1e5032ec943dd5333f826b6 3bea36931fb1d328dc61fe76ee6818c68db649724021cbb5b6a99d65977bcdfa  0e5c7abe59031b7440f610efee424822106d0461a95401f1060f0d0639790410 f4ef57c6bbbc1275d6cda53a7505b70c501eb7f205879bd52d80d4fcf3d6f155 fc387d75911426bf88405501a564e674b2d749e402ad1b06d108654373e5347a 946447688150bb8038b34b912a10f4ddbe926909f073a9b516074887e8309300 f786b5abe2ae9a8cb49feb95b275db68d93adf6e2e0e1633b7cb633dc65ca6a2 06e4d16b1c8e1296ba73d694ba8344b0695d6954f655736ddaca6fc48925d294  54de480bbe084889c2aecb72d8db5b4cd70036d45d4a66fb8a2bd8add89b09f8 9e81cb2036c98d1278e3092614c70053f178c2950bec6c1e6bf9ecb9bb4be204 6403846cfee2647f07f53412bdf9644cdd7500ad9e937d14b5ad69772dc02e43 09c4dd0149fc181c083c375881fb1d407acaa2282c3477eb292246e9827e9f21 a00ae52ed74dcac8ad2f8959996b387ddebcf862f75cfc8fe19a1fda3c66eec8 13d6e8bb9e6c8a57565b106b9023fbc6d58079c42caa230304af4040c6248427 4ed23576bbef4726dd9b4bc25f4a194f17e6eee8481f3514cf30bcd6b2b2e4c4 61f1b1f99b4309a9566c13fadb82e8f6eda9814bc01edea8d2af6aebc9f158f6 0867167b6b933036dd27a0303b9424dfa3bb5a5ea4a49a11e1f74ad155da3179  7bc2e8b37ddeb93221c4c8c1532826864bcd1e924de123b911ce771f5f8685be 4c2ba808803ecd2c0308254106373e612dba9493ef774304fc074386dfd47cec 0623e4b8a725c5e631dd8105749589d5e90e29ab7dfd29fb932e7a028c89f0e2  2ea93d05321a8febab42a1df0a1bc5e2fd6746386c174b9c803d7c6ab5c3a069 1bda989941bbe08d46cf5f7160f36aa74c0b618769d9af07f2fd5e44e9248d20  9e54c4799e2df0a1330e039f3e9652875931d8e15e113753163a840420f979df b187a0619d540bc2980b96a5d2459377906662cc8bb4f7a02b4c4990707e67fa                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root root kanidm-1.4.0~git2.770efa8-bp156.7.1.src.rpm   ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿkanidm-docs kanidm-docs(x86-64)   
  
  
  
  
rpmlib(CompressedFileNames) rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rpmlib(PayloadIsXz) rpmlib(TildeInVersions) 3.0.4-1 4.6.0-1 4.0-1 5.2-1 4.10.0-1 4.14.3  g'eÀg$ÂÀfâ×ÀfÄ…@f·V@f´³@f³aÀfXj@fH˜@f2.ÀfþÀf¸Àeß @eÝÎÀeÔ”@eÃpÀe°ûÀe@ì@dãQÀdÚ@dÈóÀdO©Àd9@@cëwÀcÚT@ck–@ca
@c*ÀcµÀcµÀbéÀbnv@bL/@b/.@aØ+@aÎðÀaVø@`å—@`ÔsÀ`ÉçÀ`¯‰À`®8@`eµÀ_éÈÀ_uÄÀ_'ü@william.brown@suse.com william.brown@suse.com William Brown <william.brown@suse.com> william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com William Brown <william.brown@suse.com> william.brown@suse.com william.brown@suse.com William Brown <william.brown@suse.com> William Brown <william.brown@suse.com> william.brown@suse.com william.brown@suse.com William Brown <william.brown@suse.com> william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com william.brown@suse.com William Brown <william.brown@suse.com> william.brown@suse.com wbrown@suse.de wbrown@suse.de wbrown@suse.de wbrown@suse.de wbrown@suse.de wbrown@suse.de wbrown@suse.de wbrown@suse.de wbrown@suse.de wbrown@suse.de wbrown@suse.de William Brown <william.brown@suse.com> - Update to version 1.4.0~git2.770efa8:
  * Resolve incorrect handling of rhost in pam (#3171) - Update to version 1.4.0~git1.c297c3f:
  * Docker makefile latest
  * Release 1.4.0
  * chore: Made oauth2 scopes required in CLI (#3165)
  * More "choosing a domain" revision (#3161)
  * Update missing inputmode numeric when adding a new TOTP. (#3160)
  * Improve OAuth2 authorisation ux (#3158)
  * Fix attribute scim sync attribute naming (#3159)
  * Change to text input and use numeric mode for TOTP prompts. (#3154)
  * Fix release note date and typos (#3153)
  * Release 1.4.0-pre
  * Release Notes (#3149)
  * Remove WASM (#3148)
  * Rewrite "choosing a domain", add other considerations (#3147)
  * Harmonize UI and remove unused css (#3033)
  * ripping out some extra packages (#3146)
  * OAuth2 Device flow foundations (#3098)
  * htmx by default (#3145)
  * Support reloading via systemd (#3144)
  * Chore: Refactor Groups to be more generic (#3136)
  * 20241024 1271 cert reload on SIGHUP (#3140)
  * Update docs, improve locking (#3141)
  * 2856 - use tags for containers on build (#3139)
  * Fix image when too smol (#3138)
  * yale's rabbit-hole-chasing-htmx-fixing-megapatch (#3135)
  * ipinfo should be single value (#3137)
  * Tidy the reauth ui (#3130)
  * Add missing schemas to get OpenAPI validation to pass. (#3129)
  * Change some OperationError into HTTP Bad Request (400). (#3125)
  * Bump the all group with 11 updates (#3127)
  * Bump the all group in /pykanidm with 5 updates (#3128)
  * Fill in some Swagger API docs for a few v1 endpoints. (#3126)
  * Diagram Improvements in Book (#3124)
  * Fix passkey auth flow redirects (#3123)
  * Improve handling of inaccesible shadow file (#3122)
  * Log HTTP Not Found (404) as info log level. (#3119)
  * more errors for the people (#3121)
  * 20241017 unixd home (#3113)
  * 20241017 3107 token ttl (#3114)
  * docs: Update kanidm_ppa instructions for new repo logic (#3117)
  * fix(lint) minor lint fix for unnecessary matchÂ use (#3118)
  * Totp input changes (#3115)
  * Add the strict flag on client creates for developers (#3111)
  * Working scim entry get for person (#3088)
  * Add nss testframework and fallback when daemon offline (#3093)
  * Improve deb packaging, add aarch64 (#3083)
  * Cache buster buster (#3091)
  * fix(http): status content type should be JSON (#3096)
  * Bump the all group across 1 directory with 7 updates (#3106)
  * Bump the all group across 1 directory with 10 updates (#3103)
  * 20241012 attr name SCIM fix (#3102)
  * Scim add EntryReference  (#3079)
  * Bump the all group across 1 directory with 3 updates (#3094)
  * Fix Increment Replication Post Upgrade (#3089)
  * Remove white background from square logo (#3087)
  * Add support for group extension (#3081)
  * 20240921 ssh keys and unix password in credential update session (#3056)
  * Fix landing and redirect URLs for GitLab, add some useful links (#3055)
  * [htmx] Make it harder to miss the save button on the cred update page (#3013)
  * Add example Outline config (#3076)
  * 20240925 cleanups (#3060)
  * Add instructions for unlinking Homebrew Rust on macOS (#3085)
  * Don't reprompt for login when no session exists in cli (#3082)
  * Make good on some TechDebt (#3084)
  * Feat: Adding POSIX Password fallback (#3067)
  * Bump the all group across 1 directory with 13 updates (#3080)
  * Complete the implementation of the posix account cache (#3041)
  * 20240926 tech debt (#3066)
  * Fix migration of last mod cid (#3065)
  * Increase totp secret size (#3061)
  * Bump mozilla-actions/sccache-action from 0.0.5 to 0.0.6 in the all group (#3075)
  * Improve pipe handling on linux (#3069)
  * reformat oauth2 URL list, highlight legacy bits (#3062)
  * scim_proto: fix incorrect language tag (#3064)
  * Add ownCloud example config (#3059)
  * Add example config for JetBrains Hub / YouTrack (#3058)
  * Bump the all group with 8 updates (#3053)
  * Bump the all group in /pykanidm with 3 updates (#3054)
  * Document basic authenticating GitLab to Kanidm (#3050)
  * fix(doc): updating docker container ref (#3049)
  * Resolve incorrect SCIM Sync serialisation (#3047)
  * CLI image error nicening (#3037)
  * Add rfc7009 and rfc7662 metadata to oidc discovery (#3046)
  * More openapi tweaks (#3038)
  * Bump the all group with 6 updates (#3044)
  * Bump the all group in /pykanidm with 3 updates (#3043)
  * fix(docs): make it clearer that bearer auth is a thing (#3031)
  * implements additional traits for filter types (#3036)
  * 20240810 SCIM entry basic (#3032)
  * CreatedAt/ModifiedAt fix (#3034)
  * Pykanidm fixes (#3030)
  * 20240906 Attribute as an Enum Type (#3025)
  * Bump the all group with 9 updates (#3029)
  * Bump the all group in /pykanidm with 4 updates (#3028)
  * Credentials page/Self cred update flow UI improvements (#3012)
  * 20240828 Support Larger Images, Allow Custom Domain Icons (#3016)
  * MemberOf in search implies DirectMemberOf (#3024)
  * fix(kanidm): don't allow empty string fields on CLI (#3018)
  * Bump cryptography from 42.0.4 to 43.0.1 in /pykanidm in the pip group (#3023)
  * generate completions for elvish and fish (#3015)
  * Bump the all group with 4 updates (#3021)
  * Bump the all group in /pykanidm with 3 updates (#3022)
  * 20240820 SCIM value (#2992)
  * fix(daemon): handling IPv6 addresses in healthcheck (#3004)
  * fix(webui): Javascript errors after server-side update blocking login. Fixed after cache invalidating (#3011)
  * OAuth2 Token Type (#3008)
  * Bump the all group in /pykanidm with 4 updates (#3007)
  * Bump the all group with 8 updates (#3006)
  * Spattering of oauth2 stuff (#3000)
  * Doc multi instance (#2997)
  * Expose group rename (#2999)
  * feat: self cred update flow (#2995)
  * Better Error Message (#2998)
  * Add missing group for application admin (#2991)
  * enforcen den clippen (#2990)
  * 20240817 group mail acp (#2982)
  * 20240810 application passwords (#2968)
  * Bump the all group with 17 updates (#2986)
  * Bump the all group in /pykanidm with 3 updates (#2985)
  * Mail substr index (#2981)
  * Doc format, add api-token section (#2975)
  * [HTMX] small profile improvements (#2974)
  * Foundations of pam/nss multi resolver
  * TLS, no seriously. (#2963)
  * Update suse.md to avoid Authentication token manipulation error (#2973)
  * Add Alpine Linux installation instructions (#2871)
  * Bump the all group across 1 directory with 10 updates (#2966)
  * [HTMX] User settings (#2929)
  * Bump the all group in /pykanidm with 2 updates (#2965)
  * Docs updates (#2961)
  * Bump aiohttp from 3.10.0 to 3.10.2 in /pykanidm in the pip group (#2962)
  * Prevent bug in pam (#2960)
  * Improve migration error message (#2959)
  * Fix incorrect logic in cred update flow (#2956)
  * Docker-and-docs-fixes (#2954)
  * Bump the all group in /pykanidm with 5 updates (#2952)
  * Bump the all group with 10 updates (#2953)
  * Added orca flag to extend privileged authentication expiry (#2949)
  * In honour of SebaT, error on db lock acq timeout (#2947)
  * Add measurement of lock acquisition (#2946)
  * [htmx] Credential Update page  (#2897)
  * Update to 1.4.0-dev (#2943) - explicitly depend on cargo to pull in latest compiler revision - Update to version 1.3.3~git0.f075d13:
  * Release 1.3.3
  * Mail substr index (#2981) - Update to version 1.3.2~git0.229b0cc:
  * Release 1.3.2
  * Prevent bug in pam (#2960)
  * Reduce client logging noise
  * Improve migration error message (#2959) - Update to version 1.3.1~git0.eed7c07:
  * Fix incorrect logic in cred update flow (#2956)
  * Resolve maintainer bikeshedding - Update to version 1.3.0~git0.e2a563f:
  * Release 1.3.0 (#2941)
  * New orca models (#2909)
  * Run rust_build CI between multiple Rust versions (#2939)
  * Bump the all group across 1 directory with 9 updates (#2938)
  * Bump the all group in /pykanidm with 4 updates (#2937)
  * fixing println bug (#2935)
  * Reorganising the daemon startup so it doesn't fail with OTEL configured (#2934)
  * clippying all the things (#2931)
  * docs reordering and cleanup (#2932)
  * Add scim proto to kanidm, refactor to improve serde performance. (#2933)
  * 20240725 allow connection to older servers (#2930)
  * Ubuntu/Debian buildy scripty tweaky things (#2928)
  * kanidm graph graphviz unfit for scripting bc. of non-graphviz output (#2876)
  * Improve workflow when account policy isnt satisfied (#2927)
  * Docs rework (#2919)
  * Bump the all group in /pykanidm with 4 updates (#2924)
  * Bump the all group with 5 updates (#2925)
  * Substring Indexing (#2905)
  * Oauth2 in htmx (#2912)
  * Strict redirect URL enforcement (#2917)
  * Bump gix-path from 0.10.8 to 0.10.9 in the cargo group (#2918)
  * fix typos (#2908)
  * Add missing groups scope to Grafana example scope-map (#2914)
  * build profiles: rename release_suse_generic to release_linux (#2907)
  * 20240716 check mkdir (#2906)
  * Fix issues with suspend reported by himmelblau (#2911)
  * Implement home_mount_path logic (#2894)
  * Forcing the http2 feature on hyper, but also chasing some out of date packages (#2896)
  * Updating service type per kanidm/kanidm#2892 (#2898)
  * making the internals of kanidmclientconfig public for other users (#2895)
  * enable build htmx in docker (#2893)
  * Fixes the logout flow in htmx and improves the login error dialog (#2889)
  * htmx logout tidy up (#2884)
  * Tidy up replication poll interval (#2883)
  * Bump the all group with 8 updates (#2899)
  * Bump the all group in /pykanidm with 2 updates (#2900)
  * Add a migration for future versions that will notify and warn about the removal of security keys. (#2885)
  * Update mtls cert lifetime (#2886)
  * Bump zipp from 3.16.2 to 3.19.1 in /pykanidm in the pip group (#2888)
  * [htmx] Apps page (#2868)
  * Bump the all group in /pykanidm with 3 updates (#2879)
  * Bump the all group across 1 directory with 10 updates (#2881)
  * 20240703 htmx (#2870)
  * Bump certifi from 2023.7.22 to 2024.7.4 in /pykanidm (#2877)
  * Offer configuration of images for Oauth2 resources  (#2665)
  * 2818 2511 oauth2 urls (#2867)
  * Vale Edits 0.1 (#2869)
  * added orca docker file, make target and credential reset capabilities (#2846)
  * 20240620 htmx (#2854)
  * Bump the all group in /pykanidm with 2 updates (#2864)
  * Bump the all group with 5 updates (#2865)
  * Fixed link to the developers guide (#2862)
  * Tweaks to make the makefile make things make easier.
  * Update sssd.md
  * adding freebsd target_os
  * Bump the all group across 1 directory with 8 updates (#2852)
  * Bump the all group in /pykanidm with 3 updates (#2849)
  * Bump the all group with 2 updates (#2850)
  * Configurable thread count (#2847)
  * 20240613 performance improvements (#2844)
  * Bump urllib3 from 2.0.7 to 2.2.2 in /pykanidm (#2843)
  * Allow providers to be box dyn (#2794)
  * Bump the all group in /pykanidm with 2 updates (#2842)
  * illumos support (#2838)
  * 20240611 performance (#2836)
  * Bump the all group across 1 directory with 3 updates (#2837)
  * Bump the all group across 1 directory with 5 updates (#2835)
  * 20240607 2417 piv (#2829)
  * fix: typos in OpenApi (#2827)
  * Bump authlib from 1.3.0 to 1.3.1 in /pykanidm (#2834)
  * Bump the all group with 7 updates (#2811)
  * Double shutdown doesn't help! (#2828)
  * Stats collection improvements and a bunch of other stuff (#2820)
  * Add development taint flag to prevent mismatch of server versions (#2821)
  * Remove small ambiguity in docs (#2823)
  * lowering "access search" security log levels (#2819)
  * Better WebAuthn and other error responses (#2608)
  * Update examples/server_container.toml (#2814)
  * Bump the all group in /pykanidm with 3 updates (#2812)
  * 20240530 nightly warnings (#2806)
  * Regrets Dot Pee Enn Gee (#2804)
  * Resolve incorrect handling of tokens in logout flow (#2795)
  * 2756 - resolve invalid loading of dyngroups at startup (#2779)
  * WIP: serialization and domain info setting wonkiness (#2791)
  * Bump the all group in /pykanidm with 3 updates (#2799)
  * fix DB_PATH variable propagation (#2797)
  * feat: add support for ldap compare request (#2780)
  * Add ACP checking to exists operations. (#2790)
  * Allow name write privileges to be withheld (#2773)
  * Check for same version with backup/restore (#2789)
  * Revive Cookies. (#2788)
  * Fixing up the docs deploy script (#2787)
  * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2781)
  * Update our domain TGT level (#2776)
  * Fix PIN and MFA Code pam prompts (#2759)
  * Update design for KRC (#2713)
  * Add some extra comparisons to the readme (#2768)
  * strip out some debug messages unless *really* debugging. (#2767)
  * Update dev version (#2726)
  * Don't need to check versions when there's an intermediary reporting connectivity issues (#2758)
  * updating text to fix typo, add more info (#2761)
  * Changing TOTP "copy" box from form field to code block. (#2765)
  * chore(deps-dev): bump ruff in /pykanidm in the all group (#2763)
  * Use fully qualified container URLS (#2754)
  * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2747)
  * chore(deps-dev): bump jinja2 from 3.1.3 to 3.1.4 in /pykanidm (#2752)
  * Fixing up build for rust 1.78, hiding things behind cfg(test) etc. (#2753)
  * Fix broken links in <details> sections (#2737)
  * Update Webauthn and Base64 (#2734)
  * Add some metadata for lib macros (#2735)
  * chore(deps): bump the all group in /pykanidm with 7 updates (#2729)
  * Clean up utils password rand generation. (#2727) - Update to version 1.2.2~git0.c4153c9:
  * Resolve incorrect handling of tokens in logout flow (#2795) (#2803) - Update to version 1.2.1~git0.ba82b1a:
  * 2756 - resolve dyngroups not loading correctly at startup (#2778) - Update to version 1.2.0~git0.9efa91a:
  * Release 1.2.0 (#2733)
  * Prepare 1.2.0
  * Release 1.2.0 prep (#2724)
  * Minor upgrade fixes (#2722)
  * Resolve OAuth2 client/rs confusion (#2719)
  * Improve access control doc to describe privilege access mode (#2721)
  * Support 1.1 attribute in LDAP (#2720)
  * Add mail support to groups (#2718)
  * Add session limit (#2714)
  * added profile and `memberof` search to the basic model (#2712)
  * chore(deps): bump the all group in /pykanidm with 4 updates (#2717)
  * Fix typo in oauth2 error message (#2715)
  * 20240409 rework orca markov (#2699)
  * Begin the basis of the key provider model (#2640)
  * chore(deps): bump the all group in /pykanidm with 4 updates (#2707)
  * chore(deps): bump peaceiris/actions-mdbook from 1 to 2 in the all group (#2706)
  * chore(deps): bump idna from 3.4 to 3.7 in /pykanidm (#2703)
  * fix(TotpDigits): fix typo in TryFrom impl (#2702)
  * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2696)
  * chore(deps): bump h2 from 0.3.25 to 0.3.26 (#2694)
  * Windows Hello Authentication requirements (#2688)
  * chore(deps): bump the all group with 1 update (#2690)
  * chore(deps-dev): bump the all group in /pykanidm with 1 update (#2691)
  * Require kanidm-unixd before kanidm-unixd-tasks (#2687)
  * kanidm unixd mfa capabilities (#2672)
  * Add Grafana integration to OAuth2 documentation (#2685)
  * [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686)
  * ldap-sync: allow to use attrs more than once (#2676)
  * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2683)
  * chore(deps): bump the all group with 1 update (#2682)
  * fix(docs): packaging section improved (#2677)
  * Fix developer ethics link (#2674)
  * fix(docs): filename, header and title mismatch fixes (#2660)
  * 20240312 concread upgrade (#2668)
  * fix(docs): capitalization fixes (#2659)
  * fix(docs): links corrected (#2661)
  * fix api typo (#2657)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2662)
  * chore(deps): bump the all group in /pykanidm with 9 updates (#2656)
  * Update bootstrap 5.0.2 to 5.3.3 & minor UI fixes (#2650)
  * fix(docs): typos, grammar and broken link fixes (#2644)
  * increase severity for "{:?} !âŠ† allowed: {:?}" (#2648)
  * Add instructions on how to enable PKCE in Nextcloud (#2647)
  * 20230224 2437 orca remodel (#2591)
  * Add initial design for key domains (#2564)
  * Add upgrade process, improve developer readme (#2635)
  * Doc unix client support (#2633)
  * 20240301 systemd uid (#2602)
  * expose group patch for parity (#2628)
  * Adding a builtin class for all built-in things (#2603)
  * apidoc tag fixes (#2625)
  * chore(deps): bump mio from 0.8.10 to 0.8.11 (#2620)
  * Fix missing entry managed by on anonymouns (#2623)
  * Notes on privilege-expiry (#2622)
  * SPAs really are stupid sometimes (#2609)
  * apidoc fixes (#2614)
  * chore(deps): bump the all group in /pykanidm with 4 updates (#2615)
  * Typo fixes (#2610)
  * Return consent scope to service account (#2605)
  * OpenAPI schema fixes (#2590)
  * WASM test fixing (#2595)
  * Feature object graph (#2518)
  * Add domain version test framework (#2576)
  * Fix the miniflux oauth2 example (#2598)
  * docs(monitoring): Fix syntax for OpenTelemetry config (#2594)
  * 20240221 2489 cleanup api v1 (#2573)
  * Changing to allow startup without a config file (#2582)
  * Allow /dev/tpmrm0 on older systemd versions (#2587)
  * Adjust output of claim maps for better parsing (#2566)
  * chore(deps): bump the all group in /pykanidm with 4 updates (#2585)
  * improved error description for commit_credential_update (#2579)
  * Make /status less noisy (#2574)
  * chore(deps): bump cryptography from 42.0.2 to 42.0.4 in /pykanidm (#2567)
  * Add system range protection (#2565)
  * Fix string comparison in Debian build script (#2409)
  * of course I started looking at clippy things and now I can't stop (#2560)
  * 20240216 308 resource limits (#2559)
  * fix(oauth2): typo in basic path (#2562)
  * Adding duplicate-finder script (#2550)
  * prctl compile-time fixes, also chasing lints (#2558)
  * Removing unused constant and updating docstring for LDAP bind address (#2556)
  * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2553)
  * Support Policy Updates (#2536)
  * chore(deps): bump cryptography from 42.0.0 to 42.0.2 in /pykanidm (#2548)
  * Re-enable HW tpm support (#2531)
  * Add further hardening for system services (#2542)
  * fixing the test script (#2547)
  * when the HTTPS server fails, handle that gracefully (#2546)
  * Fix update intent ttl parameters (#2540)
  * radius build workflow fixes (#2541)
  * Conflict nscd, start before sshd (#2539)
  * Fix incorrect documentation elements (#2533)
  * Remove replication is in dev flag (#2535)
  * Ordering auth methods in the CLI (#2508)
  * Set lowercase owner name in tag (#2534)
  * Add code_challenge_methods_supported to OIDC discovery (#2525)
  * Himmelblau requires the machine key for unix_user_get (#2523)
  * Extend on Apache example (#2524)
  * chore(deps): bump the all group in /pykanidm with 4 updates (#2520)
  * List of supported features (#2499)
  * Update to latest dev version (#2486) - Update to version 1.1.0~rc16~git7.8a1b7b5:
  * Require kanidm-unixd before kanidm-unixd-tasks (#2687) - Update to version 1.1.0~rc16~git6.e51d0de:
  * [SECURITY: LOW] Administrator triggered thread crash in oauth2 claim maps #2686 (#2686)
  * return consent map to service account (#2604) - Update to version 1.1.0~rc16~git4.d407844:
  * Remove zstd feature - Update to version 1.1.0~rc16~git3.81298e8:
  * Allow /dev/tpmrm0 on older systemd versions (#2587) - Add ipa-sync service
- Update to version 1.1.0~rc16~git2.6fb4fac:
  * List of supported features (#2499) - Update to version 1.1.0~rc16~git1.a917291:
  * Correct cargo versions
  * Release 1.1.0-rc.16 (#2483)
  * Fix for incorrect domain migration rollbacks (#2482)
  * Add tools for remigration and domain level raising (#2481)
  * chore(deps): bump cryptography from 41.0.6 to 42.0.0 in /pykanidm (#2480)
  * Support SPN in groups claim (#2474)
  * Credential update tweaks (#2475)
  * Oauth2 pkce faq (#2473)
  * Fix debian versioning (#2472)
  * chore(deps): bump the all group in /pykanidm with 7 updates (#2479)
  * chore(deps): bump the all group with 1 update (#2478)
  * Fix RUV trim (#2466)
  * 20240125 2217 client credentials grant (#2456)
  * docs: Add application passwords design document (#2427)
  * handling master docs (#2465)
  * update the artifact name in the download step (#2464)
  * Book SUMMARY.md: Fix part titles according to mdbook (#2463)
  * Update chat link, add keywords (#2462)
  * PyKanidm updates and testing (#2301)
  * chore(deps): bump aiohttp from 3.9.1 to 3.9.2 in /pykanidm (#2461)
  * 1222 what rights does anonymous have (#2436)
  * Fix inverted key/chain logic from TLS error improvement (#2453)
  * Improve TLS configuration errors (#2447)
  * chore(deps): bump shlex from 1.2.0 to 1.3.0 (#2445)
  * chore(deps): bump the all group with 1 update (#2441)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2443)
  * Return sshkey label to cli fields (#2440)
  * Add rfc8414 metadata (#2434)
  * Add test for delete referer invalid (#2435)
  * Clarify role of WebUI in README.md (#2431)
  * Adding max_ber_size option in config for ldap sync (#2416)
  * Debian build fixes (also the book) (#2400)
  * 2390 1980 allow native applications (#2428)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2430)
  * cookies (#2426)
  * Clean RUV (#2424)
  * chore(deps-dev): bump jinja2 from 3.1.2 to 3.1.3 in /pykanidm (#2425)
  * Upgrade replication to use anchors (#2423)
  * Minor fixes for oidc with single page applications (#2420)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2421)
  * Use case insensitive match on substrings in line with ldap (#2419)
  * Change OAuth2 RS Origin from the CLI (#2418)
  * Add design diagrams (#2332)
  * chore(deps-dev): bump the all group in /pykanidm with 3 updates (#2410)
  * Fix deb release flow to find the matrix split artifacts (#2406)
  * 20231222 piv authentication (#2398)
  * Update docs, closes SQLite Write-Ahead Logging might make page size immutable #2404 (#2405)
  * Build the kanidm cli tools deb as well (#2402)
  * Force apply idm migrations to apply access controls (#2401)
  * fixing up the integration script (#2392)
  * chore(deps): bump the all group in /pykanidm with 8 updates (#2396)
  * chore(deps): bump the all group with 2 updates (#2395)
  * fix backup filename and regexp pattern for cleanup (#2386)
  * idprovider: Provide the keystore during auth (#2385)
  * db: Fix insert_tagged_hsm_key doesn't cache the hsm key (#2389)
  * daemon: Fix inverted logic on cache dir check (#2388)
  * Add improved domain migration framework and default MFA (#2382)
  * Trim and lowecase usernames (#2380)
  * Add DN as a virtual ldap attr (#2379)
  * fixing default for oauth2 request_parameter_supported metadata (#2378)
  * chore(deps): bump the all group in /pykanidm with 6 updates (#2375)
  * 20231218 ipa sync unix password (#2374)
  * chore(deps): bump the all group with 2 updates (#2372)
  * 1481 2024 access control rework (#2366)
  * chore(deps): bump zerocopy from 0.7.26 to 0.7.31 (#2368)
  * chore(deps): bump the all group with 3 updates (#2363)
  * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2362)
  * 249 2024 managed by syntax (#2359)
  * typo (#2356)
  * 20231204 ipa sync minor improvements (#2357)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2355)
  * Unixd build/debugging updates (#2350)
  * 20231129 webauthn attestation (#2351)
  * Fix handling of TPM in some trait contexts (#2347)
  * docs: miniflux added pkce support (#2352)
  * Using proper axum http headers lib for compatibility (#2348)
  * Bearer should send with same caps we accept (#2345)
  * chore(deps): bump cryptography from 41.0.4 to 41.0.6 in /pykanidm (#2341)
  * docs: improve grammar for book/src/developers/faq.md (#2343)
  * Expose machine key in auth phase (#2340)
  * 20231128 freeipa migration (#2338)
  * Unix crossbuild scripts and docs (#2326)
  * Expose TPM in more interface places (#2334)
  * chore(deps): bump the all group in /pykanidm with 6 updates (#2336)
  * Adding kanidm client config docs and notes ref #2248 (#2333)
  * Update to the latest compact-jwt version (#2331)
  * Adding env var configs for the server (#2329)
  * Better errors when TPM PIN file not found (#2330)
  * 20231120 2320 sssd compat (#2328)
  * Resolve future send issue with keystore (#2311)
  * chore(deps): bump the all group in /pykanidm with 6 updates (#2325)
  * chore(deps): bump the all group with 3 updates (#2324)
  * Add test (#2323)
  * OAuth2 scopes validation logging missing details (#2317)
  * Add systemd deps for unixd (#2314)
  * 20231115 oauth2 authreq (#2310)
  * Docs - Bump Fedora 36 to Fedora 38 (#2309)
  * chore(deps): bump the all group with 4 updates (#2306)
  * chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2305)
  * Remove serde json from wasm (#2304)
  * Fix spelling (#2303)
  * 20231109 1122 credential class (#2300)
  * Moving daemon tracing to OpenTelemetry (#2292)
  * 20231101 add id cert to unixint (#2284)
  * Docs fixes for #2296 (#2297)
  * Update OpenAPI schema gen to actually... be kinda sorta valid. (#2296)
  * chore(deps-dev): bump the all group in /pykanidm with 2 updates (#2294)
  * chore(deps): bump the all group with 8 updates (#2293)
  * pw min length in account policy (#2289)
  * WASM troubleshooting docs closes #2286 (#2291)
  * oauth2 typo (#2290)
  * Update notes to avoid some possible interpretation errors (#2288)
  * Feature: kanidm CLI pulling OpenAPI schema (#2285)
  * Feature: configurable replication poll interval (#2283)
  * Minor improvements to incoming replication (#2279)
  * Problems with bash completion autocomplete (#2281)
  * Remove unused imports and clippy lint (#2276)
  * Rework ldap bind routine (#2268)
  * Disable inconsistent test (#2278)
  * make versions consistent
  * 1.1.0 rc.15 dev post-release (#2271) - Update to version 1.1.0~rc15~git8.122b6af:
  * Remove unused import that breaks builds on newer rust versions
  * Update to latest webauthn-rs version
  * fix version
  * Fix maint branch versions
  * Disable inconsistent test (#2278) - Update to version 1.1.0~rc15~git2.74f5c0f:
  * make versions consistent
  * 1.1.0 rc.15 dev post-release (#2271)
  * Release 1.1.0-rc.15-dev
  * started writing docs and ended up in another rabbit hole (#2267)
  * CLI integration test beginnings (#2261)
  * chore(deps): bump the all group with 7 updates (#2266)
  * chore(deps-dev): bump the all group in /pykanidm with 5 updates (#2265)
  * Add book chapter + cli
  * Cargo fmt and clippy checks
  * Restrict posix passwords on ldap bind with config
  * Splitting the SPAs (#2219)
  * Bug chasing (#2257)
  * cargo fmt + clippy (#2241)
  * service-account or person validity show returns for non-existing identity (#2258)
  * don't need write if we are not writing (#2256)
  * adding service account patch methods (#2255)
  * .deb package build and docs fixes (#2252)
  * Auth flow docs (#2249)
  * pykanidm test code (#2202)
  * chore(deps): bump the all group with 5 updates (#2247)
  * chore(deps-dev): bump the all group in /pykanidm with 4 updates (#2246)
  * 20231019 1122 account policy basics (#2245)
  * Add note on snaps to PAM and nsswitch with link to new section in FAQ (#2244)
  * 20231014 account policy (#2218)
  * chore(deps): bump rustix from 0.38.15 to 0.38.19 (#2242)
  * Fix incorrect references to LDAP in sync (#2239)
  * Remove unused crate users (#2240)
  * chore(deps-dev): bump urllib3 from 2.0.6 to 2.0.7 in /pykanidm (#2238)
  * Windows build fixes and test coverage (#2220)
  * more space checks (#2234)
  * Fixing dependabot and its mistakes (#2232)
  * chore(deps-dev): bump mypy from 1.5.1 to 1.6.0 in /pykanidm (#2231)
  * chore(deps-dev): bump mkdocs-material from 9.4.4 to 9.4.6 in /pykanidm (#2230)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2229)
  * chore(deps): bump tokio from 1.32.0 to 1.33.0 (#2228)
  * chore(deps): bump tss-esapi from 7.3.0 to 7.4.0 (#2227)
  * chore(deps): bump regex from 1.9.6 to 1.10.1 (#2226)
  * chore(deps): bump tracing from 0.1.37 to 0.1.39 (#2225)
  * chore(deps): bump utoipa-swagger-ui from 3.1.5 to 4.0.0 (#2224)
  * chore(deps): bump proc-macro2 from 1.0.68 to 1.0.69 (#2223)
  * chore(deps): bump async-trait from 0.1.73 to 0.1.74 (#2222)
  * chore(deps): bump serde from 1.0.188 to 1.0.189 (#2221)
  * OpenAPI/swagger docs autogen (#2175)
  * 20231012 346 name deny list (#2214)
  * Add file diagnosis (#2210)
  * fix RUV on startup, improve filter output (#2211)
  * Chasing yaks down dark alleyways (#2207)
  * Reduce `pam_kanidm`'s priority in Debian platforms (#2209)
  * chore(deps-dev): bump ruff from 0.0.291 to 0.0.292 in /pykanidm (#2194)
  * chore(deps-dev): bump coverage from 7.3.1 to 7.3.2 in /pykanidm (#2195)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2193)
  * chore(deps-dev): bump mkdocs-material from 9.4.2 to 9.4.4 in /pykanidm (#2197)
  * chore(deps): bump libc from 0.2.148 to 0.2.149 (#2201)
  * chore(deps): bump axum-auth from 0.4.0 to 0.4.1 (#2200)
  * chore(deps): bump syn from 2.0.37 to 2.0.38 (#2199)
  * chore(deps): bump proc-macro2 from 1.0.67 to 1.0.68 (#2198)
  * chore(deps): bump aiohttp from 3.8.5 to 3.8.6 in /pykanidm (#2196)
  * chore(deps-dev): bump pylint-pydantic from 0.2.4 to 0.3.0 in /pykanidm (#2192)
  * 20231008 remove expect used (#2191)
  * Thread naming and display (#2190)
  * Replication tweaks - try the most recent successful one and error less (#2189)
  * Chasing wooly quadrapeds again (#2163)
  * 68 20230929 replication finalisation (#2160)
  * In-system image storage (#2112)
  * chore(deps-dev): bump urllib3 from 2.0.4 to 2.0.6 in /pykanidm (#2173)
  * chore(deps-dev): bump mkdocs-material from 9.3.2 to 9.4.2 in /pykanidm (#2165)
  * chore(deps): bump clap_complete from 4.4.1 to 4.4.3 (#2170)
  * chore(deps): bump hashbrown from 0.14.0 to 0.14.1 (#2169)
  * chore(deps): bump clap from 4.4.4 to 4.4.6 (#2168)
  * chore(deps): bump regex from 1.9.5 to 1.9.6 (#2167)
  * chore(deps): bump pydantic from 2.3.0 to 2.4.2 in /pykanidm (#2166)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2164)
  * fix credential update intent defaults (#2162)
  * 68 20230919 replication configuration (#2131)
  * Can't build kanidmd using the Ubuntu docker builder scripts - cleanup (#2154)
  * Enforce TLS key size minimums (#2145)
  * bindaddress default doesn't match documentation (#2150)
  * chore(deps-dev): bump ruff from 0.0.290 to 0.0.291 in /pykanidm (#2137)
  * chore(deps-dev): bump mkdocs from 1.5.2 to 1.5.3 in /pykanidm (#2138)
  * chore(deps): bump syn from 2.0.32 to 2.0.37 (#2143)
  * chore(deps): bump tss-esapi from 7.2.0 to 7.3.0 (#2142)
  * chore(deps): bump tokio-util from 0.7.8 to 0.7.9 (#2141)
  * chore(deps): bump dyn-clone from 1.0.13 to 1.0.14 (#2140)
  * chore(deps): bump clap from 4.4.3 to 4.4.4 (#2139)
  * chore(deps-dev): bump mkdocs-material from 9.3.1 to 9.3.2 in /pykanidm (#2136)
  * minor changes to speed up WASM tests (#2133)
  * chore(deps): bump cryptography from 41.0.3 to 41.0.4 in /pykanidm (#2134)
  * CLI and kanidm_client changes to handle errors and TLS validation changes (#2127)
  * Typo (#2125)
  * chore(deps-dev): bump mkdocs-material from 9.2.8 to 9.3.1 in /pykanidm (#2114)
  * chore(deps-dev): bump ruff from 0.0.287 to 0.0.290 in /pykanidm (#2115)
  * chore(deps-dev): bump black from 23.9.0 to 23.9.1 in /pykanidm (#2116)
  * chore(deps): bump chrono from 0.4.30 to 0.4.31 (#2124)
  * chore(deps): bump docker/setup-qemu-action from 2 to 3 (#2119)
  * chore(deps): bump proc-macro2 from 1.0.66 to 1.0.67 (#2123)
  * chore(deps): bump serde_json from 1.0.106 to 1.0.107 (#2122)
  * chore(deps): bump libc from 0.2.147 to 0.2.148 (#2121)
  * chore(deps): bump clap from 4.4.2 to 4.4.3 (#2120)
  * chore(deps): bump docker/build-push-action from 4 to 5 (#2118)
  * chore(deps): bump docker/setup-buildx-action from 2 to 3 (#2117)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2113)
  * Yaleman/issue989 (#2111)
  * Cinco de yakko (#2108)
  * 68 20230912 session consistency (#2110)
  * Fix typo (#2109)
  * Implement DeviceAuthorizationGrant for MFA (#2079)
  * Schema dooby doo ... yon (#2103)
  * sqlite3 doesn't need to be installed on dev machines (#2104)
  * 68 20230908 replication attrunique (#2086)
  * chore(deps-dev): bump pytest-aiohttp from 1.0.4 to 1.0.5 in /pykanidm (#2092)
  * chore(deps-dev): bump coverage from 7.3.0 to 7.3.1 in /pykanidm (#2089)
  * chore(deps-dev): bump mkdocs-material from 9.2.7 to 9.2.8 in /pykanidm (#2090)
  * chore(deps-dev): bump black from 23.7.0 to 23.9.0 in /pykanidm (#2088)
  * chore(deps-dev): bump pytest from 7.4.1 to 7.4.2 in /pykanidm (#2091)
  * chore(deps): bump actions/checkout from 3 to 4 (#2102)
  * chore(deps): bump walkdir from 2.3.3 to 2.4.0 (#2101)
  * chore(deps): bump serde_json from 1.0.105 to 1.0.106 (#2100)
  * chore(deps): bump openssl-sys from 0.9.92 to 0.9.93 (#2099)
  * chore(deps): bump bytes from 1.4.0 to 1.5.0 (#2097)
  * chore(deps): bump clap_complete from 4.4.0 to 4.4.1 (#2098)
  * chore(deps): bump argon2 from 0.5.1 to 0.5.2 (#2096)
  * chore(deps): bump syn from 2.0.31 to 2.0.32 (#2095)
  * chore(deps): bump chrono from 0.4.28 to 0.4.30 (#2094)
  * chore(deps): bump base64 from 0.21.3 to 0.21.4 (#2093)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2087)
  * move from git2 to gix (#2085)
  * Schema-dooby-doo-part-trois (#2082)
  * CLI and test things (#2080)
  * 68 20230907 replication (#2081)
  * minor tweaks to Orca (#2077)
  * Changing build targets for debs (#2076)
  * Removing default features from git2 package (#2078)
  * 68 20230829 replication referential integrity (#2048)
  * Schema dooby doo part two (#2071)
  * 68 20230831 design replication coordinator (#2051)
  * improve wording of webauthn cli interaction (#2073)
  * When an empty body was returned, do request would error incorrectly (#2074)
  * update bug template, closes #2054 (#2055)
  * Yak hassling (#2059)
  * docs: api tokens are managed by idm_admin (#2072)
  * chore(deps-dev): bump pytest from 7.4.0 to 7.4.1 in /pykanidm (#2062)
  * chore(deps-dev): bump mkdocstrings from 0.22.0 to 0.23.0 in /pykanidm (#2063)
  * chore(deps-dev): bump ruff from 0.0.286 to 0.0.287 in /pykanidm (#2061)
  * chore(deps): bump async-recursion from 1.0.4 to 1.0.5 (#2070)
  * chore(deps): bump syn from 2.0.29 to 2.0.31 (#2069)
  * chore(deps): bump clap from 4.4.0 to 4.4.2 (#2068)
  * chore(deps): bump url from 2.4.0 to 2.4.1 (#2067)
  * chore(deps): bump regex from 1.9.4 to 1.9.5 (#2066)
  * chore(deps): bump chrono from 0.4.26 to 0.4.28 (#2065)
  * chore(deps): bump tower-http from 0.4.3 to 0.4.4 (#2064)
  * chore(deps-dev): bump mkdocs-material from 9.2.5 to 9.2.7 in /pykanidm (#2060)
  * Check in missing users crate for SELinux integration (#2050)
  * Add tests for X-Forwarded-For header (kinda) (#1957)
  * docs: fix miniflux oauth example (#2046)
  * Clear cache before verify on some low-level tests (#2044)
  * 68 20230828 replication of schema (#2045)
  * Update compact jwt (#2043)
  * Allow patching of crates from related projects (#2042)
  * pam multistep auth state machine (#2022)
  * chore(deps): bump clap from 4.3.23 to 4.4.0 (#2039)
  * chore(deps): bump reqwest from 0.11.18 to 0.11.20 (#2040)
  * chore(deps): bump openssl from 0.10.56 to 0.10.57 (#2038)
  * chore(deps): bump clap_complete from 4.3.2 to 4.4.0 (#2036)
  * chore(deps): bump base64 from 0.21.2 to 0.21.3 (#2037)
  * chore(deps): bump regex from 1.9.3 to 1.9.4 (#2035)
  * chore(deps): bump serde from 1.0.183 to 1.0.188 (#2034)
  * chore(deps): bump openssl-sys from 0.9.91 to 0.9.92 (#2033)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2032)
  * chore(deps-dev): bump mkdocs-material from 9.1.21 to 9.2.5 in /pykanidm (#2031)
  * chore(deps-dev): bump ruff from 0.0.285 to 0.0.286 in /pykanidm (#2030)
  * chore(deps): bump pydantic from 2.2.1 to 2.3.0 in /pykanidm (#2029)
  * Authentication shortcut to get a RW session (#1993)
  * wopsies, missing imports (#2023)
  * idv cli (#2001)
  * Trying to fix the (current) container build failures (#2021)
  * pykanidm updoots (#2019)
  * 68 20230821 replication (#2020)
  * Configurable session timeouts (#1965)
  * fix: output an array in json mode for `kanidm group list` (#2016)
  * feat: add json output modes for `person list` and `system oauth2 list` (#2017)
  * docs: Update missed add_members command (#2018)
  * Less human strings more enums (#1989)
  * Resolve incorrect time units on timeout (#2014)
  * chore(deps): bump dyn-clone from 1.0.12 to 1.0.13 (#2013)
  * chore(deps): bump quote from 1.0.32 to 1.0.33 (#2012)
  * chore(deps): bump gloo-timers from 0.2.6 to 0.3.0 (#2011)
  * chore(deps): bump serde_with from 3.2.0 to 3.3.0 (#2010)
  * chore(deps): bump clap from 4.3.21 to 4.3.23 (#2009)
  * chore(deps): bump tokio from 1.31.0 to 1.32.0 (#2008)
  * chore(deps): bump serde_json from 1.0.104 to 1.0.105 (#2007)
  * chore(deps): bump syn from 2.0.28 to 2.0.29 (#2006)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#2005)
  * chore(deps-dev): bump mypy from 1.5.0 to 1.5.1 in /pykanidm (#2004)
  * chore(deps-dev): bump ruff from 0.0.284 to 0.0.285 in /pykanidm (#2003)
  * chore(deps): bump pydantic from 2.1.1 to 2.2.1 in /pykanidm (#2002)
  * reordering layers so the web server works in non-debug-mode (#1999)
  * 20230817 idv migration (#1992)
  * daemon: kanidmd version requires a config file to run (#1959) (#1990)
  * Resolve issues with dyngroup members (#1986)
  * Revert "sqlite where IN for id entry (#1988)" (#1991)
  * sqlite where IN for id entry (#1988)
  * Identity verification feature (#1819)
  * 1982 service account access (#1985)
  * Fixing test release (#1983)
  * error handling and web server logging fixes (#1960)
  * Struct-ifying schema things (#1971)
  * Orca tweaks (#1963)
  * Fighting with zypper, tagging our images (#1964)
  * chore(deps-dev): bump coverage from 7.2.7 to 7.3.0 in /pykanidm (#1974)
  * chore(deps-dev): bump mypy from 1.4.1 to 1.5.0 in /pykanidm (#1973)
  * chore(deps): bump serde from 1.0.182 to 1.0.183 (#1979)
  * Are we JSON yet? Kinda. But we're closer. (#1967)
  * chore(deps): bump clap from 4.3.19 to 4.3.21 (#1978)
  * chore(deps): bump tokio from 1.29.1 to 1.31.0 (#1977)
  * chore(deps): bump async-trait from 0.1.72 to 0.1.73 (#1976)
  * chore(deps): bump selinux from 0.4.1 to 0.4.2 (#1975)
  * chore(deps-dev): bump ruff from 0.0.282 to 0.0.284 in /pykanidm (#1972)
  * docs: Fix outdated oauth2 subcommands (#1969)
  * Allow one-character usernames (#1941)
  * resolver: Himmelblau needs old token for refresh (#1962)
  * updating python packages to close dependabot securiity alerts (#1956)
  * providing server configuration in the testkit::test macro (#1953)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1952)
  * chore(deps-dev): bump ruff from 0.0.280 to 0.0.282 in /pykanidm (#1951)
  * chore(deps-dev): bump mkdocs from 1.5.1 to 1.5.2 in /pykanidm (#1950)
  * chore(deps): bump openssl from 0.10.55 to 0.10.56 (#1949)
  * chore(deps): bump regex from 1.9.1 to 1.9.3 (#1948)
  * chore(deps): bump serde from 1.0.180 to 1.0.182 (#1947)
  * chore(deps): bump filetime from 0.2.21 to 0.2.22 (#1946)
  * chore(deps): bump openssl-sys from 0.9.90 to 0.9.91 (#1945)
  * chore(deps): bump serde_with from 3.1.0 to 3.2.0 (#1944)
  * chore(deps): bump axum from 0.6.19 to 0.6.20 (#1943)
  * removing debug string (#1937)
  * Final v3 master x book deployment fix (#1936)
  * trying a different ref (#1935)
  * replaced `skip_serializing_if` with `skip_serializing_none` (#1932)
  * another book round (#1933)
  * trying again (#1931)
  * fixed serialization of oauth2 token scope (#1930)
  * added compression layer for the pkg route (#1928)
  * Resolve build failiures when selinux is enabled (#1927)
  * Resolve issue with publishing (#1925)
  * Set dev version (#1924) - Update to version 1.1.0~beta13~git7.1fb34a9:
  * Resolve incorrect time units on timeout (#2014)
  * Update cargo lock, docker fixes
  * 1982 service account access (#1985)
  * fixed serialization of oauth2 token scope (#1930)
  * added compression layer for the pkg route (#1928) - Resolve issues with fedora/centos build - Update to version 1.1.0~beta13~git2.5d1e2f9:
  * Resolve build failiures when selinux is enabled (#1927)
  * Resolve issue with publishing (#1925)
  * Set dev version (#1924)
  * Release 1.1.0-beta.13 (#1922)
  * 20230731 release (#1921)
  * Improve default shells for distros (#1920)
  * 20230728 techdebt paydown (#1909)
  * chasing weirdness (#1910)
  * chore(deps-dev): bump mkdocs-material from 9.1.19 to 9.1.21 in /pykanidm (#1918)
  * chore(deps): bump serde_json from 1.0.103 to 1.0.104 (#1917)
  * chore(deps): bump serde from 1.0.174 to 1.0.178 (#1916)
  * chore(deps): bump tikv-jemallocator from 0.5.0 to 0.5.4 (#1915)
  * chore(deps-dev): bump mkdocs from 1.4.3 to 1.5.1 in /pykanidm (#1913)
  * chore(deps-dev): bump pylint-pydantic from 0.2.3 to 0.2.4 in /pykanidm (#1912)
  * chore(deps): bump pydantic from 2.0.3 to 2.1.1 in /pykanidm (#1911)
  * 20230727 unix int modularity (#1907)
  * bumping action version (#1908)
  * 68 20230720 replication improvements (#1905)
  * Resolve compilation issue with tpm enabled on linux (#1902)
  * Improve service file for host installs (#1901)
  * 20230720 unix int modular (#1881)
  * fixing up pydantic things (#1885)
  * 1788 admin unix socket (#1880)
  * chore(deps-dev): bump pylint-pydantic from 0.2.1 to 0.2.3 in /pykanidm (#1900)
  * chore(deps-dev): bump ruff from 0.0.278 to 0.0.280 in /pykanidm (#1899)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1898)
  * chore(deps-dev): bump mkdocs-material from 9.1.18 to 9.1.19 in /pykanidm (#1897)
  * chore(deps): bump async-trait from 0.1.71 to 0.1.72 (#1895)
  * chore(deps-dev): bump types-toml from 0.10.8.6 to 0.10.8.7 in /pykanidm (#1896)
  * chore(deps): bump axum from 0.6.18 to 0.6.19 (#1894)
  * chore(deps): bump clap from 4.3.12 to 4.3.19 (#1893)
  * chore(deps): bump axum-macros from 0.3.7 to 0.3.8 (#1892)
  * chore(deps): bump serde from 1.0.171 to 1.0.174 (#1891)
  * chore(deps): bump uuid from 1.4.0 to 1.4.1 (#1890)
  * chore(deps): bump quote from 1.0.31 to 1.0.32 (#1889)
  * chore(deps): bump tower-http from 0.4.1 to 0.4.3 (#1888)
  * chore(deps): bump syn from 2.0.26 to 2.0.27 (#1887)
  * chore(deps): bump urlencoding from 2.1.2 to 2.1.3 (#1886)
  * added hsts header middleware (#1882)
  * chore(deps): bump aiohttp from 3.8.4 to 3.8.5 in /pykanidm (#1883)
  * 1785 allow sync attr yielding via partial write admin (#1879)
  * Alter filter generation to exclude empty conditions (#1877)
  * Revert to opensuse based radius container. (#1878)
  * Unix gid duplicate fix (#1876)
  * Refactor docker_build_kanidm to be more isolated (v13) (#1872)
  * Sync account import improvements (#1873)
  * chore(deps): bump quote from 1.0.29 to 1.0.31 (#1870)
  * chore(deps-dev): bump black from 23.3.0 to 23.7.0 in /pykanidm (#1859)
  * Add a newline to fix links in LLDAP section of the README (#1871)
  * chore(deps): bump dyn-clone from 1.0.11 to 1.0.12 (#1869)
  * chore(deps): bump pydantic from 1.10.11 to 2.0.3 in /pykanidm (#1858)
  * chore(deps): bump serde_json from 1.0.102 to 1.0.103 (#1868)
  * Fix missing slash in tag (#1853)
  * chore(deps): bump argon2 from 0.5.0 to 0.5.1 (#1867)
  * chore(deps): bump syn from 2.0.25 to 2.0.26 (#1866)
  * chore(deps): bump paste from 1.0.13 to 1.0.14 (#1864)
  * chore(deps-dev): bump pylint-pydantic from 0.2.0 to 0.2.1 in /pykanidm (#1863)
  * chore(deps): bump clap from 4.3.11 to 4.3.12 (#1862)
  * chore(deps-dev): bump pytest-asyncio from 0.21.0 to 0.21.1 in /pykanidm (#1861)
  * chore(deps): bump proc-macro2 from 1.0.64 to 1.0.66 (#1860)
  * chore(deps-dev): bump ruff from 0.0.277 to 0.0.278 in /pykanidm (#1857)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1856)
  * chore(deps): bump actions/upload-pages-artifact from 1 to 2 (#1855)
  * Revert "something something token permissions (#1850)" (#1852)
  * something something token permissions (#1850)
  * Upgraded clap, removing atty as a dependency (#1849)
  * Ensure we dont use std hashmaps (#1848)
  * Improve selinux in tasks daemon (#1847)
  * Resolve issue with order of operations causing group memberships to disappear (#1845)
  * headless webdriver testing, starting on brotli feature (#1844)
  * chore(deps-dev): bump mkdocs-material from 9.1.17 to 9.1.18 in /pykanidm (#1835)
  * chore(deps): bump serde from 1.0.166 to 1.0.170 (#1843)
  * Fix a typo in the unix daemon debug (#1822)
  * chore(deps-dev): bump ruff from 0.0.275 to 0.0.277 in /pykanidm (#1833)
  * chore(deps): bump serde-wasm-bindgen from 0.4.5 to 0.5.0 (#1842)
  * chore(deps): bump proc-macro2 from 1.0.63 to 1.0.64 (#1841)
  * chore(deps): bump syn from 2.0.23 to 2.0.25 (#1840)
  * chore(deps): bump async-trait from 0.1.69 to 0.1.71 (#1839)
  * chore(deps): bump regex from 1.8.4 to 1.9.1 (#1838)
  * chore(deps): bump is-terminal from 0.4.8 to 0.4.9 (#1837)
  * chore(deps): bump serde_json from 1.0.99 to 1.0.100 (#1836)
  * Allow Authorization header in CORS preflight response (#1831)
  * chore(deps): bump pydantic from 1.10.10 to 1.10.11 in /pykanidm (#1834)
  * chore(deps-dev): bump pylint-pydantic from 0.1.8 to 0.2.0 in /pykanidm (#1832)
  * Add preflight headers (#1829)
  * Persist nonce through refresh to support client (#1826)
  * Cleanup spa handling (#1825)
  * 1792 public oauth clients (#1821)
  * 1812 1813 post axum cleanup (#1817)
  * Fix diagram colours (#1815)
  * Converting from tide to axum (#1797)
  * Add client UX for redirecting to an external portal for synced accounts (#1791)
  * Add cors policy (#1807)
  * Improve tasks daemon shutdown (#1806)
  * Improve durability of migrations (#1804)
  * clippy-izing an unsafe in pam (#1795)
  * chore(deps): bump pydantic from 1.10.9 to 1.10.10 in /pykanidm (#1803)
  * chore(deps): bump uuid from 1.3.4 to 1.4.0 (#1802)
  * chore(deps): bump tokio from 1.28.2 to 1.29.1 (#1801)
  * chore(deps): bump syn from 2.0.20 to 2.0.23 (#1800)
  * chore(deps): bump whoami from 1.4.0 to 1.4.1 (#1799)
  * chore(deps): bump quote from 1.0.28 to 1.0.29 (#1798)
  * 20230629 tpm keygen ... again (#1793)
  * Fixing the kanidmd healthcheck (#1789)
  * Name change history (#1727)
  * 20230628 tpm minor issue with key regen (#1790)
  * Still trying to fix the docs. (#1709)
  * Improve cli to support multi-domain handling. (#1786)
  * Started chasing noise, found some code to delete... (#1768)
  * Improve tpm key generation - improve unix config for tpms. (#1782)
  * chore(deps-dev): bump pytest from 7.3.2 to 7.4.0 in /pykanidm (#1771)
  * chore(deps-dev): bump mkdocs-material from 9.1.16 to 9.1.17 in /pykanidm (#1773)
  * chore(deps-dev): bump mypy from 1.3.0 to 1.4.1 in /pykanidm (#1784)
  * chore(deps): bump serde_json from 1.0.97 to 1.0.99 (#1778)
  * chore(deps): bump syn from 2.0.18 to 2.0.20 (#1779)
  * chore(deps): bump authlib from 1.2.0 to 1.2.1 in /pykanidm (#1777)
  * chore(deps): bump proc-macro2 from 1.0.60 to 1.0.63 (#1776)
  * chore(deps): bump libc from 0.2.146 to 0.2.147 (#1774)
  * chore(deps): bump gloo-net from 0.2.6 to 0.3.0 (#1772)
  * chore(deps-dev): bump ruff from 0.0.272 to 0.0.275 in /pykanidm (#1770)
  * Fix debian packaging (#1742)
  * Remove r2d2 - sad beep noises (#1766)
  * Kanidmd is a bit noisy (#1765)
  * Ux improvements - Allow enrolling other devices (#1764)
  * Make argon2id default pw hasher - improve parameter detection (#1762)
  * chore(deps): bump openssl from 0.10.54 to 0.10.55 (#1761)
  * Implement tpm binding of cached password hashes (#1754)
  * Mention client configuration in tool installation guide (#1756)
  * Remove scripts that are no longer required (#1759)
  * OAuth2 secret JSON (#1758)
  * Allow account locking with expire-at 'epoch' and 'now' (#1757)
  * Resolve codespell issues (#1753)
  * Add tls generator to main kanidmd (#1743)
  * Fix block_on in ssh authorised keys (#1752)
  * chore(deps-dev): bump mkdocs-material from 9.1.15 to 9.1.16 in /pykanidm (#1751)
  * chore(deps): bump gloo from 0.8.0 to 0.8.1 (#1750)
  * chore(deps-dev): bump pytest-mock from 3.10.0 to 3.11.1 in /pykanidm (#1749)
  * chore(deps): bump hashbrown from 0.13.2 to 0.14.0 (#1748)
  * 1737 1739 sync - map uidnumbers mail (#1741)
  * Add support for argon2id (#1736)
  * Disable neon on linux (#1740)
  * 20230614 unix account security - move account name deny to unixd (#1733)
  * fixed return value of add_ava_int (#1735)
  * unix_integration: also check running SELinux mode (#1704)
  * added pre_cand entries to both pre_modify and pre_batch_modify plugin functions (#1732)
  * 20230608 ldap sync (#1728)
  * Add acp allowing service accounts to clear their own sessions (#1731)
  * Declare when no applications are available (#1730)
  * Fix ip addr parse (#1729)
  * X-Forwarded-For catcher - improve ip addr parsing (#1725)
  * chore(deps): bump proc-macro2 from 1.0.59 to 1.0.60 (#1723)
  * chore(deps): bump url from 2.3.1 to 2.4.0 (#1722)
  * chore(deps-dev): bump pytest from 7.3.1 to 7.3.2 in /pykanidm (#1719)
  * chore(deps): bump libc from 0.2.145 to 0.2.146 (#1721)
  * chore(deps-dev): bump ruff from 0.0.270 to 0.0.272 in /pykanidm (#1720)
  * docs: fix typo in sync concepts (#1715)
  * chore(deps): bump regex from 1.8.3 to 1.8.4 (#1718)
  * chore(deps): bump pydantic from 1.10.8 to 1.10.9 in /pykanidm (#1717)
  * chore(deps): bump serde from 1.0.163 to 1.0.164 (#1716)
  * Absolutely minimal implementation (#1711)
  * Add further incremental replication tests (#1707)
  * Save two more kay strokes (#1708)
  * Documentation root directory 404 (#1706)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1697)
  * Improve diagnostic and docs of ldap bind requiring posix password (#1702)
  * #1680 redux - trying to fix docs again (#1692)
  * Automatically login & reauth (#1691)
  * chore(deps-dev): bump coverage from 7.2.6 to 7.2.7 in /pykanidm (#1698)
  * chore(deps): bump libc from 0.2.144 to 0.2.145 (#1701)
  * chore(deps): bump openssl from 0.10.52 to 0.10.54 (#1700)
  * chore(deps): bump csv from 1.2.1 to 1.2.2 (#1699)
  * chore(deps): bump syn from 2.0.17 to 2.0.18 (#1696)
  * chore(deps): bump chrono from 0.4.24 to 0.4.26 (#1695)
  * chore(deps-dev): bump mkdocs-material from 9.1.14 to 9.1.15 in /pykanidm (#1694)
  * chore(deps): bump openssl-sys from 0.9.87 to 0.9.88 (#1693)
  * Documentation root directory 404 (#1681)
  * Crono expression parser fix (#1682)
  * Document OpenID connect setup for Miniflux (#1683)
  * chore(deps): bump cryptography from 39.0.1 to 41.0.0 in /pykanidm (#1684)
  * Improve the readme (#1679)
  * Move the socket startup to localise it to the acceptor (#1678)
  * SELinux support for kanidm-unixd-tasks daemon (#1661)
  * Resolve ability to delete ssh keys with spaces in tags (#1674)
  * Adding mdbook-template back for bookgen (#1660)
  * chore(deps-dev): bump coverage from 7.2.5 to 7.2.6 in /pykanidm (#1669)
  * chore(deps-dev): bump mkdocstrings from 0.21.2 to 0.22.0 in /pykanidm (#1671)
  * 20230526 incremental replication improvements (#1659)
  * chore(deps): bump regex from 1.8.1 to 1.8.3 (#1670)
  * chore(deps): bump hashbrown from 0.12.3 to 0.13.2 (#1668)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1667)
  * chore(deps): bump tokio from 1.28.1 to 1.28.2 (#1666)
  * chore(deps-dev): bump ruff from 0.0.269 to 0.0.270 in /pykanidm (#1665)
  * chore(deps): bump quote from 1.0.27 to 1.0.28 (#1664)
  * chore(deps): bump pydantic from 1.10.7 to 1.10.8 in /pykanidm (#1663)
  * fixing get-tags-action in book build (#1657)
  * Add more replication tests, improve some handling of tombstones. (#1656)
  * Bring back CpuOptLevel x86_64_v1 (#1590)
  * Doc fixes (#1658)
  * Identifiable tokens (#1623)
  * Add version tag to makefile images (#1654)
  * during service account recovery, remove incompatible credentials (#1650)
  * signal handling for tasks daemon (#1651)
  * Time travelling (#1648)
  * chore(deps): bump requests from 2.28.2 to 2.31.0 in /pykanidm (#1649)
  * 20230508 replication incremental (#1620)
  * chore(deps-dev): bump mkdocs-material from 9.1.12 to 9.1.14 in /pykanidm (#1642)
  * chore(deps): bump wasm-bindgen from 0.2.85 to 0.2.86 (#1647)
  * chore(deps): bump js-sys from 0.3.62 to 0.3.63 (#1646)
  * chore(deps): bump uuid from 1.3.2 to 1.3.3 (#1645)
  * chore(deps): bump proc-macro2 from 1.0.56 to 1.0.58 (#1644)
  * chore(deps): bump reqwest from 0.11.17 to 0.11.18 (#1643)
  * chore(deps-dev): bump ruff from 0.0.267 to 0.0.269 in /pykanidm (#1641)
  * Fix use-reset-token command hint (#1639)
  * chore(deps): bump pymdown-extensions from 9.9.2 to 10.0 in /pykanidm (#1638)
  * chore(deps-dev): bump mypy from 1.2.0 to 1.3.0 in /pykanidm (#1636)
  * chore(deps): bump wasm-bindgen-test from 0.3.34 to 0.3.35 (#1635)
  * chore(deps-dev): bump ruff from 0.0.265 to 0.0.267 in /pykanidm (#1634)
  * chore(deps): bump syn from 2.0.15 to 2.0.16 (#1633)
  * chore(deps): bump quote from 1.0.26 to 1.0.27 (#1628)
  * chore(deps): bump serde from 1.0.162 to 1.0.163 (#1632)
  * chore(deps-dev): bump mkdocs-material from 9.1.9 to 9.1.12 in /pykanidm (#1631)
  * chore(deps): bump tokio from 1.28.0 to 1.28.1 (#1629)
  * chore(deps): bump web-sys from 0.3.61 to 0.3.62 (#1627)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1626)
  * chore(deps): bump libc from 0.2.143 to 0.2.144 (#1625)
  * chore(deps): bump js-sys from 0.3.61 to 0.3.62 (#1624)
  * Update policy (#1619)
  * fixing up some spelling errors (#1618)
  * Update RELEASE_NOTES.md (#1616)
  * 20230505 replication groundwork - ruv consistency improvements (#1606)
  * chore(deps-dev): bump ruff from 0.0.263 to 0.0.265 in /pykanidm (#1608)
  * chore(deps-dev): bump mkdocs-material from 9.1.8 to 9.1.9 in /pykanidm (#1609)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1611)
  * chore(deps): bump serde from 1.0.160 to 1.0.162 (#1613)
  * chore(deps): bump libc from 0.2.142 to 0.2.143 (#1612)
  * chore(deps): bump pkg-config from 0.3.26 to 0.3.27 (#1610)
  * chore(deps-dev): bump mkdocs from 1.4.2 to 1.4.3 in /pykanidm (#1607)
  * github pages ... something is definitely going weird. (#1605)
  * token permissions! (#1604)
  * Using github actions might actually push a change (#1603)
  * looks like that's a bug (#1602)
  * fix things (#1601)
  * 20230506 ignore some references (#1600)
  * Harden migrate session to prevent duplicate migration errors (#1599)
  * reducing action concurrency load (#1598)
  * more testing cleanup (#1595)
  * Document that you need to tell Nginx or other proxies to use HTTP 1.1â€¦ (#1592)
  * sccache github actions fixes (#1593)
  * Start next dev cycle (#1589) - Update to version 1.1.0~alpha12~git0.bcdbb18:
  * Release 1.1.0-alpha.12 (#1588)
  * chore(deps): bump tokio-util from 0.7.7 to 0.7.8 (#1587)
  * chore(deps): bump reqwest from 0.11.16 to 0.11.17 (#1586)
  * chore(deps): bump tokio from 1.27.0 to 1.28.0 (#1585)
  * chore(deps): bump uuid from 1.3.1 to 1.3.2 (#1584)
  * chore(deps): bump clap from 3.2.23 to 3.2.25 (#1583)
  * chore(deps-dev): bump coverage from 7.2.3 to 7.2.5 in /pykanidm (#1582)
  * Correctly prevent start up when https sockets in use (#1579)
  * Filter rdns and dns for ldap filters (#1576)
  * use sccache, merge "test" actions into "build", remove homebrew caching (#1578)
  * Cleanup incorrect log errors of denied entries (#1577)
  * 20230424 clippppppppppppyyyyyyyy (#1574)
  * Add exclusive process lock to Kanidm to prevent accidental duplicate commands. (#1575)
  * more more more unixd build fixes (#1573)
  * chore(deps-dev): bump mkdocs-material from 9.1.7 to 9.1.8 in /pykanidm (#1572)
  * chore(deps): bump openssl from 0.10.51 to 0.10.52 (#1571)
  * chore(deps): bump openssl-sys from 0.9.86 to 0.9.87 (#1570)
  * chore(deps-dev): bump ruff from 0.0.262 to 0.0.263 in /pykanidm (#1569)
  * more-merge unixd commands (#1568)
  * Consolidate unix tools (#1566)
  * 1553 pam remote or local detection (#1565)
  * chore(deps): bump openssl from 0.10.50 to 0.10.51 (#1563)
  * Improve user experince of refreshing with intent tokens during cred update (#1556)
  * chore(deps): bump tracing-subscriber from 0.3.16 to 0.3.17 (#1562)
  * chore(deps): bump regex from 1.7.3 to 1.8.1 (#1561)
  * chore(deps): bump libc from 0.2.141 to 0.2.142 (#1560)
  * chore(deps-dev): bump ruff from 0.0.261 to 0.0.262 in /pykanidm (#1559)
  * chore(deps-dev): bump mkdocs-material from 9.1.6 to 9.1.7 in /pykanidm (#1558)
  * chore(deps): bump actions/upload-artifact from 1 to 3 (#1557)
  * Fix incompatible future warnings by removing older crates (#1554)
  * 20230330 oauth2 refresh tokens (#1502)
  * Sorting documentation builds (#1551)
  * Add troubleshooting step for pam home dirs (#1550)
  * AuthSession non empty vec part 2 (#1543)
  * chore(deps): bump openssl from 0.10.49 to 0.10.50 (#1548)
  * chore(deps): bump serde from 1.0.159 to 1.0.160 (#1547)
  * chore(deps): bump syn from 2.0.13 to 2.0.15 (#1546)
  * chore(deps): bump serde_json from 1.0.95 to 1.0.96 (#1545)
  * chore(deps-dev): bump pytest from 7.3.0 to 7.3.1 in /pykanidm (#1544)
  * chore(deps): bump h2 from 0.3.15 to 0.3.17 (#1540)
  * Improve unicode control character detection (#1539)
  * chore(deps-dev): bump mkdocstrings-python in /pykanidm (#1533)
  * chore(deps-dev): bump mypy from 1.0.1 to 1.2.0 in /pykanidm (#1532)
  * chore(deps): bump filetime from 0.2.20 to 0.2.21 (#1529)
  * chore(deps-dev): bump mkdocstrings from 0.20.0 to 0.21.2 in /pykanidm (#1536)
  * chore(deps-dev): bump mkdocs-material from 9.1.5 to 9.1.6 in /pykanidm (#1535)
  * chore(deps-dev): bump ruff from 0.0.260 to 0.0.261 in /pykanidm (#1534)
  * chore(deps-dev): bump coverage from 7.2.2 to 7.2.3 in /pykanidm (#1530)
  * chore(deps): bump uuid from 1.3.0 to 1.3.1 (#1531)
  * chore(deps): bump syn from 2.0.12 to 2.0.13 (#1527)
  * chore(deps): bump dialoguer from 0.10.3 to 0.10.4 (#1526)
  * chore(deps-dev): bump pytest from 7.2.2 to 7.3.0 in /pykanidm (#1528)
  * chore(deps): bump libc from 0.2.140 to 0.2.141 (#1525)
  * chore(deps): bump fernet from 0.2.0 to 0.2.1 (#1524)
  * Authsession non empty vec (#1522)
  * chore(deps-dev): bump ruff from 0.0.259 to 0.0.260 in /pykanidm (#1506)
  * chore(deps-dev): bump mkdocs-material from 9.1.4 to 9.1.5 in /pykanidm (#1510)
  * chore(deps): bump serde from 1.0.158 to 1.0.159 (#1515)
  * chore(deps): bump openssl from 0.10.48 to 0.10.49 (#1513)
  * chore(deps): bump tokio from 1.26.0 to 1.27.0 (#1505)
  * chore(deps): bump openssl-sys from 0.9.83 to 0.9.84 (#1507)
  * chore(deps): bump futures from 0.3.27 to 0.3.28 (#1509)
  * chore(deps): bump reqwest from 0.11.15 to 0.11.16 (#1517)
  * chore(deps-dev): bump black from 23.1.0 to 23.3.0 in /pykanidm (#1514)
  * changing from merge to squash (#1521)
  * chore(deps): bump proc-macro2 from 1.0.54 to 1.0.56
  * fixing up auto-merge (#1519)
  * chore(deps): bump syn from 2.0.10 to 2.0.12 (#1511)
  * chore(deps-dev): bump types-toml from 0.10.8.5 to 0.10.8.6 in /pykanidm (#1504)
  * chore(deps): bump serde_json from 1.0.94 to 1.0.95 (#1516)
  * chore(deps): bump ldap3_proto from 0.3.1 to 0.3.2 (#1518)
  * chore(deps): bump syn from 1.0.109 to 2.0.10 (#1499)
  * Be non empty vec (#1501)
  * 1496 ldap basedn config (#1500)
  * chore(deps): bump proc-macro2 from 1.0.52 to 1.0.54 (#1494)
  * chore(deps): bump regex from 1.7.1 to 1.7.3 (#1491)
  * chore(deps): bump pydantic from 1.10.6 to 1.10.7 in /pykanidm (#1492)
  * chore(deps-dev): bump mkdocs-material from 9.1.3 to 9.1.4 in /pykanidm (#1487)
  * chore(deps): bump async-trait from 0.1.67 to 0.1.68 (#1488)
  * Improve string validation (#1497)
  * chore(deps): bump reqwest from 0.11.14 to 0.11.15 (#1493)
  * chore(deps-dev): bump ruff from 0.0.257 to 0.0.259 in /pykanidm (#1489)
  * chore(deps): bump serde from 1.0.157 to 1.0.158 (#1490)
  * Adding an auto-merger for dependabot updates (#1486)
  * Make examples in ldap chapter consistent (#1495)
  * 1115 priv (reauth, sudo) mode (#1479)
  * chore(deps): bump openssl from 0.10.47 to 0.10.48 (#1484)
  * Server daemon logging and exit codes (#1475)
  * Fix path-relative links in documentation (#1478)
  * chore(deps): bump openssl from 0.10.45 to 0.10.47 (#1471)
  * chore(deps): bump serde from 1.0.155 to 1.0.157 (#1473)
  * chore(deps-dev): bump mkdocs-material from 9.1.2 to 9.1.3 in /pykanidm (#1468)
  * chore(deps-dev): bump pylint-pydantic from 0.1.7 to 0.1.8 in /pykanidm (#1469)
  * chore(deps-dev): bump coverage from 7.2.1 to 7.2.2 in /pykanidm (#1463)
  * chore(deps-dev): bump ruff from 0.0.254 to 0.0.257 in /pykanidm (#1466)
  * chore(deps): bump async-trait from 0.1.66 to 0.1.67 (#1461)
  * chore(deps): bump whoami from 1.3.0 to 1.4.0 (#1460)
  * chore(deps): bump zxcvbn from 2.2.1 to 2.2.2 (#1464)
  * chore(deps): bump openssl-sys from 0.9.80 to 0.9.82 (#1470)
  * chore(deps-dev): bump pytest-asyncio from 0.20.3 to 0.21.0 in /pykanidm (#1459)
  * Add unixd exit code (#1453)
  * Unixd daemon improvement (#1454)
  * chore(deps): bump walkdir from 2.3.2 to 2.3.3 (#1458)
  * checks for a minimum number of arguments (#1452)
  * chore(deps): bump chrono from 0.4.23 to 0.4.24 (#1444)
  * chore(deps): bump futures from 0.3.26 to 0.3.27 (#1447)
  * chore(deps): bump paste from 1.0.11 to 1.0.12 (#1449)
  * chore(deps-dev): bump mkdocs-material from 9.1.1 to 9.1.2 in /pykanidm (#1450)
  * chore(deps): bump csv from 1.2.0 to 1.2.1 (#1443)
  * chore(deps): bump libc from 0.2.139 to 0.2.140 (#1442)
  * chore(deps): bump serde from 1.0.152 to 1.0.155 (#1446)
  * chore(deps): bump pydantic from 1.10.5 to 1.10.6 in /pykanidm (#1448)
  * Image fixes in the build (#1441)
  * Fix RADIUS docker image file permissions (#1439)
  * User auth token session display implementation (#1415)
  * RADIUS container fixes (#1424)
  * Update book - OAuth2 integration step (#1437)
  * chore(deps): bump async-trait from 0.1.64 to 0.1.66 (#1433)
  * Hopefully fix exp issues by making it a stable part of the access token. (#1434)
  * chore(deps): bump base64 from 0.13.1 to 0.21.0 (#1350)
  * chore(deps): bump serde_json from 1.0.93 to 1.0.94 (#1427)
  * chore(deps-dev): bump pytest from 7.2.1 to 7.2.2 in /pykanidm (#1431)
  * chore(deps-dev): bump pylint-pydantic from 0.1.6 to 0.1.7 in /pykanidm (#1430)
  * chore(deps-dev): bump ruff from 0.0.253 to 0.0.254 in /pykanidm (#1429)
  * chore(deps-dev): bump mkdocs-material from 9.0.15 to 9.1.1 in /pykanidm (#1428)
  * Openssl build fix (#1422)
  * 1399 some async cleanup (#1421)
  * Web UI: Sort group memberships of profile (#1410)
  * Update the dev docs to flow nicer (#1420)
  * chore(deps): bump dyn-clone from 1.0.10 to 1.0.11 (#1417)
  * chore(deps): bump tokio from 1.25.0 to 1.26.0 (#1418)
  * chore(deps-dev): bump coverage from 7.1.0 to 7.2.1 in /pykanidm (#1405)
  * chore(deps-dev): bump ruff from 0.0.230 to 0.0.253 in /pykanidm (#1419)
  * 1399 cleanup cli docs (#1413)
  * 1399 cleanup reorg (#1412)
  * 1399 cleanup (#1409)
  * Version  output for 4 unix_int tools (#1408)
  * Windows build fixes (#1388)
  * chore(deps): bump num_enum from 0.5.10 to 0.5.11 (#1404)
  * chore(deps-dev): bump types-toml from 0.10.8.4 to 0.10.8.5 in /pykanidm (#1407)
  * chore(deps): bump syn from 1.0.107 to 1.0.109 (#1406)
  * chore(deps-dev): bump mkdocs-material from 9.0.13 to 9.0.15 in /pykanidm (#1403)
  * Mention my Recursing of the Passport (#1402)
  * Start to add reauth capabilities (#1398)
  * Add Recursive Logos (#1401)
  * Prevent invalidation of api tokens (#1397)
  * chore(deps): bump tokio-util from 0.7.4 to 0.7.7 (#1378)
  * chore(deps): bump web-sys from 0.3.60 to 0.3.61 (#1362)
  * chore(deps): bump filetime from 0.2.19 to 0.2.20 (#1375)
  * chore(deps): bump pydantic from 1.10.4 to 1.10.5 in /pykanidm (#1392)
  * chore(deps-dev): bump mkdocs-material from 9.0.12 to 9.0.13 in /pykanidm (#1394)
  * chore(deps): bump num_enum from 0.5.9 to 0.5.10 (#1391)
  * chore(deps-dev): bump types-toml from 0.10.8.3 to 0.10.8.4 in /pykanidm (#1395)
  * chore(deps-dev): bump mypy from 1.0.0 to 1.0.1 in /pykanidm (#1390)
  * chore(deps): bump csv from 1.1.6 to 1.2.0 (#1393)
  * chore(deps): bump base64urlsafedata from 0.1.2 to 0.1.3 (#1389)
  * 20230220 passkey cleanup (#1396)
  * 1115 store credential ids per session (#1386)
  * Reduce the number of cow cells in idm (#1385)
  * 1355 docker builds (#1384)
  * chore(deps): bump proc-macro2 from 1.0.50 to 1.0.51 (#1369)
  * Improve some small behaviours of login and key management (#1383)
  * 967 oauth2 implicit search (#1382)
  * chore(deps): bump wasm-bindgen-test from 0.3.33 to 0.3.34 (#1364)
  * chore(deps): bump serde_json from 1.0.91 to 1.0.93 (#1376)
  * chore(deps-dev): bump black from 22.12.0 to 23.1.0 in /pykanidm (#1367)
  * chore(deps-dev): bump pylint-pydantic from 0.1.5 to 0.1.6 in /pykanidm (#1351)
  * chore(deps-dev): bump coverage from 7.0.5 to 7.1.0 in /pykanidm (#1352)
  * 20230130 hackweek replication (#1358)
  * Improve some diagnostic messages in console (#1381)
  * chore(deps): bump docker/build-push-action from 3 to 4 (#1360)
  * chore(deps): bump aiohttp from 3.8.3 to 3.8.4 in /pykanidm (#1377)
  * chore(deps-dev): bump mypy from 0.991 to 1.0.0 in /pykanidm (#1380)
  * chore(deps): bump uuid from 1.2.2 to 1.3.0 (#1368)
  * chore(deps-dev): bump mkdocs-material from 9.0.6 to 9.0.12 in /pykanidm (#1379)
  * chore(deps-dev): bump types-toml from 0.10.8.1 to 0.10.8.3 in /pykanidm (#1374)
  * chore(deps): bump cryptography from 39.0.0 to 39.0.1 in /pykanidm (#1371)
  * Update release docs to prevent forgetting a release step (#1370)
  * 1355 docker builds (#1357)
  * Update to 12 dev (#1356) - bsc#1210356 - CVE-2023-26964 - hyper,h2: stream stacking when H2 processing HTTP2 RST_STREAM frames - Automatic update of vendored dependencies - Update to version 1.1.0~alpha11~git0.d3a2a6b:
  * Release 1.1.0-alpha.11 (#1354)
  * 20230128 protected to access (#1349)
  * 20230125 pre rel cleanup (#1348)
  * 20230125 pre rel cleanup (#1347)
  * Allow multiple backends to run in parallel for repl tests (#1346)
  * 20230121 access improvement (#1345)
  * Fix debian build path (#1331)
  * Windows-related build fixes (#1344)
  * chore(deps): bump gloo-net from 0.2.5 to 0.2.6 (#1338)
  * chore(deps-dev): bump mkdocstrings from 0.19.1 to 0.20.0 in /pykanidm (#1334)
  * making the robots easier and happier (#1343)
  * chore(deps): bump tokio from 1.24.1 to 1.24.2 (#1340)
  * chore(deps): bump toml from 0.5.10 to 0.5.11 (#1337)
  * chore(deps): bump proc-macro2 from 1.0.49 to 1.0.50 (#1332)
  * chore(deps): bump reqwest from 0.11.13 to 0.11.14 (#1333)
  * chore(deps): bump async-trait from 0.1.61 to 0.1.62 (#1335)
  * 2023 orca improve (#1342)
  * Adding healthcheck functionality to kanidmd (#1330)
  * less lint more bark, ruff ruff (#1341)
  * 1121 SCIM import totp freeipa (#1328)
  * 1121 multiple totp (#1325)
  * chore(deps-dev): bump pylint from 2.15.9 to 2.15.10 in /pykanidm (#1324)
  * chore(deps-dev): bump mkdocs-material from 9.0.3 to 9.0.5 in /pykanidm (#1322)
  * chore(deps-dev): bump coverage from 7.0.4 to 7.0.5 in /pykanidm (#1323)
  * chore(deps-dev): bump pytest from 7.2.0 to 7.2.1 in /pykanidm (#1318)
  * chore(deps): bump regex from 1.7.0 to 1.7.1 (#1316)
  * chore(deps): bump ldap3_client from `2c9dc31` to `b3c7653` (#1320)
  * chore(deps-dev): bump pook from 1.0.2 to 1.1.1 in /pykanidm (#1319)
  * chore(deps): bump dialoguer from 0.10.2 to 0.10.3 (#1317)
  * Fix ldap vattr search (#1315)
  * Spell checking and stuff (#1314)
  * Bump coverage from 7.0.1 to 7.0.4 in /pykanidm (#1311)
  * Bump mkdocstrings-python from 0.8.2 to 0.8.3 in /pykanidm (#1313)
  * Bump async-trait from 0.1.60 to 0.1.61 (#1310)
  * Bump mkdocs-material from 8.5.11 to 9.0.3 in /pykanidm (#1312)
  * Update yew to 0.20 (#1308)
  * Bump tokio from 1.23.0 to 1.24.1 (#1309)
  * Cleanup references to sqlite, add a FAQ section (#1307)
  * Bump serde from 1.0.151 to 1.0.152 (#1303)
  * Bump whoami from 1.2.3 to 1.3.0 (#1304)
  * Bump pydantic from 1.10.2 to 1.10.4 in /pykanidm (#1305)
  * Fix the book again (#1302)
  * 20221224 cleanup (#1300)
  * Bump scim_proto from `cb147c8` to `b5a392f` (#1294)
  * Bump openssl from 0.10.44 to 0.10.45 (#1295)
  * Bump openssl-sys from 0.9.79 to 0.9.80 (#1296)
  * docs: reformat book and introduce workflow to ensure it stays formatted (#1286)
  * Bump libc from 0.2.138 to 0.2.139 (#1292)
  * Bump ldap3_proto from `5149451` to `2c9dc31` (#1297)
  * Bump coverage from 6.5.0 to 7.0.1 in /pykanidm (#1298)
  * feat(kanidmd): add ldap support for mail primary and alternative address (#1287)
  * chore(make): co-locate .PHONY declaration and target (#1291)
  * Canâ€™t build designs private documentation (#1289)
  * 20221221 sync deploy (#1285)
  * Bump serde from 1.0.150 to 1.0.151 (#1276)
  * 20221219 sync polish (#1284)
  * Bump async-trait from 0.1.59 to 0.1.60 (#1278)
  * Bump toml from 0.5.9 to 0.5.10 (#1280)
  * Bump dyn-clone from 1.0.9 to 1.0.10 (#1282)
  * Bump serde_json from 1.0.89 to 1.0.91 (#1275)
  * Bump mkdocstrings from 0.19.0 to 0.19.1 in /pykanidm (#1277)
  * feat(oauth2): add support for a 'groups' claim (#1272)
  * Bump paste from 1.0.9 to 1.0.11 (#1279)
  * Bump syn from 1.0.105 to 1.0.107 (#1283)
  * Bump quote from 1.0.21 to 1.0.23 (#1281)
  * Bump pylint from 2.15.8 to 2.15.9 in /pykanidm (#1274)
  * Bump proc-macro2 from 1.0.47 to 1.0.49 (#1273)
  * 20221216 a little cleanup as a treat (#1266)
  * fix(make): improve help output and solve warnings (#1269)
  * fix: set executable flag for shell scripts (#1268)
  * chore: add jceb to list of contributors (#1267)
  * docs: correct LDAP DN for token authentication (#1263)
  * docs: correct command for generating a password (#1261)
  * docs: replace kanidm account with kanidm person (#1262)
  * docs: unify representation of dn=token (#1264)
  * docs: fix link to oauth2 documentation (#1260)
  * 20221123 iam migration work (#1258)
  * fix(oauth2): use the short name in the userinfo (#1259)
  * Bump serde from 1.0.148 to 1.0.150 (#1257)
  * Bump authlib from 1.1.0 to 1.2.0 in /pykanidm (#1255)
  * Bump pytest-asyncio from 0.20.2 to 0.20.3 in /pykanidm (#1254)
  * Bump openssl from 0.10.43 to 0.10.44 (#1251)
  * Bump certifi from 2022.9.24 to 2022.12.7 in /pykanidm (#1247)
  * Bump tokio from 1.22.0 to 1.23.0 (#1249)
  * Bump pylint from 2.15.7 to 2.15.8 in /pykanidm (#1253)
  * Bump black from 22.10.0 to 22.12.0 in /pykanidm (#1256)
  * Bump filetime from 0.2.18 to 0.2.19 (#1248)
  * Bump libc from 0.2.137 to 0.2.138 (#1243)
  * Bump serde from 1.0.147 to 1.0.148 (#1242)
  * Bump gloo-net from 0.2.4 to 0.2.5 (#1244)
  * Bump syn from 1.0.103 to 1.0.105 (#1240)
  * Bump async-trait from 0.1.58 to 0.1.59 (#1239)
  * Bump pylint from 2.15.6 to 2.15.7 in /pykanidm (#1246)
  * Bump mkdocs-material from 8.5.10 to 8.5.11 in /pykanidm (#1245)
  * Improve ldap sections (#1218)
  * Bump openssl from 0.10.42 to 0.10.43 (#1235)
  * Bump serde_json from 1.0.88 to 1.0.89 (#1238)
  * Bump bytes from 1.2.1 to 1.3.0 (#1236)
  * Bump jetli/wasm-pack-action from 0.3.0 to 0.4.0 (#1231)
  * Bump rpassword from 7.1.0 to 7.2.0 (#1233)
  * Add new mail read group (#1224)
  * fixing up automation (#1230)
  * Add signal trapping for a variety of signals (#1223)
  * docs tweaks, renaming integrations (#1228)
  * Add ability to bind with token with a dn=token marker (#1225)
  * 20221121 debug webui (#1217)
  * Cargo updates (#1219)
  * Bump reqwest from 0.11.12 to 0.11.13 (#1210)
  * Abstract webauthn authenticator access, and use Windows API on Windows (#1203)
  * 20221116 oauth2 app portal 2 (#1201)
  * Bump pylint from 2.15.5 to 2.15.6 in /pykanidm (#1216)
  * Bump serde_json from 1.0.87 to 1.0.88 (#1212)
  * Bump tokio from 1.21.2 to 1.22.0 (#1213)
  * Bump mkdocstrings-python from 0.8.0 to 0.8.2 in /pykanidm (#1215)
  * Bump mypy from 0.990 to 0.991 in /pykanidm (#1214)
  * 20221116 oauth2 app portal (#1200)
  * Bump pytest-asyncio from 0.20.1 to 0.20.2 in /pykanidm (#1194)
  * 1116 UI hints (#1199)
  * Reword security keys (#1196)
  * Bump mkdocs-material from 8.5.8 to 8.5.10 in /pykanidm (#1193)
  * remove pam tester (#1197)
  * Bump mkdocstrings-python from 0.7.1 to 0.8.0 in /pykanidm (#1195)
  * Bump types-toml from 0.10.8 to 0.10.8.1 in /pykanidm (#1192)
  * Bump mypy from 0.982 to 0.990 in /pykanidm (#1191)
  * Bump chrono from 0.4.22 to 0.4.23 (#1188)
  * Bump actions/dependency-review-action from 2 to 3 (#1187)
  * Bump base64urlsafedata from 0.1.1 to 0.1.2 (#1190)
  * Workflow tweaks (#1186)
  * 1116 UI hint (#1185)
  * 613 oauth2 logout (#1184)
  * started working on fixing a log issue and chased some clippy lints (#1182)
  * 20221103 ipa import driver (#1180)
  * Review oauth2 best practices document (#1181)
  * Add tools container support (#1178)
  * improve webauthn errors (#1179)
  * Add version header and warnings (#1175)
  * Bump mkdocs-material from 8.5.7 to 8.5.8 in /pykanidm (#1173)
  * Bump mkdocs from 1.4.1 to 1.4.2 in /pykanidm (#1174)
  * Bump regex from 1.6.0 to 1.7.0 (#1172)
  * Improve handling of openssl3 in md4 tests (#1171)
  * Add /etc/skel templating and notes adjacent to kanidm-unixd and packaging (#1113)
  * Further test improvements (#1166)
  * Setup for next dev cycle (#1165) - Update to version 1.1.0~alpha10~git2.4a03ca5:
  * Add tools container support (#1178)
  * Improve handling of openssl3 in md4 tests (#1171) - Update to kanidm 1.1.0-alpha.10
  * Management and tracking of authenticated sessions
  * Make upgrade migrations more robust when upgrading over multiple versions
  * Add support for service account tokens via ldap for extended read permissions
  * Unix password management in web ui for posix accounts
  * Support internal dynamic group entries
  * Allow selection of name/spn in oidc claims
  * Admin UI wireframes and basic elements
  * TLS enforced as a requirement for all servers
  * Support API service account tokens
  * Make name rules stricter due to issues found in production
  * Improve Oauth2 PKCE testing
  * Add support for new password import hashes
  * Allow configuration of trusting x forward for headers
  * Components for account permission elevation modes
  * Make pam\_unix more robust in high latency environments
  * Add proc macros for test cases
  * Improve authentication requests with cookie/token seperation
  * Cleanup of expired authentication sessions
  * Improved administration of password badlists - Update to version 1.1.0~alpha9~git6.b20d5312:
  * Resolve upgrade in place error with cbor to json (#1028) - Update to version 1.1.0~alpha9~git5.98546259:
  * Remove dependency on git webauthn authentication versions - Update to version 1.1.0~alpha9~git4.33b4e11b:
  * Resolve issue with migration application order (#986) - Update to version 1.1.0~alpha9~git2.ebab6c5f:
  * Fix cargo.lock + Docker
  * Fixing the Github Actions Kanidmd build (#963)
  * (cargo-release) version 1.1.0-alpha.9 (#962)
  * Improve radius to support eap-tls with ca-dir (#957)
  * A pile of Wasm UI tweaks (#958)
  * Bump types-requests from 2.28.3 to 2.28.6 in /kanidm_rlm_python (#960)
  * Update validator requirement from ^0.15.0 to ^0.16.0 (#959)
  * Bump types-requests from 2.28.3 to 2.28.6 in /pykanidm (#961)
  * 383 164 authentication updates 9 (#956)
  * Update libsqlite3-sys requirement from 0.24.2 to 0.25.0 in /kanidm_unix_int (#929) - Update to version 1.1.0~alpha8~git1.980f358d:
  * Push some missed bits to documents
  * (cargo-release) version 1.1.0-alpha.8
  * 20220501 fix logging (#730)
  * ref #725 - updated comment to note it's still failing (#727)
  * Remove async references (#724)
  * 383 170 164 authentication updates 3 (#723)
  * Making the login path nicer, dev scripting (#721)
  * Tweak docs generation... (#722)
  * Docs updates to push all tagged versions + dev (#720)
  * 20220427 dependency updates (#718) - Automatic update of vendored dependencies - Update to resolve bsc#1196972 CVE-2022-24713 - Regex DOS - resolve bsc#1194119 (CVE-2021-45710) - Update to version 1.1.0~alpha7~git0.c8468199:
  * (cargo-release) version 1.1.0-alpha.7
  * Pre-release update and cleanup (#631)
  * Improve autofocus to oauth2 (#630)
  * Finalise email changes for oidc (#629)
  * Temp use env filter (#628)
  * 20211216 tracing cleanup (#627)
  * Art attribution
  * Refactor of value and addition of base types for business attributes (#626)
  * Add xmas logo
  * Add rinstall file (#625) - bsc#1191031 - use _pam_moduledir in spec macros
- Update to version 1.1.0~alpha6~git0.c9f4b1d:
  * (cargo-release) version 1.1.0-alpha.6
  * Added an interactive cli dialog to kanidm login (#584)
  * Add support for storing security token key in domain config (#581)
  * Remove auditscope for tracing (#580)
  * Entry Arc Tracking to reduce memory footprint (#579)
  * Rewrite how we store the internals of valuesets in entries (#578)
  * Improving logging and docs around unixd/PAM/NSS (#577)
  * Swap to tide-openssl (#575)
  * Start to remove audit scope :) (#574)
  * Fix io capture in tests (#573) - Update to version 1.1.0~alpha5~git0.4be329e:
  * (cargo-release) version 1.1.0-alpha.5
  * Release prep
  * Fix totp registration workflow with broken authenticators (#516)
  * Add statistical analysis to indexes (#505)
  * 511 upgrade failure - add debuging tools and improve debugging of the issue. (#512)
  * fixes #503 - TOTP prompt no longer drops a newline (#515)
  * Fixing kanidm windows client build (#507)
  * Add the ability to configure and provide Oauth2 authentication for Kanidm. (#485)
  * Change default totp to sha256 (#504)
  * Fixes #494 - password change user-facing responses (#499)
  * Fix readonly check (#496)
  * Update webauthn-authenticator-rs to fix test failures (#493)
  * Update repo locations and versions in prep for release (#492)
  * Add workaround for podman subid issue (#491)
  * 163 account recovery code (#469)
  * check user shell (#392) (#490)
  * Removed `OperationResponse` (#489)
  * Set default shell to `bin/sh` (#488)
  * 20210607 orca ldap (#470)
  * `kanidm_client` bool/return values (#479)
  * Arc cachesize warning fixes (#483)
  * Closure Refactoring (#482)
  * Renamed fields in `dbvalue` (#477)
  * 471 add service files (#474)
  * fixes #478 - adds note about web ui already being packaged (#480)
  * unixd will now bail if startup tests fail (#476)
  * Add email syntax (#465)
  * Add some openid stubs (#464)
  * Add auth docs (#463)
  * 64 120 session claims (#462)
  * Add ldap vattr mapping (#459)
  * Fix for unixd issue (#460)
  * 414 clear stale credentials (#447)
  * Fix multivalue setting of description attribute (#457)
  * 445 update pam nsswitch md (#451)
  * simpler ip logging (#454)
  * I might have become clippy this time (#449)
  * Calming clippy's nerves, Friday edition (#448)
  * 444 - client's config URI missing and more file open handling (#446)
  * Fix proxy usage in tests (#443)
  * This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442)
  * oauth design (#441)
  * Adding an example config file (#440)
  * adding env vars, making clippy happier, cleaning up some error messages (#438)
  * 20210509 cleanup clippy and audit name (#437)
  * 277 radius pw not accept for main pw (#435)
  * Orca - a load testing framework for Kanidm (#431)
  * Add verification of name indexes (#433)
  * Add ability to pick a server role (#432)
  * Adding a new verb group remove_members (#434)
  * 397 Caching password badlist (#425)
  * User feedback improvements, also handling a permissions issue (#424)
  * Fix concat issue
  * Update contributors
  * Making clippy happy (#420)
  * Fix 421 - clearer debug messages when doing things (#422)
  * 62 idm qs cleanup (#419)
  * Rough working login page (#417)
  * Make clippy happy (#415)
  * More debug messages (#413)
  * merging upstream (#411)
  * Improve error message when socket not found (#412)
  * Idlset2, query cache, acp resolve cache (#409)
  * Add lto thin (#410)
  * fixing broken action (#405)
  * Basic documentation for monitoring (#404)
  * Create design for mfa_backup_code.rst (#402)
  * phrasing (#401)
  * Docs update (#400)
- Remove un-needed source files:
  * kanidm-unixd-tasks.service
  * kanidm-unixd.service
  * kanidmd.service
  * server.toml - Update to version 1.1.0~alpha4~git54.675146e:
  * check user shell (#392) (#490)
  * Removed `OperationResponse` (#489)
  * Set default shell to `bin/sh` (#488)
  * 20210607 orca ldap (#470)
  * `kanidm_client` bool/return values (#479)
  * Arc cachesize warning fixes (#483)
  * Closure Refactoring (#482) - Update to version 1.1.0~alpha4~git47.5e83b68:
  * Renamed fields in `dbvalue` (#477)
  * 471 add service files (#474)
  * fixes #478 - adds note about web ui already being packaged (#480)
  * unixd will now bail if startup tests fail (#476)
  * Add email syntax (#465)
  * Add some openid stubs (#464)
  * Add auth docs (#463)
  * 64 120 session claims (#462)
  * Add ldap vattr mapping (#459) - Update to version 1.1.0~alpha4~git38.d978c9d:
  * Fix for unixd issue (#460) - Update to version 1.1.0~alpha4~git37.e8b1089:
  * 414 clear stale credentials (#447)
  * Fix multivalue setting of description attribute (#457)
  * 445 update pam nsswitch md (#451)
  * simpler ip logging (#454)
  * I might have become clippy this time (#449)
  * Calming clippy's nerves, Friday edition (#448)
  * 444 - client's config URI missing and more file open handling (#446)
  * Fix proxy usage in tests (#443)
  * This allows TOTP to accept an OTP that is one step behind AKA the previous TOTP (#442)
  * oauth design (#441)
  * Adding an example config file (#440)
  * adding env vars, making clippy happier, cleaning up some error messages (#438)
  * 20210509 cleanup clippy and audit name (#437)
  * 277 radius pw not accept for main pw (#435)
  * Orca - a load testing framework for Kanidm (#431)
  * Add verification of name indexes (#433)
  * Add ability to pick a server role (#432)
  * Adding a new verb group remove_members (#434)
  * 397 Caching password badlist (#425)
  * User feedback improvements, also handling a permissions issue (#424)
  * Fix concat issue
  * Update contributors
  * Making clippy happy (#420)
  * Fix 421 - clearer debug messages when doing things (#422)
  * 62 idm qs cleanup (#419)
  * Rough working login page (#417)
  * Make clippy happy (#415)
  * More debug messages (#413)
  * merging upstream (#411)
  * Improve error message when socket not found (#412)
  * Idlset2, query cache, acp resolve cache (#409)
  * Add lto thin (#410)
  * fixing broken action (#405)
  * Basic documentation for monitoring (#404)
  * Create design for mfa_backup_code.rst (#402)
  * phrasing (#401)
  * Docs update (#400) - Update to version 1.1.0~alpha4~git0.0ac5da8:
  * Performance Improvements
  * TOTP CLI enrollment
  * Jemalloc in main server instead of system allocator
  * Command line completion
  * TLS file handling improvements
  * Webauthn authentication and enrollment on CLI
  * Add db vacuum task
  * Unix tasks daemon that automatically creates home directories
  * Support for sk-ecdsa public ssh keys
  * Badlist checked at login to determine account compromise
  * Minor Fixes for attribute display - Update to version v1.1.0alpha.3~git0.b34c893:
  * (cargo-release) version 1.1.0-alpha.3
  * release notes
  * Update Dependencies
  * Unixd - NXCache of unknown items (#338)
  * WIP - Improve Auth Proto to Support Webauthn (#333)
  * Follow up on ci fixes
  * Add port verification to start server in kanidm_client tests
  * Update CI base image to ubuntu 20.04
  * Add libudev to ci
  * 13 135 webauthn support (#332)
  * Change root user check to warning due to container run times (#328)
  * Fixes #324 account softlocking and rate limiting (#326)
  * Add passpoint link
  * Update tumbleweed docs
  * Account valid-from and expiry (#322) - Update to version v1.1.0alpha.2~git0.764e727:
  * Update
  * (cargo-release) version 1.1.0-alpha.2
  * (cargo-release) version 1.1.0-alpha.2
  * (cargo-release) version 1.1.0-alpha.2
  * (cargo-release) version 1.1.0-alpha.2
  * (cargo-release) version 1.1.0-alpha.2
  * (cargo-release) version 1.1.0-alpha.2
  * (cargo-release) version 1.1.0-alpha.2
  * gitignore
  * Update Release Notes
  * 250 cookie to auth bearer (#321)
  * 259 reduce clones (#319)
  * Xxx clippy outdated (#318)
  * 314 improve async (#316)
  * Update README.md
  * On login pw upgrade (#315)
  * Add python3 support to radius
  * Dynamic crypto rounds (#311)
  * tweak book chapter
  * 67 resource limits impl (#307)
  * Update based on review
  * Apply suggestions from code review
  * doc
  * Build improvements
  * Support zfs page size
  * V large cleanup
  * Cleanup and improve client error handling
  * Improve server hardening
  * Update deps + add simd support in container
  * Add FAQ + eap selection
  * Minor updates
  * tweak release steps - Initial Commit i04-ch4c 1730898544                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                	   
                                                                      !   "   #   $   %   &   '   (   )   *   +   ,   -   .   /   0   1   2   3   4   5   6   7   8   9   :   ;   <   =   >   ?   @   A   B   C   D   E   F   G   H   I   J   K   L   M   N   O   P   Q   R   S   T   U   V   W   X   Y   Z   [   \   ]   ^   _   `   a   b   c   d   e   f   g   h   i   j   k   l   m   n   o   p   q   r   s   t   u   v   w   x   y   z   {   |   }   ~      €      ‚   ƒ   „   …   †   ‡   ˆ   ‰   Š   ‹   Œ      Ž         ‘   ’   “   ”   •   –   —   ˜   ™   š   ›                                                                                                                                                                  1.4.0~git2.770efa8-bp156.7.1 1.4.0~git2.770efa8-bp156.7.1                                                                                                                                                                                                                                                                                                                	   	   	            
   
                                                                                                                                                kanidm docs src SUMMARY.md access_control intro.md accounts account_policy.md anonymous_account.md authentication_and_credentials.md groups.md intro.md people_accounts.md posix_accounts_and_groups.md service_accounts.md administration.md backup_and_restore.md choosing_a_domain_name.md client_tools.md database_maintenance.md developers designs access_control_defaults.md access_profiles_original.md access_profiles_rework_2022.md account_policy.rst application_passwords.md architecture.md auth.md auth_proto_rewrite_late_2020.rst authentication_flow.md content_security_policy.md credential-display.rst credential-update.rst cryptography_key_domains.md default_idm_layout.rst designs.md device-authentication.rst diagrams combined-flow.graffle idv_api_diagram.drawio idv_api_diagram.drawio.svg idv_generic_responses.drawio idv_generic_responses.drawio.svg idv_state_machine.drawio idv_state_machine.drawio.svg object-lifecycle-states.graffle object-lifecycle-states.png search-flow.graffle search-flow.png write-flow.graffle write-flow.png domain_display_name.md domain_join_machine_accounts.md downgrade.rst elevated_priv_mode.md identifiable_secrets.md identity_verification_feature.md idm_rest_layout.rst indexing.md kanidm-trust.rst ldap_gateway.rst logging.md memberof.rst mfa-device-enrollment-process.rst mfa_backup_code.rst migration.rst oauth.rst oauth2_app_listing.md oauth2_device_flow.md oauth2_refresh_tokens.md password-import.rst profile_display.md radius.rst recycle_bin.rst repl_future_considerations.rst replication.rst replication_coordinator.md replication_design_and_notes.md resource_limits.rst rest_interface.md schema_reference_types.rst scim_migration_planning.md session_logout.rst sudo.rst system_protected_objects.rst uid_gid_generation.rst unixd_homes_task.rst unixd_multi_resolver_2024.md developer_ethics.md faq.md python_module.md radius.md radius_module_development.md readme.md release_checklist.md domain_rename.md evaluation_quickstart.md examples kubernetes_ingress.md readme.md traefik.md frequently_asked_questions.md glossary.md images kani-alert.png kani-warning.png installing_client_tools.md installing_the_server.md integrations ldap.md oauth2 oauth2.md custom_claims.md examples.md how_does_oauth2_work.md oauth2_claims.md pam_and_nsswitch pam_and_nsswitch.md fedora.md suse.md troubleshooting.md radius.md readme.md ssh_key_distribution.md sssd.md introduction_to_kanidm.md monitoring_the_platform.md packaging community_packages.md debian_ubuntu_packaging.md packaging.md ppa_packages.md preparing_for_your_deployment.md recycle_bin.md repl administration.md deployment.md planning.md readme.md security_hardening.md server_configuration.md server_updates.md support.md supported_features.md sync concepts.md freeipa.md ldap.md templates kani-alert.md kani-warning.md troubleshooting troubleshooting.md curl_connection_test.txt /usr/share/ /usr/share/kanidm/ /usr/share/kanidm/docs/ /usr/share/kanidm/docs/src/ /usr/share/kanidm/docs/src/access_control/ /usr/share/kanidm/docs/src/accounts/ /usr/share/kanidm/docs/src/developers/ /usr/share/kanidm/docs/src/developers/designs/ /usr/share/kanidm/docs/src/developers/designs/diagrams/ /usr/share/kanidm/docs/src/examples/ /usr/share/kanidm/docs/src/images/ /usr/share/kanidm/docs/src/integrations/ /usr/share/kanidm/docs/src/integrations/oauth2/ /usr/share/kanidm/docs/src/integrations/pam_and_nsswitch/ /usr/share/kanidm/docs/src/packaging/ /usr/share/kanidm/docs/src/repl/ /usr/share/kanidm/docs/src/sync/ /usr/share/kanidm/docs/src/templates/ /usr/share/kanidm/docs/src/troubleshooting/ -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection obs://build.opensuse.org/openSUSE:Maintenance:18647/openSUSE_Backports_SLE-15-SP6_Update/36bc0f3a19d2960220c8816f48aecab5-kanidm.openSUSE_Backports_SLE-15-SP6_Update drpm xz 5 x86_64-suse-linux                                                                                                                                        	   
   	      	                                                                                                                                                   
                                                                                                                                                                                           
   directory exported SGML document, ASCII text ASCII text UTF-8 Unicode text exported SGML document, UTF-8 Unicode text C source, ASCII text empty XML 1.0 document, ASCII text (gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)) ASCII text, with very long lines SVG Scalable Vector Graphics image UTF-8 Unicode text, with very long lines PNG image data, 649 x 599, 8-bit/color RGB, non-interlaced PNG image data, 1976 x 696, 8-bit/color RGB, non-interlaced PNG image data, 1976 x 1223, 8-bit/color RGB, non-interlaced HTML document, ASCII text PNG image data, 150 x 127, 8-bit/color RGBA, non-interlaced exported SGML document, ASCII text, with very long lines èÆ­FÒŽãø±è*±¨Y      utf-8 dc0cd026bda7488859fe1b50f555f9d2bd1a42a278126e521d25bb4e005788df        ?   ÿÿüP   ý7zXZ  
áû¡ !   t/å£áFRr¦] "ÌkÀ%²NÆ–úsÀ~ZUáž¯ˆYQ4Çh²¾=ðÞwÔï`š]dvŽ€—Pƒ`æÆ=]$!;«¥u5ÛÚ!‡¼\‘Å«qÞ‹ŸÆË,ÉFöVâˆ}¢rÊá‰T²­ÊNéB/R¯â'[ô_ŒÎ.­¶ÜDÕA¹ñ!*Ë¶I=8ŒÐ-¯êdÐ¢…/­½	ÿ|¯LX+¬³$Úm(«µó¦Ö_«Â³j}ç™ýšÃGòÁM¬Üý…±’ØÈÏÉ^mKO»êeúøT‹Qø•
¥€;°™”³³ÍèÃ–Vªãç¿3"§„TÅ Ðw5Vöò=½†+˜)ŽsY½W
!5ðX}n…¢Ù5Ç³^+úˆíOÇ4—ãbV2#ˆc¢6{R€t°Lú¦Ö˜'ïë¾— 7yì
mnú7DåÆ†)Cëý3ÏDâ<•T²Òiö‡$¦ËÌvñŠ^o uµ6cQ˜À0Ž·Fb²ÞN†Ï #ÿÄ5ÁÁÛ—†3ÔVìã~1­sK#Û¸å~"E9ÈA‰X¯­LôpÆÕ£ý‚a¡]`x6†ƒ+y†¶jˆ3Ð·wbq<ì’Îyñº¤ÍÅªóË;ž…°×o(hjRO‹ÌXqZå·½JÊ­*ƒc ƒ!3ÂP‘b<Qƒr2weiBdŠnYFœþMS[?,Pçé“Í$–¿hÄÇN¬‹f„’õ)‰hd{ÒÔ(ÍA£¾6ôTGzñ­ËëtT‚Â^uªce³)csÝJ›1®ØÑsë+BnÇ-«âKüšL7<šP‡pTìÈÒAl?ò!÷oŠ?3Žj÷½·y&ÑƒÆ#ƒüÒðÇXM¬Xÿ¬X­Ò1Gh•ÿÞ/?³*¤¯VZP»®Ò±«g£2„€%¬·jßáI	,ËÐ>žòowÔEðƒ>,—E6(Áìü—loìÍãÄ™¹m´·¹ºðtÝ¶QÑP:n÷5Œ¡”Ö&”9J‰œÛÅÅÐžÃøfëþÇ…¸¥m7/÷¤™F›™š]ñVO¨ÖÙ°(GÎ³!Vùni‚ùÀ®ŒK~Ùük…½‡XÕÈÍ“ñ#o i²¤1n³·ø:úÏ´ÅQÓÌó‚öPšvãº;EŠŽáè÷[/>’ÐÅœ«p|H¿‹
âÑ‹pºü	•ø_½5›óÇ¢	QÞ@¹»tÕ×0Lêp•”¿PØGZÐwFEü5»©go
>	ÒTØ¸têÔµà<K&Make£çîƒ4ã=\É©‚ñ<ã-viîX‚Z~+¹˜mÈboDÅ‘ñ!†µÆj»S9Å8;¾[QjífDð¹”ì;  ä/}w}ÒZJr¯ztÃT“MõŸ’ì;_#ú 3¸çŒBÿK¥1sâzŠèÊM²£Ç–FEc©}ÙÉ1ÄZÜÜîgÐwtÏ2å¾yœ¥÷:ÆmwFVtíÕ£Ø Õ«Õ á¦˜HéVÊ^îj4%«Ciy‚`cs6Ë¹?Æ„GËxéWÒ=€{\ç¿Ä4ó•‡„¼±@MøØXÛEÀöDËÅ2!ÂÆ
OdAÌk¹È'Ä-0°®hÕøƒF ¦—Œ¸<(¨>©Ì«|@qBjýÞKþ\Ìt‘KâOxÌ·¯`þ²Ïnb\o&&PÏjXdnÏê„íŠ3H†Uío	’ÜŒÀ­	÷­h5'ï £úP(A,¯"·º–ä_ºàªeÙ¦hœ(ˆ°i|×VPíñy¾Â•—0œék'à]Ã˜f>Ø‡ÓQÙ${÷«]@3’Ì¬‰PZ>É+I
IÛÛÌ¹½â†·àb±ñ<¿ãxþž¢iT©Œ?ôYzÖrFXn…X9mîDyó&\›ökf¯üƒôšðÃ0Ò\3|BgÑEn†^ 1Ü)Nª£)º|<™ùl‹oÔÝÿ	½Iå5¹”LQœÌHp\¿±3ÁI$—q2!QFVRëßaß³€mò·þÛ–0qð ÍŠ˜ˆƒL{HíŸâK«ÆÖW*ÑBGºõ®)œþê{OÛ´r^ÌHœ®~-8+x æÞê2	ÿNŽ¥Ýì6Íè¢×}ÔäapP¸ìˆTªC§Q¿îßD÷Bx&r@HB'*Ÿ(“˜Þp+yá»³’Î3/A›HÔ?1î$…Þ“Þ´7Œ¼y™Q;Ð¤†Ñ$œ ­¶â²
éK1³G©Ø†@ƒ¯ÜÂ¯Z·Ó	»D•mRk‹ÙêO*ž=ß4»˜Ô\5ß¤[äºãÛÂÅÊz£Š@â€òÆÝ±Zì•“!ˆŽôËeâc’ÝÃrñm$œ–m5ª3§ÿ¢¬fùÓ²ÎÖ¨ùó/ç³{#%Ž]o5¿ÃÉ‘ÿääQ\®Ü‚,8Çwõ·¾~@Ç*0³Êu³Ñ±~w8s4ù(#¯›Ö‰q h©Ci ±–ƒ-»]ÂÒü_‚hŽ›ÙP,þêÀvu-™´®­"Ç,/¤&Ä,U,íá9Ï×¦ÊàÙxï3(ßÀ€/
‚Ìz}õjWáGwç˜ŸA‹í41Ô*>ÆÄŽ‰QBÑ00öodÁR'þ{u¯+kYJ”:<æ]É:v"¥3­ÿåÕ?Æ~jœ='èwùóâ ¦ê´;H }ïHc%³ÒER;.MZ¨x-2²Å¶w5Nâaë-·møÞ§ÑRsp–x·SBIÍ¤z+_ƒÇÑVê:£}âr$5	ÿ¸¦ÄZž³6‡7º“¦&ž¶2¾*–2–T8ø/ŽZüs¯b#kå—ÛpÜâ×|~ÀÏù)‰¡}V·€h;rÈQÝä€Uãk“	FHû‰à¾8Ýíœ­TÐ¨‹›€. Æ^ä‚¾ÀYw"{5`²l´êÆŽ=¨‘Ö„¿éFV»ì6î’m¸»˜,ÕVú¹G/†‘²Î¨VK'Ûg×/yo¥4S „¸¾;Ññ0à&ê­5ÈÂœìàÀ×êí¨â„/IFþÆò‰pÍw9!œE3T¬ŽljˆQA´3æË2*$ð·µ£çq$’þQö^h—±º]¥ÆÆ‡K(RØ‡f‚M@çÀXZ«÷£¯ît‹½‡mS›Kò¸¤ôÕHnjŽÃ±{ÿ˜ÜëBr4ß¶Ýn´µoD8v;ñ	Ÿÿ±)y[>/R}7œbák÷Ëeƒ b<aW9çòð©Úó	~£^µÖÚGr%ŠJØÉãNïOŠA±ú–ø´ –uºUÇeäZÉÖÎºï@fî@€Xq;Z,¦k).óáá¢é‚d"wtö­|t_dâÏ˜ŽßkÚFJÒ„¸-·47&{RKÍsä½»N ßÉ%–ö«%†äTò›<3|Dì4Mè÷5×c°]µxÇÖø°‰6rÊC°¿¥a¼yi¶\ýsEvKhóé°[]þÝô+Ð­òþ˜•Î1³i‡Öåçˆ6Î8“²ÿù"NMKÏ}H0ôó X@:ùðÌ1u£ƒS$ó’¯ýÈîLl[†ÓÍ‰4?T‹ìÏð›yeÄË;þš†äkãÍàsÕ¡<‡b_`•HÆŽ¿ê ¾Ï¸¿<’™òƒŒ’ÂÈ`‡ài#ÖæÒxà!î•RŠx\•?DíílTíî“¤™Ý€rë#íhú› Bdçpù¯>T,p·Â.|hÏ*0»žùE6kø­‹ÄŽW?nqT˜ãÊ:Nµ¹üŠñ›R)µû©*ñgR.×5îóÃ+Þ‚}ü‘ðx[ßÎhÈMÛð5Íåð¤é@Z“]ì§ã
Ç¨‚þe§–›H¶Ç1ÓŸL¥á¯±s—ÍU0`0 h+¢-ùV2é>.cI»RùXŽˆ
=‚îaB|§$–š	\
¦§{µ Ÿ7ÎðFû ¿cIå,ÄØ&ÄÎÛSÄiaôÃé(Éz÷Æ±µ–Ž 9yÇê‚r§W«âñ¸+ÇŠç‡q€5¿Â’Ê(Í\(®;´Ï™áês&×¼XÎÕ‹/”ŽÌ2Í§+(0Æ|î×4ÞGý<Z10kŽIíïaALZ¡ú<«°½‡ÌÖ³l¦éáóa¨%v²¢µkEÒÑ-ü59-Ü5K­v<RC“_ìîNs~îê	à<†Œœ:´5Î¾ÄŽÝÃWß±ÎŽ‡ÌÞsÍE&çW÷MfÜÍçœsM½‡î]ü¡?o¤›ïMh´°‚0óTð°¼Ü¥ßù£¥ÊC‰ªù»ÌÝÙ¡ÏÒ«š+‹yÚë ô2#¦—ˆEØ‚OÖÖéÌ¹§«w<w;·!´žVâ<X‚Ó²¸«‹&GùøÌ»%2 ¨¢pÉljùëpÃž83³oŒk8ÙÜL„n&SwqŸnšPµ«ˆìv´R?†lÏø.à¬ T#aÚh¡$Ìó]Äû ø ‹ÐY‡à¢Bër¡À'ïðW)ìZaÃS
l«Ëá6*¬^%ˆì 0©µ³ÍdØ›ùEtzm»€€`Íóï?@´_5 7@Ú‰#ðoÅñÏµ?ˆ¬GÈk—UsrIàÐU²\–œQ'® QöXÁáÏÆzb£¬ø§åkÝfäö*[„\´ýÌÐ;QdÉ‡FG¨Kà„bâ¾ú¸6T1sjuB¯çèÎ±Ê>S'ŸP?nÙª%ÌU!È‡#ÄºX2›”#¥!,tÐ?ÄÌ¦IïûHóº1]ú7HxÀ‹ØËÞãü¬§Ý*u/ð÷ ø±\aW‹Ðf‰îN§·‘¤3?Ñ^#ˆÑùmá	–»«v$H»èÏÔ¬ƒ…VM§ ³Šn]üÉ¯†·4Æ‚¼Ã’Xwûª‹RÎaØÊ5tM½T"‚ûë¸±dWÀœóAó`vŒQç—¤'í¦Ž}¾¢—Õ¨ô£ÈÚ»Ù?³_!ÚÀ93 UF9uFúT½ñk_³6	‹Þ¤‹¼7ì"øÖ	] ã6‚‡}Ï'¾¤A–x=TD¦€¨F0î³H.–SÈ=f•…œÀº{¸Ö«…ÿâ±ÿÓƒy ¡˜áfÑ¤u™,ªI¢Á .E)“oÎäÈâž&™¿õçHð¢èSò5CVì³dw¶nÜHÚÒ§h	ÒÍbFR6^ï$›Ý4²1z1GTt?ÈÓNVzŸŠ*|¨-/p¡­=xË­;ýŠ~ŠÞj)x¯ÏÚCUQÅâ¹4!/Õ^üÂlN“¾g
æÑÊÌ‘ˆ”KÛ3{·\Œ~Û“5¿Œ[€îð×5”ãmR÷Âî×àáÐo™ÉD©X(à\¼_{ÙDR}'Ñ0•ŽC™i§_¸ÞäJBivøýËInó²|=6ìÔ›¼;i€ó¢&o0/Q`ûÂÌ’•Các”[O•n¶€¡õw%eAM®ÕÑ Më›MÒz`ËýÀì¡&gW)•\Ñàô4"§ÉÚ[B»îa$	ÅšTÉöKàr°ó¦ÿ<RÜÐ¦³ßß][»Þ¥<àqbO
N]ˆã
ç¿Å¿……fµwtZáŸ›.Úk Å®£¢§‡1â_¼×ç(Ç{|ùIÏÎÓ,Œ·PÊ¤FÙ¦¢Ú"Nµ™ÉÒJp³Û÷o|¬–g®wÿc@¿âN¦t
jƒÐÑ³®]¡ˆNƒ¬a‹¤;_ŸJ,ã*ˆ&š2qtbÛÌGXS8ZFmÇ¼b@ê&‹ÿ
HÀ€;|Í!Ü’sš#>1%C#Ž…ádóžäº«ô	~tß?­w‡„r;:¤f ?šOŒš;1=„¦SNi¡W" V¬Á[OØµš_‚¤}ØÊ5†@’¨$¦mÖÛ Ka™q%AìVø2ZgÕ¼D¯CWs“i÷p )ÃÑf·K1H#P"8
!Ø­gÈ§VµV>ïB@)",xž{‰³ñ4æmê8lF÷]°àn¬ïS"ºO§åMšn\›å‹Nw$EL¿<õç‚È)¼­Wuá.0—/E)™=¯Ûò<Kj:DêŽóãŒ7>šøÎÀùH)ïÓ&-8ðZê®<ÆTaÉe0ôúœ(u 8ÃLÐõç±Ãw|C´¶©¿<æœÕy†NÐ3s›§³Y`
®Òà&÷‹È£ÐˆX\ž|0­îùïTqýª† ô‚zóÀ—CÌkòq®£Õ©ê{DÛ‹U"Û_èÅXù ˆí]:ó‚ò|Ã3áwŽð[+]	KØ†ô€z5u®]üM¦å)2ùÔ»©Þ×Cõˆ‹£Ã¤úËryUM"ß¦Ðí·Þ« ©y£7ÿ4°®˜ÅcÏiZˆaÜ<mî‰òl²Õ¢i‹ÔœÆ%wî9û—u6¯Ç^”™ERå©QìëmÝ!SL°••¬xó€ø?¨aöPó IÜ½ŸÓ<;›Ûï±0´iž¯¢D>Y6ã–'GÌ“ZnhvmeN1'„ÞÜ,ä’lÔý`z{*ciç’8˜êk¥mq˜ÔV+Lm0…ÇY¹¯àìR°±1²ì¾Á‹ÈùÍ˜b¼MÀº%˜°ÝçÈiMïAÇ˜Ç+Z4uÝÙÎmÑ	Q’V™·-s.<Áõ^±ùº¡¹‚¯|‡_DM	œS¢»ˆ¢þƒJ#kyÂòT›Ù°é\£“–ŸŒ±Æ?×`XãÂõ/oQÙÅÉÔS%7‘|Ù!E‡Zã­ŒÔGŠV.ðô©fnû\Jë÷:µ™e$^ø÷8?üWÏn*	nCÊ— ´Ïs=&×ÖßpIu¸2,x+4À¼#`!\Ÿ€¢Ã5½d—›ÚbÙ‚JÒêöãöè‚—ûþÂl#%öàà–¿æ5ßõoò>:fÛgçÃÃ
"Oì™ä’]BýóíµÎÞ`ùž;uöó™$Ê?ýèNyÖ8GYNµî<Žš:«A(y¼§+¼_'{ØÃ‚•FvæÃkRàñy„ÿNö{p”g%*ÿÎˆ¶Ú¼¾ÂÁ-
)ÂNì¸BñØFcoM¬ÛÈ¥bûåÕW4m¡È„{K¯œOE’ß%aŸÕž‚@DƒÛSƒ3kJÏ&ÒÅâ|u»[ã½¸ð¢#Þ#äÂ?e¥³x2</9UARjYØþ¿|Œ¼”v¼àß§R-Ê@à=ÆÎv²khL*õ<Û;—Zˆ%ëÒW×8Á·›<©Š@çÂ.Kn|#çÖ#iRòfj9BÐ}“‰g-YSç† ÚÄÅnÊ˜áNþ€1’júZ@´bcÁ™ nV“·LÅ	ÊFæ½WPé²ÐþrG=ã§/U"L0.ŒÊÁËÔºÏlêcz_Nû6³oŽc„¸8Z×äú ³@cX¹nJ?D7ñG:Ûõ«“€A^tYâ?·MÕ9ke‘9Ó úik²rŒÔ— KI—ÝÞµ*¦·vØ#¢³p‚¥+êàžß"ÕCW½EÆî[L/ª!h3æÓ¬ýìÏ®³ š¡}°ž0 Y­™žuì~]OÍ©H	°%ÃŸx¨<[8¢ÃÏITüšÿÆÎ% îÛ²Ð ‡þô4*Ëws¦‘ž…,Z«ýM¹Þ»Íïæiìi`°`Ótüîp÷Å>"ÏÈdvc²0{Ï”y¨"Î÷ËÎøËn‚Iò¢vXæ#m_²<¹"¤Cà7Ú°›ºÞ5Ú;›§·F#"TÿG¯äZ3´ƒ×Ÿ7¤6 >˜È¾Z:´'­ï{'?g_]Âná˜2rëbmG™ò ÿñW‰¬ÍÛ‡KD°2qø/dùïâlÝ$ÆbîK€G\Ÿwx;‡6‰ORv¢•D&4úR?2†[èa NÔX)jj=
3òûÐž½BOÕ;Éñ5l>'ú06Á‰ül3ó¸+˜aÓCšN]­Ü…—_\X+dÀ‡ô·ôØ6–šü…½5f‰wCQŒ³¨K'Ê„FPbä€û?“ÏcôO73êVÍ0q…–·åÌW)%Ñ2_p.9Ø>Õ‰¹ýšÀh&,Žþ…‰œê­p}dºéš~ËË§PË÷9A¸ÖîMò8º9³ÏŠÊÙÄ5éDÅån#/ÔíÊð)ÚèÖ×ÌÕ·ê®&Ä"¿!j‰}#øO†YÝy¼æÀ[WÁªŽœY8Ž¬'2‚“!	]ETLahY²óÓéë$Éf`ÚÒ‚-I|›ˆ¦?ègÞ¢Þ€i6u´5ò:w¾¸o½WZî=ðÍ<ÌGÎù›]++—¨*=õ;–¾UË.:„˜ú-=Cp±¤Ûˆ¸®5ÓKÏyMªš/¢ùÆ—kB¢µFþÎ%É=p3GÍÉ“/Ë"˜Få~qÙAp	ž-ŠÀ½Hîæ-dž;¼]Êt~ï£bi˜0O©gøjë3‡¾áußB€Ôˆ‚Æ—ÔØ}¹"˜,NyO!åˆa´æº¢'ošI–vÐ‚U½„…&"Ñœƒë¦à½³	=Q¥Ãê½úÞd³Ñ»€Ffü*”ÄÂÿ1+þì	¦Œ}‰ŸhàçÍu'˜Ôÿ!c©øÂ„$?Y:zuÞÀXú’ˆ”¬îƒúúè\1‡4O¯7€µUAkäªâhþôÖ¶¢ µô–:+9ÀDÔôVr‚nÞem€Ì¶°ü rvTÎ`%?¤Y0VvAˆ}
„‹Ô@ï­,U»Üg¿‹48¬ãHQ‡Ÿÿ‡‹$®-}Í¦ºêžmÁÇQ	É¸´mÅ<§qon@hé/ÆwíœÉ¢QÃß0prbµíº–¸ð„1´Õ€É
áOð~ðÆ¯¼¡Ý÷pñXÎ¨2 Õ@MÀ¬ …SâDqôi<ÊË0¡%mòè3â‡‡ò·Bˆf±N} v_[VŸ¸:9>ßbœS³ûžTÿT%7uÜ;òÑUÎmZßÔ„åÈu·¦t17Üé½Šå’3+—àÞâqŽî,øÀ>šwcßš‰·§ÇRÅ Óýú “€¾<Ê«6YßWªŠ‘×-Ë]„
–äÉðË2ÕŽýýMD’ÞX/|F4}ò2@D¢Œ™žÎ¥#Bùtý¬ïé:q;P…§ý-\Ä×cZJ3?Êè™]—å 1TªO—mÝ¯¿ÍWî@æ^¬+¶!‚ãRŽ›–ø5ÎpR"—AÚj^8»‘Û£É"]¥
(h£±T„y%¨Lñ\)j•Ö¸ïC|àì´šËÎ=Ó<¯fEµãÛ–¶G¬ˆ¥œ3"°¼<pufiù‘¸&>¬¦¦ËÔ-}NŠzŽJè’;Ý·
–©\d{°Í\@dY¡ŸÉ:ªÌOW«0 ‡yU’>íomjÎ€nÂþ]
˜5ß¯#_£…ãÏe}X¿Ü²XÓæÕ›%†¡¶'0ÉÜ’5+’!·hf[ÍÃéSFØÚórLì'Ñ¶—® ·yB4³Ï˜BÃ]„+Çô­,(ßr(‡%/™§ÅöãZ¬¥r)3‡Ü¥(v•ù”ÙTFÔRJ*uéÀB»Ìƒ“F fXÆ;nóâ÷þõ]¬”î‰5î¡CÊƒäª RÂÉ¬qºF¼<@õpúìÎƒéÒVpß¡í‰~Ìþa·†HPTÇøP§3òÆÊ•%5_Göˆ2â9¶þwÖ±Ul¹»;‘æmcÇ9¶äW&£áN¨ý"ÂÛl]_©ge
¬£›&IMn{oºé{XzÞÆœÃíÈ.…}Ôi–—5.HßôcÜàèwÜå6Üñz´ê^”rùŠ^ƒMÝ»mYÚŽ™€ïÍú¨©Ô³CáëU}½ñ+ÍŽ”F–ò”
ÏãäÎ‘‡U§|šÐjb(

%¨dæ·uÎEAŽ«Œ¶ÃAÒÌDúôÝ2øÉ½›²ëÊkt¯•{‚ÒbobÀ]óB…=ðƒïiÞ{²L–^kn«×íè™ÕKÕåc[l…Ù–¨]Þí¿x×Ž  ¥X›†TG'?ž/QÔtú&@~}ÚÃ9´Í›V”ðÜ»„p»ž°IÆ4xàæHvœxC ND 2‡p+P§ð3ùŽ'ÐÐqYy.³ÞÛ9’ÈÛâ™è±ßòc<âïGºí‚-g¸0nÊÍG!zÿ´^ÍÐ7&Æ3îúÄ}÷Ÿ=º†‰äƒmÅkë9ÿyÊtiåUk ©
*Á@
 œ˜mKvÿö°°‡ M_ÖÍ}ËŽi[Ò´Ê³Ó|‚¥wD¤iö\MS!i’¡Ö>xû½@PÑH	¸¿'ç¨*œ¾J×øÿ…PÃ[ßÅö[†€oÎ˜h‡€.#ÈóÉ-…æÍÅˆ€–&F"6ñƒâ,o<î¯0agÀ½ñ2ëÁ@&‹:ÀpÔ=&Èç‚T¶ç“œîCB.eIvßW½jÑ%úçÝÙñåÿnmËþc„HOcµK :M¶èàvÜúðoÚM$js´wë­Ä€Û†1ôˆ£!DkîÃVµ.PNBÛ°qÍÃ?Ä
ši‹¯KÄ°13¹eåYš‘Ô‚`Vað	‡M°‰ ›]D+-´8.ð2„¦Æ÷èTì_;Gë‰üòqK3Íi]ÎÐ2½5¿_*ôlk ù"â;ÿzGÇÑ@SwÚçã¹[¯×ÿ¿ÓQk(
Ü¨¯"æYŒ<ûGŒ,rQç–ßÀËUip\–<m¾³qkà\î,/¾¦Á0ÒØ`ùGù!”¸"(eIH.;°Ï@ý‘9 ª‡ÂÕö—y'ºÅ@2ÑÎ=ƒ·„‰ìÀ×r»šå‚ú™ðêìuAuÈ¦;'ã¢’rnÄp°Åî¹OáJÖÿ¹ñõç¡7|'Á_hýR¡ÃPŒËÍÏlRþÖI3ôàï’qXY£Œ‘é…ßÈ±i~›™½;ž)Õüdç{}b¡ÃîI8Ú”¾2€+Ú|ê¬F~­²×oˆz2oêÁfÈoÁ[Ü@=Ù\lÅHŠ¤kÃçiõ"ˆ=7¨?® [;·´@	ÃQºÜÑ[Ÿ|–ÇOGŽø;5€ïŒà±ç;|Pâ^ñÁ3Rb_¨Ðhwõj÷Iß–{d	‰àeY#Ýþ‰u)eò¸eÿvÄÜ	]ŠÌfñ¶ª× ãKpµl„¿SÃÑ‹./œÂsVžÁ]˜z0ÒŽf„mpqã£ÿû²Å™ÿw?ZW‹Èˆå!ëXêzO•Ö§ãÍ è¡»~oAÇF¥½T²+R-];¬¦¹‘U¶w«ðÝ !ðô#ôþ„wò4³	È™çL)tÑ5CX¬¼ÙB¸Ú5V¡©åÿg!„µºâÆeÇ?ÅjÅî\˜{.Ýÿµ­‚QýáÂêsæâ>“Š†2é4\nˆ)öKpch»n,&~2kCg‚=V ` tIPñXZºÅ¢N±ôëß˜ý£•þd¾ñ ,¹s–i,½CfÁºMíMÇÙêì ›s¡}f‡Ø?¤þzíü#O3…ì³Œ‘ƒÂå#$1Âòˆ;2¡&7c>IYC‡µKk5ŒíE‹ið¼¼,r´þ_ Y¥ïÀÜýR0¶'/Òqg·0òÙpËîÒ¼ƒ1³/õ§6ËÜË,=w]Á¯¥‚rª <üH7`°Š¼2œ­€uìy¥Mo3ÜÈc,eŒg:àú@úBí´¨ßÚ#P;ôò÷´qöŸ~œ(™{g÷¸ãñrÜˆ¡ÙÃJ’}(ã¨ÐÓˆZo)‘2¸ôÓºÅ	ƒ<qM›B`Ó­{i(³àÿ™ÔÐÇà	wL kVJ¯ ©Æº+ª=VVJ¬ûd'^	íé>R!.¯wýõoçŒ¨¦5ÛÜa²hÒº]®¤ÊXðŠ­aÐÿßP²°©#"µØ®ÿyF¤8	P–’âhO>’Ç.#€ÂœÐ$Õ»L&¡„Èsð|po›7†½~gãåKÔ1”†z~ç›Ã.…èÈµz“øtêWä×šc°þÐ´£OÐ“L1©pËŸ(8¦ûÖÜYùÜ@ÅIlj§+êîPwÐ¡ˆiŒÆ¢
Wc.ä®ŒÆOï²½qoC ‰yz±V…Í™ò[Í;Ð´.qh—°õ®|g®ÌsüNf´ì‡¬·Ê1W3Æ(-6$`Œˆ6ü¿ÌŽ­o³l«öD²å¨¸â­`r.GàY¢Ê>œôêBCTÞT¢±œOH køÜ'‰Fúåè9ÄüQC,zþš%Ö*ºˆÄ
@ R´
«Ã²inÒyr\©Æ(®Íù]úº÷CªüÒO$e]‹ÕkrRø­Ê!ÔÍK·n)ã>©·O”™þæ,~·r-~†îé
8<žmÞ3Ÿ:³íÌâŽ¢¹¡íPòø4 ±O‹ƒ„ç;X¶¿Z©ª—TÅ¦È–öé‰Ël|(:AKûÉ=LÙ°½>f5]Êã—ïgïÄŽCdE˜àŸÄôôIÿAJõ…~ÉsƒŸª\R“1âuäõ¹ë¤\$:˜ù"™Ô¡˜ø‡0xTÁòò«ø!0¨ø«ø'¾ˆ­PÕx)¢‹IšUu¼^û[‰@afÌ¥ïf6IÊ8²Ký€´=&­õ—+Sqã‰¢àv3Ë£v÷ÀiéÒÄ“"k—c—›)Ûï‰[“>­>¢s‹ya-”UJ™çéh€›=ÃÂ“ÜSÛ¼•À|,'ÛE¯FÂ)!µ8[äQA¥^’Ç¼Å>ìH Ø¦DòKÝ4b”ãHGbûi2HàÖçqeÈŽ‹rÊ’×gÆäG˜Û,;ï~â!Ý9MlLOKùUvæ)¥Jeà3%hïf›Ö9‘»ÚC‰ÆÉûÉ3žˆEÅm@36Ì|ÿÇÍãŸ‹Ã?w[Mýš8Ð/Ñ÷¬5ï
êw|7b“&ëc¯›ÀûœÛˆâ(FÔ
H–qvÕBP­<¦¸§*mZ¨ñ*‹Ê¿r°T7AÒ60·‡™)ìQ^Øô6‰õä%ü©7$IÆÏ¼ë4Ur‚í.Î”Ä%OœQÕ5÷}e™zÃÀP”é8ŽPd¹Ž¨:wo÷»Œ/œ=ô™ÏL¡ôåí8Vg€Ù#	³}Åuû¯v•VR3¿OÉnøÍ>g*NCï|ÿæ0OùF|àYHãaÌ²ÛvE¸òÈïLëÝU’‘ÞæäË0BÂ¾w7ömCwžº.¸ÛP¦É|$;%i[/*:ÇŸ“0*¤a\Ì9y…Ä†à °óïOùo‚Ó²DEˆ­÷?u¥¶ ÿ6,×UB¹\ñÑaÈ> ÄB1ÛYrôã¨öŒnáˆ%W6xÚÅûäGWW¾‰]ºË`ìk­ŒZVí2
†È¬™Êè4ÿ¦¹¡ÒÁ®¨þø:)]/ÿ›™•”bx(ÝI>:2äÃ¿ý™ÜƒqÖÚîtÈE­O/îåµqP?1ä $‘„æbOÛ‰ø%qÔ_éŠbÐhÔ«€Ú£²½†Êš†n/>Ý=‡EƒôÁ?ŠÈj¨ôÔ*€3åv>¨Éõxn¥úÄG¾dÙmpó$ãŸ*úFH`Aqìö3‹ZM³nÖxòÒ^†ÒásÝé‘øà€>Ó|½)ÚâtÜ6Õ'%kµÒëÞ aà ò®#á5—ºËsûš69°w'”ÏøòFž¦·FÉ[ñ 3äjî Û$­>UpßCg8Tz‡ëÞHxÆÑÍº—•0r½ªés6;°“e„6^4ÙcfØ•a•€à9"½¬Ýfªí`eõB¡1M`ð¯Æã÷LÝ¥ââçáý'1l-¸e:¨ê“ªúþ:’d»‘Éë	+17š“o0õ!*‹¢K‘æyÞS”½v×´1XÒ+è4$áÑ‡?îë*ÿµ'j:è¦ŸMæjŠ©½	…À°!ÆÛµLT„¹Êz9³ë2W÷¶jš½vS"	K<0³éÜ{LH³|Cúô«LôØDã¨˜nìUÓ´ùëûHáž:R%z‚BÚ$ïîWm{–Ü£^ð^dÐàk†E7šm5hV«Z{ê<¸‘_gº=éc„ïÛJø‡ª‚¿ XØqøYH\µà,2*& ñX»dÍ×Î­yìQðŒ±<o\ã–{µåÐéùÆç­ÐYÅ¢é‡yAêçèë1ûÍìn·^ŒAF÷6C2:Bk-O€ZªK82´×ì¨-¢BŽŽ6ªWEçü@_²‰·o} —ÊRºì_H4`¼VÈäû%„tÑ©¶ù½7âu¨Â(V"ãêpó\AŽí¡-Æ,™óœ.ÂÌÈ‘mª?a½MÂÚþ\~6µÝ±B>EtG_K€…Öd=qþºÕîp÷
ÍÑbø^´þ]ÀÑó!ØUÕ[™_µqÞ1BJ±:pÏû†±2ÆJ"Ókéƒº	¶—ÏÌƒ tè¡µ¹KTHó6ÐÞækwÒ	F‹K#Å%¡ïKŽ:åŽÝ`õ±ð"«€Î¡,†.+ãûº!Ù]Ãá~§ï(vfßä~ùó]Rêà ¿»x(•/$ì¥{ø¢k»…¥“×›ðÖðÚÿÙGLÙtýÏã¢u<7”^¹ïzíÓXø¥&íëÃŠ5eHmÓù+Z6Õ†ù&˜XP”w³Ñ<8Ýs®Bqßj‡¼rYmùeÙà‰~.]ç©#¬²CÜÈ¥üÿQë™¦‚·9â\”ØOü]íXÇÌq<Ûâx`ÈŒ9C©¯lÇâò£F$;iŽ–í*6bõÕ™[º«AðA™MïXÞÉR+¬wÀŠœ]R£!8t³và‡M½fw?w‚h½§,j Ù]F‘©ç2ý@´“˜M}¢«@(‹9}æí“ÏÈ$¼§Üš–ÊþttÍP$dc•’¸ZªK…!¸\}ÕÙ~21:„bt¾
/ëüZmø|gÜž‹‘ØÑ¼I)b^ŠÚÈoKZìA©qý0M)gF'1<¸ÃM{„`®he;À_h?«é°DEH"ré/6„˜ž`%¦6ÏÌì=Õ´«
=>vu`
,À%¯ ¢ÚÛØú±T©ƒ*4×N<™òDäB(ô8à}«Ií,Ñv]¦ù¦ë®X—ÊÎœØÁ¶ŒoÈ†>V6“br×Ð7êPÈØàDP7êËmÌHm ¼"¦Áóá…®u#ëÿþÍŽ&¢óÂç?ˆ…ö¤‘„3®\ržõN?j“00^ÝEGkiÿÆoºa@ßû&Èbe÷¬Çí=cJï5;£ŒF%—ïÐÿŸÖ²XqåÐQ¯þG^1¶X{Ä‘;Šî³‡gßw?ôê
NˆpšSúf¤¥Îëh„Kë‘ïã{uå›st„OàÉðÏ]b)áäVIÀ°.¾§:ÚËÝaòtÂ•Vˆ½/vÙèÑÓ‚qú .‰¥BÈ°+“.<ý²)Pß1 g~ŽÖòFÊoo©™…ÿÒoÀt"µÊÝ›VOõ½½ø’ÊÏCÀã4Ú¨<ãDUÕŸ}ê$(õoÎ¹FX§*ƒfoÓ=i™d ]Ìß'WÂ¨¿èFï%Öbpšìâh¦}òbŽ.™îá'x×"ñ*—©ê¼1v°ðHœKŽÓ0ÜÐ\í®–¸‚¯-”ŽÄ +ŽyI*[ª¡Û¹î‡²<f”9£ÎL5Rjöaâjy \Bº’—+Êd5Ê”ªyåÖ.«öØøQ&ãm‡‹‡©8ß#SvÒ„ A…àL;™yt¿¸á
²u•ßq¸ŽXÂ„2ÏT5Šë:!Ü8ðírfÐ³L³¸†³âñÃè^ºŽÃ;óx¶òKây¨&û²u 8ï	›MJïÁÌìèÀw‰_bõù>i­÷ÅùÆk[€
©gÇ¥æþ³7œ1:ÍvÉ¤ƒÎÍq.ªÏ¨&¡wÏÄ)ùÁ¸V3'”>—áHF½ð¾26uÓ,”á<GÆÒÑ€×¥wøìÓ±ÎBGjs/|’÷È›“
Øb›eAÚÒ“¢ò±Û9ò"mú*Bàv)S)H¥%‚‹‡ƒ GËe“&×­Ý¿œßàXFÁPÚÉÙ-*ÙXW=Ù	!¼¢"é¯Q/| á…ú±D÷·®ÑQ:çf!œJ¥1û×Ó)%ºE@ƒBïMµ9FOØ7µ18ÊŒYÇX2Ýø0å®µÈU•W	ÞH ñ‘‰-³aº©‡Ý¿ÄLü‚Ls?5Ìœ¿g–sÒsâm+`È­¬ÝÐßÚÙ³~©™aû;Bý'¥4úÇoÔBþ×ÔÐ`ß3xâ‚IåÇÁ#ûKÖXöÞBêÞ¯jª>St’j$/Ö¤[%B™˜n1À2“8ÛÞ"Ös˜¯ÇnØ8›®©ËÙ%lÛœ<*6Mì³w`ÅV~Û:}ÓêY?–1ÇNQ©×§ü9K‹úÃŸ²i®ÉÚd[]zy‘àŸ–—N…>iènõPÂÿnª"Ë—º}ut¬›ÑÉjÖ³ŸTdwùÅr›vNoÄÞª©ÿ8b¤ŒXÙÑÉ€ÞŸ‹L 8Ûƒ1za­æ¼ÇÞvJÊÕOÜ«Þw…ZÀšŽÚÖO¢<—(Œ[ôµz©›#Ì à¿eôe	)wÇ87/þYk«' Ò1=»QFëÌ2}d/4“Ø5)S·|JG¯3IúŠV9JœÿFŸ,‡#c&òIŠÚÙìy& ¼òBPÄRð?‰ å„­¾åÔƒ‘ ´Ú<«T”±e=g†³ñÛÄ²mª/}­Ü	éL‰^«"ú5,fîO<½gØlëi<±žQoØpˆ 	”‰•tŸ˜œÎƒ¶CÍœÄnJÍó ­B!VºÞ½¾jo	ÂŒq]ö	´d .4Ü®I_(iìCµg£h©ˆdCà\2yJ½Ž,#þÿ u‹0/#®þµWûEôßÃyÕ„~—Î…@M¬o®MˆgÜ´®A%1ñ¥uŸPµÈ£8qá(28!Góž¡ü­
b{°â;Z,ÔØ5P<Ë”%™U%ÖÿEŽSe›–€©ƒéÂ	ƒâÏïF°’Lú\e¼Óñïª!(bHi€=£³¥ªeúe4œ(ŠœŠ,Ÿ%ÉÍ’WØ={Ù¬ð|ûiÕª†7 û!ÄöÎ7búÿi\ þ)³sJ3ÙÂº,›ràdlóÜðxuk‘1+ÌHóÒd„šø¿Š'vEÚê¹cgGPUøt¤º2û'(êZ™‘¡;ºV=5Úú¡ ×ãgæ„ŸVTRÞÔ}›˜ézvI«2ËvgC•YÚ¦¼1NŸ¬ŸÙ!<`Z!$2j–˜yG¢~ÿ«ˆ“Y±ÝiÎò‰HRúEÏ@ß¸Úè÷2õ}0î¯(kcÑ-íÁÅ,/t?Î¡ÔKæÈé¶t[G¹¬:E›•ð#% 4„‹h]Ÿ7¹26"ublhï=n"°¡†Õ©bÔ~´Ž€g;“j h#ß¾½ÿ“lá¥ƒàs•j`ªˆìÌK°((5Ô×ÉHº°¿
"¼H‰ Ú¢11|Ÿ×üáºÎDTÇ7Ø°ºcÞ<ù)ëŒìRi’Ï‚æÀ5¬-Àx®úkÒBÕ‹¹ß±’âB»™*/ö,ëàíc!¿8—n“~®Ñ4-Ñèþ:‰¼$[®¿Kr.ÅÁÇ‹Æ_ƒ	ÛkÃÔ/z6š÷ÒŒZöÀÑ£þ¥Aü.q°‰ˆºIÿ-zKØU~Ä®V·¬Þî)ö¬HXBÚÃ`éÔQÅ¼÷H@U…²Â*E÷÷Ùrˆñ¿YÛ# ¡Ub-2ÁNa‚ýÇÉiÆ	œÉŸç?qW8Ú"¼-£29•“	€ŠelØ“vÑz«{¤/3	lMò{zík§’Ô´“¤Ìå°Gcž£X7~`¡0¤/á â@"ÞI¨Cn9~c²”Yœ¢"þÊ3<ŠtýÑÄë±5ÎY­„nÌÀ°æ8toe	×)`yDoÊ›,K—A´)àcTG×¶¶¦¨È×(tôC=ƒ%?v8‰4JöðìVŒõJŒRîk·±^…]ÒXA|~/;¼˜Qð‰:ûÇï³ÎÉ6®â/BdÆÒ?ò4ç^»ëýaSU±Ùµ[7Ô3¦mŒ^…vÑ¨ÅoRÞfŸ4;‹“žeÇ„VÎ»öQ½©¢r…ÛáÌ•³(ýfêü|‰Ö˜o:D9iåÓ†©–íËæÕõ>õ/¬Y¾Û¢$Ð%¬´ø™XÏ@žH*!d©ñŒ1ž¼¸YÇûéMÜ#w©y=´­¾Ÿf©?˜uÍÐ9¸Ž‰@v¾O¡l$¬ˆ£˜r¤4•=Ïˆ+tµ‹õ‘_{Æ#¯Tà­9ÇfPæ¹\ÓYØ7iväî6!NÆË[~L1œ;¶ðÂ[	WîÍûÍ‘”zv‚u[R}íÐŠdu¡s	?}cÂT&E9°åÛN^§¤W£NûB¹Y¸f!*,C®×ã´è‹1}´VÍùâ£!!¯gº°ïúòt¨Z¹.³Îm’ê’õðØK¤¡Ðœ&ð¶ÈW­mtº1ÁQ¾lŠ¨é½ÍG¶ßƒ—žP®í=÷ B§ÑÀœúÙ†?ä‹s³î3Ã’;œ`{o²é†4‡„DhEP=»“ÅoÜáÄ 
›>áiOê‘Åq°¨u2ÃœLä°jÇàpÑ–<õä¼ìIûÒyZnêˆ¼Øgœç»™4šò;U†¢8ðJP÷Éù#7°%ô±ÓUÙ“y‰GýÜ(â`è”×î›B‹˜[›g³!ÕàÉ¸‹
~ísÄm †¤Ñª:C]äž‡[4D@¡G™¨ôC mÐ—üÒS@äþÈK-(Æ`&Õ õL?µ»êNµÖv€bX´¢?!â³œ4¨·bÏSRBBsZ|µN ½9ÇÞI¿Ï3˜($ô| Pƒ‹húæå8k7CèT÷Üç6­¤53ò‡dóô'Æ»äþÒœ²(§Hñ2~å7ÿÂ«d.,V!ËÉsKT‡|9‚pÌç‚Ü¢ŒF‡¶0ö¬â×W“åˆFŠ¦¥…Ùü.ÈùÇgÉ5r?, éØ»å$\~Ç+ô^±ø¹øâØ7XT_&|wïôÇE-"øvGÑ1'ì]WŒ"¤¼Ù—¬Èñ6¸¤#<"âÅô ~~	å©ÜfVûéuÞEP¼e‚ƒ<•7)@.@àTûé·!ç¦ûÆ–´ä}DÕ\“ŽœÇrŽñRÒYUð²àûû
~ž;ªîÑPèÀ;ó;7nv¨4áP{$ËM#Qú W#R…›_²Ùªj×Š6ÿª¡¬âM>yk[…D‡á’G«c<ž15ž Ë@ô÷*q3Ê¹8Øaß	¯Q:ÞO]¸`é\: Iué˜ö‚ÿ­ ×9CT‰<‘ú£CÄi›,gG³ ]Ís)\º+‹¨f%:w·ñ¿želÚ:ÿð =ˆÊš<£]9• Ñ¦"óS‚ Ìß3¨]Ï/Ë¯š“eéŠ%„,FUà/}@œK 	1¦gí&·åb@E×Êv™ç…ÙZŠZ*AA ;4h{jžŸ‚ua}¢‹vŒr	TQ°¿.ó‚ÌËw¼‰ñKQtÞ¨ôÙŠuþzb„„ˆ– lDsa¶ÄvíÄÂhw¸mó7fÖòvô§ö
q¹C™ó~5Ð›¸ûÃv¨FZšeZOz AåOŒcí®ƒ!T‰hd eFÓÏÿ´˜ô3{;¶ÏÀÎÖ¡ðàöÙP#Ô¬š1X×Ý—”ìšFúÍµú¸=rYW“Ek^e³O<Íñ¡˜à%fJ—&©äÓKs=ìž¹jŸHe3þþáb©A!
o×Ñ³¬P‹,„pþÙÿþÚ4ªdÀ@'kÈª	0Wpè	 /åÿ}Ã½úÀE‹½Jü¸MIH™6×ïYpè_¯Èî;ÇþÙg™j½#_UUßÙ°b¦#c.9"Og*—øùP$l±AqÈ**5W÷M\»¡·Ì%ô”)ÿ¿¿±eêÈåVcT– Gþ[2ÈJÊãeðGÆP?Þ#–+y»"‰»;îoŒhÀÑ2NØ›µ_}ZÚYv¢à¯´ü‘¡Í¤|8ƒ]?\SçpGii§ø¶½Ûµ|$X¶ÉVÁ480Ä³%Sd ûÛÇÒŽKƒè:!qDÇÍÂb*âÝ…/ë?.MÉ’)F…w%émªCºß-½‘±„ Ð•}eEµîáŸB\?HÓ€g•xïe-êÙâÄÒ`VÍöÑdÕ¬IŽ|²È	KßÑ=G†žØÆ9nx-6äÌ'„ÐÂn=ˆJ»P )/YóÌ@´õœijÝ’†ö:¡š‡zifVÀÅÅr_QsÄáÉ¥Æ/(ìuƒ:Ê6öS»k±‹Ó”~¨æB`½
FÊu02£3:¡’O¬éŠâª¦ºT+íh…WI·ƒÝ³ó#aJ‹>Öm¬Ý9zm¦NN#ê¼û˜ï5ŽÛŠDLKg
nÇÎÞ~¾r¤¢çÙÝ«Ä‘ƒÛU´q¦ó–	5þ¿:KN¢§¤Ž]ÙF"Ù8£-„d­²ê-ŒBb²Xë)'×Æf/¯Ýc¶þã8aî<KŸ@³oºg¸“I)‹ýÕ¤ïi¸›‘\|·L5ç¯}£íÅm‹áÇçyæ:"AÝÙ;L 3«ÿ“üBºJ•Â3Fç¿²ž©˜Uï{¿Xšÿ½’–Oá]["ÃpGVïäðí¿œ1I†ÛPéÇrO(}ÿÒDrðaG*QÅ	ð"¸ðGé[ŸâC˜5€á}ºLÍWÆ¬ÜÕ¬¼hù5PNm8pkŽkÓÛ5ìräÕ38¢Õ£òG|£è­I!ãJ>ýT„>º=Ùœ>@Ú¸ŠfsvÔ¹QVÔß€›Û[yë"‡.ôáÊ¨ºPd½dÓ"ŸÉ::	´ÕÏìn…×w­ Š`^ÝUîCð‘«?BQÄ‘bÐÜKñ.àÔZ·õš#'¥|5îÛÄm"cYCÖïÅÓY¬Två"ÀºTm /Ctïš™£UÜ·­ñ\±ƒ?S†fÑó{ïVÁö±²Ò4Õ=lS;ã9C›5-ÝûklDeÀ¶?¥Om}[T¸œX/3Ü^=îBïc--’Êþ.è
¤=\¡-&É•=ßÜO¶ ¡û •ëdç1Û¬›\ü¦"ð`§+‡mþîØŸåØ$Å„V/‘3ÿ@VxÿsòÊ³ÎíU.ùðwfÞˆX‚Óo¦DqÝªÄg¨a]cäWÏ@H`ýVõ?³*6Ñ/úF‰ºõRhiP¹û€xþ÷Ðùm¸Í«åMjÚ æÑŸW“µSð~P¡ªýØõ‰¥ëÞ—Á`€’^7ïüæÊ­»‘ëm»²&sÕ(Ãão3Ì:t9Ê‹úÞº³€c\v6YjzÈ³p±â´÷]°²–Ê‘»I¿á¡úŽ2zbÁW¨dÃiØFœ¾>'Ë«5R¡>ø%+/å½9ÕÑ§ê¬-Ç[³xË²Ïphü¾ÄM¼?jZy¯y¤ó(j?¥Ý§2$sú¼Iž˜½ð½
BTýóÑ@ûJÅsÌœ9AØ¢]áÛl]Qÿ‡YâtšMú¤Nñ~÷5hyƒæý \^÷Ð°•Uæµ21€Ÿ<½)º%—K?Lä²©Œ?” ˆ#‚ßž¢É$£s¡£lã>Š>¨g…° ÎM
=õÅ‹ð[n‡IÄ}þº¯e:sL¨k?!·gŽÌ’|b:Ï}rSmçU<­(r`™WFÉ‚â+'¢ò5éšx3Nh«*ªjÓž³Ñ£ÞÃBYM“´(±c—5Šö¹‚R"#F	D¿ý½>ƒM}çÃlƒåÕu¼ïªW¯²èvwÇ%FL8E¨*>Ç´ù0©K•	…çá,#¯NjûMD1µØ7ç0À¢- ”âLó³Cl8¨²$Yý‡¸‹‚ûkqŸÖ]µ‘ûÅµg6¾“×4ÕÇÁ«Ïáõî…A¾ŸˆðÉ˜PbŠ6Ãg/Çô”êŒêz¯´²Ì4V€°ÿÂÕk¯M"%Oa.éºŽüB¤—þW%¬@‚ÄÙQËç®ûf¤”òÈÕGK¢€­0·¿=¥xvîYØpÚ¶¬>!¾<lõóüÓppÜ(uÓõ lŒ¡É´P#Õ½v%ƒF)`LÁ-}[·âà…7xÉÄ,ä­jKyè„ƒÎ»ûì[„Ç%í•gØ>ótÿB.Ö.‰†,i-}šü]g¤& ûÝ^^‚S9Â9¹%öéYþg–UÚ^ã0Ò¦€B_5†Ë’'™›VàIë¢à¾‚ˆÅsñ{y’9±!©?¾Mr´?í4hëø’q3LCÏ ’ÜIÔŠÿ#$÷ÿ"æ"‘4NÓ0féZÒôîË¿Þ›ƒM‹Íaëaà`+@ZåâÝHB*1ñUÈ	V•|GêÊÄ"ï!ìqÂÝáá\1Ïä±Š	+a ì‹r«ÿÌcÁTH04ÍðXŒ‚G·vòÉøsÌ>>|Bf†«XCñ#,ù¸©ö€óŽOÙh–jcUçvãf¸××Ú«‘_¯—²äz2Á…¤Ó¦4Ö8+Ö~ûŠ#-ŽpŠôû÷½îµÁG$„%£zï ¸½1·]¾è0‡ºÝ~ãDÍcÐ‘<?þÇ’=n]|Í¿µ›*¬ÇÃÀ0sýïIîMÐ:þvå{Jo¬O¿BMr Š¢3[êÅådýª$°–Èƒ6Ó8ÀÞòKÃÿí\ÅÚ©‘íZ³ïÝ¼³¦ÞóÉ%ŽZ73.¸Œšb•°Ø½¡þk±ÿ•,å!>þ6]½*Œ{Ð©B²uLÇ˜d€CüT]þ®’¾Ø\íp§Ëø¦tœr•Í\¹$~àmÉ_œÿ†p·SuTYQ"Ë0!äÃL‚çàÍ~ðy$ìÉ\Ù_Pv“[Œ¾ËSûqR ©Ôï­œá¢$â¦KûC\:àõOY?iG¯—béþñîíõKÚtWg_œ{=ðã:üA}‰Ä‘Ç„ZSˆ¯Š¼bsK~ákñ‡n„ùÖïåMžžÐNCãâ	0Rç#4ªu6©m“êÒ>”þ›÷7ûÒ²\ê÷ úM+eðÕ	ìßpŸš˜\dú8v k‰©%FBå2 ØÏwZ]-µþÄ,úµúg!XšùžŽ‚a(@±¯^#>ÔàÎ¡ì¶¶)Ó†*Šà‡¸Û}ÄDã÷²‰ï;Oœ¿Èe{Éå“ÇÊ6À]ÎŒ€©vh—=>­Ôb$o¹N?^0hùÑÔ;j¿²&:MèN×¾(è¤‘­Ð!Êß1O¾²Ìm)n¼U&E6‰W~Z£å®Ð«ŠÙ¦~¹Ü½Qþ‡óäŠ`ïòÒõ\¯é¤ºrŽd[ã;s%M{N”öªß'¼Í´¹v]Ý“
úœÑT}m	»}’ÖVh`±bž”5—³.œ]}çSêÅèùHômHÊ€J~ûÐ¦6ÛŽM¬ó`¦ËðJ{°:óÝÚ–0ëä¢¢ˆ¸ +¹EbGò@~'Õ7‹Ï¯òª¢ìÅ1À=]ÆÆîÄH*K#D8AÎ,°ÞYúäšó‡µàïEþ>—Pj„GM¬û•BF€ïjuÖÅ){*Ë6³áÑÓ¤HDýpÁ
žö…+»->+¡®;…€ÞM€ÒÓ…~~Nœ>ÄõŽ4ùûù\”,Q+1ýõïÑ/t’Ô±=>©ÙÉUÎÇØ­JDÒf÷éÁ®Üþ>M¶rÙHì$|aSgª³Ý$˜ÉñN51Jõ\#:yA—ç:Xç®pºK_ÞßH-¡Éè~›®¤£»Ùõì6Y¿ÝÚÈª(kÁÔ´<H†ÔÊÍúß3,¦G¥?T?2œÖMäOà¥ÏÒÐE%4vÞ+ÜF=½&¨¨uvˆ\—‚¸¡7€jÒâ2øh7És©ôq=“Íúè#q€þñ%ÒSÄòÙnÔŸVžeàH–Ð½ç±=,há;Ã¹4Ôññ‚`!qÉ\G}ZZñ!^Oä†:«©”TÿZ±Ù¿ËIíIÁ•’¿{5ê§4|Í»±2Ë.&7øý1Õ§ŸÕ0´6}ºâšõîyKÀd^%>»qærÝ"r¶qùDÀ^æ r}µ¤P¥‰£…^þ«/G¿,e¤Þ®rÎµ)~­9¢H‚³áŸê›Ky¨‚áÆ ¹5nÁw4R9•lä©j:ïøÙ˜iÕ¤+ÏhQü‘éÇ×ç_-s—­ŠSµ´^TŸ6”×.DÃƒgkhŽÌ8÷ªàùRwEe7Û±Ô÷*ø¡«€xúï;£í &`¼éêjqih˜ÝÂÕL#Fe‹ÕSEwô,™˜:ˆÝŒb\úªSÀ ".’i©3V.Æ@c”HýÌ>%ÙÏ5ç¼‡$a½ªrtÕh¼5 ~´T³¯°a+È·C¥š¾›©>^êÛ }V‘²uˆÛëRMæ÷?6×(ìÎ°!Eà "˜-UáA´Áá³’Tãºõ\àZÊ¦ròK‘ÀÔg.|¨G¡¿ÐIšü×‡ã;ù;ù{iG¹à!}j„Ìïlßz•ÿ“ä¿‚@ü‰Ô]³bq¼d#Î-¹¡¸§$«ŒM$)€îú…Ó<ëPMµ@:Gã0agãóc~÷[(=´f×1TT+*vÝ?õìð«°«øÁ~mPûWj¯_ÙF¢vy(4Ž”Š¥è Œ„4Â¯¹®5æ?ÎndrŒÉ7w*Ñxd,wppyèÌ¼½Œ«\2JÎÁü¬!å:9“ó²|:,ˆTúµX^VUî²ˆ%^«ïË½îHyÍä”9N—»ÞŠž,¿ìÜÓ@‰™$¹Ç/9÷”ï²ú(¼cÔ7Ø0Ø™¬…WÁ:òm¦ŽO†2hòsüç«<=m¤2	NjR¼¯*æbƒW¯GH-G^K@¶.Lk<”¦}VÑƒÌ¥c3G`hƒtøé­}g›ž„I¢|üù¤jÙq/­¨¨+¿ òXŠàI7uÌ¶¼%Cé<~PðÎX+¯ŽO†’º-ã‰ÖfYÌâm™u·>QðÕ<àò±±è¼?™‚¦ÞŽ"ØCDgìœUûNEŸh¿‹ñhÁºLßZ~ð^ÑæQùJéÚ×ËªèYlÖò
½cN£
yC¤ØE|=õðÒ¤W]àú°•@Ì3©ÀÙyV™·Ì£‰óÁÃ5
ŒÍEs%,#ò@FðÅég¥ôE@¶E…¸Ä=¤™8L¦Ô}øySÃ	„îÝ‡g
ë)Ðë~é1I@Û!,µÜÒñÌ¦
ÖoPÉãš=CÔ·§<‚xPÂ-[9Ê™ ™ÓÎSnVã¢î¶Xï‚t(?nÉÑòO¶¢XÆqgÏ@ï†mívô°|‹â~°=ßi–ÄÔ|þ:âR³­ÍL$¥/Øý§«„…Éðu Ù5§ž^´¨ÍÓ¤FõÇSö®÷®BøBÒ°0YºzâE—þôe_ŽU‰Â¥…¶>ÕH9‚íl6ZŠ` "Ž~¿`ˆWÜ}Æž€Hî“yÅ4êýÙó¦³×52ðâs<÷M5Õ3>;9'…º³­z3ýú…·p2ßÓûkè´)„Ñ¦~¶kI:NÎK3[é§G\±	ö~D+[í]fsgm!vwÄÌ ü³À¬ý4¡Wœ˜ß5õ7|¯¡	yö0j_
è=$ü$yÄ=Î4N,)±þVˆ¢ktÅèÌN]ä®¹¯ü;àJÊz-Å¾½©sfà²Æ1ïƒÖ9#Ù¿tLC-cÂ)‚`àäBÆ\ÕÞæ”ï‚zàlò§w£WÉ
ßanF·WŒ[ž
Èíà,ŒM–`X•ã{ÜðýOÍæNŠÂý™±)Gó·>òÒ¡;È¾é†Á	ÅóQX;9èëÃ	ß„‘ú%n Á?•ÒWqx€éýÝ ‰ñý©˜ƒ)ì«ÍS»ßãÃ>‰þ(ŒIq=õÕÑ’?-½œ‹å uÔv†eGªœ!îZ—Aý·ú×õÂ$½Ü+vxX¥J[U«ƒ6Þ[Ÿ²Cd‘H!	7³ˆjàq#.ÐB–¨ƒ£ƒ¦Ám‚¿á“{&¨·P¤J+$íÍ=‘6á•ðñðý¨Þ@ž/+Ÿ¬ÓÀë<P4) êT=N8s·ÿrÃ†f¼Ñ-ßÅb×«-ÄúÈ
Û¿¾¥{²*»¡6åA³âw<1é¤Ô*ýµÖÊÖŽÿ|F&ÇµŽZ.A7+ùIaºPåO#;
U./»ŠÉ ÓËJÂz²gÈ¡·Y\™VŠŒÓI:Ÿ?ö?aLO»¥F£dF`ÿÝr´~ý  íÊÂÚÃ6¯rúðZ|\à©„ÔjUÞú4SR¿ß•…‘ÌÉÀ:TM'Á|<xÚÝ+Èƒ qðšShË-TiÊoÛ¨0j€ìÿl9VE:+.¯jU±Æ$©q¤ÓAuûîù&NiËÏpÊÈˆ_§,¾ô§@â¤xµ	ly'}WÚS/5æ4ÒÁo3ŠAþm;h®ùµµº(ôøXA¼åðí×HI¹’
Û*ÔRXDxTh&ÈÜ¢œ
Ï.Ÿ¥ÞÓòq…ØPyÉdn^%cçý4Ì;¶ÑŠ=ßò/ŸÄ)žVÕ%E}¿y9p2ÖkŠ”¼ô&0“éÚ×™æd¯Ð jé±Dž·”ˆ"5?®RXVbdÎÈ¤º4XµÀlí:O—ºr—ÕˆWæÍŒFöMd ã¯}—ºqÓ><2¬qÚÃ@BW_‚€H‡ @üùe‚ƒ)Hç¯x]‚"£ë±zm@qÌ]g3°%ínF•y0¦|í±4¡†ÍÄµ(ð,©`èi{5ØÒ¹/Ø(9“n±]×å2Šgc!Nnà_'ò*{WåRS£I“gn˜µ¹ F2›`ÚmönV«¸!ŠJ\È÷N˜?]Ô‚V·›=9ë‘ÎÎîâ¿´h+ÀxÏíÁƒjŒßZð]&†y†ÙÖ7ýÐ4¶œ(x·2Ï,i‘7~½“ºáê³‘eBlnÒ¤©=L/Ò˜”4ÚûémµðA*ÇTovƒaÅÔ;rºüiùçËäAëÜÏ©½¿w=`-ýèÊûõšTÐ¾ŒëU+@Ià?0\1¼ï³¶Ðd2k–#¦1;Ù„'l-¾DP¤m,ŽÊµ"Ope¿0íà×Î&­hp†çf°<3Ãj.Ð†SaÍP•ÝùÁÅŽ°£P¦tðlžÅðPÿ
µïº< @ŸqÄ"ïl}pÖ!+p3kÓ¹ùý»eÏÂ„Ê™úžêN;óÙ9iU0§É½ EçeJZ¨_­hÆ¸g'­¸|·$Ÿ„þ’²r ûKùq…ÖTÊ£¯”G±Îß¥A'Æ©“<cðèÀj³çXc\P³OK2]i²_À ,àÆâ£X<Ä@Õ‡Q8s§ð"¯N±‡µó­ò'xL·Õûâx¶ðÎVkcÄôŸ¾SbTÑvB ÊúÔ{»KÓSÉïÕ¸ˆ‰w-3
„tª~šD$,S;¯ÈÖ±#F–HJ—9ØWSÑˆíTÐ¡¤ÁåÁ:8‚ªJcWóœS”^>Ò¡•™¤’gÑüNV1}äl®‡eI“?I3µ}Ó•¿¾÷¥nJ•âE¦ëÛžÜVƒývª‘±”UÞ!Ö{ô&ôÓ[ÂýØ”0ÓJ Äÿ‡óÅí†Wn¦¸÷*Qÿlº9¯œŸ¤$¿»
¡iAAý³9À†L‹‰Ùó¦ŽLÃŸ„¾ƒýd|b»ˆ;Ö)ÃÂa£­HžÎ°póó›ËÏß¼¬¹%ZÒÝfßIèyz%ÿÑ±ñ=?,ÝdÔââêüX&†'N£Q%ì=aÞ2vYm>’–2ÂfãÌ•5ª»D
'ïÞlaœºêüŒ¶³©Ñ—ò©ÆdðÞŸ0®á¨›?ÿgàU±ž›ã¯wHÏ8}ª=í,‚<*ËÌ
ýf6ãw±Ä©dÅÙùøi±¤qêšzØ3ud(¹ IÑÒO&<HòÌ0Ø7$£­H¡[fLuËqi[…-°ñB),¦J ÷ã4³L²¡‘{Æ¥3Æ¨>7fß€¨¡²Îl[ÃÌ6y›š¨‹ð3ýÛ"E·š‚…Ø¶¸Ì× Vp¨h¼ŽI/Æ+/[c1&”2ŸÁkšu”e«8KY “BMµS	Ü®]­Žä©a.™þa°*Ñn¶ƒåPL¸Ü’¶¶©Tò¯¦1xh~šßAº—làž]:)uŠ{šü¥.zvôü°Òl$Ž„¾ß|}àY¥‘zzÁ.*N)¯Ðè‹Š+MSì`£K¸Ñé•²«O—e…pvœ9­¹ÌìIN«R„›#W’XéË	ÔÌî¾Ûœ}†nL–Åd‡ž]4ÖS±]Å¥X£s¼=üìú“Î*6Ògáõ!Ò¹ëÐM'^€ó]¡Ue{Üš=q>š!+àÞåmñN«ŽßÄ¥I5<4=æ·ÌŠYt½9!-G¤¼fðVÙ‚ã€ ØyKá(ÿBbó‹SžñÂFÝˆNÆŽE•RÖ—ž¼ú¾6ªÎÛq,¥w:16Û)AoÒç“5ŠÇS…á¸µgàµÏÍÖûü&îH£ÌÆH"=ŒPG26€±'ú&’$Þr Ðr,œ‚ÕÊä¥Ÿ–Éüog:À¨CãÅ©nŠ?®8>ÓVKiuø’Ä?G<'å/+²e¯¸.ý£´ºæç†´MëÙR†>Ð}ûZ^CID²
"*[G”z´Ý&’-QÚRôjìÉ¨À¶ž‡’~Ÿ	–7®9¥ï¬´h°k0øˆi;„êÚ&ü’D¹H”§~[€Ÿø•	›’¨"H‘| ¢‡šÕ’x8¸«”…êÆ·ø•¶Ù1€p„­#þ‡2áµ£˜yìMJ‚ÊzølÛ±y=
–@Ïºá$g³E£p™s3°.ib}Pssä‘ü²$Ñ´n.’ ’Á.ÁEE4{`e·Z}>°G¼¯ŽiZŽ}ËÛÃ–¤5M™CK¾;‘:‡ÕvðÐb½M©Ý%…û:‹ÖS6¾óÛöOf–!¯U04¢¿PA.<åÍâ†,Ô]îs[+
eí|'Äšå&¡È±ø… 2DÅjË*‡'UAÆ.¼lÜ¬éP·Û9³¸¥\Ãá³Æ9=±¡©üÕšÀ•°U±ñ¨–ÉløÏT XTs&ÓÔo1îö³9ÌÑW¦-ñØ|Þ(l›^Y2Åÿl»žgßìd(”ÿ·’1šØ\>¯áð›=ÊËÔzùíRØÉ@27vvíÙì¯¦=*±l?ËmsroGÒÂ¨c…á˜K±íµ˜0¸æž ž8„óAcúläÿÕEe>lèÇ±¸8Š*º­)šg§nºÂ‹y¤Ä¾Áæ¦ÛÔöˆþW÷æ~´i•ÕŽÏ5‹üO^	ÎÓHl
­¿Ê[–ð—â¤öQ$[­¨–Â¿À:"0Æ%îxZ`{)%yÅ|x}F%âöHÓ—fÕ$è*i1ç1¶>¤Ô8®aÀ=ˆÿáÔÌ'ç_µ»J»Ï½(C9œ™›Ã_ýñà;§qƒ=(õZ,cSÝÏé;w{f(Uüë%ö†­Xe0‡QZV•~Î(™£Ò„Æ×yèeî¹o8X-p'ß0VpªTgw®Ë/ÚÉsP¹ÞŸ…@ê9öèæ—õ6¦eû9âpu™%Ô¡CÖ[]r%’3,°íŸ}…ÒJB>˜}BÛsŠw²~dK½±æ­vH¿¤FùŒ¥|€ö™Wtq*^ ¶Åz’ˆ‘¬~®2Ç¬½“ÀÑP+Ó»Ãî~2\Q{¬ ¤f%í¦A§\Ä°Õ[Æ–ÃG²£¾åwØg$Zù8JÏçÆµÇ8ì;ylÿZ;öâ^c€Ð'Ëá¤1ˆ
L1ô?!îMköá#Rþ]×º‚vÑÄƒ7%ßlsÙºõT<.jû§ÆÍlZèsÎ€iPÉ¢ÔbÙäÔ…P{s»1gª`ÐÁú™bbóÖÑnS Õ¨k*Êv¢¦‘>f4
XŽ]¡P9.Ü…2Å¹·)„‚Êcè'?>k¾w–¿K!2=c?ÇÉ–Ô|¡ iaeÈØ3H”1¬5Õ	šìÊcË”¶þ:2kÿ|¥¨JÃø7Àw‚LÉ FkQyvo>ôjèÓiüHƒ’¬@jFrå äŽEQiIU_m>¬·×~ÈhÂ0ÛèÊèÃðx¯÷ Ä‘·"I&ó¦ m£—g!rdi-	v*ùvM¬¯¥†ðc”½³»ý¡u ‹±^¸ÕäBM±Érh®"Äs}´DLü—n¢’cÂÃÂŸ (ç¿2ãDØe‡Ê0Z£¹sÊ¨ƒ^8I@Uß|ÊHÂqÇè¶Ì)ä  d¤#juû_U•ý?Ëw|ÿS2Ð™!Ž;0o?x|Xó.þOÎ,>×»öÉëPÐÙ
¹mwí)€Óõ"µ¸Vfs>YòÏ¤+Ü¡|N|2XÖ©7göuvp3þ:Ýç’"½¢ËÒTÎº¬Pö´¬QÈkdw °c.ánóX&KÙÂ<Æ{?Tåï™åÐ¸Tý$X´òäÐüAû‘;lFþU#£Á§à½Âÿa§#ä\063	/pÕÛõü!Âäé««š¯dD>âýì«/)~iNPÖ³¡1zí0Åj–o›-zæŽÓ;,rß@ˆº®ßò‹%ÅùfBdº{åAã\Äâ²Ò¸7ùÿË¬‰ªr@ïUsR«¹qâ—óH[€¹jÀ¿Ãn¶º÷>!‰“Õi–ÌUÝ^˜É_á” yx4‰Aâ¢N0|-,‚o^a¼ÄÞÅ3gm¼’Þ©‹ÀÕA,%ãù5LŸ´fƒÑ¼µ:P×{n”ýÔ
ÒI€™f¾Å§GÕLÛ0­¬î‰Ëš¡ÂfÍØú]*Î˜YZëä‚ bÍ‡†VFÿâmO»îm™qÅ»ï*°Šv¡ÆLß:?•Yd`¹sI”òom?Û-`…·õx¨ä8?^.uÌá¨&³\¡*+‚©%%ø­Yø°íCŸÿ¿7Ód1œ–Øv\r_ù‡iùãx1yêTâu©Üó—²ÎA”}<oU¨¸Ÿ†q\­-»BšÈ/`“°I¾ÜÛ‘˜xË‹ÀÙè4è¥¡âRkÖTX.óñ‡¨ßa]º/}.ø7\ûóv¿Bd
"H|Ô‘CÑøö{0ÌÒt†ˆÅÔÒ¹ò*q5Öûq¯qíÆæóDŠÏp<[kHªE÷²§®.üF_d[?¼²†ì|¿´æL¢Ù›|ŸÓåOløz2DXÕÀ»ìÍãIõeœ´›ºæãÞ‡œ‘[71—ä›o•ä¾VW}ÁwŒÏÞ;èÖÎ‚lÌ}?yáEÞ=vË¡4^ÜO6ŸvÂDÄŸkÃÑÕ‘›ü—%˜:‡©î¯"kÎ¨ÈA%Îp2—]7unÙÒ›€ÍÑ'TsRcY›+g¥LËÞZ!å¯Pë™c4¥ÛÓÑ}tæbzEhA¼¢¦Ç²'¾B8Õv{–Íö‚Ô0ðáÕâ+d.
qá›,´`áª'Æ#i]«l6–H¡”/í-8Ó¥eäR"éð>ž#˜\[ÎcnBÛ´hÔìí¨ä·I¢—­•²”Û:lôM›ÑoH/úU?eñÑ\ñdÃð©dÞÀïÙjc.w¼Þ¾ÅRSüð8…¸çC€T¿;©@W]åì‚§ÈæËýNä-øÈ.í”iúmÌÅí‘¹¾ÁQpíé<&¼•y])‹ã£œÆQ%fBD¯8äqâ0ßÂ–ýE8ãêæSn¦V°à+h!½€Øšgù%GKQlºqaf´°¢$ìf%ÁýÙ7ìUÑ
Ö`=°¤Ÿ¾FÞØ
}»Ø»goàqZ¯JåL’
{Á. zÌô¢©¤K 8ê¿PeïCùo™þj”˜þRc ­6U—Û3q„óÉºTœðÒqÈ^Æ­&^º³ªŠÏ8AÿÉ”º}÷ªo˜
•³ÚpV˜ê1ö‡ã¨>x.Ó
HŸBB¶žœ÷A¤˜›<O°Dú†ÕCqPëPØ®%!©Á”„éºcgWi:î a¹¦jx|HþµV&,øNÓzlÿ9¦x÷¼äÜ_Ø>GðûÛFHB=·ƒ™¼†à)—–u¸&Ê8ó­þÜ°äÑ¼Üt¥çö/½é¦å7(Ô3ùÜž!W´^Ðñ¨ÆÊu´[$Á,!ÄÄUÔ¦T¯tà±s›àéá”Ó·À—@O.RÄlQÇ‡ÏÒÅWLÀQ‡V±°®‰Q©°“»›?•÷úBxÝÑ‡Ž€ÅC¹÷Bãy§÷ñ•9”;³cûV7cµlíjØAaG‘ƒ©ú¦f5ñ^Òxu¥Mœp
Ñ3¡»àbÃ,IÚ”:R+ñ‡)©­„Ô.çE9~ëÑõô$KÂðbzˆ¥=èZžÑ{ãhuÕAU lzšÆÔ»eŽtU<`g»#§{a{ð‰eÖà9•)	"ç¥Iùà½¢÷3ôQòTL¯3/¬é¦òðZÁÓÁM ÝoøL²Á•†ÌQ÷ïå½úy{~°{¸°UMöFñÉ¢ºEíåêòqP©’?6®„e×[lùò)Bå-ƒ7b¦uÍ%“$Ã;ˆˆ]e4Ìv8 ³¼‹»=Â˜ªÒ§çåiU²AñóJT	eîÁË·—òV¡:9aá*RÕ2á‰3¦ÍÂñÕ%-œ²åvA9œï,Š_ÌƒeF7²+¨vˆÍ3bîÄ²2Ò>Ãc?J¡i&ÂŸ³¢©ÝËÓë¯ñÃÔ†Z³ýëãV%l¥i3î›	
$S(Ê/º6¥¶!^«Ç4j¾p=Â„úlxƒî¤Ã@{Î‹ü8•Ü[« Ås„Xy²×‹›Ù…ÞF=ÑËiWJý`?jt KT'8?À§¶ºÃzvÍP–>œîZ3M0c¯—´Â»8çâ)©(‚'Â‰GoiwˆFJ‡«¨Z³C„0ëÈjfºâèŸùÒ²[t!¬OËGËêâqk×èÒ¶/½ñ‚èŽ>S$í…ÑeNÆa²œˆlúnPìÐu#ÔQ9À”ÛÜf÷ú¡0œ\}Ü##I²Œ˜ØsêtÏ»3è+_²kŸ§>o7à-t­{}•í¥Žâ
ËBNw2òªÜÚBàk‰›Í”‹¦7–k¼0½÷ënì
O¼çbGÛus¨ˆ™PÀ‘áBþq	1#ÀòA!;ÚRÄ{ K"LÒ2bSàjÞv ìÎ‡xy_0 \]™³9e_^Déê{w&âƒ¿”:–QÕ‹(ò®k«»`n]ÊqM,K(ÍÏ6 ËÅ{Ñ˜(ÌžîÁS‘0ZÔÜâK^7KUº‰Ç×_S$Uk5qÂŒüƒðÝFŒÚ!I|¨t*q½	ðú/z#]pŽÏêájG›á
§ö-ÌLÃ¢wÏë8uŽ²¾tõK°”§×ÏZ¯µÓ¨á•–4>7AŒLé(rœFÎ‚/þ¥k( “ßâC¦~h	vPd¨†´+Lp3ÉÏ ?°MzŠÂÎ°ZÆ“ìˆ”
:c†Pò’ðùŸ|æ2b`™~0´{I¯~Ž×ôõ:è2'¥†Œ Žç[“¤´3ØA´?y8ÈÇ	?1 dTüZ^Ê¶í(ÛÅ‘ª¾»M½–½noÔAÈT4l&DŽg{J8)r!üêÜ_ÛVö)›®ý´kA·Jj`ŽÅæ7@òÌàF0vkøôVÓo)õÓy®žöp×k¡þ-8†Ÿá+•ÖqD8„2ð5ºÕ óçÛ·÷æ4¥`„mJÌéó÷…ú£Óäöž4ø‹WÀM:"bÎûL™Îc	í.€u@Cå–YfÌ°ï#[jm‰¯]©*ÚÒjúqii,hžÛÞ\ï•Zz4dXx9É¬Q†¿×´¬¼£flöqËúËp:Ìq®[ÙõÉK¥O‘Sª”ˆúr?,'h¾“èK5kUƒ®^(ML^ÚðØNÖa úþËºiÁá_»Y`÷ÿ(bîØ&Ò½‡tÏ¿ßID;ôtX—ÿ	µïã’,iK÷qx‹ŸP¬-Ê~4ž1‡9à`£ƒFo‹ö;ì¢!€Î+°ÂÃ¸9I³û£^ÿKð÷ä÷A/¡xqjóZ¨²`=„g,ZNÉ
'¤!‰¬¢Èw…|Ï‚4hBküsGÞEµÄ7Bð3–^	é¿÷Bè­D]]¨D_€€5Ø.&rŠó©Ó‡ƒŸó÷Õ@O$	bjB‹é¢"`«eÂY¡€q°[MQHìÏ[ŸøÉ™&ŒÁ /´I§Åµ$ÿïàRèµÛ·ÊêÏ¡:’û­=‹ÐŒŽQŠ<@¯#òØl‡üeAÛ°6ÍàW	¸f@;Æ£¹:ü£÷`†µà¾æoßÖõ‡ë31CÛê3FŸß·6,¡·
°@¬#çCøo`Àæ»üé‰ŽÔÑöÅø†&],ÁÃˆ\]sƒäI®§“G&j¬Ê&Äƒd2x3bJ5™JÒp¨N–›ìe<R[-4^ª[©ëY=r¬pêóSYö"a½Ì`ÇîuLósÓyê¬•B<AËRD5þ¬o V÷ÛMh!¤ƒ_]¾‘Äï]¡_ä÷¬Ùšd¸aÑÕ¾ó•Ùr¢òdGPBe’×Å½))²e2Õ.ƒøØ¾Œwø~²?ßÊÈj›+í6qY²á&ÉÙ·)³ÐÕ?­R…;ïõ’³Ö‰W­ò ³7-ˆ(XÅýAöõÄ[ZUF<yñŸö=
fÒ±	s IÁyI†“'§:®›Ÿ¬í©668Òyªp›íW°å«& áåˆ0ŒUTôN——ÏÐúÀê°Ä´>ˆZ4cÄ`þö-Œ*…þÌ!ÚjñàÂ”0,~m.ÏðËñ†gì’×…&Õ!1Ü ÄùåýûùyêG,1`×»UÉ@¿ƒ*žÄ'PˆÂVµÕî…Ö	áþH•‘©œzd„kFZ0zå?8G'dD“%SS™‹ìòÁß]×‰,^§I¬oÅ2„Ñõøk³v+“6·ÛŽï?Nðh99Âd);©LÑ¦ žö†&rð0z„¼–‚qÅàR²b±¸Àþ.êLéÍÅˆ4•8Þñ¼pýw¿Ø£ë^Åóî;‡f4…œå¥SÒÈ
#EètFíswÒú¨Îz!jœxZ¶Æ•[S°øí<½¾[ibŠÙD÷*^š3èS(¦ýà°3³$Ìæf¯Ck¶«\ÉáXÁ¶³5Õ(ÿ!±´îúÙú{±“’ñÉ™öÍ	^¡ÃnˆÖÜ]&B„Û_mÙÓ8i«ú­øÊù|t–£[5N…‘,Ÿê@)³¿ˆ›²·Tá+AsÏ”ú¾C>r.u¿„›_tñ‰6‹kToˆÿÂaóG+e»VN-ñ¾én_Èü;òý/æÔY#,zóâµµQ×8¿}€‰vú›ÝÏ)ƒ—òï£>L‚Ëë-°æ,¨4Ôhr=DåÑî“ÉÕ qä¨+A¥2k*ƒ±\ÑV©Ê‡Ó«©ñ‡mmf·cËÊj÷‰hË,úš5>ŒO„œØ·Ë÷Ù8›¾] ¡ôËA	ºè®qK„g‡¸ÞÛåV€^Ü>‰+Wcãô«ŸSì³faI”eŒëD&%XîÔ…‰ê¼yg¥AÄÆ"IïG†Ò˜EžÄ’õÏî‹S„RœJ
¥ˆ“Ïo8L_-ÿÌ+1vtŽbÅhÒŸÀ8
×´Ñ÷ú·6Ô"a¼gÎïÑI)Ð h_Ó6Q¾w(:”%‡Ý¦Œ×sF¯‰+üÏO{Éêvå@è{öƒ¬‹RSûT¢%Záó1É³É"7Î½‘ãƒ'è _À¡Jæ1Û2H­1YAŽ#>½®ÈÆâ$ž/³¹`Uô¹?fÔø½ÔøÄÍ)ŽÌ’œsÇ$ŠDFE\ÇåoßHÀ»qÐ`2Ú {›#==,1Bõ›Ý’Iz.šì¸ZÖoF|ÐÒÉè›w5GâN#à0DªÁ¹‡"øº;kŒêäƒBŠ™“ÏÀ‡óÑnS`z¶ÞÐ÷þI“¤ñ¤ï‹+×õmÆÅFíWOiáê8ÊÌ8§Õ£¸w‚fÈ›œú«Á#	q¾àÏD.uÉ™{¯ëÒÞæ2[’OžŠn_Æe˜Íåÿy~åGXRiG Xýa•nŒÐ3AT¯¸‘Íò3ë{¿«Zô!Ï<N‚OÇcÑ1­)wg¨nZ6y<µ{Ø˜[6l“CªÙ#£=;C¨$–ûDo§†Ò9Œi<GŸÚÂÅæð³‰jÿm8M'l†™‚7-HÑW–q±…?øqùÐúòÊÿà¶â){¬A˜•4±×!+Ä¹—PÚdÊÑ²p7•ÜëkóK Ç«ûêHYÙG<³Uî83Eè7£bI6Iq¾\Ë<´Párµ½ÒK“·3=€ÁIIƒD·ø¥c<£ô=ŽÔ”ÞZ^ýämÀ˜ÔÃªRƒê\»uP&™Hë¸ùð½e#ÙàÎÎø€™…ß¢l&®Ê™&úY¢Yò%†šíœüD?%ŒÁÚ•È(—õ¹–Ä¦¢ pÚ¿ÉÏ»)µÏÃ<øÃ“‚½'ÏfÕ2b Áò5º{š9d|g â¥Še\…øxæ™
L=„Ÿ\ ¼n\K«J¢ª(\ÔÕÎ3X¯Ž¾d¾U¥b¥¹ß#D“Í–v§JAºÚ•’[/õl|¹`)Î1pË[µ«è?Á“Œ—WÐ÷:MLÁÎ¤¼…jt‹éèå£	Ò$kü…ûŽóñÄÎWdÒD@«²œ~¯ÚC\·Ÿû‰«ÁÎ	;Ñ°c,Îíå}:o‰­2ÒX¡dèÅG{¨6ò/ƒÀYFÂ=Ô êJš9êJÉ[ã.ÒŸýßœ’.I_ôÎòmöÒ+Ž&_o¹6è{OW<û:pƒ•¦)ÌIÙIÑøbv…‚¢€-°<2 B$µïÅj6Í×âˆSÃ®ô¼£Lñˆ€üêá2¿l°)2²tj †@’ª–ŸdóÎlß®å÷ûûtàìLùˆºø9iøÕÒA@¶Éö~Ù»9ÈGíÇéh}é×}vW4²ÙooÎ®B>ú_+M„+kì¦ùú8x^å&±s¢4Å	ü—Xì_œVëë
Áâ‡ö„S`î,,xª¹µ×FDšNAÄã„5ƒj2¶á¡fû‘ÛÞéy)ldÕœl2– Ã¶ä‡§äÃ×Ó¯Ëbÿ¡å”é‚¼°dü$DÌè¢dP_#ÿ—RX¹Tm¬ö9°$Õ+]â!±WHÏFO»nÚ¾Óˆmî°I[ôut»é¤S™2
(°z(`ÔMÁ=;K¿F(',¡¦Ò–ØŒ§;ãÎ¢¤¸äá^Q '˜‰=˜+îjàÊ5"Ÿu"ƒî"M9iuÖjªezOb¬ptVÕ|B´†(xÖksâÍGhDhõ C#}‘†êï%[±(¸{¬Ç@3B`9¢iÕ¸ÑÝêoû@|û²]–ÝWFÏÃÈñìÝhÀÝ2Ô¦œÄ3î åÈgÒ<î}örßgAŸì´¯"(¦Ä{ÞÃ	VÏ$¶ùåñÛÝ›ð|²àF-tþD®ó%]æ=©V*ìÙ’˜Ôa²]•MtŽÂÒSYÄAY|¥~æf¹’’L­¶ñ¸|õ#ÒQXù68ë†v$äÃçÉ\þÒì>TÁ¨½ˆà„ê\˜dÈ‹žôÛ\¼pÚ¤‹Ìl´Æ›ÒiOoôú°ŽºNI}7/²þˆ#ÑóîÓå5^]âšq$‹ætÜdæx¿Å³êÓo³CùÆl ´.¾ÇJòO¤Å,³°O)–ÂÛŽ³ÐbÕ9«^ôö\ÒóŸÛöÙ$RþLHmúí¦7Tëôek•>job_Ê)€iß(âc5~ÑIp\6z¡xbÑb3<Ð¾›=âOæ-ãšÜ>'4a‰ë7áf“¿ëŸp³ò¯Š»ÿ6õæ8cü Žrõ=ªÛ€$Õ
­eNÓ@ÉõÆ›;Zí@Â—Îà¥-r5Ÿ±Z,5ÑG Aåœ8]ksh¡9œ…ÏÛ”£ðÙNÎ¬ó6—–QÄ£%ããj`1¡ôñÿÌ>Ü·	éYZ1OÏ‹óÏó]>§„`Xñ"a¶‰€F°WÆk%|çèËÊpæL@$ÖÏÌ[<2E©J73»õ;²Ä~_V'/zB8¾}Áÿe!{hÄiëÕÝ‰ýÒuqõ¦;iÂ	Ý 0•Zi»Ñ¾Á“?Y›J¶‰P›e˜¬N€2ÏÀ÷‡Å\±`¢r“zÑ¤Åœ¨³¸`Oh‰á½lY£    A’RCCÚò6RX÷Ë£¸˜ÇVÅo®p¸Š?3u ÚåÓŒÿlë@¶éß    
YZ