This update for kanidm fixes the following issues:

- Update to version 1.4.0~git2.770efa8:
  * Resolve incorrect handling of rhost in pam (#3171)

- Update to version 1.4.0~git1.c297c3f:
  * Docker makefile latest
  * Release 1.4.0
  * chore: Made oauth2 scopes required in CLI (#3165)
  * More "choosing a domain" revision (#3161)
  * Update missing inputmode numeric when adding a new TOTP. (#3160)
  * Improve OAuth2 authorisation ux (#3158)
  * Fix attribute scim sync attribute naming (#3159)
  * Change to text input and use numeric mode for TOTP prompts. (#3154)
  * Fix release note date and typos (#3153)
  * Release 1.4.0-pre
  * Release Notes (#3149)
  * Remove WASM (#3148)
  * Rewrite "choosing a domain", add other considerations (#3147)
  * Harmonize UI and remove unused css (#3033)
  * ripping out some extra packages (#3146)
  * OAuth2 Device flow foundations (#3098)
  * htmx by default (#3145)
  * Support reloading via systemd (#3144)
  * Chore: Refactor Groups to be more generic (#3136)
  * 20241024 1271 cert reload on SIGHUP (#3140)
  * Update docs, improve locking (#3141)
  * 2856 - use tags for containers on build (#3139)
  * Fix image when too smol (#3138)
  * yale's rabbit-hole-chasing-htmx-fixing-megapatch (#3135)
  * ipinfo should be single value (#3137)
  * Tidy the reauth ui (#3130)
  * Add missing schemas to get OpenAPI validation to pass. (#3129)
  * Change some OperationError into HTTP Bad Request (400). (#3125)
  * Bump the all group with 11 updates (#3127)
  * Bump the all group in /pykanidm with 5 updates (#3128)
  * Fill in some Swagger API docs for a few v1 endpoints. (#3126)
  * Diagram Improvements in Book (#3124)
  * Fix passkey auth flow redirects (#3123)
  * Improve handling of inaccesible shadow file (#3122)
  * Log HTTP Not Found (404) as info log level. (#3119)
  * more errors for the people (#3121)
  * 20241017 unixd home (#3113)
  * 20241017 3107 token ttl (#3114)
  * docs: Update kanidm_ppa instructions for new repo logic (#3117)
  * fix(lint) minor lint fix for unnecessary match use (#3118)
  * Totp input changes (#3115)
  * Add the strict flag on client creates for developers (#3111)
  * Working scim entry get for person (#3088)
  * Add nss testframework and fallback when daemon offline (#3093)
  * Improve deb packaging, add aarch64 (#3083)
  * Cache buster buster (#3091)
  * fix(http): status content type should be JSON (#3096)
  * Bump the all group across 1 directory with 7 updates (#3106)
  * Bump the all group across 1 directory with 10 updates (#3103)
  * 20241012 attr name SCIM fix (#3102)
  * Scim add EntryReference  (#3079)
  * Bump the all group across 1 directory with 3 updates (#3094)
  * Fix Increment Replication Post Upgrade (#3089)
  * Remove white background from square logo (#3087)
  * Add support for group extension (#3081)
  * 20240921 ssh keys and unix password in credential update session (#3056)
  * Fix landing and redirect URLs for GitLab, add some useful links (#3055)
  * [htmx] Make it harder to miss the save button on the cred update page (#3013)
  * Add example Outline config (#3076)
  * 20240925 cleanups (#3060)
  * Add instructions for unlinking Homebrew Rust on macOS (#3085)
  * Don't reprompt for login when no session exists in cli (#3082)
  * Make good on some TechDebt (#3084)
  * Feat: Adding POSIX Password fallback (#3067)
  * Bump the all group across 1 directory with 13 updates (#3080)
  * Complete the implementation of the posix account cache (#3041)
  * 20240926 tech debt (#3066)
  * Fix migration of last mod cid (#3065)
  * Increase totp secret size (#3061)
  * Bump mozilla-actions/sccache-action from 0.0.5 to 0.0.6 in the all group (#3075)
  * Improve pipe handling on linux (#3069)
  * reformat oauth2 URL list, highlight legacy bits (#3062)
  * scim_proto: fix incorrect language tag (#3064)
  * Add ownCloud example config (#3059)
  * Add example config for JetBrains Hub / YouTrack (#3058)
  * Bump the all group with 8 updates (#3053)
  * Bump the all group in /pykanidm with 3 updates (#3054)
  * Document basic authenticating GitLab to Kanidm (#3050)
  * fix(doc): updating docker container ref (#3049)
  * Resolve incorrect SCIM Sync serialisation (#3047)
  * CLI image error nicening (#3037)
  * Add rfc7009 and rfc7662 metadata to oidc discovery (#3046)
  * More openapi tweaks (#3038)
  * Bump the all group with 6 updates (#3044)
  * Bump the all group in /pykanidm with 3 updates (#3043)
  * fix(docs): make it clearer that bearer auth is a thing (#3031)
  * implements additional traits for filter types (#3036)
  * 20240810 SCIM entry basic (#3032)
  * CreatedAt/ModifiedAt fix (#3034)
  * Pykanidm fixes (#3030)
  * 20240906 Attribute as an Enum Type (#3025)
  * Bump the all group with 9 updates (#3029)
  * Bump the all group in /pykanidm with 4 updates (#3028)
  * Credentials page/Self cred update flow UI improvements (#3012)
  * 20240828 Support Larger Images, Allow Custom Domain Icons (#3016)
  * MemberOf in search implies DirectMemberOf (#3024)
  * fix(kanidm): don't allow empty string fields on CLI (#3018)
  * Bump cryptography from 42.0.4 to 43.0.1 in /pykanidm in the pip group (#3023)
  * generate completions for elvish and fish (#3015)
  * Bump the all group with 4 updates (#3021)
  * Bump the all group in /pykanidm with 3 updates (#3022)
  * 20240820 SCIM value (#2992)
  * fix(daemon): handling IPv6 addresses in healthcheck (#3004)
  * fix(webui): Javascript errors after server-side update blocking login. Fixed after cache invalidating (#3011)
  * OAuth2 Token Type (#3008)
  * Bump the all group in /pykanidm with 4 updates (#3007)
  * Bump the all group with 8 updates (#3006)
  * Spattering of oauth2 stuff (#3000)
  * Doc multi instance (#2997)
  * Expose group rename (#2999)
  * feat: self cred update flow (#2995)
  * Better Error Message (#2998)
  * Add missing group for application admin (#2991)
  * enforcen den clippen (#2990)
  * 20240817 group mail acp (#2982)
  * 20240810 application passwords (#2968)
  * Bump the all group with 17 updates (#2986)
  * Bump the all group in /pykanidm with 3 updates (#2985)
  * Mail substr index (#2981)
  * Doc format, add api-token section (#2975)
  * [HTMX] small profile improvements (#2974)
  * Foundations of pam/nss multi resolver
  * TLS, no seriously. (#2963)
  * Update suse.md to avoid Authentication token manipulation error (#2973)
  * Add Alpine Linux installation instructions (#2871)
  * Bump the all group across 1 directory with 10 updates (#2966)
  * [HTMX] User settings (#2929)
  * Bump the all group in /pykanidm with 2 updates (#2965)
  * Docs updates (#2961)
  * Bump aiohttp from 3.10.0 to 3.10.2 in /pykanidm in the pip group (#2962)
  * Prevent bug in pam (#2960)
  * Improve migration error message (#2959)
  * Fix incorrect logic in cred update flow (#2956)
  * Docker-and-docs-fixes (#2954)
  * Bump the all group in /pykanidm with 5 updates (#2952)
  * Bump the all group with 10 updates (#2953)
  * Added orca flag to extend privileged authentication expiry (#2949)
  * In honour of SebaT, error on db lock acq timeout (#2947)
  * Add measurement of lock acquisition (#2946)
  * [htmx] Credential Update page  (#2897)
  * Update to 1.4.0-dev (#2943)