From aecd4b52ef05bdb53b3e01dc9b1443ab7eb79f4e Mon Sep 17 00:00:00 2001
From: Tana M Berry <tanamarieberry@yahoo.com>
Date: Fri, 17 Nov 2023 12:23:05 -0600
Subject: [PATCH 01/21] website/docs: fixed formatting on tabs (#7609)

* fixed formatting on tabs

* sync tabs and use same code blocks for both

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Tana Berry <tana@goauthentik.io>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
---
 website/docs/installation/configuration.mdx | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/website/docs/installation/configuration.mdx b/website/docs/installation/configuration.mdx
index f2004d31621a..28d8e5f50f02 100644
--- a/website/docs/installation/configuration.mdx
+++ b/website/docs/installation/configuration.mdx
@@ -20,18 +20,22 @@ All of these variables can be set to values, but you can also use a URI-like for
 import Tabs from "@theme/Tabs";
 import TabItem from "@theme/TabItem";
 
-<Tabs>
+<Tabs groupId="platform">
   <TabItem value="docker-compose" label="Docker Compose" default>
     If you are using Docker Compose, edit your <code>.env</code> file to append any keys that you want to add, and then run the following command to apply them:
 
+    ```
     docker-compose up -d
+    ```
 
   </TabItem>
   <TabItem value="kubernetes" label="Kubernetes">
     If you are running in Kubernetes, edit your <code>values.yaml</code> file to append any keys that you want to add, and then run the following commands to apply:
 
+    ```
     helm repo update
     helm upgrade --install authentik authentik/authentik -f values.yaml
+    ```
 
   </TabItem>
 
@@ -41,15 +45,19 @@ import TabItem from "@theme/TabItem";
 
 To check if your config has been applied correctly, you can run the following command to output the full config:
 
-<Tabs>
+<Tabs groupId="platform">
   <TabItem value="docker-compose" label="Docker Compose" default>
 
+    ```
     docker-compose run --rm worker dump_config
+    ```
 
   </TabItem>
   <TabItem value="kubernetes" label="Kubernetes">
 
+    ```
     kubectl exec -it deployment/authentik-worker -c authentik -- ak dump_config
+    ```
 
   </TabItem>
 

From 98a07cd0ef14f0179477d009429d1298af46f6d2 Mon Sep 17 00:00:00 2001
From: Jens L <jens@goauthentik.io>
Date: Sat, 18 Nov 2023 01:46:16 +0100
Subject: [PATCH 02/21] events: stop spam (#7611)

* events: don't log updates to internal service accounts

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* dont log reputation updates

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* don't actually ignore things, stop updating outpost user when not required

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* prevent updating internal service account users

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix setattr call

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 authentik/core/api/users.py    |  5 +++++
 authentik/events/middleware.py |  3 +++
 authentik/outposts/models.py   | 20 +++++++++++++++-----
 3 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/authentik/core/api/users.py b/authentik/core/api/users.py
index d4adacc972dd..5ee249729f33 100644
--- a/authentik/core/api/users.py
+++ b/authentik/core/api/users.py
@@ -171,6 +171,11 @@ def validate_type(self, user_type: str) -> str:
             raise ValidationError("Setting a user to internal service account is not allowed.")
         return user_type
 
+    def validate(self, attrs: dict) -> dict:
+        if self.instance and self.instance.type == UserTypes.INTERNAL_SERVICE_ACCOUNT:
+            raise ValidationError("Can't modify internal service account users")
+        return super().validate(attrs)
+
     class Meta:
         model = User
         fields = [
diff --git a/authentik/events/middleware.py b/authentik/events/middleware.py
index d482bb21ea97..7834bae5eae1 100644
--- a/authentik/events/middleware.py
+++ b/authentik/events/middleware.py
@@ -27,6 +27,7 @@
 from authentik.lib.utils.errors import exception_to_string
 from authentik.outposts.models import OutpostServiceConnection
 from authentik.policies.models import Policy, PolicyBindingModel
+from authentik.policies.reputation.models import Reputation
 from authentik.providers.oauth2.models import AccessToken, AuthorizationCode, RefreshToken
 from authentik.providers.scim.models import SCIMGroup, SCIMUser
 from authentik.stages.authenticator_static.models import StaticToken
@@ -52,11 +53,13 @@
     RefreshToken,
     SCIMUser,
     SCIMGroup,
+    Reputation,
 )
 
 
 def should_log_model(model: Model) -> bool:
     """Return true if operation on `model` should be logged"""
+    # Check for silk by string so this comparison doesn't fail when silk isn't installed
     if model.__module__.startswith("silk"):
         return False
     return model.__class__ not in IGNORED_MODELS
diff --git a/authentik/outposts/models.py b/authentik/outposts/models.py
index f876a0cf35f3..14f896c35bff 100644
--- a/authentik/outposts/models.py
+++ b/authentik/outposts/models.py
@@ -344,12 +344,22 @@ def user(self) -> User:
         user_created = False
         if not user:
             user: User = User.objects.create(username=self.user_identifier)
-            user.set_unusable_password()
             user_created = True
-        user.type = UserTypes.INTERNAL_SERVICE_ACCOUNT
-        user.name = f"Outpost {self.name} Service-Account"
-        user.path = USER_PATH_OUTPOSTS
-        user.save()
+        attrs = {
+            "type": UserTypes.INTERNAL_SERVICE_ACCOUNT,
+            "name": f"Outpost {self.name} Service-Account",
+            "path": USER_PATH_OUTPOSTS,
+        }
+        dirty = False
+        for key, value in attrs.items():
+            if getattr(user, key) != value:
+                dirty = True
+                setattr(user, key, value)
+        if user.has_usable_password():
+            user.set_unusable_password()
+            dirty = True
+        if dirty:
+            user.save()
         if user_created:
             self.build_user_permissions(user)
         return user

From 44fc9ee80c51ffcfa061c7ce0d6f61536bf28ec9 Mon Sep 17 00:00:00 2001
From: Jens L <jens@goauthentik.io>
Date: Sat, 18 Nov 2023 01:55:48 +0100
Subject: [PATCH 03/21] stages/identification: add option to pretend user
 exists (#7610)

* stages/identification: add option to pretend user exists

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix tests?

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update docs

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* test CI permission fix

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 .github/workflows/gha-cache-cleanup.yml       |  4 ++
 .github/workflows/translation-advice.yml      |  4 ++
 .github/workflows/translation-rename.yml      |  4 ++
 authentik/flows/tests/test_executor.py        |  1 +
 authentik/lib/avatars.py                      | 10 +++-
 .../migrations/0010_alter_totpdevice_key.py   | 10 ++++
 authentik/stages/identification/api.py        |  1 +
 .../0014_identificationstage_pretend.py       | 23 ++++++++
 authentik/stages/identification/models.py     |  7 +++
 authentik/stages/identification/stage.py      |  4 +-
 authentik/stages/identification/tests.py      | 21 ++++++++
 blueprints/schema.json                        |  5 ++
 schema.yml                                    | 12 +++++
 .../identification/IdentificationStageForm.ts | 22 +++++++-
 web/xliff/de.xlf                              |  6 +++
 web/xliff/en.xlf                              |  6 +++
 web/xliff/es.xlf                              |  6 +++
 web/xliff/fr.xlf                              |  6 +++
 web/xliff/pl.xlf                              |  6 +++
 web/xliff/pseudo-LOCALE.xlf                   |  6 +++
 web/xliff/tr.xlf                              |  6 +++
 web/xliff/zh-Hans.xlf                         | 54 ++++++++++---------
 web/xliff/zh-Hant.xlf                         |  6 +++
 web/xliff/zh_TW.xlf                           |  6 +++
 .../docs/flow/stages/identification/index.md  |  8 +++
 website/docs/releases/2024/v2024.1.md         |  4 ++
 26 files changed, 220 insertions(+), 28 deletions(-)
 create mode 100644 authentik/stages/identification/migrations/0014_identificationstage_pretend.py

diff --git a/.github/workflows/gha-cache-cleanup.yml b/.github/workflows/gha-cache-cleanup.yml
index 178d00cac642..473625d1cc86 100644
--- a/.github/workflows/gha-cache-cleanup.yml
+++ b/.github/workflows/gha-cache-cleanup.yml
@@ -6,6 +6,10 @@ on:
     types:
       - closed
 
+permissions:
+  # Permission to delete cache
+  actions: write
+
 jobs:
   cleanup:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/translation-advice.yml b/.github/workflows/translation-advice.yml
index 4de916bf05bd..ad76424fa490 100644
--- a/.github/workflows/translation-advice.yml
+++ b/.github/workflows/translation-advice.yml
@@ -10,6 +10,10 @@ on:
       - "!locale/en/**"
       - "web/xliff/**"
 
+permissions:
+  # Permission to write comment
+  pull-requests: write
+
 jobs:
   post-comment:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/translation-rename.yml b/.github/workflows/translation-rename.yml
index b2c947bda6c0..7fe0a7ab5217 100644
--- a/.github/workflows/translation-rename.yml
+++ b/.github/workflows/translation-rename.yml
@@ -6,6 +6,10 @@ on:
   pull_request:
     types: [opened, reopened]
 
+permissions:
+  # Permission to rename PR
+  pull-requests: write
+
 jobs:
   rename_pr:
     runs-on: ubuntu-latest
diff --git a/authentik/flows/tests/test_executor.py b/authentik/flows/tests/test_executor.py
index 4d5fb5c8bc7d..dfca805171b2 100644
--- a/authentik/flows/tests/test_executor.py
+++ b/authentik/flows/tests/test_executor.py
@@ -472,6 +472,7 @@ def test_invalid_restart(self):
         ident_stage = IdentificationStage.objects.create(
             name="ident",
             user_fields=[UserFields.E_MAIL],
+            pretend_user_exists=False,
         )
         FlowStageBinding.objects.create(
             target=flow,
diff --git a/authentik/lib/avatars.py b/authentik/lib/avatars.py
index 8a6e2b9c1b98..3faa10376414 100644
--- a/authentik/lib/avatars.py
+++ b/authentik/lib/avatars.py
@@ -154,7 +154,15 @@ def generate_avatar_from_name(
 
 def avatar_mode_generated(user: "User", mode: str) -> Optional[str]:
     """Wrapper that converts generated avatar to base64 svg"""
-    svg = generate_avatar_from_name(user.name if user.name.strip() != "" else "a k")
+    # By default generate based off of user's display name
+    name = user.name.strip()
+    if name == "":
+        # Fallback to username
+        name = user.username.strip()
+    # If we still don't have anything, fallback to `a k`
+    if name == "":
+        name = "a k"
+    svg = generate_avatar_from_name(name)
     return f"data:image/svg+xml;base64,{b64encode(svg.encode('utf-8')).decode('utf-8')}"
 
 
diff --git a/authentik/stages/authenticator_totp/migrations/0010_alter_totpdevice_key.py b/authentik/stages/authenticator_totp/migrations/0010_alter_totpdevice_key.py
index af007e4df5b7..4ea982d878b8 100644
--- a/authentik/stages/authenticator_totp/migrations/0010_alter_totpdevice_key.py
+++ b/authentik/stages/authenticator_totp/migrations/0010_alter_totpdevice_key.py
@@ -29,4 +29,14 @@ class Migration(migrations.Migration):
             name="totpdevice",
             options={"verbose_name": "TOTP Device", "verbose_name_plural": "TOTP Devices"},
         ),
+        migrations.AlterField(
+            model_name="authenticatortotpstage",
+            name="digits",
+            field=models.IntegerField(
+                choices=[
+                    ("6", "6 digits, widely compatible"),
+                    ("8", "8 digits, not compatible with apps like Google Authenticator"),
+                ]
+            ),
+        ),
     ]
diff --git a/authentik/stages/identification/api.py b/authentik/stages/identification/api.py
index 0c1983f548f3..1f2ab50578e2 100644
--- a/authentik/stages/identification/api.py
+++ b/authentik/stages/identification/api.py
@@ -33,6 +33,7 @@ class Meta:
             "passwordless_flow",
             "sources",
             "show_source_labels",
+            "pretend_user_exists",
         ]
 
 
diff --git a/authentik/stages/identification/migrations/0014_identificationstage_pretend.py b/authentik/stages/identification/migrations/0014_identificationstage_pretend.py
new file mode 100644
index 000000000000..da6eab2e416c
--- /dev/null
+++ b/authentik/stages/identification/migrations/0014_identificationstage_pretend.py
@@ -0,0 +1,23 @@
+# Generated by Django 4.2.7 on 2023-11-17 16:32
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        (
+            "authentik_stages_identification",
+            "0002_auto_20200530_2204_squashed_0013_identificationstage_passwordless_flow",
+        ),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="identificationstage",
+            name="pretend_user_exists",
+            field=models.BooleanField(
+                default=True,
+                help_text="When enabled, the stage will succeed and continue even when incorrect user info is entered.",
+            ),
+        ),
+    ]
diff --git a/authentik/stages/identification/models.py b/authentik/stages/identification/models.py
index a9f65b87894a..8b8b3d1fdaea 100644
--- a/authentik/stages/identification/models.py
+++ b/authentik/stages/identification/models.py
@@ -54,6 +54,13 @@ class IdentificationStage(Stage):
             "entered will be shown"
         ),
     )
+    pretend_user_exists = models.BooleanField(
+        default=True,
+        help_text=_(
+            "When enabled, the stage will succeed and continue even when incorrect user info "
+            "is entered."
+        ),
+    )
 
     enrollment_flow = models.ForeignKey(
         Flow,
diff --git a/authentik/stages/identification/stage.py b/authentik/stages/identification/stage.py
index 3a6a5bd25344..568030af8b4e 100644
--- a/authentik/stages/identification/stage.py
+++ b/authentik/stages/identification/stage.py
@@ -121,8 +121,8 @@ def validate(self, attrs: dict[str, Any]) -> dict[str, Any]:
             self.pre_user = self.stage.executor.plan.context[PLAN_CONTEXT_PENDING_USER]
             if not current_stage.show_matched_user:
                 self.stage.executor.plan.context[PLAN_CONTEXT_PENDING_USER_IDENTIFIER] = uid_field
-            if self.stage.executor.flow.designation == FlowDesignation.RECOVERY:
-                # When used in a recovery flow, always continue to not disclose if a user exists
+            # when `pretend` is enabled, continue regardless
+            if current_stage.pretend_user_exists:
                 return attrs
             raise ValidationError("Failed to authenticate.")
         self.pre_user = pre_user
diff --git a/authentik/stages/identification/tests.py b/authentik/stages/identification/tests.py
index dabdea050d89..375a9d04dae3 100644
--- a/authentik/stages/identification/tests.py
+++ b/authentik/stages/identification/tests.py
@@ -28,6 +28,7 @@ def setUp(self):
         self.stage = IdentificationStage.objects.create(
             name="identification",
             user_fields=[UserFields.E_MAIL],
+            pretend_user_exists=False,
         )
         self.stage.sources.set([source])
         self.stage.save()
@@ -106,6 +107,26 @@ def test_invalid_with_username(self):
             form_data,
         )
         self.assertEqual(response.status_code, 200)
+        self.assertStageResponse(
+            response,
+            self.flow,
+            component="ak-stage-identification",
+            response_errors={
+                "non_field_errors": [{"string": "Failed to authenticate.", "code": "invalid"}]
+            },
+        )
+
+    def test_invalid_with_username_pretend(self):
+        """Test invalid with username (user exists but stage only allows email)"""
+        self.stage.pretend_user_exists = True
+        self.stage.save()
+        form_data = {"uid_field": self.user.username}
+        response = self.client.post(
+            reverse("authentik_api:flow-executor", kwargs={"flow_slug": self.flow.slug}),
+            form_data,
+        )
+        self.assertEqual(response.status_code, 200)
+        self.assertStageRedirects(response, reverse("authentik_core:root-redirect"))
 
     def test_invalid_no_fields(self):
         """Test invalid with username (no user fields are enabled)"""
diff --git a/blueprints/schema.json b/blueprints/schema.json
index bab793b701ca..423094b6028c 100644
--- a/blueprints/schema.json
+++ b/blueprints/schema.json
@@ -7425,6 +7425,11 @@
                 "show_source_labels": {
                     "type": "boolean",
                     "title": "Show source labels"
+                },
+                "pretend_user_exists": {
+                    "type": "boolean",
+                    "title": "Pretend user exists",
+                    "description": "When enabled, the stage will succeed and continue even when incorrect user info is entered."
                 }
             },
             "required": []
diff --git a/schema.yml b/schema.yml
index d7c59dfecc20..c83edbc152d8 100644
--- a/schema.yml
+++ b/schema.yml
@@ -32013,6 +32013,10 @@ components:
           description: Specify which sources should be shown.
         show_source_labels:
           type: boolean
+        pretend_user_exists:
+          type: boolean
+          description: When enabled, the stage will succeed and continue even when
+            incorrect user info is entered.
       required:
       - component
       - meta_model_name
@@ -32077,6 +32081,10 @@ components:
           description: Specify which sources should be shown.
         show_source_labels:
           type: boolean
+        pretend_user_exists:
+          type: boolean
+          description: When enabled, the stage will succeed and continue even when
+            incorrect user info is entered.
       required:
       - name
     InstallID:
@@ -36560,6 +36568,10 @@ components:
           description: Specify which sources should be shown.
         show_source_labels:
           type: boolean
+        pretend_user_exists:
+          type: boolean
+          description: When enabled, the stage will succeed and continue even when
+            incorrect user info is entered.
     PatchedInvitationRequest:
       type: object
       description: Invitation Serializer
diff --git a/web/src/admin/stages/identification/IdentificationStageForm.ts b/web/src/admin/stages/identification/IdentificationStageForm.ts
index 769caaa76f55..6fad5fbb2661 100644
--- a/web/src/admin/stages/identification/IdentificationStageForm.ts
+++ b/web/src/admin/stages/identification/IdentificationStageForm.ts
@@ -68,7 +68,7 @@ export class IdentificationStageForm extends ModelForm<IdentificationStage, stri
     }
 
     renderForm(): TemplateResult {
-        return html` <span>
+        return html`<span>
                 ${msg("Let the user identify themselves with their username or Email address.")}
             </span>
             <ak-form-element-horizontal label=${msg("Name")} ?required=${true} name="name">
@@ -169,6 +169,26 @@ export class IdentificationStageForm extends ModelForm<IdentificationStage, stri
                             )}
                         </p>
                     </ak-form-element-horizontal>
+                    <ak-form-element-horizontal name="pretendUserExists">
+                        <label class="pf-c-switch">
+                            <input
+                                class="pf-c-switch__input"
+                                type="checkbox"
+                                ?checked=${first(this.instance?.pretendUserExists, true)}
+                            />
+                            <span class="pf-c-switch__toggle">
+                                <span class="pf-c-switch__toggle-icon">
+                                    <i class="fas fa-check" aria-hidden="true"></i>
+                                </span>
+                            </span>
+                            <span class="pf-c-switch__label">${msg("Pretend user exists")}</span>
+                        </label>
+                        <p class="pf-c-form__helper-text">
+                            ${msg(
+                                "When enabled, the stage will always accept the given user identifier and continue.",
+                            )}
+                        </p>
+                    </ak-form-element-horizontal>
                     <ak-form-element-horizontal name="showMatchedUser">
                         <label class="pf-c-switch">
                             <input
diff --git a/web/xliff/de.xlf b/web/xliff/de.xlf
index 1c44463de8da..38ac63d461f6 100644
--- a/web/xliff/de.xlf
+++ b/web/xliff/de.xlf
@@ -6069,6 +6069,12 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
   <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/en.xlf b/web/xliff/en.xlf
index 4aebb5c7165f..fd6274b44d19 100644
--- a/web/xliff/en.xlf
+++ b/web/xliff/en.xlf
@@ -6346,6 +6346,12 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
   <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/es.xlf b/web/xliff/es.xlf
index e557c23a6431..e6f6fc8998f7 100644
--- a/web/xliff/es.xlf
+++ b/web/xliff/es.xlf
@@ -5985,6 +5985,12 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
   <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/fr.xlf b/web/xliff/fr.xlf
index eb578de6c23c..4343e0ab3d16 100644
--- a/web/xliff/fr.xlf
+++ b/web/xliff/fr.xlf
@@ -7971,6 +7971,12 @@ Les liaisons avec les groupes/utilisateurs sont vérifiées par rapport à l'uti
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
   <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/pl.xlf b/web/xliff/pl.xlf
index 949ca8b14b81..d50ab62c2b75 100644
--- a/web/xliff/pl.xlf
+++ b/web/xliff/pl.xlf
@@ -6193,6 +6193,12 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
   <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/pseudo-LOCALE.xlf b/web/xliff/pseudo-LOCALE.xlf
index f617f9444b88..bd038e1beea0 100644
--- a/web/xliff/pseudo-LOCALE.xlf
+++ b/web/xliff/pseudo-LOCALE.xlf
@@ -7871,4 +7871,10 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s824e0943a7104668">
   <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
 </trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
+</trans-unit>
 </body></file></xliff>
diff --git a/web/xliff/tr.xlf b/web/xliff/tr.xlf
index 629df778a149..dd82e3e39231 100644
--- a/web/xliff/tr.xlf
+++ b/web/xliff/tr.xlf
@@ -5978,6 +5978,12 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
   <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/zh-Hans.xlf b/web/xliff/zh-Hans.xlf
index 3baadcd3c856..8bb74ce3aec2 100644
--- a/web/xliff/zh-Hans.xlf
+++ b/web/xliff/zh-Hans.xlf
@@ -1,4 +1,4 @@
-<?xml version="1.0" ?><xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" version="1.2">
+<?xml version="1.0"?><xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" version="1.2">
   <file target-language="zh-Hans" source-language="en" original="lit-localize-inputs" datatype="plaintext">
     <body>
       <trans-unit id="s4caed5b7a7e5d89b">
@@ -613,9 +613,9 @@
         
       </trans-unit>
       <trans-unit id="saa0e2675da69651b">
-        <source>The URL &quot;<x id="0" equiv-text="${this.url}"/>&quot; was not found.</source>
-        <target>未找到 URL &quot; 
-        <x id="0" equiv-text="${this.url}"/>&quot;。</target>
+        <source>The URL "<x id="0" equiv-text="${this.url}"/>" was not found.</source>
+        <target>未找到 URL " 
+        <x id="0" equiv-text="${this.url}"/>"。</target>
         
       </trans-unit>
       <trans-unit id="s58cd9c2fe836d9c6">
@@ -1057,8 +1057,8 @@
         
       </trans-unit>
       <trans-unit id="sa8384c9c26731f83">
-        <source>To allow any redirect URI, set this value to &quot;.*&quot;. Be aware of the possible security implications this can have.</source>
-        <target>要允许任何重定向 URI，请将此值设置为 &quot;.*&quot;。请注意这可能带来的安全影响。</target>
+        <source>To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have.</source>
+        <target>要允许任何重定向 URI，请将此值设置为 ".*"。请注意这可能带来的安全影响。</target>
         
       </trans-unit>
       <trans-unit id="s55787f4dfcdce52b">
@@ -1799,8 +1799,8 @@
         
       </trans-unit>
       <trans-unit id="sa90b7809586c35ce">
-        <source>Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon &quot;fa-test&quot;.</source>
-        <target>输入完整 URL、相对路径，或者使用 'fa://fa-test' 来使用 Font Awesome 图标 &quot;fa-test&quot;。</target>
+        <source>Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test".</source>
+        <target>输入完整 URL、相对路径，或者使用 'fa://fa-test' 来使用 Font Awesome 图标 "fa-test"。</target>
         
       </trans-unit>
       <trans-unit id="s0410779cb47de312">
@@ -2988,8 +2988,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s76768bebabb7d543">
-        <source>Field which contains members of a group. Note that if using the &quot;memberUid&quot; field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...'</source>
-        <target>包含组成员的字段。请注意，如果使用 &quot;memberUid&quot; 字段，则假定该值包含相对可分辨名称。例如，'memberUid=some-user' 而不是 'memberUid=cn=some-user,ou=groups,...'</target>
+        <source>Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...'</source>
+        <target>包含组成员的字段。请注意，如果使用 "memberUid" 字段，则假定该值包含相对可分辨名称。例如，'memberUid=some-user' 而不是 'memberUid=cn=some-user,ou=groups,...'</target>
         
       </trans-unit>
       <trans-unit id="s026555347e589f0e">
@@ -3781,8 +3781,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s7b1fba26d245cb1c">
-        <source>When using an external logging solution for archiving, this can be set to &quot;minutes=5&quot;.</source>
-        <target>使用外部日志记录解决方案进行存档时，可以将其设置为 &quot;minutes=5&quot;。</target>
+        <source>When using an external logging solution for archiving, this can be set to "minutes=5".</source>
+        <target>使用外部日志记录解决方案进行存档时，可以将其设置为 "minutes=5"。</target>
         
       </trans-unit>
       <trans-unit id="s44536d20bb5c8257">
@@ -3791,8 +3791,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s3bb51cabb02b997e">
-        <source>Format: &quot;weeks=3;days=2;hours=3,seconds=2&quot;.</source>
-        <target>格式：&quot;weeks=3;days=2;hours=3,seconds=2&quot;。</target>
+        <source>Format: "weeks=3;days=2;hours=3,seconds=2".</source>
+        <target>格式："weeks=3;days=2;hours=3,seconds=2"。</target>
         
       </trans-unit>
       <trans-unit id="s04bfd02201db5ab8">
@@ -3988,10 +3988,10 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="sa95a538bfbb86111">
-        <source>Are you sure you want to update <x id="0" equiv-text="${this.objectLabel}"/> &quot;<x id="1" equiv-text="${this.obj?.name}"/>&quot;?</source>
+        <source>Are you sure you want to update <x id="0" equiv-text="${this.objectLabel}"/> "<x id="1" equiv-text="${this.obj?.name}"/>"?</source>
         <target>您确定要更新 
-        <x id="0" equiv-text="${this.objectLabel}"/>&quot; 
-        <x id="1" equiv-text="${this.obj?.name}"/>&quot; 吗？</target>
+        <x id="0" equiv-text="${this.objectLabel}"/>" 
+        <x id="1" equiv-text="${this.obj?.name}"/>" 吗？</target>
         
       </trans-unit>
       <trans-unit id="sc92d7cfb6ee1fec6">
@@ -5077,7 +5077,7 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="sdf1d8edef27236f0">
-        <source>A &quot;roaming&quot; authenticator, like a YubiKey</source>
+        <source>A "roaming" authenticator, like a YubiKey</source>
         <target>像 YubiKey 这样的“漫游”身份验证器</target>
         
       </trans-unit>
@@ -5412,10 +5412,10 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s2d5f69929bb7221d">
-        <source><x id="0" equiv-text="${prompt.name}"/> (&quot;<x id="1" equiv-text="${prompt.fieldKey}"/>&quot;, of type <x id="2" equiv-text="${prompt.type}"/>)</source>
+        <source><x id="0" equiv-text="${prompt.name}"/> ("<x id="1" equiv-text="${prompt.fieldKey}"/>", of type <x id="2" equiv-text="${prompt.type}"/>)</source>
         <target>
-        <x id="0" equiv-text="${prompt.name}"/>（&quot; 
-        <x id="1" equiv-text="${prompt.fieldKey}"/>&quot;，类型为 
+        <x id="0" equiv-text="${prompt.name}"/>（" 
+        <x id="1" equiv-text="${prompt.fieldKey}"/>"，类型为 
         <x id="2" equiv-text="${prompt.type}"/>）</target>
         
       </trans-unit>
@@ -5464,7 +5464,7 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s1608b2f94fa0dbd4">
-        <source>If set to a duration above 0, the user will have the option to choose to &quot;stay signed in&quot;, which will extend their session by the time specified here.</source>
+        <source>If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here.</source>
         <target>如果设置时长大于 0，用户可以选择“保持登录”选项，这将使用户的会话延长此处设置的时间。</target>
         
       </trans-unit>
@@ -7978,9 +7978,15 @@ Bindings to groups/users are checked against the user of the event.</source>
   <target>成功创建用户并添加到组 <x id="0" equiv-text="${this.group.name}"/></target>
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
-  <source>This user will be added to the group &quot;<x id="0" equiv-text="${this.targetGroup.name}"/>&quot;.</source>
+  <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
   <target>此用户将会被添加到组 &amp;quot;<x id="0" equiv-text="${this.targetGroup.name}"/>&amp;quot;。</target>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
 </trans-unit>
     </body>
   </file>
-</xliff>
\ No newline at end of file
+</xliff>
diff --git a/web/xliff/zh-Hant.xlf b/web/xliff/zh-Hant.xlf
index 374c0d8a8c22..b19eae4ca8dd 100644
--- a/web/xliff/zh-Hant.xlf
+++ b/web/xliff/zh-Hant.xlf
@@ -6026,6 +6026,12 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
   <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/web/xliff/zh_TW.xlf b/web/xliff/zh_TW.xlf
index e4d7417d87a5..2367c4581fde 100644
--- a/web/xliff/zh_TW.xlf
+++ b/web/xliff/zh_TW.xlf
@@ -6025,6 +6025,12 @@ Bindings to groups/users are checked against the user of the event.</source>
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
   <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
 </trans-unit>
     </body>
   </file>
diff --git a/website/docs/flow/stages/identification/index.md b/website/docs/flow/stages/identification/index.md
index 1f6d35bb08d3..f2f6cbb981df 100644
--- a/website/docs/flow/stages/identification/index.md
+++ b/website/docs/flow/stages/identification/index.md
@@ -25,3 +25,11 @@ To prompt users for their password on the same step as identifying themselves, a
 ## Enrollment/Recovery Flow
 
 These fields specify if and which flows are linked on the form. The enrollment flow is linked as `Need an account? Sign up.`, and the recovery flow is linked as `Forgot username or password?`.
+
+## Pretend user exists
+
+:::info
+Requires authentik 2024.1
+:::
+
+When enabled, any user identifier will be accepted as valid (as long as they match the correct format, i.e. when [User fields](#user-fields) is set to only allow Emails, then the identifier still needs to be an Email). The stage will succeed and the flow will continue to the next stage. Stages like the [Password stage](../password/index.md) and [Email stage](../email/index.mdx) are aware of this "pretend" user and will behave the same as if the user would exist.
diff --git a/website/docs/releases/2024/v2024.1.md b/website/docs/releases/2024/v2024.1.md
index fb6a71107bbf..c6ffd0f285ef 100644
--- a/website/docs/releases/2024/v2024.1.md
+++ b/website/docs/releases/2024/v2024.1.md
@@ -19,6 +19,10 @@ slug: "/releases/2024.1"
 
 ## New features
 
+-   "Pretend user exists" option for Identification stage
+
+    Previously the identification stage would only continue if a user matching the user identifier exists. While this was the intended functionality, this release adds an option to continue to the next stage even if no matching user was found. "Pretend" users cannot authenticate nor receive emails, and don't exist in the database. **This feature is enabled by default.**
+
 ## Upgrading
 
 This release does not introduce any new requirements.

From 6e5eb67851c3849a0afe2e47788d414c78cd47bd Mon Sep 17 00:00:00 2001
From: "authentik-automation[bot]"
 <135050075+authentik-automation[bot]@users.noreply.github.com>
Date: Sat, 18 Nov 2023 01:58:04 +0100
Subject: [PATCH 04/21] web: bump API Client version (#7613)

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: authentik-automation[bot] <135050075+authentik-automation[bot]@users.noreply.github.com>
---
 web/package-lock.json | 8 ++++----
 web/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/web/package-lock.json b/web/package-lock.json
index b17e0eb660d0..cf66b32d14e5 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -17,7 +17,7 @@
                 "@codemirror/theme-one-dark": "^6.1.2",
                 "@formatjs/intl-listformat": "^7.5.3",
                 "@fortawesome/fontawesome-free": "^6.4.2",
-                "@goauthentik/api": "^2023.10.3-1700176062",
+                "@goauthentik/api": "^2023.10.3-1700268969",
                 "@lit-labs/context": "^0.4.0",
                 "@lit-labs/task": "^3.1.0",
                 "@lit/localize": "^0.11.4",
@@ -2920,9 +2920,9 @@
             }
         },
         "node_modules/@goauthentik/api": {
-            "version": "2023.10.3-1700176062",
-            "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2023.10.3-1700176062.tgz",
-            "integrity": "sha512-iSFjy3X5hUiNShZVaO979sxb003cRSQT/xqJakzzjvXG3aHIRjV2YjcOGAgVaqYfPZGJw962S/MMxePDEH++oQ=="
+            "version": "2023.10.3-1700268969",
+            "resolved": "https://registry.npmjs.org/@goauthentik/api/-/api-2023.10.3-1700268969.tgz",
+            "integrity": "sha512-EwkNfFL8sgPzDRHQ+IlkYyFxlN9U79x3OaRgVR1GuEyKF2XXNm+ftdpqSmTSYeIrObEdOgvKItqKBGw5EYZXsg=="
         },
         "node_modules/@hcaptcha/types": {
             "version": "1.0.3",
diff --git a/web/package.json b/web/package.json
index d589559e703f..6df43e20baa3 100644
--- a/web/package.json
+++ b/web/package.json
@@ -38,7 +38,7 @@
         "@codemirror/theme-one-dark": "^6.1.2",
         "@formatjs/intl-listformat": "^7.5.3",
         "@fortawesome/fontawesome-free": "^6.4.2",
-        "@goauthentik/api": "^2023.10.3-1700176062",
+        "@goauthentik/api": "^2023.10.3-1700268969",
         "@lit-labs/context": "^0.4.0",
         "@lit-labs/task": "^3.1.0",
         "@lit/localize": "^0.11.4",

From d0ada59f5714d8a0f1e58b60638527eac16416e2 Mon Sep 17 00:00:00 2001
From: Jens L <jens@goauthentik.io>
Date: Sun, 19 Nov 2023 00:12:10 +0100
Subject: [PATCH 05/21] tests: better per-test timeouts (#7612)

* tests: better per-test timeouts

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add 120s timeout to all integration test cases

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* used fixed (broken?) random seed

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 .github/workflows/ci-main.yml                |  2 +-
 poetry.lock                                  | 38 +++++++++-----------
 pyproject.toml                               |  1 +
 tests/integration/test_outpost_docker.py     |  3 ++
 tests/integration/test_outpost_kubernetes.py |  4 +++
 tests/integration/test_proxy_docker.py       |  3 ++
 tests/integration/test_proxy_kubernetes.py   |  3 ++
 7 files changed, 31 insertions(+), 23 deletions(-)

diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml
index b78500a2cf43..2eebe378fb25 100644
--- a/.github/workflows/ci-main.yml
+++ b/.github/workflows/ci-main.yml
@@ -117,7 +117,7 @@ jobs:
         uses: helm/kind-action@v1.8.0
       - name: run integration
         run: |
-          poetry run coverage run manage.py test tests/integration
+          poetry run coverage run manage.py test --randomly-seed=2100196988 tests/integration
           poetry run coverage xml
       - if: ${{ always() }}
         uses: codecov/codecov-action@v3
diff --git a/poetry.lock b/poetry.lock
index 034ec6daa93a..f9ced662d693 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -1,4 +1,4 @@
-# This file is automatically @generated by Poetry 1.6.1 and should not be changed by hand.
+# This file is automatically @generated by Poetry 1.7.0 and should not be changed by hand.
 
 [[package]]
 name = "aiohttp"
@@ -2096,16 +2096,6 @@ files = [
     {file = "MarkupSafe-2.1.3-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:5bbe06f8eeafd38e5d0a4894ffec89378b6c6a625ff57e3028921f8ff59318ac"},
     {file = "MarkupSafe-2.1.3-cp311-cp311-win32.whl", hash = "sha256:dd15ff04ffd7e05ffcb7fe79f1b98041b8ea30ae9234aed2a9168b5797c3effb"},
     {file = "MarkupSafe-2.1.3-cp311-cp311-win_amd64.whl", hash = "sha256:134da1eca9ec0ae528110ccc9e48041e0828d79f24121a1a146161103c76e686"},
-    {file = "MarkupSafe-2.1.3-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:f698de3fd0c4e6972b92290a45bd9b1536bffe8c6759c62471efaa8acb4c37bc"},
-    {file = "MarkupSafe-2.1.3-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:aa57bd9cf8ae831a362185ee444e15a93ecb2e344c8e52e4d721ea3ab6ef1823"},
-    {file = "MarkupSafe-2.1.3-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ffcc3f7c66b5f5b7931a5aa68fc9cecc51e685ef90282f4a82f0f5e9b704ad11"},
-    {file = "MarkupSafe-2.1.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:47d4f1c5f80fc62fdd7777d0d40a2e9dda0a05883ab11374334f6c4de38adffd"},
-    {file = "MarkupSafe-2.1.3-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1f67c7038d560d92149c060157d623c542173016c4babc0c1913cca0564b9939"},
-    {file = "MarkupSafe-2.1.3-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:9aad3c1755095ce347e26488214ef77e0485a3c34a50c5a5e2471dff60b9dd9c"},
-    {file = "MarkupSafe-2.1.3-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:14ff806850827afd6b07a5f32bd917fb7f45b046ba40c57abdb636674a8b559c"},
-    {file = "MarkupSafe-2.1.3-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8f9293864fe09b8149f0cc42ce56e3f0e54de883a9de90cd427f191c346eb2e1"},
-    {file = "MarkupSafe-2.1.3-cp312-cp312-win32.whl", hash = "sha256:715d3562f79d540f251b99ebd6d8baa547118974341db04f5ad06d5ea3eb8007"},
-    {file = "MarkupSafe-2.1.3-cp312-cp312-win_amd64.whl", hash = "sha256:1b8dd8c3fd14349433c79fa8abeb573a55fc0fdd769133baac1f5e07abf54aeb"},
     {file = "MarkupSafe-2.1.3-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:8e254ae696c88d98da6555f5ace2279cf7cd5b3f52be2b5cf97feafe883b58d2"},
     {file = "MarkupSafe-2.1.3-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:cb0932dc158471523c9637e807d9bfb93e06a95cbf010f1a38b98623b929ef2b"},
     {file = "MarkupSafe-2.1.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9402b03f1a1b4dc4c19845e5c749e3ab82d5078d16a2a4c2cd2df62d57bb0707"},
@@ -3021,6 +3011,20 @@ files = [
 [package.dependencies]
 pytest = "*"
 
+[[package]]
+name = "pytest-timeout"
+version = "2.2.0"
+description = "pytest plugin to abort hanging tests"
+optional = false
+python-versions = ">=3.7"
+files = [
+    {file = "pytest-timeout-2.2.0.tar.gz", hash = "sha256:3b0b95dabf3cb50bac9ef5ca912fa0cfc286526af17afc806824df20c2f72c90"},
+    {file = "pytest_timeout-2.2.0-py3-none-any.whl", hash = "sha256:bde531e096466f49398a59f2dde76fa78429a09a12411466f88a07213e220de2"},
+]
+
+[package.dependencies]
+pytest = ">=5.0.0"
+
 [[package]]
 name = "python-dateutil"
 version = "2.8.2"
@@ -3095,7 +3099,6 @@ files = [
     {file = "PyYAML-6.0.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:69b023b2b4daa7548bcfbd4aa3da05b3a74b772db9e23b982788168117739938"},
     {file = "PyYAML-6.0.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:81e0b275a9ecc9c0c0c07b4b90ba548307583c125f54d5b6946cfee6360c733d"},
     {file = "PyYAML-6.0.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ba336e390cd8e4d1739f42dfe9bb83a3cc2e80f567d8805e11b46f4a943f5515"},
-    {file = "PyYAML-6.0.1-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:326c013efe8048858a6d312ddd31d56e468118ad4cdeda36c719bf5bb6192290"},
     {file = "PyYAML-6.0.1-cp310-cp310-win32.whl", hash = "sha256:bd4af7373a854424dabd882decdc5579653d7868b8fb26dc7d0e99f823aa5924"},
     {file = "PyYAML-6.0.1-cp310-cp310-win_amd64.whl", hash = "sha256:fd1592b3fdf65fff2ad0004b5e363300ef59ced41c2e6b3a99d4089fa8c5435d"},
     {file = "PyYAML-6.0.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:6965a7bc3cf88e5a1c3bd2e0b5c22f8d677dc88a455344035f03399034eb3007"},
@@ -3103,15 +3106,8 @@ files = [
     {file = "PyYAML-6.0.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:42f8152b8dbc4fe7d96729ec2b99c7097d656dc1213a3229ca5383f973a5ed6d"},
     {file = "PyYAML-6.0.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:062582fca9fabdd2c8b54a3ef1c978d786e0f6b3a1510e0ac93ef59e0ddae2bc"},
     {file = "PyYAML-6.0.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d2b04aac4d386b172d5b9692e2d2da8de7bfb6c387fa4f801fbf6fb2e6ba4673"},
-    {file = "PyYAML-6.0.1-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:e7d73685e87afe9f3b36c799222440d6cf362062f78be1013661b00c5c6f678b"},
     {file = "PyYAML-6.0.1-cp311-cp311-win32.whl", hash = "sha256:1635fd110e8d85d55237ab316b5b011de701ea0f29d07611174a1b42f1444741"},
     {file = "PyYAML-6.0.1-cp311-cp311-win_amd64.whl", hash = "sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34"},
-    {file = "PyYAML-6.0.1-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:855fb52b0dc35af121542a76b9a84f8d1cd886ea97c84703eaa6d88e37a2ad28"},
-    {file = "PyYAML-6.0.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:40df9b996c2b73138957fe23a16a4f0ba614f4c0efce1e9406a184b6d07fa3a9"},
-    {file = "PyYAML-6.0.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c22bec3fbe2524cde73d7ada88f6566758a8f7227bfbf93a408a9d86bcc12a0"},
-    {file = "PyYAML-6.0.1-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8d4e9c88387b0f5c7d5f281e55304de64cf7f9c0021a3525bd3b1c542da3b0e4"},
-    {file = "PyYAML-6.0.1-cp312-cp312-win32.whl", hash = "sha256:d483d2cdf104e7c9fa60c544d92981f12ad66a457afae824d146093b8c294c54"},
-    {file = "PyYAML-6.0.1-cp312-cp312-win_amd64.whl", hash = "sha256:0d3304d8c0adc42be59c5f8a4d9e3d7379e6955ad754aa9d6ab7a398b59dd1df"},
     {file = "PyYAML-6.0.1-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:50550eb667afee136e9a77d6dc71ae76a44df8b3e51e41b77f6de2932bfe0f47"},
     {file = "PyYAML-6.0.1-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1fe35611261b29bd1de0070f0b2f47cb6ff71fa6595c077e42bd0c419fa27b98"},
     {file = "PyYAML-6.0.1-cp36-cp36m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:704219a11b772aea0d8ecd7058d0082713c3562b4e271b849ad7dc4a5c90c13c"},
@@ -3128,7 +3124,6 @@ files = [
     {file = "PyYAML-6.0.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a0cd17c15d3bb3fa06978b4e8958dcdc6e0174ccea823003a106c7d4d7899ac5"},
     {file = "PyYAML-6.0.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:28c119d996beec18c05208a8bd78cbe4007878c6dd15091efb73a30e90539696"},
     {file = "PyYAML-6.0.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7e07cbde391ba96ab58e532ff4803f79c4129397514e1413a7dc761ccd755735"},
-    {file = "PyYAML-6.0.1-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:49a183be227561de579b4a36efbb21b3eab9651dd81b1858589f796549873dd6"},
     {file = "PyYAML-6.0.1-cp38-cp38-win32.whl", hash = "sha256:184c5108a2aca3c5b3d3bf9395d50893a7ab82a38004c8f61c258d4428e80206"},
     {file = "PyYAML-6.0.1-cp38-cp38-win_amd64.whl", hash = "sha256:1e2722cc9fbb45d9b87631ac70924c11d3a401b2d7f410cc0e3bbf249f2dca62"},
     {file = "PyYAML-6.0.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:9eb6caa9a297fc2c2fb8862bc5370d0303ddba53ba97e71f08023b6cd73d16a8"},
@@ -3136,7 +3131,6 @@ files = [
     {file = "PyYAML-6.0.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5773183b6446b2c99bb77e77595dd486303b4faab2b086e7b17bc6bef28865f6"},
     {file = "PyYAML-6.0.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:b786eecbdf8499b9ca1d697215862083bd6d2a99965554781d0d8d1ad31e13a0"},
     {file = "PyYAML-6.0.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bc1bf2925a1ecd43da378f4db9e4f799775d6367bdb94671027b73b393a7c42c"},
-    {file = "PyYAML-6.0.1-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:04ac92ad1925b2cff1db0cfebffb6ffc43457495c9b3c39d3fcae417d7125dc5"},
     {file = "PyYAML-6.0.1-cp39-cp39-win32.whl", hash = "sha256:faca3bdcf85b2fc05d06ff3fbc1f83e1391b3e724afa3feba7d13eeab355484c"},
     {file = "PyYAML-6.0.1-cp39-cp39-win_amd64.whl", hash = "sha256:510c9deebc5c0225e8c96813043e62b680ba2f9c50a08d3724c7f28a747d1486"},
     {file = "PyYAML-6.0.1.tar.gz", hash = "sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43"},
@@ -4313,4 +4307,4 @@ files = [
 [metadata]
 lock-version = "2.0"
 python-versions = "^3.11"
-content-hash = "2fc746976187f4674f04575cffd6a367744723bf78c356b6951c2370bc47ceae"
+content-hash = "9cb60a5e73aa1da7d95e319fa666aac06715ba44f6bcb3ab07d0a3b12aa23c84"
diff --git a/pyproject.toml b/pyproject.toml
index 596c0a9b4f73..ee641196cff5 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -192,6 +192,7 @@ pytest = "*"
 pytest-django = "*"
 pytest-github-actions-annotate-failures = "*"
 pytest-randomly = "*"
+pytest-timeout = "*"
 requests-mock = "*"
 ruff = "*"
 selenium = "*"
diff --git a/tests/integration/test_outpost_docker.py b/tests/integration/test_outpost_docker.py
index 4e12cbbca817..19b00b3338b2 100644
--- a/tests/integration/test_outpost_docker.py
+++ b/tests/integration/test_outpost_docker.py
@@ -2,6 +2,7 @@
 from shutil import rmtree
 from tempfile import mkdtemp
 
+import pytest
 import yaml
 from channels.testing import ChannelsLiveServerTestCase
 from docker import DockerClient, from_env
@@ -95,12 +96,14 @@ def tearDown(self) -> None:
         except PermissionError:
             pass
 
+    @pytest.mark.timeout(120)
     def test_docker_controller(self):
         """test that deployment requires update"""
         controller = DockerController(self.outpost, self.service_connection)
         controller.up()
         controller.down()
 
+    @pytest.mark.timeout(120)
     def test_docker_static(self):
         """test that deployment requires update"""
         controller = DockerController(self.outpost, self.service_connection)
diff --git a/tests/integration/test_outpost_kubernetes.py b/tests/integration/test_outpost_kubernetes.py
index ac5e38bcad7c..58a1195ddab8 100644
--- a/tests/integration/test_outpost_kubernetes.py
+++ b/tests/integration/test_outpost_kubernetes.py
@@ -1,6 +1,7 @@
 """outpost tests"""
 from unittest.mock import MagicMock, patch
 
+import pytest
 from django.test import TestCase
 from kubernetes.client import AppsV1Api
 from kubernetes.client.exceptions import OpenApiException
@@ -50,6 +51,7 @@ def setUp(self):
         self.outpost.providers.add(self.provider)
         self.outpost.save()
 
+    @pytest.mark.timeout(120)
     def test_deployment_reconciler(self):
         """test that deployment requires update"""
         controller = ProxyKubernetesController(self.outpost, self.service_connection)
@@ -88,6 +90,7 @@ def test_deployment_reconciler(self):
 
         deployment_reconciler.delete(deployment_reconciler.get_reference_object())
 
+    @pytest.mark.timeout(120)
     def test_controller_rename(self):
         """test that objects get deleted and re-created with new names"""
         controller = ProxyKubernetesController(self.outpost, self.service_connection)
@@ -100,6 +103,7 @@ def test_controller_rename(self):
             apps.read_namespaced_deployment("test", self.outpost.config.kubernetes_namespace)
         controller.down()
 
+    @pytest.mark.timeout(120)
     def test_controller_full_update(self):
         """Test an update that triggers all objects"""
         controller = ProxyKubernetesController(self.outpost, self.service_connection)
diff --git a/tests/integration/test_proxy_docker.py b/tests/integration/test_proxy_docker.py
index 8cbeb0bdddf3..7b4e11ba8083 100644
--- a/tests/integration/test_proxy_docker.py
+++ b/tests/integration/test_proxy_docker.py
@@ -2,6 +2,7 @@
 from shutil import rmtree
 from tempfile import mkdtemp
 
+import pytest
 import yaml
 from channels.testing.live import ChannelsLiveServerTestCase
 from docker import DockerClient, from_env
@@ -95,12 +96,14 @@ def tearDown(self) -> None:
         except PermissionError:
             pass
 
+    @pytest.mark.timeout(120)
     def test_docker_controller(self):
         """test that deployment requires update"""
         controller = DockerController(self.outpost, self.service_connection)
         controller.up()
         controller.down()
 
+    @pytest.mark.timeout(120)
     def test_docker_static(self):
         """test that deployment requires update"""
         controller = DockerController(self.outpost, self.service_connection)
diff --git a/tests/integration/test_proxy_kubernetes.py b/tests/integration/test_proxy_kubernetes.py
index 3e1fed7152b9..935c0c134d47 100644
--- a/tests/integration/test_proxy_kubernetes.py
+++ b/tests/integration/test_proxy_kubernetes.py
@@ -1,6 +1,7 @@
 """Test Controllers"""
 from typing import Optional
 
+import pytest
 import yaml
 from django.test import TestCase
 from structlog.stdlib import get_logger
@@ -32,6 +33,7 @@ def tearDown(self) -> None:
                 LOGGER.info(log)
         return super().tearDown()
 
+    @pytest.mark.timeout(120)
     def test_kubernetes_controller_static(self):
         """Test Kubernetes Controller"""
         provider: ProxyProvider = ProxyProvider.objects.create(
@@ -53,6 +55,7 @@ def test_kubernetes_controller_static(self):
         manifest = self.controller.get_static_deployment()
         self.assertEqual(len(list(yaml.load_all(manifest, Loader=yaml.SafeLoader))), 4)
 
+    @pytest.mark.timeout(120)
     def test_kubernetes_controller_ingress(self):
         """Test Kubernetes Controller's Ingress"""
         provider: ProxyProvider = ProxyProvider.objects.create(

From f432dbeca00002f5baf76c73812aed005872e6de Mon Sep 17 00:00:00 2001
From: "transifex-integration[bot]"
 <43880903+transifex-integration[bot]@users.noreply.github.com>
Date: Sun, 19 Nov 2023 00:30:54 +0100
Subject: [PATCH 06/21] translate: Updates for file web/xliff/en.xlf in zh_CN
 (#7618)

Translate web/xliff/en.xlf in zh_CN

100% translated source file: 'web/xliff/en.xlf'
on 'zh_CN'.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
---
 web/xliff/zh_CN.xlf | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/web/xliff/zh_CN.xlf b/web/xliff/zh_CN.xlf
index f5a1beabb934..e11e7e4adc5c 100644
--- a/web/xliff/zh_CN.xlf
+++ b/web/xliff/zh_CN.xlf
@@ -7980,6 +7980,14 @@ Bindings to groups/users are checked against the user of the event.</source>
 <trans-unit id="s824e0943a7104668">
   <source>This user will be added to the group &quot;<x id="0" equiv-text="${this.targetGroup.name}"/>&quot;.</source>
   <target>此用户将会被添加到组 &amp;quot;<x id="0" equiv-text="${this.targetGroup.name}"/>&amp;quot;。</target>
+</trans-unit>
+<trans-unit id="s62e7f6ed7d9cb3ca">
+  <source>Pretend user exists</source>
+  <target>假作用户存在</target>
+</trans-unit>
+<trans-unit id="s52bdc80690a9a8dc">
+  <source>When enabled, the stage will always accept the given user identifier and continue.</source>
+  <target>启用时，此阶段总是会接受指定的用户 ID 并继续。</target>
 </trans-unit>
     </body>
   </file>

From 0c2bccb8589b01c9765cd21ac2ccd741c56e8b69 Mon Sep 17 00:00:00 2001
From: "transifex-integration[bot]"
 <43880903+transifex-integration[bot]@users.noreply.github.com>
Date: Sun, 19 Nov 2023 00:31:08 +0100
Subject: [PATCH 07/21] translate: Updates for file web/xliff/en.xlf in zh-Hans
 (#7619)

Translate web/xliff/en.xlf in zh-Hans

100% translated source file: 'web/xliff/en.xlf'
on 'zh-Hans'.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
---
 web/xliff/zh-Hans.xlf | 50 ++++++++++++++++++++++---------------------
 1 file changed, 26 insertions(+), 24 deletions(-)

diff --git a/web/xliff/zh-Hans.xlf b/web/xliff/zh-Hans.xlf
index 8bb74ce3aec2..aa8d0b51060c 100644
--- a/web/xliff/zh-Hans.xlf
+++ b/web/xliff/zh-Hans.xlf
@@ -1,4 +1,4 @@
-<?xml version="1.0"?><xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" version="1.2">
+<?xml version="1.0" ?><xliff xmlns="urn:oasis:names:tc:xliff:document:1.2" version="1.2">
   <file target-language="zh-Hans" source-language="en" original="lit-localize-inputs" datatype="plaintext">
     <body>
       <trans-unit id="s4caed5b7a7e5d89b">
@@ -613,9 +613,9 @@
         
       </trans-unit>
       <trans-unit id="saa0e2675da69651b">
-        <source>The URL "<x id="0" equiv-text="${this.url}"/>" was not found.</source>
-        <target>未找到 URL " 
-        <x id="0" equiv-text="${this.url}"/>"。</target>
+        <source>The URL &quot;<x id="0" equiv-text="${this.url}"/>&quot; was not found.</source>
+        <target>未找到 URL &quot; 
+        <x id="0" equiv-text="${this.url}"/>&quot;。</target>
         
       </trans-unit>
       <trans-unit id="s58cd9c2fe836d9c6">
@@ -1057,8 +1057,8 @@
         
       </trans-unit>
       <trans-unit id="sa8384c9c26731f83">
-        <source>To allow any redirect URI, set this value to ".*". Be aware of the possible security implications this can have.</source>
-        <target>要允许任何重定向 URI，请将此值设置为 ".*"。请注意这可能带来的安全影响。</target>
+        <source>To allow any redirect URI, set this value to &quot;.*&quot;. Be aware of the possible security implications this can have.</source>
+        <target>要允许任何重定向 URI，请将此值设置为 &quot;.*&quot;。请注意这可能带来的安全影响。</target>
         
       </trans-unit>
       <trans-unit id="s55787f4dfcdce52b">
@@ -1799,8 +1799,8 @@
         
       </trans-unit>
       <trans-unit id="sa90b7809586c35ce">
-        <source>Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon "fa-test".</source>
-        <target>输入完整 URL、相对路径，或者使用 'fa://fa-test' 来使用 Font Awesome 图标 "fa-test"。</target>
+        <source>Either input a full URL, a relative path, or use 'fa://fa-test' to use the Font Awesome icon &quot;fa-test&quot;.</source>
+        <target>输入完整 URL、相对路径，或者使用 'fa://fa-test' 来使用 Font Awesome 图标 &quot;fa-test&quot;。</target>
         
       </trans-unit>
       <trans-unit id="s0410779cb47de312">
@@ -2988,8 +2988,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s76768bebabb7d543">
-        <source>Field which contains members of a group. Note that if using the "memberUid" field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...'</source>
-        <target>包含组成员的字段。请注意，如果使用 "memberUid" 字段，则假定该值包含相对可分辨名称。例如，'memberUid=some-user' 而不是 'memberUid=cn=some-user,ou=groups,...'</target>
+        <source>Field which contains members of a group. Note that if using the &quot;memberUid&quot; field, the value is assumed to contain a relative distinguished name. e.g. 'memberUid=some-user' instead of 'memberUid=cn=some-user,ou=groups,...'</source>
+        <target>包含组成员的字段。请注意，如果使用 &quot;memberUid&quot; 字段，则假定该值包含相对可分辨名称。例如，'memberUid=some-user' 而不是 'memberUid=cn=some-user,ou=groups,...'</target>
         
       </trans-unit>
       <trans-unit id="s026555347e589f0e">
@@ -3781,8 +3781,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s7b1fba26d245cb1c">
-        <source>When using an external logging solution for archiving, this can be set to "minutes=5".</source>
-        <target>使用外部日志记录解决方案进行存档时，可以将其设置为 "minutes=5"。</target>
+        <source>When using an external logging solution for archiving, this can be set to &quot;minutes=5&quot;.</source>
+        <target>使用外部日志记录解决方案进行存档时，可以将其设置为 &quot;minutes=5&quot;。</target>
         
       </trans-unit>
       <trans-unit id="s44536d20bb5c8257">
@@ -3791,8 +3791,8 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s3bb51cabb02b997e">
-        <source>Format: "weeks=3;days=2;hours=3,seconds=2".</source>
-        <target>格式："weeks=3;days=2;hours=3,seconds=2"。</target>
+        <source>Format: &quot;weeks=3;days=2;hours=3,seconds=2&quot;.</source>
+        <target>格式：&quot;weeks=3;days=2;hours=3,seconds=2&quot;。</target>
         
       </trans-unit>
       <trans-unit id="s04bfd02201db5ab8">
@@ -3988,10 +3988,10 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="sa95a538bfbb86111">
-        <source>Are you sure you want to update <x id="0" equiv-text="${this.objectLabel}"/> "<x id="1" equiv-text="${this.obj?.name}"/>"?</source>
+        <source>Are you sure you want to update <x id="0" equiv-text="${this.objectLabel}"/> &quot;<x id="1" equiv-text="${this.obj?.name}"/>&quot;?</source>
         <target>您确定要更新 
-        <x id="0" equiv-text="${this.objectLabel}"/>" 
-        <x id="1" equiv-text="${this.obj?.name}"/>" 吗？</target>
+        <x id="0" equiv-text="${this.objectLabel}"/>&quot; 
+        <x id="1" equiv-text="${this.obj?.name}"/>&quot; 吗？</target>
         
       </trans-unit>
       <trans-unit id="sc92d7cfb6ee1fec6">
@@ -5077,7 +5077,7 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="sdf1d8edef27236f0">
-        <source>A "roaming" authenticator, like a YubiKey</source>
+        <source>A &quot;roaming&quot; authenticator, like a YubiKey</source>
         <target>像 YubiKey 这样的“漫游”身份验证器</target>
         
       </trans-unit>
@@ -5412,10 +5412,10 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s2d5f69929bb7221d">
-        <source><x id="0" equiv-text="${prompt.name}"/> ("<x id="1" equiv-text="${prompt.fieldKey}"/>", of type <x id="2" equiv-text="${prompt.type}"/>)</source>
+        <source><x id="0" equiv-text="${prompt.name}"/> (&quot;<x id="1" equiv-text="${prompt.fieldKey}"/>&quot;, of type <x id="2" equiv-text="${prompt.type}"/>)</source>
         <target>
-        <x id="0" equiv-text="${prompt.name}"/>（" 
-        <x id="1" equiv-text="${prompt.fieldKey}"/>"，类型为 
+        <x id="0" equiv-text="${prompt.name}"/>（&quot; 
+        <x id="1" equiv-text="${prompt.fieldKey}"/>&quot;，类型为 
         <x id="2" equiv-text="${prompt.type}"/>）</target>
         
       </trans-unit>
@@ -5464,7 +5464,7 @@ doesn't pass when either or both of the selected options are equal or above the
         
       </trans-unit>
       <trans-unit id="s1608b2f94fa0dbd4">
-        <source>If set to a duration above 0, the user will have the option to choose to "stay signed in", which will extend their session by the time specified here.</source>
+        <source>If set to a duration above 0, the user will have the option to choose to &quot;stay signed in&quot;, which will extend their session by the time specified here.</source>
         <target>如果设置时长大于 0，用户可以选择“保持登录”选项，这将使用户的会话延长此处设置的时间。</target>
         
       </trans-unit>
@@ -7978,15 +7978,17 @@ Bindings to groups/users are checked against the user of the event.</source>
   <target>成功创建用户并添加到组 <x id="0" equiv-text="${this.group.name}"/></target>
 </trans-unit>
 <trans-unit id="s824e0943a7104668">
-  <source>This user will be added to the group "<x id="0" equiv-text="${this.targetGroup.name}"/>".</source>
+  <source>This user will be added to the group &quot;<x id="0" equiv-text="${this.targetGroup.name}"/>&quot;.</source>
   <target>此用户将会被添加到组 &amp;quot;<x id="0" equiv-text="${this.targetGroup.name}"/>&amp;quot;。</target>
 </trans-unit>
 <trans-unit id="s62e7f6ed7d9cb3ca">
   <source>Pretend user exists</source>
+  <target>假作用户存在</target>
 </trans-unit>
 <trans-unit id="s52bdc80690a9a8dc">
   <source>When enabled, the stage will always accept the given user identifier and continue.</source>
+  <target>启用时，此阶段总是会接受指定的用户 ID 并继续。</target>
 </trans-unit>
     </body>
   </file>
-</xliff>
+</xliff>
\ No newline at end of file

From f2831609422dbf4d35d5f6a88635e2ef7feae081 Mon Sep 17 00:00:00 2001
From: Jens L <jens@goauthentik.io>
Date: Sun, 19 Nov 2023 00:33:37 +0100
Subject: [PATCH 08/21] root: specify node and python versions in respective
 config files, deduplicate in CI (#7620)

* root: specify node and python versions in respective config files, deduplicate in CI

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix engines missing for wdio

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* bump setup python version

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* actually don't bump a bunch of things

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 .github/actions/setup/action.yml      | 16 ++++++++++------
 .github/workflows/ci-outpost.yml      |  2 +-
 .github/workflows/ci-web.yml          | 10 +++++-----
 .github/workflows/ci-website.yml      |  6 +++---
 .github/workflows/release-publish.yml |  2 +-
 .github/workflows/web-api-publish.yml |  2 +-
 poetry.lock                           |  9 +++------
 pyproject.toml                        |  6 +++---
 tests/wdio/package.json               |  3 +++
 web/package-lock.json                 |  3 +++
 web/package.json                      |  3 +++
 website/package.json                  |  3 +++
 12 files changed, 39 insertions(+), 26 deletions(-)

diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml
index c13282ba073e..a52a79bf752e 100644
--- a/.github/actions/setup/action.yml
+++ b/.github/actions/setup/action.yml
@@ -9,23 +9,27 @@ inputs:
 runs:
   using: "composite"
   steps:
-    - name: Install poetry
+    - name: Install poetry & deps
       shell: bash
       run: |
         pipx install poetry || true
-        sudo apt update
-        sudo apt install -y libpq-dev openssl libxmlsec1-dev pkg-config gettext
+        sudo apt-get update
+        sudo apt-get install --no-install-recommends -y libpq-dev openssl libxmlsec1-dev pkg-config gettext
     - name: Setup python and restore poetry
-      uses: actions/setup-python@v3
+      uses: actions/setup-python@v4
       with:
-        python-version: "3.11"
+        python-version-file: 'pyproject.toml'
         cache: "poetry"
     - name: Setup node
       uses: actions/setup-node@v3
       with:
-        node-version: "20"
+        node-version-file: web/package.json
         cache: "npm"
         cache-dependency-path: web/package-lock.json
+    - name: Setup go
+      uses: actions/setup-go@v4
+      with:
+        go-version-file: "go.mod"
     - name: Setup dependencies
       shell: bash
       run: |
diff --git a/.github/workflows/ci-outpost.yml b/.github/workflows/ci-outpost.yml
index ba0447798181..3514efe091e4 100644
--- a/.github/workflows/ci-outpost.yml
+++ b/.github/workflows/ci-outpost.yml
@@ -130,7 +130,7 @@ jobs:
           go-version-file: "go.mod"
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: web/package.json
           cache: "npm"
           cache-dependency-path: web/package-lock.json
       - name: Generate API
diff --git a/.github/workflows/ci-web.yml b/.github/workflows/ci-web.yml
index fd1e361820a8..43ca0a168f33 100644
--- a/.github/workflows/ci-web.yml
+++ b/.github/workflows/ci-web.yml
@@ -24,7 +24,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: ${{ matrix.project }}/package.json
           cache: "npm"
           cache-dependency-path: ${{ matrix.project }}/package-lock.json
       - working-directory: ${{ matrix.project }}/
@@ -40,7 +40,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: web/package.json
           cache: "npm"
           cache-dependency-path: web/package-lock.json
       - working-directory: web/
@@ -62,7 +62,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: ${{ matrix.project }}/package.json
           cache: "npm"
           cache-dependency-path: ${{ matrix.project }}/package-lock.json
       - working-directory: ${{ matrix.project }}/
@@ -78,7 +78,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: web/package.json
           cache: "npm"
           cache-dependency-path: web/package-lock.json
       - working-directory: web/
@@ -110,7 +110,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: web/package.json
           cache: "npm"
           cache-dependency-path: web/package-lock.json
       - working-directory: web/
diff --git a/.github/workflows/ci-website.yml b/.github/workflows/ci-website.yml
index 2a52c7c2ef78..78a3a8f8a1bf 100644
--- a/.github/workflows/ci-website.yml
+++ b/.github/workflows/ci-website.yml
@@ -18,7 +18,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: website/package.json
           cache: "npm"
           cache-dependency-path: website/package-lock.json
       - working-directory: website/
@@ -32,7 +32,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: website/package.json
           cache: "npm"
           cache-dependency-path: website/package-lock.json
       - working-directory: website/
@@ -53,7 +53,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: website/package.json
           cache: "npm"
           cache-dependency-path: website/package-lock.json
       - working-directory: website/
diff --git a/.github/workflows/release-publish.yml b/.github/workflows/release-publish.yml
index fe6233740e6e..4d75af0d8a64 100644
--- a/.github/workflows/release-publish.yml
+++ b/.github/workflows/release-publish.yml
@@ -131,7 +131,7 @@ jobs:
           go-version-file: "go.mod"
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: web/package.json
           cache: "npm"
           cache-dependency-path: web/package-lock.json
       - name: Build web
diff --git a/.github/workflows/web-api-publish.yml b/.github/workflows/web-api-publish.yml
index a6dfaeaa96ff..4c617a1992d0 100644
--- a/.github/workflows/web-api-publish.yml
+++ b/.github/workflows/web-api-publish.yml
@@ -19,7 +19,7 @@ jobs:
           token: ${{ steps.generate_token.outputs.token }}
       - uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version-file: web/package.json
           registry-url: "https://registry.npmjs.org"
       - name: Generate API Client
         run: make gen-client-ts
diff --git a/poetry.lock b/poetry.lock
index f9ced662d693..8f132fb53f33 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -2829,10 +2829,7 @@ files = [
 [package.dependencies]
 astroid = ">=3.0.1,<=3.1.0-dev0"
 colorama = {version = ">=0.4.5", markers = "sys_platform == \"win32\""}
-dill = [
-    {version = ">=0.3.7", markers = "python_version >= \"3.12\""},
-    {version = ">=0.3.6", markers = "python_version >= \"3.11\" and python_version < \"3.12\""},
-]
+dill = {version = ">=0.3.6", markers = "python_version >= \"3.11\""}
 isort = ">=4.2.5,<6"
 mccabe = ">=0.6,<0.8"
 platformdirs = ">=2.2.0"
@@ -4306,5 +4303,5 @@ files = [
 
 [metadata]
 lock-version = "2.0"
-python-versions = "^3.11"
-content-hash = "9cb60a5e73aa1da7d95e319fa666aac06715ba44f6bcb3ab07d0a3b12aa23c84"
+python-versions = "~3.11"
+content-hash = "f64a4f4c392d2f40ec97276254d470d3e3768f5d1a975bf807e30c7ffcbcc79a"
diff --git a/pyproject.toml b/pyproject.toml
index ee641196cff5..139c447aabfe 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -151,10 +151,10 @@ packaging = "*"
 paramiko = "*"
 psycopg = { extras = ["c"], version = "*" }
 pycryptodome = "*"
-pydantic = "<3.0.0"
-pydantic-scim = "^0.0.8"
+pydantic = "*"
+pydantic-scim = "*"
 pyjwt = "*"
-python = "^3.11"
+python = "~3.11"
 pyyaml = "*"
 requests-oauthlib = "*"
 sentry-sdk = "*"
diff --git a/tests/wdio/package.json b/tests/wdio/package.json
index cd5745130c0c..7a08d5be1b26 100644
--- a/tests/wdio/package.json
+++ b/tests/wdio/package.json
@@ -27,5 +27,8 @@
         "precommit": "run-s lint:precommit lint:spelling prettier",
         "prettier-check": "prettier --check .",
         "prettier": "prettier --write ."
+    },
+    "engines": {
+        "node": ">=20"
     }
 }
diff --git a/web/package-lock.json b/web/package-lock.json
index cf66b32d14e5..7d82b1c39dcd 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -100,6 +100,9 @@
                 "typescript": "^5.2.2",
                 "vite-tsconfig-paths": "^4.2.1"
             },
+            "engines": {
+                "node": ">=20"
+            },
             "optionalDependencies": {
                 "@esbuild/darwin-arm64": "^0.19.5",
                 "@esbuild/linux-amd64": "^0.18.11",
diff --git a/web/package.json b/web/package.json
index 6df43e20baa3..83b9b12aab0f 100644
--- a/web/package.json
+++ b/web/package.json
@@ -125,5 +125,8 @@
         "@esbuild/darwin-arm64": "^0.19.5",
         "@esbuild/linux-amd64": "^0.18.11",
         "@esbuild/linux-arm64": "^0.19.5"
+    },
+    "engines": {
+        "node": ">=20"
     }
 }
diff --git a/website/package.json b/website/package.json
index f76a48bca5c2..c9f1b0c2a08b 100644
--- a/website/package.json
+++ b/website/package.json
@@ -55,5 +55,8 @@
         "@types/react": "^18.2.37",
         "prettier": "3.1.0",
         "typescript": "~5.2.2"
+    },
+    "engines": {
+        "node": ">=20"
     }
 }

From fe0d206656a41cb1eef81dd5ed34071b8581f2ab Mon Sep 17 00:00:00 2001
From: "transifex-integration[bot]"
 <43880903+transifex-integration[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:52:39 +0100
Subject: [PATCH 09/21] translate: Updates for file
 locale/en/LC_MESSAGES/django.po in zh_TW (#7628)

Translate locale/en/LC_MESSAGES/django.po in zh_TW

100% translated source file: 'locale/en/LC_MESSAGES/django.po'
on 'zh_TW'.

Co-authored-by: transifex-integration[bot] <43880903+transifex-integration[bot]@users.noreply.github.com>
---
 locale/zh_TW/LC_MESSAGES/django.po | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/locale/zh_TW/LC_MESSAGES/django.po b/locale/zh_TW/LC_MESSAGES/django.po
index 6618400ded57..1b1908d494ec 100644
--- a/locale/zh_TW/LC_MESSAGES/django.po
+++ b/locale/zh_TW/LC_MESSAGES/django.po
@@ -2333,7 +2333,7 @@ msgstr "選擇要對照測試密碼的後端。"
 msgid ""
 "How many attempts a user has before the flow is canceled. To lock the user "
 "out, use a reputation policy and a user_write stage."
-msgstr "在取消流程前使用者嘗試的次數。要鎖定使用者請使用融域政策和 user_write 階段。"
+msgstr "在取消流程前使用者嘗試的次數。要鎖定使用者請使用名譽政策和 user_write 階段。"
 
 #: authentik/stages/password/models.py:75
 msgid "Password Stage"

From f2e10c7d115baaaac7617babefb6d50c4c2a4612 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:52:49 +0100
Subject: [PATCH 10/21] web: bump the wdio group in /tests/wdio with 4 updates
 (#7636)

Bumps the wdio group in /tests/wdio with 4 updates: [@wdio/cli](https://github.com/webdriverio/webdriverio/tree/HEAD/packages/wdio-cli), [@wdio/local-runner](https://github.com/webdriverio/webdriverio/tree/HEAD/packages/wdio-local-runner), [@wdio/mocha-framework](https://github.com/webdriverio/webdriverio/tree/HEAD/packages/wdio-mocha-framework) and [@wdio/spec-reporter](https://github.com/webdriverio/webdriverio/tree/HEAD/packages/wdio-spec-reporter).


Updates `@wdio/cli` from 8.23.0 to 8.23.1
- [Release notes](https://github.com/webdriverio/webdriverio/releases)
- [Changelog](https://github.com/webdriverio/webdriverio/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webdriverio/webdriverio/commits/v8.23.1/packages/wdio-cli)

Updates `@wdio/local-runner` from 8.23.0 to 8.23.1
- [Release notes](https://github.com/webdriverio/webdriverio/releases)
- [Changelog](https://github.com/webdriverio/webdriverio/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webdriverio/webdriverio/commits/v8.23.1/packages/wdio-local-runner)

Updates `@wdio/mocha-framework` from 8.23.0 to 8.23.1
- [Release notes](https://github.com/webdriverio/webdriverio/releases)
- [Changelog](https://github.com/webdriverio/webdriverio/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webdriverio/webdriverio/commits/v8.23.1/packages/wdio-mocha-framework)

Updates `@wdio/spec-reporter` from 8.23.0 to 8.23.1
- [Release notes](https://github.com/webdriverio/webdriverio/releases)
- [Changelog](https://github.com/webdriverio/webdriverio/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webdriverio/webdriverio/commits/v8.23.1/packages/wdio-spec-reporter)

---
updated-dependencies:
- dependency-name: "@wdio/cli"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: wdio
- dependency-name: "@wdio/local-runner"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: wdio
- dependency-name: "@wdio/mocha-framework"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: wdio
- dependency-name: "@wdio/spec-reporter"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: wdio
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 tests/wdio/package-lock.json | 151 ++++++++++++++++++-----------------
 tests/wdio/package.json      |   8 +-
 2 files changed, 81 insertions(+), 78 deletions(-)

diff --git a/tests/wdio/package-lock.json b/tests/wdio/package-lock.json
index 5806539b4a7f..0344ef3b22bb 100644
--- a/tests/wdio/package-lock.json
+++ b/tests/wdio/package-lock.json
@@ -9,10 +9,10 @@
                 "@trivago/prettier-plugin-sort-imports": "^4.3.0",
                 "@typescript-eslint/eslint-plugin": "^6.11.0",
                 "@typescript-eslint/parser": "^6.11.0",
-                "@wdio/cli": "^8.23.0",
-                "@wdio/local-runner": "^8.23.0",
-                "@wdio/mocha-framework": "^8.23.0",
-                "@wdio/spec-reporter": "^8.23.0",
+                "@wdio/cli": "^8.23.1",
+                "@wdio/local-runner": "^8.23.1",
+                "@wdio/mocha-framework": "^8.23.1",
+                "@wdio/spec-reporter": "^8.23.1",
                 "eslint": "^8.53.0",
                 "eslint-config-google": "^0.14.0",
                 "eslint-plugin-sonarjs": "^0.23.0",
@@ -21,6 +21,9 @@
                 "ts-node": "^10.9.1",
                 "typescript": "^5.2.2",
                 "wdio-wait-for": "^3.0.8"
+            },
+            "engines": {
+                "node": ">=20"
             }
         },
         "node_modules/@aashutoshrathi/word-wrap": {
@@ -1135,18 +1138,18 @@
             "dev": true
         },
         "node_modules/@wdio/cli": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/@wdio/cli/-/cli-8.23.0.tgz",
-            "integrity": "sha512-4UpXgU4XpTlJFgCLH92T5NR4kAKlEXdOqsS86MXPQiyMnPD1+zcqEa/FTk0rA4HMq/FGV4nZlxr/hThhjgmu+Q==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/cli/-/cli-8.23.1.tgz",
+            "integrity": "sha512-So8gl6iEoFtChJaOhE0vl0nJVoate1JfmGeMTLoKaeDf1PzSD9fj1Xvyp83elSjnSLV+QbJ07ew8c8+JEcsHRg==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.1",
-                "@wdio/config": "8.23.0",
-                "@wdio/globals": "8.23.0",
+                "@wdio/config": "8.23.1",
+                "@wdio/globals": "8.23.1",
                 "@wdio/logger": "8.16.17",
                 "@wdio/protocols": "8.23.0",
-                "@wdio/types": "8.23.0",
-                "@wdio/utils": "8.23.0",
+                "@wdio/types": "8.23.1",
+                "@wdio/utils": "8.23.1",
                 "async-exit-hook": "^2.0.1",
                 "chalk": "^5.2.0",
                 "chokidar": "^3.5.3",
@@ -1162,7 +1165,7 @@
                 "lodash.union": "^4.6.0",
                 "read-pkg-up": "^10.0.0",
                 "recursive-readdir": "^2.2.3",
-                "webdriverio": "8.23.0",
+                "webdriverio": "8.23.1",
                 "yargs": "^17.7.2"
             },
             "bin": {
@@ -1185,14 +1188,14 @@
             }
         },
         "node_modules/@wdio/config": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/@wdio/config/-/config-8.23.0.tgz",
-            "integrity": "sha512-7Tlmw1x4jMN5cVtx3OGX+KAJBXNRBLVJY2L5ihh/9SlWZ5wtlw29EhlIoxkLy/K1VAKHQZpI5JSfsb0bhoDebA==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/config/-/config-8.23.1.tgz",
+            "integrity": "sha512-MljMBvMr+QYoy4/FytFHWorFE3CrBdEWuroOaGzC/0gkVOcHRO4nOy2rKahdcPXJAuxFwJNqqHhBPj+4tWiz9w==",
             "dev": true,
             "dependencies": {
                 "@wdio/logger": "8.16.17",
-                "@wdio/types": "8.23.0",
-                "@wdio/utils": "8.23.0",
+                "@wdio/types": "8.23.1",
+                "@wdio/utils": "8.23.1",
                 "decamelize": "^6.0.0",
                 "deepmerge-ts": "^5.0.0",
                 "glob": "^10.2.2",
@@ -1203,29 +1206,29 @@
             }
         },
         "node_modules/@wdio/globals": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/@wdio/globals/-/globals-8.23.0.tgz",
-            "integrity": "sha512-9NIXgxP7t/G1wYqqURdWWvKVSQPi6fkYGTeP1fIIbTj2pEKY8Oana28nJgbKV0JukKWYqZo/i2Qj8tzOi1rHFw==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/globals/-/globals-8.23.1.tgz",
+            "integrity": "sha512-bh60QmqueSzqdE+UnNODSSl+w7ECaSQCIYqVs7td3/WM5T17AxQgsom0IapSBFsItHf0g7SQGInkrh3lJ0XclA==",
             "dev": true,
             "engines": {
                 "node": "^16.13 || >=18"
             },
             "optionalDependencies": {
                 "expect-webdriverio": "^4.5.1",
-                "webdriverio": "8.23.0"
+                "webdriverio": "8.23.1"
             }
         },
         "node_modules/@wdio/local-runner": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/@wdio/local-runner/-/local-runner-8.23.0.tgz",
-            "integrity": "sha512-i6PluAeWkigHNX2bN57pIRyVQYAr9iFeshS2NefAbdetohaZSm1X9gSNkEw9BW1uUAkd42W8S4xXaZo9dwlbhw==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/local-runner/-/local-runner-8.23.1.tgz",
+            "integrity": "sha512-d/hnHj3omiAqUtcmAx42OhUTJIM2UU5HtG13gkXzI6NYd0cxicBAV3shkk9EzMFmvFiSDzYHO9Niddoo4IWPgw==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0",
                 "@wdio/logger": "8.16.17",
-                "@wdio/repl": "8.10.1",
-                "@wdio/runner": "8.23.0",
-                "@wdio/types": "8.23.0",
+                "@wdio/repl": "8.23.1",
+                "@wdio/runner": "8.23.1",
+                "@wdio/types": "8.23.1",
                 "async-exit-hook": "^2.0.1",
                 "split2": "^4.1.0",
                 "stream-buffers": "^3.0.2"
@@ -1262,16 +1265,16 @@
             }
         },
         "node_modules/@wdio/mocha-framework": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/@wdio/mocha-framework/-/mocha-framework-8.23.0.tgz",
-            "integrity": "sha512-1Bu88IQHAKhEk41BiJRC+tP83oL0Rz4+5mB939JKSQlA4UB71B2QT2dKn1jo3FvHJUBfVUyQJhzMA9nOk2gd4A==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/mocha-framework/-/mocha-framework-8.23.1.tgz",
+            "integrity": "sha512-6PbALck8MuLnKhW5JGjCQrtfBivlX1fKqdin6clppVEI6LTqOxj5w8wmLhBbDV5oy68MzaSgc6hP141caWptuQ==",
             "dev": true,
             "dependencies": {
                 "@types/mocha": "^10.0.0",
                 "@types/node": "^20.1.0",
                 "@wdio/logger": "8.16.17",
-                "@wdio/types": "8.23.0",
-                "@wdio/utils": "8.23.0",
+                "@wdio/types": "8.23.1",
+                "@wdio/utils": "8.23.1",
                 "mocha": "^10.0.0"
             },
             "engines": {
@@ -1285,9 +1288,9 @@
             "dev": true
         },
         "node_modules/@wdio/repl": {
-            "version": "8.10.1",
-            "resolved": "https://registry.npmjs.org/@wdio/repl/-/repl-8.10.1.tgz",
-            "integrity": "sha512-VZ1WFHTNKjR8Ga97TtV2SZM6fvRjWbYI2i/f4pJB4PtusorKvONAMJf2LQcUBIyzbVobqr7KSrcjmSwRolI+yw==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/repl/-/repl-8.23.1.tgz",
+            "integrity": "sha512-u6zG2cgBm67V5/WlQzadWqLGXs3moH8MOsgoljULQncelSBBZGZ5DyLB4p7jKcUAsKtMjgmFQmIvpQoqmyvdfg==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0"
@@ -1297,14 +1300,14 @@
             }
         },
         "node_modules/@wdio/reporter": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/@wdio/reporter/-/reporter-8.23.0.tgz",
-            "integrity": "sha512-0gmL+CibSr1aUa+zMmDmOxgWohs9i7A4yNzznTnwFsU6BZxiyUSM7SLy4mmbts/Kn1vAt3GY0wCIevXFExm94w==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/reporter/-/reporter-8.23.1.tgz",
+            "integrity": "sha512-MQKImrjRZdiJC1n0mw+OjgroX7SZdFApJTPijAT3mJ0KLeIf5PA+jnW3TZueMcWvG1NB7ZTAzL8BTWInOoZtgA==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0",
                 "@wdio/logger": "8.16.17",
-                "@wdio/types": "8.23.0",
+                "@wdio/types": "8.23.1",
                 "diff": "^5.0.0",
                 "object-inspect": "^1.12.0"
             },
@@ -1313,35 +1316,35 @@
             }
         },
         "node_modules/@wdio/runner": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/@wdio/runner/-/runner-8.23.0.tgz",
-            "integrity": "sha512-MmBngg2KGMUHHCwk7LcBnWXRFxy7H25B2hM2+TlJmex/ObyKJIIlPWHJd9mJWCQLJMhXKjzg/mM0Oa7IYJw3jA==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/runner/-/runner-8.23.1.tgz",
+            "integrity": "sha512-lENjpAEfhzCo5a06S+qB3r9wcdavC6BHHHxMmNYxdbH2Fuyt5OGzVB0iFquPnNxwajBn6O7YaIibIw2aLoXP/A==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0",
-                "@wdio/config": "8.23.0",
-                "@wdio/globals": "8.23.0",
+                "@wdio/config": "8.23.1",
+                "@wdio/globals": "8.23.1",
                 "@wdio/logger": "8.16.17",
-                "@wdio/types": "8.23.0",
-                "@wdio/utils": "8.23.0",
+                "@wdio/types": "8.23.1",
+                "@wdio/utils": "8.23.1",
                 "deepmerge-ts": "^5.0.0",
                 "expect-webdriverio": "^4.5.1",
                 "gaze": "^1.1.2",
-                "webdriver": "8.23.0",
-                "webdriverio": "8.23.0"
+                "webdriver": "8.23.1",
+                "webdriverio": "8.23.1"
             },
             "engines": {
                 "node": "^16.13 || >=18"
             }
         },
         "node_modules/@wdio/spec-reporter": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/@wdio/spec-reporter/-/spec-reporter-8.23.0.tgz",
-            "integrity": "sha512-eLQ3susBc0souOJr2X+0V2eeffRAI/ZV0NsrQWAfhiRpdAtdAQ006yA9mgbr9DAJ5MTidOivmYqG54Vxtbfh4A==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/spec-reporter/-/spec-reporter-8.23.1.tgz",
+            "integrity": "sha512-Igc/vsa58xbklwz8vJ1He3tyuxeEP9TQvlT23HizG1QziBvvU1b6V5qnM9BPiDvTg+n3SByJI0Ce0jyn4J2wYQ==",
             "dev": true,
             "dependencies": {
-                "@wdio/reporter": "8.23.0",
-                "@wdio/types": "8.23.0",
+                "@wdio/reporter": "8.23.1",
+                "@wdio/types": "8.23.1",
                 "chalk": "^5.1.2",
                 "easy-table": "^1.2.0",
                 "pretty-ms": "^7.0.0"
@@ -1363,9 +1366,9 @@
             }
         },
         "node_modules/@wdio/types": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/@wdio/types/-/types-8.23.0.tgz",
-            "integrity": "sha512-CswQkVOVM+32Lvvh/dH0KTMQUr+h3ibJKbiWKmdpLY3Ym/JXbnhrAfWz4hZvR53XK1B5q3jq4JGRDHkiuEC5EA==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/types/-/types-8.23.1.tgz",
+            "integrity": "sha512-ym3tWSUGvmKwQ9vNPQfcKvJwGNK/Fh3e5WloNj3zoaUTKgD0aJeFQ0+Dz6KGlNowA0j5VkcqTTXo+UZ3l4Cx9A==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0"
@@ -1375,14 +1378,14 @@
             }
         },
         "node_modules/@wdio/utils": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/@wdio/utils/-/utils-8.23.0.tgz",
-            "integrity": "sha512-oOKqW/m3jR3I1dwjywC/f7f1WQ9lWYBbZYp7JAJy2YpqI4g5sJ9EZom40E9c9Eay/sT3Ppc0+IE/ogEzn2WNPg==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/@wdio/utils/-/utils-8.23.1.tgz",
+            "integrity": "sha512-VA47MOpt+7svHj3W9r+DUl3t73tJbjF7+ZXL0Lk7QLe79xevd+mPk+YmuTEepn+0MljJWAuqRCEKFG/HK77RNw==",
             "dev": true,
             "dependencies": {
                 "@puppeteer/browsers": "^1.6.0",
                 "@wdio/logger": "8.16.17",
-                "@wdio/types": "8.23.0",
+                "@wdio/types": "8.23.1",
                 "decamelize": "^6.0.0",
                 "deepmerge-ts": "^5.1.0",
                 "edgedriver": "^5.3.5",
@@ -8596,18 +8599,18 @@
             }
         },
         "node_modules/webdriver": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/webdriver/-/webdriver-8.23.0.tgz",
-            "integrity": "sha512-M+KvR+6/GCX180n70f0aDLiForT43pmjL6EAmcyyBlJTvrlwlBMOJEljfH9U3BEUoT8v/ihi2Enzxzep+qpHlw==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/webdriver/-/webdriver-8.23.1.tgz",
+            "integrity": "sha512-0PLN6cqP5cSorZBU2OBk2XKhxKpWWKzvClHBiGCqZIuofZ3kPTq7uYFapej0c4xFmKXHEiLIN7Qkt4H3gWTs8g==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0",
                 "@types/ws": "^8.5.3",
-                "@wdio/config": "8.23.0",
+                "@wdio/config": "8.23.1",
                 "@wdio/logger": "8.16.17",
                 "@wdio/protocols": "8.23.0",
-                "@wdio/types": "8.23.0",
-                "@wdio/utils": "8.23.0",
+                "@wdio/types": "8.23.1",
+                "@wdio/utils": "8.23.1",
                 "deepmerge-ts": "^5.1.0",
                 "got": "^ 12.6.1",
                 "ky": "^0.33.0",
@@ -8655,18 +8658,18 @@
             }
         },
         "node_modules/webdriverio": {
-            "version": "8.23.0",
-            "resolved": "https://registry.npmjs.org/webdriverio/-/webdriverio-8.23.0.tgz",
-            "integrity": "sha512-79ZuoEPc8frKXsOtSKXrNgBNA97rlkd7XwYKxrvyoTVNxZe5RDh9I9AcoiDC0AJ96oxbCt+ANOVV4tg9ZGBQcA==",
+            "version": "8.23.1",
+            "resolved": "https://registry.npmjs.org/webdriverio/-/webdriverio-8.23.1.tgz",
+            "integrity": "sha512-M5F7J3J0L7GpHbcgz5rZNAX5/JgsCggVg8AGY2pYISiS1eN3WJdXve8VVXB2GtcLy12qCZwjoowl91nWTqNclQ==",
             "dev": true,
             "dependencies": {
                 "@types/node": "^20.1.0",
-                "@wdio/config": "8.23.0",
+                "@wdio/config": "8.23.1",
                 "@wdio/logger": "8.16.17",
                 "@wdio/protocols": "8.23.0",
-                "@wdio/repl": "8.10.1",
-                "@wdio/types": "8.23.0",
-                "@wdio/utils": "8.23.0",
+                "@wdio/repl": "8.23.1",
+                "@wdio/types": "8.23.1",
+                "@wdio/utils": "8.23.1",
                 "archiver": "^6.0.0",
                 "aria-query": "^5.0.0",
                 "css-shorthand-properties": "^1.1.1",
@@ -8683,7 +8686,7 @@
                 "resq": "^1.9.1",
                 "rgb2hex": "0.2.5",
                 "serialize-error": "^11.0.1",
-                "webdriver": "8.23.0"
+                "webdriver": "8.23.1"
             },
             "engines": {
                 "node": "^16.13 || >=18"
diff --git a/tests/wdio/package.json b/tests/wdio/package.json
index 7a08d5be1b26..f9fe4e7ad3ed 100644
--- a/tests/wdio/package.json
+++ b/tests/wdio/package.json
@@ -6,10 +6,10 @@
         "@trivago/prettier-plugin-sort-imports": "^4.3.0",
         "@typescript-eslint/eslint-plugin": "^6.11.0",
         "@typescript-eslint/parser": "^6.11.0",
-        "@wdio/cli": "^8.23.0",
-        "@wdio/local-runner": "^8.23.0",
-        "@wdio/mocha-framework": "^8.23.0",
-        "@wdio/spec-reporter": "^8.23.0",
+        "@wdio/cli": "^8.23.1",
+        "@wdio/local-runner": "^8.23.1",
+        "@wdio/mocha-framework": "^8.23.1",
+        "@wdio/spec-reporter": "^8.23.1",
         "eslint": "^8.53.0",
         "eslint-config-google": "^0.14.0",
         "eslint-plugin-sonarjs": "^0.23.0",

From a3ddf450743bd98e877fb653d4be67e0b3a02c36 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:53:03 +0100
Subject: [PATCH 11/21] core: bump goauthentik.io/api/v3 from 3.2023103.3 to
 3.2023103.4 (#7634)

Bumps [goauthentik.io/api/v3](https://github.com/goauthentik/client-go) from 3.2023103.3 to 3.2023103.4.
- [Release notes](https://github.com/goauthentik/client-go/releases)
- [Commits](https://github.com/goauthentik/client-go/compare/v3.2023103.3...v3.2023103.4)

---
updated-dependencies:
- dependency-name: goauthentik.io/api/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 8d4ce6fe3944..e6dc5e2e9b28 100644
--- a/go.mod
+++ b/go.mod
@@ -27,7 +27,7 @@ require (
 	github.com/sirupsen/logrus v1.9.3
 	github.com/spf13/cobra v1.8.0
 	github.com/stretchr/testify v1.8.4
-	goauthentik.io/api/v3 v3.2023103.3
+	goauthentik.io/api/v3 v3.2023103.4
 	golang.org/x/exp v0.0.0-20230210204819-062eb4c674ab
 	golang.org/x/oauth2 v0.14.0
 	golang.org/x/sync v0.5.0
diff --git a/go.sum b/go.sum
index 6dc723f091a2..b0d84e9740b4 100644
--- a/go.sum
+++ b/go.sum
@@ -358,8 +358,8 @@ go.opentelemetry.io/otel/trace v1.14.0 h1:wp2Mmvj41tDsyAJXiWDWpfNsOiIyd38fy85pyK
 go.opentelemetry.io/otel/trace v1.14.0/go.mod h1:8avnQLK+CG77yNLUae4ea2JDQ6iT+gozhnZjy/rw9G8=
 go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A=
 go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4=
-goauthentik.io/api/v3 v3.2023103.3 h1:houXwjWjQFExbEl+C1jeXCVLOV6Qqrnayl7OpqUUi2g=
-goauthentik.io/api/v3 v3.2023103.3/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
+goauthentik.io/api/v3 v3.2023103.4 h1:dysNzRSbZC2NYeIyk3x5o3kUSsz+Y2VhtfcnzRe8Wkk=
+goauthentik.io/api/v3 v3.2023103.4/go.mod h1:zz+mEZg8rY/7eEjkMGWJ2DnGqk+zqxuybGCGrR2O4Kw=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190422162423-af44ce270edf/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=

From e042b8ec923ef77e315b816059cee49fb45b84f1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:53:12 +0100
Subject: [PATCH 12/21] web: bump core-js from 3.33.2 to 3.33.3 in /web (#7633)

Bumps [core-js](https://github.com/zloirock/core-js/tree/HEAD/packages/core-js) from 3.33.2 to 3.33.3.
- [Release notes](https://github.com/zloirock/core-js/releases)
- [Changelog](https://github.com/zloirock/core-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zloirock/core-js/commits/v3.33.3/packages/core-js)

---
updated-dependencies:
- dependency-name: core-js
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 web/package-lock.json | 8 ++++----
 web/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/web/package-lock.json b/web/package-lock.json
index 7d82b1c39dcd..806b47150323 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -32,7 +32,7 @@
                 "chartjs-adapter-moment": "^1.0.1",
                 "codemirror": "^6.0.1",
                 "construct-style-sheets-polyfill": "^3.1.0",
-                "core-js": "^3.33.2",
+                "core-js": "^3.33.3",
                 "country-flag-icons": "^1.5.7",
                 "fuse.js": "^7.0.0",
                 "lit": "^2.8.0",
@@ -12058,9 +12058,9 @@
             "dev": true
         },
         "node_modules/core-js": {
-            "version": "3.33.2",
-            "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.33.2.tgz",
-            "integrity": "sha512-XeBzWI6QL3nJQiHmdzbAOiMYqjrb7hwU7A39Qhvd/POSa/t9E1AeZyEZx3fNvp/vtM8zXwhoL0FsiS0hD0pruQ==",
+            "version": "3.33.3",
+            "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.33.3.tgz",
+            "integrity": "sha512-lo0kOocUlLKmm6kv/FswQL8zbkH7mVsLJ/FULClOhv8WRVmKLVcs6XPNQAzstfeJTCHMyButEwG+z1kHxHoDZw==",
             "hasInstallScript": true,
             "funding": {
                 "type": "opencollective",
diff --git a/web/package.json b/web/package.json
index 83b9b12aab0f..ce889f692f63 100644
--- a/web/package.json
+++ b/web/package.json
@@ -53,7 +53,7 @@
         "chartjs-adapter-moment": "^1.0.1",
         "codemirror": "^6.0.1",
         "construct-style-sheets-polyfill": "^3.1.0",
-        "core-js": "^3.33.2",
+        "core-js": "^3.33.3",
         "country-flag-icons": "^1.5.7",
         "fuse.js": "^7.0.0",
         "lit": "^2.8.0",

From 6328c92316fc3d886314f2a38f463031b36908c5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:53:22 +0100
Subject: [PATCH 13/21] web: bump rollup from 4.4.1 to 4.5.0 in /web (#7631)

Bumps [rollup](https://github.com/rollup/rollup) from 4.4.1 to 4.5.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.4.1...v4.5.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 web/package-lock.json | 104 +++++++++++++++++++++---------------------
 web/package.json      |   2 +-
 2 files changed, 53 insertions(+), 53 deletions(-)

diff --git a/web/package-lock.json b/web/package-lock.json
index 806b47150323..ed5ce2543fc2 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -88,7 +88,7 @@
                 "pyright": "^1.1.336",
                 "react": "^18.2.0",
                 "react-dom": "^18.2.0",
-                "rollup": "^4.4.1",
+                "rollup": "^4.5.0",
                 "rollup-plugin-copy": "^3.5.0",
                 "rollup-plugin-cssimport": "^1.0.3",
                 "rollup-plugin-postcss-lit": "^2.1.0",
@@ -4579,9 +4579,9 @@
             }
         },
         "node_modules/@rollup/rollup-android-arm-eabi": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.4.1.tgz",
-            "integrity": "sha512-Ss4suS/sd+6xLRu+MLCkED2mUrAyqHmmvZB+zpzZ9Znn9S8wCkTQCJaQ8P8aHofnvG5L16u9MVnJjCqioPErwQ==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.5.0.tgz",
+            "integrity": "sha512-OINaBGY+Wc++U0rdr7BLuFClxcoWaVW3vQYqmQq6B3bqQ/2olkaoz+K8+af/Mmka/C2yN5j+L9scBkv4BtKsDA==",
             "cpu": [
                 "arm"
             ],
@@ -4592,9 +4592,9 @@
             ]
         },
         "node_modules/@rollup/rollup-android-arm64": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.4.1.tgz",
-            "integrity": "sha512-sRSkGTvGsARwWd7TzC8LKRf8FiPn7257vd/edzmvG4RIr9x68KBN0/Ek48CkuUJ5Pj/Dp9vKWv6PEupjKWjTYA==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.5.0.tgz",
+            "integrity": "sha512-UdMf1pOQc4ZmUA/NTmKhgJTBimbSKnhPS2zJqucqFyBRFPnPDtwA8MzrGNTjDeQbIAWfpJVAlxejw+/lQyBK/w==",
             "cpu": [
                 "arm64"
             ],
@@ -4605,9 +4605,9 @@
             ]
         },
         "node_modules/@rollup/rollup-darwin-arm64": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.4.1.tgz",
-            "integrity": "sha512-nz0AiGrrXyaWpsmBXUGOBiRDU0wyfSXbFuF98pPvIO8O6auQsPG6riWsfQqmCCC5FNd8zKQ4JhgugRNAkBJ8mQ==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.5.0.tgz",
+            "integrity": "sha512-L0/CA5p/idVKI+c9PcAPGorH6CwXn6+J0Ys7Gg1axCbTPgI8MeMlhA6fLM9fK+ssFhqogMHFC8HDvZuetOii7w==",
             "cpu": [
                 "arm64"
             ],
@@ -4618,9 +4618,9 @@
             ]
         },
         "node_modules/@rollup/rollup-darwin-x64": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.4.1.tgz",
-            "integrity": "sha512-Ogqvf4/Ve/faMaiPRvzsJEqajbqs00LO+8vtrPBVvLgdw4wBg6ZDXdkDAZO+4MLnrc8mhGV6VJAzYScZdPLtJg==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.5.0.tgz",
+            "integrity": "sha512-QZCbVqU26mNlLn8zi/XDDquNmvcr4ON5FYAHQQsyhrHx8q+sQi/6xduoznYXwk/KmKIXG5dLfR0CvY+NAWpFYQ==",
             "cpu": [
                 "x64"
             ],
@@ -4631,9 +4631,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.4.1.tgz",
-            "integrity": "sha512-9zc2tqlr6HfO+hx9+wktUlWTRdje7Ub15iJqKcqg5uJZ+iKqmd2CMxlgPpXi7+bU7bjfDIuvCvnGk7wewFEhCg==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.5.0.tgz",
+            "integrity": "sha512-VpSQ+xm93AeV33QbYslgf44wc5eJGYfYitlQzAi3OObu9iwrGXEnmu5S3ilkqE3Pr/FkgOiJKV/2p0ewf4Hrtg==",
             "cpu": [
                 "arm"
             ],
@@ -4644,9 +4644,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm64-gnu": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.4.1.tgz",
-            "integrity": "sha512-phLb1fN3rq2o1j1v+nKxXUTSJnAhzhU0hLrl7Qzb0fLpwkGMHDem+o6d+ZI8+/BlTXfMU4kVWGvy6g9k/B8L6Q==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.5.0.tgz",
+            "integrity": "sha512-OrEyIfpxSsMal44JpEVx9AEcGpdBQG1ZuWISAanaQTSMeStBW+oHWwOkoqR54bw3x8heP8gBOyoJiGg+fLY8qQ==",
             "cpu": [
                 "arm64"
             ],
@@ -4657,9 +4657,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-arm64-musl": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.4.1.tgz",
-            "integrity": "sha512-M2sDtw4tf57VPSjbTAN/lz1doWUqO2CbQuX3L9K6GWIR5uw9j+ROKCvvUNBY8WUbMxwaoc8mH9HmmBKsLht7+w==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.5.0.tgz",
+            "integrity": "sha512-1H7wBbQuE6igQdxMSTjtFfD+DGAudcYWhp106z/9zBA8OQhsJRnemO4XGavdzHpGhRtRxbgmUGdO3YQgrWf2RA==",
             "cpu": [
                 "arm64"
             ],
@@ -4670,9 +4670,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-x64-gnu": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.4.1.tgz",
-            "integrity": "sha512-mHIlRLX+hx+30cD6c4BaBOsSqdnCE4ok7/KDvjHYAHoSuveoMMxIisZFvcLhUnyZcPBXDGZTuBoalcuh43UfQQ==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.5.0.tgz",
+            "integrity": "sha512-FVyFI13tXw5aE65sZdBpNjPVIi4Q5mARnL/39UIkxvSgRAIqCo5sCpCELk0JtXHGee2owZz5aNLbWNfBHzr71Q==",
             "cpu": [
                 "x64"
             ],
@@ -4683,9 +4683,9 @@
             ]
         },
         "node_modules/@rollup/rollup-linux-x64-musl": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.4.1.tgz",
-            "integrity": "sha512-tB+RZuDi3zxFx7vDrjTNGVLu2KNyzYv+UY8jz7e4TMEoAj7iEt8Qk6xVu6mo3pgjnsHj6jnq3uuRsHp97DLwOA==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.5.0.tgz",
+            "integrity": "sha512-eBPYl2sLpH/o8qbSz6vPwWlDyThnQjJfcDOGFbNjmjb44XKC1F5dQfakOsADRVrXCNzM6ZsSIPDG5dc6HHLNFg==",
             "cpu": [
                 "x64"
             ],
@@ -4696,9 +4696,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-arm64-msvc": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.4.1.tgz",
-            "integrity": "sha512-Hdn39PzOQowK/HZzYpCuZdJC91PE6EaGbTe2VCA9oq2u18evkisQfws0Smh9QQGNNRa/T7MOuGNQoLeXhhE3PQ==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.5.0.tgz",
+            "integrity": "sha512-xaOHIfLOZypoQ5U2I6rEaugS4IYtTgP030xzvrBf5js7p9WI9wik07iHmsKaej8Z83ZDxN5GyypfoyKV5O5TJA==",
             "cpu": [
                 "arm64"
             ],
@@ -4709,9 +4709,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-ia32-msvc": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.4.1.tgz",
-            "integrity": "sha512-tLpKb1Elm9fM8c5w3nl4N1eLTP4bCqTYw9tqUBxX8/hsxqHO3dxc2qPbZ9PNkdK4tg4iLEYn0pOUnVByRd2CbA==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.5.0.tgz",
+            "integrity": "sha512-Al6quztQUrHwcOoU2TuFblUQ5L+/AmPBXFR6dUvyo4nRj2yQRK0WIUaGMF/uwKulvRcXkpHe3k9A8Vf93VDktA==",
             "cpu": [
                 "ia32"
             ],
@@ -4722,9 +4722,9 @@
             ]
         },
         "node_modules/@rollup/rollup-win32-x64-msvc": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.4.1.tgz",
-            "integrity": "sha512-eAhItDX9yQtZVM3yvXS/VR3qPqcnXvnLyx1pLXl4JzyNMBNO3KC986t/iAg2zcMzpAp9JSvxB5VZGnBiNoA98w==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.5.0.tgz",
+            "integrity": "sha512-8kdW+brNhI/NzJ4fxDufuJUjepzINqJKLGHuxyAtpPG9bMbn8P5mtaCcbOm0EzLJ+atg+kF9dwg8jpclkVqx5w==",
             "cpu": [
                 "x64"
             ],
@@ -19157,9 +19157,9 @@
             "integrity": "sha512-IXgzBWvWQwE6PrDI05OvmXUIruQTcoMDzRsOd5CDvHCVLcLHMTSYvOK5Cm46kWqlV3yAbuSpBZdJ5oP5OUoStg=="
         },
         "node_modules/rollup": {
-            "version": "4.4.1",
-            "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.4.1.tgz",
-            "integrity": "sha512-idZzrUpWSblPJX66i+GzrpjKE3vbYrlWirUHteoAbjKReZwa0cohAErOYA5efoMmNCdvG9yrJS+w9Kl6csaH4w==",
+            "version": "4.5.0",
+            "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.5.0.tgz",
+            "integrity": "sha512-41xsWhzxqjMDASCxH5ibw1mXk+3c4TNI2UjKbLxe6iEzrSQnqOzmmK8/3mufCPbzHNJ2e04Fc1ddI35hHy+8zg==",
             "dev": true,
             "bin": {
                 "rollup": "dist/bin/rollup"
@@ -19169,18 +19169,18 @@
                 "npm": ">=8.0.0"
             },
             "optionalDependencies": {
-                "@rollup/rollup-android-arm-eabi": "4.4.1",
-                "@rollup/rollup-android-arm64": "4.4.1",
-                "@rollup/rollup-darwin-arm64": "4.4.1",
-                "@rollup/rollup-darwin-x64": "4.4.1",
-                "@rollup/rollup-linux-arm-gnueabihf": "4.4.1",
-                "@rollup/rollup-linux-arm64-gnu": "4.4.1",
-                "@rollup/rollup-linux-arm64-musl": "4.4.1",
-                "@rollup/rollup-linux-x64-gnu": "4.4.1",
-                "@rollup/rollup-linux-x64-musl": "4.4.1",
-                "@rollup/rollup-win32-arm64-msvc": "4.4.1",
-                "@rollup/rollup-win32-ia32-msvc": "4.4.1",
-                "@rollup/rollup-win32-x64-msvc": "4.4.1",
+                "@rollup/rollup-android-arm-eabi": "4.5.0",
+                "@rollup/rollup-android-arm64": "4.5.0",
+                "@rollup/rollup-darwin-arm64": "4.5.0",
+                "@rollup/rollup-darwin-x64": "4.5.0",
+                "@rollup/rollup-linux-arm-gnueabihf": "4.5.0",
+                "@rollup/rollup-linux-arm64-gnu": "4.5.0",
+                "@rollup/rollup-linux-arm64-musl": "4.5.0",
+                "@rollup/rollup-linux-x64-gnu": "4.5.0",
+                "@rollup/rollup-linux-x64-musl": "4.5.0",
+                "@rollup/rollup-win32-arm64-msvc": "4.5.0",
+                "@rollup/rollup-win32-ia32-msvc": "4.5.0",
+                "@rollup/rollup-win32-x64-msvc": "4.5.0",
                 "fsevents": "~2.3.2"
             }
         },
diff --git a/web/package.json b/web/package.json
index ce889f692f63..ac1f479005dc 100644
--- a/web/package.json
+++ b/web/package.json
@@ -109,7 +109,7 @@
         "pyright": "^1.1.336",
         "react": "^18.2.0",
         "react-dom": "^18.2.0",
-        "rollup": "^4.4.1",
+        "rollup": "^4.5.0",
         "rollup-plugin-copy": "^3.5.0",
         "rollup-plugin-cssimport": "^1.0.3",
         "rollup-plugin-postcss-lit": "^2.1.0",

From cd94110fee70d72c2253d90862df9d5cf10e36f4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:53:33 +0100
Subject: [PATCH 14/21] web: bump the esbuild group in /web with 2 updates
 (#7630)

Bumps the esbuild group in /web with 2 updates: [@esbuild/darwin-arm64](https://github.com/evanw/esbuild) and [@esbuild/linux-arm64](https://github.com/evanw/esbuild).


Updates `@esbuild/darwin-arm64` from 0.19.5 to 0.19.6
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.19.5...v0.19.6)

Updates `@esbuild/linux-arm64` from 0.19.5 to 0.19.6
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.19.5...v0.19.6)

---
updated-dependencies:
- dependency-name: "@esbuild/darwin-arm64"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: esbuild
- dependency-name: "@esbuild/linux-arm64"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: esbuild
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 web/package-lock.json | 17 +++++++++--------
 web/package.json      |  4 ++--
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/web/package-lock.json b/web/package-lock.json
index ed5ce2543fc2..012b784e994c 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -15,6 +15,7 @@
                 "@codemirror/lang-xml": "^6.0.2",
                 "@codemirror/legacy-modes": "^6.3.3",
                 "@codemirror/theme-one-dark": "^6.1.2",
+                "@esbuild/linux-arm64": "^0.19.6",
                 "@formatjs/intl-listformat": "^7.5.3",
                 "@fortawesome/fontawesome-free": "^6.4.2",
                 "@goauthentik/api": "^2023.10.3-1700268969",
@@ -104,9 +105,9 @@
                 "node": ">=20"
             },
             "optionalDependencies": {
-                "@esbuild/darwin-arm64": "^0.19.5",
+                "@esbuild/darwin-arm64": "^0.19.6",
                 "@esbuild/linux-amd64": "^0.18.11",
-                "@esbuild/linux-arm64": "^0.19.5"
+                "@esbuild/linux-arm64": "^0.19.6"
             }
         },
         "node_modules/@aashutoshrathi/word-wrap": {
@@ -2443,9 +2444,9 @@
             }
         },
         "node_modules/@esbuild/darwin-arm64": {
-            "version": "0.19.5",
-            "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.19.5.tgz",
-            "integrity": "sha512-mvXGcKqqIqyKoxq26qEDPHJuBYUA5KizJncKOAf9eJQez+L9O+KfvNFu6nl7SCZ/gFb2QPaRqqmG0doSWlgkqw==",
+            "version": "0.19.6",
+            "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.19.6.tgz",
+            "integrity": "sha512-91LoRp/uZAKx6ESNspL3I46ypwzdqyDLXZH7x2QYCLgtnaU08+AXEbabY2yExIz03/am0DivsTtbdxzGejfXpA==",
             "cpu": [
                 "arm64"
             ],
@@ -2522,9 +2523,9 @@
             }
         },
         "node_modules/@esbuild/linux-arm64": {
-            "version": "0.19.5",
-            "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.19.5.tgz",
-            "integrity": "sha512-o3vYippBmSrjjQUCEEiTZ2l+4yC0pVJD/Dl57WfPwwlvFkrxoSO7rmBZFii6kQB3Wrn/6GwJUPLU5t52eq2meA==",
+            "version": "0.19.6",
+            "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.19.6.tgz",
+            "integrity": "sha512-HQCOrk9XlH3KngASLaBfHpcoYEGUt829A9MyxaI8RMkfRA8SakG6YQEITAuwmtzFdEu5GU4eyhKcpv27dFaOBg==",
             "cpu": [
                 "arm64"
             ],
diff --git a/web/package.json b/web/package.json
index ac1f479005dc..b258b7661aef 100644
--- a/web/package.json
+++ b/web/package.json
@@ -122,9 +122,9 @@
         "vite-tsconfig-paths": "^4.2.1"
     },
     "optionalDependencies": {
-        "@esbuild/darwin-arm64": "^0.19.5",
+        "@esbuild/darwin-arm64": "^0.19.6",
         "@esbuild/linux-amd64": "^0.18.11",
-        "@esbuild/linux-arm64": "^0.19.5"
+        "@esbuild/linux-arm64": "^0.19.6"
     },
     "engines": {
         "node": ">=20"

From c6c228b44877b5685f20c72523a82921ac40cf90 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:53:42 +0100
Subject: [PATCH 15/21] web: bump the eslint group in /web with 1 update
 (#7629)

Bumps the eslint group in /web with 1 update: [eslint](https://github.com/eslint/eslint).

- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.53.0...v8.54.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 web/package-lock.json | 16 ++++++++--------
 web/package.json      |  2 +-
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/web/package-lock.json b/web/package-lock.json
index 012b784e994c..9ca1477d4a29 100644
--- a/web/package-lock.json
+++ b/web/package-lock.json
@@ -76,7 +76,7 @@
                 "babel-plugin-macros": "^3.1.0",
                 "babel-plugin-tsconfig-paths": "^1.0.3",
                 "cross-env": "^7.0.3",
-                "eslint": "^8.53.0",
+                "eslint": "^8.54.0",
                 "eslint-config-google": "^0.14.0",
                 "eslint-plugin-custom-elements": "0.0.8",
                 "eslint-plugin-lit": "^1.10.1",
@@ -2838,9 +2838,9 @@
             }
         },
         "node_modules/@eslint/js": {
-            "version": "8.53.0",
-            "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.53.0.tgz",
-            "integrity": "sha512-Kn7K8dx/5U6+cT1yEhpX1w4PCSg0M+XyRILPgvwcEBjerFWCwQj5sbr3/VmxqV0JGHCBCzyd6LxypEuehypY1w==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.54.0.tgz",
+            "integrity": "sha512-ut5V+D+fOoWPgGGNj83GGjnntO39xDy6DWxO0wb7Jp3DcMX0TfIqdzHF85VTQkerdyGmuuMD9AKAo5KiNlf/AQ==",
             "dev": true,
             "engines": {
                 "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@@ -13329,15 +13329,15 @@
             }
         },
         "node_modules/eslint": {
-            "version": "8.53.0",
-            "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.53.0.tgz",
-            "integrity": "sha512-N4VuiPjXDUa4xVeV/GC/RV3hQW9Nw+Y463lkWaKKXKYMvmRiRDAtfpuPFLN+E1/6ZhyR8J2ig+eVREnYgUsiag==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.54.0.tgz",
+            "integrity": "sha512-NY0DfAkM8BIZDVl6PgSa1ttZbx3xHgJzSNJKYcQglem6CppHyMhRIQkBVSSMaSRnLhig3jsDbEzOjwCVt4AmmA==",
             "dev": true,
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.2.0",
                 "@eslint-community/regexpp": "^4.6.1",
                 "@eslint/eslintrc": "^2.1.3",
-                "@eslint/js": "8.53.0",
+                "@eslint/js": "8.54.0",
                 "@humanwhocodes/config-array": "^0.11.13",
                 "@humanwhocodes/module-importer": "^1.0.1",
                 "@nodelib/fs.walk": "^1.2.8",
diff --git a/web/package.json b/web/package.json
index b258b7661aef..b246c5b22632 100644
--- a/web/package.json
+++ b/web/package.json
@@ -96,7 +96,7 @@
         "babel-plugin-macros": "^3.1.0",
         "babel-plugin-tsconfig-paths": "^1.0.3",
         "cross-env": "^7.0.3",
-        "eslint": "^8.53.0",
+        "eslint": "^8.54.0",
         "eslint-config-google": "^0.14.0",
         "eslint-plugin-custom-elements": "0.0.8",
         "eslint-plugin-lit": "^1.10.1",

From c2614dcf43c2d799e687f5724b17888058ed5216 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:53:54 +0100
Subject: [PATCH 16/21] core: bump twilio from 8.10.1 to 8.10.2 (#7627)

Bumps [twilio](https://github.com/twilio/twilio-python) from 8.10.1 to 8.10.2.
- [Release notes](https://github.com/twilio/twilio-python/releases)
- [Changelog](https://github.com/twilio/twilio-python/blob/main/CHANGES.md)
- [Commits](https://github.com/twilio/twilio-python/compare/8.10.1...8.10.2)

---
updated-dependencies:
- dependency-name: twilio
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 poetry.lock | 28 ++++++++++++++++++++++++----
 1 file changed, 24 insertions(+), 4 deletions(-)

diff --git a/poetry.lock b/poetry.lock
index 8f132fb53f33..ece285740b02 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -1,4 +1,4 @@
-# This file is automatically @generated by Poetry 1.7.0 and should not be changed by hand.
+# This file is automatically @generated by Poetry 1.6.1 and should not be changed by hand.
 
 [[package]]
 name = "aiohttp"
@@ -2096,6 +2096,16 @@ files = [
     {file = "MarkupSafe-2.1.3-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:5bbe06f8eeafd38e5d0a4894ffec89378b6c6a625ff57e3028921f8ff59318ac"},
     {file = "MarkupSafe-2.1.3-cp311-cp311-win32.whl", hash = "sha256:dd15ff04ffd7e05ffcb7fe79f1b98041b8ea30ae9234aed2a9168b5797c3effb"},
     {file = "MarkupSafe-2.1.3-cp311-cp311-win_amd64.whl", hash = "sha256:134da1eca9ec0ae528110ccc9e48041e0828d79f24121a1a146161103c76e686"},
+    {file = "MarkupSafe-2.1.3-cp312-cp312-macosx_10_9_universal2.whl", hash = "sha256:f698de3fd0c4e6972b92290a45bd9b1536bffe8c6759c62471efaa8acb4c37bc"},
+    {file = "MarkupSafe-2.1.3-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:aa57bd9cf8ae831a362185ee444e15a93ecb2e344c8e52e4d721ea3ab6ef1823"},
+    {file = "MarkupSafe-2.1.3-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ffcc3f7c66b5f5b7931a5aa68fc9cecc51e685ef90282f4a82f0f5e9b704ad11"},
+    {file = "MarkupSafe-2.1.3-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:47d4f1c5f80fc62fdd7777d0d40a2e9dda0a05883ab11374334f6c4de38adffd"},
+    {file = "MarkupSafe-2.1.3-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1f67c7038d560d92149c060157d623c542173016c4babc0c1913cca0564b9939"},
+    {file = "MarkupSafe-2.1.3-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:9aad3c1755095ce347e26488214ef77e0485a3c34a50c5a5e2471dff60b9dd9c"},
+    {file = "MarkupSafe-2.1.3-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:14ff806850827afd6b07a5f32bd917fb7f45b046ba40c57abdb636674a8b559c"},
+    {file = "MarkupSafe-2.1.3-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8f9293864fe09b8149f0cc42ce56e3f0e54de883a9de90cd427f191c346eb2e1"},
+    {file = "MarkupSafe-2.1.3-cp312-cp312-win32.whl", hash = "sha256:715d3562f79d540f251b99ebd6d8baa547118974341db04f5ad06d5ea3eb8007"},
+    {file = "MarkupSafe-2.1.3-cp312-cp312-win_amd64.whl", hash = "sha256:1b8dd8c3fd14349433c79fa8abeb573a55fc0fdd769133baac1f5e07abf54aeb"},
     {file = "MarkupSafe-2.1.3-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:8e254ae696c88d98da6555f5ace2279cf7cd5b3f52be2b5cf97feafe883b58d2"},
     {file = "MarkupSafe-2.1.3-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:cb0932dc158471523c9637e807d9bfb93e06a95cbf010f1a38b98623b929ef2b"},
     {file = "MarkupSafe-2.1.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9402b03f1a1b4dc4c19845e5c749e3ab82d5078d16a2a4c2cd2df62d57bb0707"},
@@ -3096,6 +3106,7 @@ files = [
     {file = "PyYAML-6.0.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:69b023b2b4daa7548bcfbd4aa3da05b3a74b772db9e23b982788168117739938"},
     {file = "PyYAML-6.0.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:81e0b275a9ecc9c0c0c07b4b90ba548307583c125f54d5b6946cfee6360c733d"},
     {file = "PyYAML-6.0.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ba336e390cd8e4d1739f42dfe9bb83a3cc2e80f567d8805e11b46f4a943f5515"},
+    {file = "PyYAML-6.0.1-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:326c013efe8048858a6d312ddd31d56e468118ad4cdeda36c719bf5bb6192290"},
     {file = "PyYAML-6.0.1-cp310-cp310-win32.whl", hash = "sha256:bd4af7373a854424dabd882decdc5579653d7868b8fb26dc7d0e99f823aa5924"},
     {file = "PyYAML-6.0.1-cp310-cp310-win_amd64.whl", hash = "sha256:fd1592b3fdf65fff2ad0004b5e363300ef59ced41c2e6b3a99d4089fa8c5435d"},
     {file = "PyYAML-6.0.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:6965a7bc3cf88e5a1c3bd2e0b5c22f8d677dc88a455344035f03399034eb3007"},
@@ -3103,8 +3114,15 @@ files = [
     {file = "PyYAML-6.0.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:42f8152b8dbc4fe7d96729ec2b99c7097d656dc1213a3229ca5383f973a5ed6d"},
     {file = "PyYAML-6.0.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:062582fca9fabdd2c8b54a3ef1c978d786e0f6b3a1510e0ac93ef59e0ddae2bc"},
     {file = "PyYAML-6.0.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d2b04aac4d386b172d5b9692e2d2da8de7bfb6c387fa4f801fbf6fb2e6ba4673"},
+    {file = "PyYAML-6.0.1-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:e7d73685e87afe9f3b36c799222440d6cf362062f78be1013661b00c5c6f678b"},
     {file = "PyYAML-6.0.1-cp311-cp311-win32.whl", hash = "sha256:1635fd110e8d85d55237ab316b5b011de701ea0f29d07611174a1b42f1444741"},
     {file = "PyYAML-6.0.1-cp311-cp311-win_amd64.whl", hash = "sha256:bf07ee2fef7014951eeb99f56f39c9bb4af143d8aa3c21b1677805985307da34"},
+    {file = "PyYAML-6.0.1-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:855fb52b0dc35af121542a76b9a84f8d1cd886ea97c84703eaa6d88e37a2ad28"},
+    {file = "PyYAML-6.0.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:40df9b996c2b73138957fe23a16a4f0ba614f4c0efce1e9406a184b6d07fa3a9"},
+    {file = "PyYAML-6.0.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c22bec3fbe2524cde73d7ada88f6566758a8f7227bfbf93a408a9d86bcc12a0"},
+    {file = "PyYAML-6.0.1-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8d4e9c88387b0f5c7d5f281e55304de64cf7f9c0021a3525bd3b1c542da3b0e4"},
+    {file = "PyYAML-6.0.1-cp312-cp312-win32.whl", hash = "sha256:d483d2cdf104e7c9fa60c544d92981f12ad66a457afae824d146093b8c294c54"},
+    {file = "PyYAML-6.0.1-cp312-cp312-win_amd64.whl", hash = "sha256:0d3304d8c0adc42be59c5f8a4d9e3d7379e6955ad754aa9d6ab7a398b59dd1df"},
     {file = "PyYAML-6.0.1-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:50550eb667afee136e9a77d6dc71ae76a44df8b3e51e41b77f6de2932bfe0f47"},
     {file = "PyYAML-6.0.1-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1fe35611261b29bd1de0070f0b2f47cb6ff71fa6595c077e42bd0c419fa27b98"},
     {file = "PyYAML-6.0.1-cp36-cp36m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:704219a11b772aea0d8ecd7058d0082713c3562b4e271b849ad7dc4a5c90c13c"},
@@ -3121,6 +3139,7 @@ files = [
     {file = "PyYAML-6.0.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a0cd17c15d3bb3fa06978b4e8958dcdc6e0174ccea823003a106c7d4d7899ac5"},
     {file = "PyYAML-6.0.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:28c119d996beec18c05208a8bd78cbe4007878c6dd15091efb73a30e90539696"},
     {file = "PyYAML-6.0.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7e07cbde391ba96ab58e532ff4803f79c4129397514e1413a7dc761ccd755735"},
+    {file = "PyYAML-6.0.1-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:49a183be227561de579b4a36efbb21b3eab9651dd81b1858589f796549873dd6"},
     {file = "PyYAML-6.0.1-cp38-cp38-win32.whl", hash = "sha256:184c5108a2aca3c5b3d3bf9395d50893a7ab82a38004c8f61c258d4428e80206"},
     {file = "PyYAML-6.0.1-cp38-cp38-win_amd64.whl", hash = "sha256:1e2722cc9fbb45d9b87631ac70924c11d3a401b2d7f410cc0e3bbf249f2dca62"},
     {file = "PyYAML-6.0.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:9eb6caa9a297fc2c2fb8862bc5370d0303ddba53ba97e71f08023b6cd73d16a8"},
@@ -3128,6 +3147,7 @@ files = [
     {file = "PyYAML-6.0.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5773183b6446b2c99bb77e77595dd486303b4faab2b086e7b17bc6bef28865f6"},
     {file = "PyYAML-6.0.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:b786eecbdf8499b9ca1d697215862083bd6d2a99965554781d0d8d1ad31e13a0"},
     {file = "PyYAML-6.0.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bc1bf2925a1ecd43da378f4db9e4f799775d6367bdb94671027b73b393a7c42c"},
+    {file = "PyYAML-6.0.1-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:04ac92ad1925b2cff1db0cfebffb6ffc43457495c9b3c39d3fcae417d7125dc5"},
     {file = "PyYAML-6.0.1-cp39-cp39-win32.whl", hash = "sha256:faca3bdcf85b2fc05d06ff3fbc1f83e1391b3e724afa3feba7d13eeab355484c"},
     {file = "PyYAML-6.0.1-cp39-cp39-win_amd64.whl", hash = "sha256:510c9deebc5c0225e8c96813043e62b680ba2f9c50a08d3724c7f28a747d1486"},
     {file = "PyYAML-6.0.1.tar.gz", hash = "sha256:bfdf460b1736c775f2ba9f6a92bca30bc2095067b8a9d77876d1fad6cc3b4a43"},
@@ -3665,13 +3685,13 @@ wsproto = ">=0.14"
 
 [[package]]
 name = "twilio"
-version = "8.10.1"
+version = "8.10.2"
 description = "Twilio API client and TwiML generator"
 optional = false
 python-versions = ">=3.7.0"
 files = [
-    {file = "twilio-8.10.1-py2.py3-none-any.whl", hash = "sha256:eb08ac17c8eb4f6176907b4e7dea984102488fb86ad146ecd47e8a8dfcf3cfa3"},
-    {file = "twilio-8.10.1.tar.gz", hash = "sha256:902267856d09cf1f59b7fa4af594edae0225fdd8b473a6ef8e5799e823e0a611"},
+    {file = "twilio-8.10.2-py2.py3-none-any.whl", hash = "sha256:40f8bd012f6fb970adfc46d40d39162b46a337be8f1aacec83af8a450363626f"},
+    {file = "twilio-8.10.2.tar.gz", hash = "sha256:083449b27eea4fe66f690da8dada3f533d954a0704a74858ea788cf28be69019"},
 ]
 
 [package.dependencies]

From 248a978a1479e92d9c9b2e0e03c0a4abeca00b61 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:54:01 +0100
Subject: [PATCH 17/21] core: bump ruff from 0.1.5 to 0.1.6 (#7626)

Bumps [ruff](https://github.com/astral-sh/ruff) from 0.1.5 to 0.1.6.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/v0.1.5...v0.1.6)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 poetry.lock | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/poetry.lock b/poetry.lock
index ece285740b02..fe823b7aa67d 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -3384,28 +3384,28 @@ pyasn1 = ">=0.1.3"
 
 [[package]]
 name = "ruff"
-version = "0.1.5"
+version = "0.1.6"
 description = "An extremely fast Python linter and code formatter, written in Rust."
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "ruff-0.1.5-py3-none-macosx_10_7_x86_64.whl", hash = "sha256:32d47fc69261c21a4c48916f16ca272bf2f273eb635d91c65d5cd548bf1f3d96"},
-    {file = "ruff-0.1.5-py3-none-macosx_10_9_x86_64.macosx_11_0_arm64.macosx_10_9_universal2.whl", hash = "sha256:171276c1df6c07fa0597fb946139ced1c2978f4f0b8254f201281729981f3c17"},
-    {file = "ruff-0.1.5-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:17ef33cd0bb7316ca65649fc748acc1406dfa4da96a3d0cde6d52f2e866c7b39"},
-    {file = "ruff-0.1.5-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:b2c205827b3f8c13b4a432e9585750b93fd907986fe1aec62b2a02cf4401eee6"},
-    {file = "ruff-0.1.5-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:bb408e3a2ad8f6881d0f2e7ad70cddb3ed9f200eb3517a91a245bbe27101d379"},
-    {file = "ruff-0.1.5-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:f20dc5e5905ddb407060ca27267c7174f532375c08076d1a953cf7bb016f5a24"},
-    {file = "ruff-0.1.5-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:aafb9d2b671ed934998e881e2c0f5845a4295e84e719359c71c39a5363cccc91"},
-    {file = "ruff-0.1.5-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a4894dddb476597a0ba4473d72a23151b8b3b0b5f958f2cf4d3f1c572cdb7af7"},
-    {file = "ruff-0.1.5-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a00a7ec893f665ed60008c70fe9eeb58d210e6b4d83ec6654a9904871f982a2a"},
-    {file = "ruff-0.1.5-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:a8c11206b47f283cbda399a654fd0178d7a389e631f19f51da15cbe631480c5b"},
-    {file = "ruff-0.1.5-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:fa29e67b3284b9a79b1a85ee66e293a94ac6b7bb068b307a8a373c3d343aa8ec"},
-    {file = "ruff-0.1.5-py3-none-musllinux_1_2_i686.whl", hash = "sha256:9b97fd6da44d6cceb188147b68db69a5741fbc736465b5cea3928fdac0bc1aeb"},
-    {file = "ruff-0.1.5-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:721f4b9d3b4161df8dc9f09aa8562e39d14e55a4dbaa451a8e55bdc9590e20f4"},
-    {file = "ruff-0.1.5-py3-none-win32.whl", hash = "sha256:f80c73bba6bc69e4fdc73b3991db0b546ce641bdcd5b07210b8ad6f64c79f1ab"},
-    {file = "ruff-0.1.5-py3-none-win_amd64.whl", hash = "sha256:c21fe20ee7d76206d290a76271c1af7a5096bc4c73ab9383ed2ad35f852a0087"},
-    {file = "ruff-0.1.5-py3-none-win_arm64.whl", hash = "sha256:82bfcb9927e88c1ed50f49ac6c9728dab3ea451212693fe40d08d314663e412f"},
-    {file = "ruff-0.1.5.tar.gz", hash = "sha256:5cbec0ef2ae1748fb194f420fb03fb2c25c3258c86129af7172ff8f198f125ab"},
+    {file = "ruff-0.1.6-py3-none-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:88b8cdf6abf98130991cbc9f6438f35f6e8d41a02622cc5ee130a02a0ed28703"},
+    {file = "ruff-0.1.6-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:5c549ed437680b6105a1299d2cd30e4964211606eeb48a0ff7a93ef70b902248"},
+    {file = "ruff-0.1.6-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1cf5f701062e294f2167e66d11b092bba7af6a057668ed618a9253e1e90cfd76"},
+    {file = "ruff-0.1.6-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:05991ee20d4ac4bb78385360c684e4b417edd971030ab12a4fbd075ff535050e"},
+    {file = "ruff-0.1.6-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:87455a0c1f739b3c069e2f4c43b66479a54dea0276dd5d4d67b091265f6fd1dc"},
+    {file = "ruff-0.1.6-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:683aa5bdda5a48cb8266fcde8eea2a6af4e5700a392c56ea5fb5f0d4bfdc0240"},
+    {file = "ruff-0.1.6-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:137852105586dcbf80c1717facb6781555c4e99f520c9c827bd414fac67ddfb6"},
+    {file = "ruff-0.1.6-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:bd98138a98d48a1c36c394fd6b84cd943ac92a08278aa8ac8c0fdefcf7138f35"},
+    {file = "ruff-0.1.6-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3a0cd909d25f227ac5c36d4e7e681577275fb74ba3b11d288aff7ec47e3ae745"},
+    {file = "ruff-0.1.6-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:e8fd1c62a47aa88a02707b5dd20c5ff20d035d634aa74826b42a1da77861b5ff"},
+    {file = "ruff-0.1.6-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:fd89b45d374935829134a082617954120d7a1470a9f0ec0e7f3ead983edc48cc"},
+    {file = "ruff-0.1.6-py3-none-musllinux_1_2_i686.whl", hash = "sha256:491262006e92f825b145cd1e52948073c56560243b55fb3b4ecb142f6f0e9543"},
+    {file = "ruff-0.1.6-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:ea284789861b8b5ca9d5443591a92a397ac183d4351882ab52f6296b4fdd5462"},
+    {file = "ruff-0.1.6-py3-none-win32.whl", hash = "sha256:1610e14750826dfc207ccbcdd7331b6bd285607d4181df9c1c6ae26646d6848a"},
+    {file = "ruff-0.1.6-py3-none-win_amd64.whl", hash = "sha256:4558b3e178145491e9bc3b2ee3c4b42f19d19384eaa5c59d10acf6e8f8b57e33"},
+    {file = "ruff-0.1.6-py3-none-win_arm64.whl", hash = "sha256:03910e81df0d8db0e30050725a5802441c2022ea3ae4fe0609b76081731accbc"},
+    {file = "ruff-0.1.6.tar.gz", hash = "sha256:1b09f29b16c6ead5ea6b097ef2764b42372aebe363722f1605ecbcd2b9207184"},
 ]
 
 [[package]]

From c274d7127adb40201027a1324f61766ed65d5d1e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 10:54:11 +0100
Subject: [PATCH 18/21] core: bump psycopg from 3.1.12 to 3.1.13 (#7625)

Bumps [psycopg](https://github.com/psycopg/psycopg) from 3.1.12 to 3.1.13.
- [Changelog](https://github.com/psycopg/psycopg/blob/master/docs/news.rst)
- [Commits](https://github.com/psycopg/psycopg/compare/3.1.12...3.1.13)

---
updated-dependencies:
- dependency-name: psycopg
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 poetry.lock | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/poetry.lock b/poetry.lock
index fe823b7aa67d..0247fbe3c563 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -2520,23 +2520,23 @@ wcwidth = "*"
 
 [[package]]
 name = "psycopg"
-version = "3.1.12"
+version = "3.1.13"
 description = "PostgreSQL database adapter for Python"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "psycopg-3.1.12-py3-none-any.whl", hash = "sha256:8ec5230d6a7eb654b4fb3cf2d3eda8871d68f24807b934790504467f1deee9f8"},
-    {file = "psycopg-3.1.12.tar.gz", hash = "sha256:cec7ad2bc6a8510e56c45746c631cf9394148bdc8a9a11fd8cf8554ce129ae78"},
+    {file = "psycopg-3.1.13-py3-none-any.whl", hash = "sha256:1253010894cfb64e2da4556d4eff5f05e45cafee641f64e02453be849c8f7687"},
+    {file = "psycopg-3.1.13.tar.gz", hash = "sha256:e6d047ce16950651d6e26c7c19ca57cc42e1d4841b58729f691244baeee46e30"},
 ]
 
 [package.dependencies]
-psycopg-c = {version = "3.1.12", optional = true, markers = "extra == \"c\""}
+psycopg-c = {version = "3.1.13", optional = true, markers = "extra == \"c\""}
 typing-extensions = ">=4.1"
 tzdata = {version = "*", markers = "sys_platform == \"win32\""}
 
 [package.extras]
-binary = ["psycopg-binary (==3.1.12)"]
-c = ["psycopg-c (==3.1.12)"]
+binary = ["psycopg-binary (==3.1.13)"]
+c = ["psycopg-c (==3.1.13)"]
 dev = ["black (>=23.1.0)", "dnspython (>=2.1)", "flake8 (>=4.0)", "mypy (>=1.4.1)", "types-setuptools (>=57.4)", "wheel (>=0.37)"]
 docs = ["Sphinx (>=5.0)", "furo (==2022.6.21)", "sphinx-autobuild (>=2021.3.14)", "sphinx-autodoc-typehints (>=1.12)"]
 pool = ["psycopg-pool"]
@@ -2544,12 +2544,12 @@ test = ["anyio (>=3.6.2,<4.0)", "mypy (>=1.4.1)", "pproxy (>=2.7)", "pytest (>=6
 
 [[package]]
 name = "psycopg-c"
-version = "3.1.12"
+version = "3.1.13"
 description = "PostgreSQL database adapter for Python -- C optimisation distribution"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "psycopg-c-3.1.12.tar.gz", hash = "sha256:81db07874c7c530482d07155d144b287b47260dd1782a0d2d3ca7ae2d4641686"},
+    {file = "psycopg-c-3.1.13.tar.gz", hash = "sha256:a7f39d29e5ba46cdc5ff6b40a1e418dba034efd2faf7369a8b6d20effbd2a19d"},
 ]
 
 [[package]]

From 47a6912f8bd4335c6da34574d7ac4f0bbefb7508 Mon Sep 17 00:00:00 2001
From: "authentik-automation[bot]"
 <135050075+authentik-automation[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 12:44:49 +0100
Subject: [PATCH 19/21] core: compile backend translations (#7637)

Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: authentik-automation[bot] <authentik-automation[bot]@users.noreply.github.com>
---
 locale/fr/LC_MESSAGES/django.mo      | Bin 64234 -> 64738 bytes
 locale/zh-Hans/LC_MESSAGES/django.mo | Bin 55336 -> 56904 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/locale/fr/LC_MESSAGES/django.mo b/locale/fr/LC_MESSAGES/django.mo
index 44523d5163661227e6f90de4ea4325fe820b69c5..8c870e2e690907dcf8ff0fc779e66ac6065b57fd 100644
GIT binary patch
delta 12790
zcmZ|V37n2q|Htub42BuQEVjXLTV^qsv1Z@0M0R6~#x`@08O98A&sajYC1uSrAtWMY
zl%;M_LS?57sYp>FR1(!Aq5hxmoHNhg^Su85>(#IK?{}{4T<4tYnxTID!~gp`{@(Lp
zMVC2jb&5Dn70d~BoGauX)ljSBq{TbVa7@QpcpMvH&jjO4Tt~eV7vRA9j#Cvc;b8P{
z;5ZX-DE7n8F$UurI!+tM@j87;D$}q8Tj3TAz#lOLZ(%a}bJt)Tg^yz{mc>&Ti&v1o
zJ0XqDc{NaVBP@oUupM^8CvX8a;{HxR6UQk}Lrd&|eK8EzVL19Q2#=sT`WcqO8#o;A
z;ZRI^$Z<4id$1f{Kwb9_td6CcnhwXKMyLZ;<NnS_65Vhn>W0fuJ<ms7=v~x>PNFV!
z6*WSE%^Zi>aKca>YmXf;37^52Q0LcfZbqan>OQ?u=O?3AHyUGiOha{GF-GFcn1uUr
zDY{yiDez%w>JP9io<QB`GWNl{SQ2}*G{+A_ji4L5;&_a~cUv<4MM*BwpbK6_UFbHd
zBf%^P4Rv*#fblpLH)44|hP$<y)8?$CblRW5_IL@aVRT!^DTAF+Yi9uJJ}KA;J#D>?
z(~#s<8cN_-_%L2XuHi(tbDRd~#wNG|qw!<Z@xP;n`aY_Iv$=Z}yoZ4p!Nv6CweT^l
zkIQf#>cL!ICQLo6hrBUPOVp5NphjW_Y9v-*1iprq@DL8bZ&6Rww4=FTXVeW7Z9NSA
zsWVVhIu5Jiv#1Vww~*+Bx6y?MQ3qZ|{&D;}IZhOI!J3$f#c(O=yysC*^0KYpz#7zh
zQLpc}_&DCgVc4^?nUbx@`Cexq3EvLqIO@iKq2{LIBaXuYcDiFRoQ>siK5B&4qn=<F
z7RUXl5jlnhL)*oSTs_nxZ;u+$MAUWCF<S5cbQ0b8Rb*P6L)Z>WuvFu*D@Nlaq;Jkz
ztc^clEQUPFMX@=Kz=arxH&72yshd-<$P-bo-yqbKj=@0g?|4aqa2{5}<yZ@MB5$5^
z4mCpMx|^x!gf8kan1c(@jedN+)Ui>h5nF<K@)fAJARo2H-a&QzNAzm-hxar+>WmuN
z!M4uA0P0z`o^SWBMXmB3SOHI3uOV-)<JU_Q>o~2E_37-zB(?W8Z_O~&ebRb!nC4^}
z4MQ*wHIz4yhju#fHCcy?a5UEMYgYei)D!GPb>srJ!h5Ji+MJ67V-kkp7%YWPqDFYW
zZGSD1ZidjXj|TPVQw+pQsP-GEA=HnqAP7S(wyMa(I#I}ab8=8?V-IRA`S&-kS#{I{
zwnHtt0jQ3R#nL#%OQH+UL-laEJzxWtqkaRY;1Tp-2bTC7xC_;h^ns@1<50)Xw)JWp
zO1&NR`jr{P=wb#AMtzM+f_Df>V-h#A9-LKJ0k5LwQb%hfT3LHw1ocpi!AaJ2cK=b-
zke@|O(a)&GSdRHEft67muZ29Y*QrCIA#R2`@ln)JC80W!gBr30s1aIa>sK+H`YkMr
z$E@d3Bk>#RIwg60UB`t%e%uFnGo6mC$h}&oi%8Ug9*mbdFbtVSCmR#+2<k?+Q8x-2
zX6D|7^{KN^U&?jZ5HF+FLdD_cdom0gP_M_<cpA537$1v0UXlYOOs_M2q*>ixU}fr?
zSOtTV&6CHWR(DgZh(l0Mn1gzN`B(<mpcdB_>mJ+wA!@46VH}2}F#hdGT9RnUrdpSx
zI<N^D9OoeFMm6}#FnUgN)JQBxo%b5510SFk^Jl23x_~bH88!F8sb=oWqmGYEW&G9C
z1R8X~HmD0GqMjrjHTRRP&!CQ5hPuFJ)FRx2(Rc~#V$dklk!Dz&x+AJX-B8yXgaMd3
zit*R#&ZI#X^kO4ig6h~IR7XyuE_4a&;7=Hd71GR;H9>th+E}|<`=QPshPqD{YAsDi
zJ;-xjyCWafv)!oI>nKjd?@=cVPB$IQL|tgQt(RCgpw`4&_#}RU9kIt~GonjT*WHAA
zu>BZ?-jnu#+o(AX9%DLE3$+FsqE6_EL70RZ%5>`lRL5som!OVci$!rOYUF&@-PR8<
zK=1!i5`PXjff~}&SQT$!Ackg`8&^S2aAL7G)<@lVFzSYBs1cZmy5VA+fh%w>MvOI6
zy8&I)Ut*x%|367|qJO6OWL80SWD54cl~@9=U~~Kxt7BZ2=~#Ev91lXBmxi(UG-^b*
zVKg2_P2F{T0sqDddjD6CvqOZHsCT1={&Nh*n^+qEL0zcycr$lRFob#t*1-(a{^zk8
zzK8nqT|jl{HtKug$~OC3qgO+nM54KximGSW1J+>>_4`-~KSFizENX~<M@`9HY>fUM
z$7zAh@L}|z3wNSA@+IEE8+aJ6<uLv|Nw(*j9{z&|sADIXx%wH4QM-5*bi-&&!g?5v
z^HHzSTI&wf_v0AG;{{B>(vwWx2DNs^qNaAmB*woc$z>X9V9CkMBi2QAY&JH*)2QPD
zpD-g8j~bCis3~fPq1Y3{a5!peJhuHQ>vFq)6KX2n^^$1OoI%a`zwC~%DW*<99oP+Z
z!8Fv3CZpc(`Ka?xSbsq+&QeoN$Kp{V)C#*|A7u2M)u;#bmYHUTcqrDRAqA6gsjYuS
z-MA`W71ocFfEDp2d<b`=rs5`QEfix!dE=a5)W|)7dV98`M))1nNPdlF^!_{3%?(13
z2B*5M8=y{n82J=9-EbT3!p465mOI1zPWZx1$9a?XfLZ4C+>Pq!@7NwwpE5s=H{l%W
z8`ugb&DJkC-2W{Srr)`V!*TS}{AmY2#5gSbjG2nI7(qP*^}6NS_LopYycetCDQt+h
zuqsAz*UH!tH8sOgBRErXe`hs`4%~r7@iSb>6Q02w>g;)D1g>CX>csix4;FLqAoT~h
z6`x*UUbiL-%@hv6CA9Crq1gFZ)3J@%n)(cST_oifncsMtVgU65)NAw{GX2hGERC^?
z%}6yxec85SQ#^uN1OK3&ES$Smz`Cf{wj=hyZnz#-VsmV@l=0VvCM-37I9!Mt%Il~O
z6v;Cmpo-|Cu7!H-I^huPi+m!Str&|@&zbXjqB@X*(Kr>=u??sx-GiFKE6*|h;UwY9
z%#C9(jJg%-0==xGP$zn^ByPqoxC5i`J`Tj1%egpCK}~716=qEgM6Ldbs1aU;p}5{l
z5<;@WHXK4NqA$^dw{bO&dET55u+nre0`)|7F#<bb8V*Bs@F?oKr%+RO5j){6Y=O;I
znYHHikf<k<FcRls1a3kN^?qdCIiDg6+8Io5qFJ2ZqZU!gHT-1)K7#%53v^+f7tP3a
zM@{i?tbh~oAzXwl_5L3wQICtPHGh;Ug<35Aum!G1_52&uoYh=sz6-sOH`W=1jJ9(g
z>tXIo<~y<hH3B}Ih6iyoKFkW#lwZfPdjI`4n7`{OkLqcER8KQ75}(4#xE`zEK1{)L
zs0+1w*^FR6)KI6QZk&t$_%znVd8iKVLXGTY)K}8EMWR*eY&1g`gMBEwV0~PLdh!pk
z1l~qnz<I?OjJk0ptcA5vQ`!?};c(Pix`aVE=vCA46!dncVG>Dgd=H!9HSC5pHklJL
zF^2jHjK=k-5juwI$ak2GzhE%-%{TjpqegU+trwvd?W?G_>HU1hKZ@ih8U|q~6EqA*
zqt?K2)D0`XW>$AwtWCWM>)<Km2buFX&ci9Mn>AB>i{rGVZjVKA25JhQMlJ637>s+i
zF#a04<22O7v)BOdqdJtZ)vS#<*qr(Z#-iUge!;{zoPh6QQ*5~1+;BANNwZLEWDe@O
zFJK&gf~<b$j+dkyNs~9sP<6wq)FW*@1GWEo>sG8reb9OdUDQS2G=ISug+6L8_QXaM
zPvT4rLcbkmYJyQ6^hS}SlC;6caU&*Tk+=ARBo4r5@pnwXSv$?obstuzzJ|jwXqS1y
z3@lCkB9_H1sG;7Edh!z(j(3p<^EzeTHcu3Vf$ZpnI-ob|0x77TPsWls8^_`zbmM(%
z@;l}_$IwOlHPoC3?l!M&G=@-jz)<XmL3;mFNwkWyF#^4)*Jvd!$9<@g=>IOiBj9hS
z<1h1}FORpd0+!rsI$RxdsUO0L_&Q$0TKmjj!IXZ_Jji<N#QmMuNwV=4y3qZ;`Hkgi
zjHLb;E8$OA2aA7TzK9J`b36&PW{#jn?g!Ls{TCL)_WRAqK7x81`l23SAbRx#DI|J=
zDX0<1L)~x-YVMArPWZys7m>MhZlcZ)IAGR7RjfhX4t1Sm)ODs|3qKYycBB66Af3c&
zhZukLxcFf+bd^wZn}A($4eCZ$P&c}dy|L^O^E;dyAEsW9eeg1N#->M&PhxxOL)aYy
zjxkEu4^Lo~<Bb1olIzFK&vDO(=7X~mwFchDg1N?;)VDAO%YS5!YlC`1w{<#dDpsR9
zyc;#LC-D)yhK;eo$L9BiR4<7xun%2$7Hi{QI1X!lVs5w$$58J@UAXqA=EChzBRB|y
zFat~BB&>t8QE$~7SQ7W3-m1e^?>UlcH2jJ#3}IZ<;|3UpT~Rl9+_sNHU0@Ej#WmOw
zzd?P`YMeA{W+)b?&akxyOH<Fl09=ebh}U_ZL^s@qgYgK4VvSSgMvYMy>WZzfH@a{k
zmcXs3C){P-Z~Yj<Xg`B`fS*un=^xYxmitUH|8+@pKnK(ZV<5hS9@Hu>ciMa^6Hrgy
z1$Ch$+wMWVrVH>X+>AXi;d67{X{ZNWf?6B-*bt9mB=>jjD#3^^%onOD>Zf8C)JSBa
z=5{)2ZWmZrVlee97=k-c#~;F?_$6xOzP4Vp{)n1_o9Oi?xkJ(b@1uH_@TIxYNYo9o
zP$x`7O~Gso!~NFJu{!lt)RY9CF~78i;|A(&*a#EPnnn2xYAyKAGXDBt?5ANIUdCt~
z@Rj)$YZ~gwzsD~43)aP^=ggC)pr&jBR>GyI8*M?2=y$gM2Q@N{zBYe*-U$<^Z|hH?
z>T%3B=C{)N*pzw{mc_ML9(SNd=0j|Tf7|w^=gm*Go~YMtGDhM?)cFTcH#%e6OI$F2
z5fP2LUVkr%=4y^@ScrOp_fd2DJF4f!zBL!FfSS`Ls3~cMk77q`hl}trJb|$o_njG;
zM10hbwS*<`o$t-t=G}kMytk2;xCuKR!-qL>*k$v>V?FAIn=lu*VL6QY!Hi5xYhSED
zdpb788Q2MTVt2fU8o91l%<ma9kq7lU7f3Wj;aAP?cpb1G_3PLg{jQl`INGAtLM~Rs
z85n`9usZI*8u$fP#XIQ2ia(nD%`u942-d?HSXb}=wt|G$1T}{xe=>`#39256)$m#C
zRvb_L3F@tB_p|w>GaI#bwxHI`Wpv>^9D<S8`K<^iqZWI`UwF&7zcZIaL$w@N;n%1O
zPrP9kQ9fo<??XL#gI~@5M=^|gD(W>|giCP^YUJwQG>bbEwWcPbrsg#a#c$E8xx7W9
z3zfKKzF3tph&lo1VoN-Yhj0dKWYur{DotJG56;C6s2eW-mnM{BaWM9~ZT^esHrzrT
z`ltC%wC`aD>hgCud_KwGJ7#hHfWxUD|I1u(FUC{fMLj{>UGwBau`=~y)Eamlqwz3m
z@m@!*f%^B%alKG$WDIHq7g}GrM|XALdo=jtdE@~LHr;Ts&2`bjty~eF+8*>LwkGNk
z`wI`iGSnqFu5i<Os7;#|pr)!a`x@X`FO7v8Z=%zkx-aS-%_ANrrrQI$;2Sm{OnWVR
z15Hg0;uLM=X*-VVh+m1lL}m7kBi<w*g4&)U4?}M){<Vtuo+w3Q;r1CxC8F8`ZDq;z
zs=h@`CRz|56FmuS9f`UR9KV*Dm!x2=utW;Bmh8_U%Od9b6)YFCqZ>O8knYDBIE-jR
zl;nv*uy8wJlVdo+<^z$X<NUz6g<Cz66}Hx5zH4(g4k$cG_y3L}lACDL`&)**7Y9|t
zM%bLtr}G)26S13PUcg_7YeWdgeL&k(^1|(N@`XeV_GLfNKAK$r<H|A)OjSGgcj}P5
zOROn88~>%9Y(ovsQ5;CyKejy<=g{W1`$ZUS={Ul+EyN!7c>R}8z5B<BP`m$G^y<CU
z%GdTj2YpGLBJWCkMf^=1rEM`$xZNf%`am7dQ@%m{wQc*B1NRVo@||<EeM_W~AG7<T
zIR0hwMSA}G>?qv!l5}CmVf@M-9D!%3>k@~Enw+fvS#5~jUmss57TCH!$7p+rIuYM1
zsQA%s715lpt(wMvJjwIK0Z#Zvt!%xBNa8&4kiGCpe1w`G6aTT5wio-2{mJY(Y4<*b
zdBo$iSK*lU<obGM6529}5B2`{Ctj!6VRw|`;Hu=I_QKDxj}MyjE)hiA3HHsl$MU6h
zrr5j+c`@R5TlXfPNqj~fMf^@)j@U?arPdeItM9wEa2mD|KM~sAF*paQuM$^?1Y#GV
z?Gb#D_=LzI9wV}8UxnJ<Q#)QKMiSGgOXKH63VA*T6k+^7qNq(#pSVFDK)gx*8lf$Y
zCw|4GPAm3RA)X_q&^8By**^gNiGB9CC&<f^dx-V6O;jc3+4=*HY3IlMZzs|A8g3xg
z5I1dGF`Pi$Au4gBX6PZb`3OJSUMQ&k_g_uyet-6TLq47;#qL_@(>~e{OSa{D{~J>b
z!mYOPN%AG+VH{YUd=dFhq8s@+LR$#6w(qbA$7zcv-%a$j`_%Tl_7ks?kFo8uwS#RF
zweIh{N-~zXOzy&XY)DkK7hXwQ9QA*1vFtBPyl8j4kDEERaBE9)#?~L%#!%{4Y+IJT
z{~akV5^r-rJA2S{d%$UYnYNy`eu;dz&F^CaVk&L1L>&1BoQb>eI!?mN_zymb+S09W
z<66!Cucp1=kJrt~2iXI*leZy%$JSfzaVxMoZJ%Hg(aN@;#SyeWX6qXEyxNS=J=-RB
z5)rg*VSiCC$&VxlY5a|tPiWgiTMEXoU)xgZl_o9t>+@%+`w<oF{?6=+AvB*y>~Z1(
z$FwJYChv_G@DgSaeaOB0NVI)TbRw47T5Y3<E5zTl&9m(du_8Bpg7yePTX!Ot_9g`t
zA0hUavAK)<68So!DaWk0*O_Madkg+bEx;5`CA(9lzKkP@`NS;h%GiP!Mg&sVA@a$!
zxrp;NFG~J2xdx^tQIQyD_YEg+YxBRbxW?;Kl5lohCA2+G%%bfUCfkE+Vl(PLiHWwY
z0~Y5l8}U=xwM`_(5;3&>Y>%t1p0M2@MiVWG$?QwT9-1$0zYxV~>`+jde|>B(FccGs
zLqrL7ZL!Bxu=~HHzGrj0tAJ6omA37{lJFxIkZvO?l6$X_d_ib?i-y7Y7g3VDaN9u=
zNWBCnJ<wi`yn;RG2>BPpYFlr{KGe$zZMTUu@@KFlkxQ)hD_C-5c8lbIKkNzpY}+PW
zN<2ygGL+x5KZ)pUkBi2<_H)bUCB=W^JC{(*FRxv~tRhZe-dFV_^X}A7%G+Nrx3?4M
zV(XWd?s2)tj!4gNO&sBIdEA*fuGH+Tv96pnw<|L%Cp|Sic|=ZnR;DW_dqk#ZTvm3D
zt5tGVin~ozZ03lu?%JMK2?b@muUCUgMSRm6g@#t`+S`?t?dtDwXX_Bx*j!JJYoyzi
zoaRm*<4*C-?Rc=1Z$qCP|LV!^OplubM~rei-P0eaTz%ciS=lL`yv6;i`5N_K6Yd(9
zn`8Qs$PTyD*ZrRj9^c1l34T$1-JaZx99Md3LH~PaWuzxhcDX0HlXDB6A(iL!#OH;M
zF7FE+{Zp~Bt`zqKZtEoK+R3K!{g$=UuUxNwy$g5t`*-f!IQ~S4Z^Fz?#R9XFU5UwQ
zW7BhTe6e#9{PIf9JL}sxKgKU_b9`XlkMlNEH^b|4C636*&2dG==GxJy?WtQZ@UFb?
z77WizoV$3iIkJO0$IinD*Ma<;1Nkm@=7g-tn8KqnNg3`3rXc0NCg=Z|k`@aW7V%wN
zlvTDwjOHZQm611YciHfitn?h$fz3JDZr6kZ`Pu2I2l9QrUycj$UEMLiXq)~y=^5!B
zGuYfGV}y%QbZ0V5echwdJvu8ThVlHr5AtQdGe4qo!6eahSKkBqg%jlzG<tm3Pr3aX
z(yo~rk>m2DyE0-9<o|n)%q=x_IqBnb-3&%@T2`(*-q+{!#(+8p=8n%zALkycb?VWq
iaftIkBTLw}dVGJJiz^cOz&@8|@;?stMVvob<$nNQNyfAQ

delta 12281
zcmYk?2Yip$9>?(~5=lsm1R)6js1Rfjt5%JQ(%Pd|m5{$mkVFQx`loh^wnEKo&nn7a
zi<+&~QnWTTT3pqta&L<c^nSiM$9;KT_viilooAhMp7T5jz1RNq{rSGH=SryG9EYt^
z0mmtiF(Hm~nY?i&wK~qnv5xZrZpMDtI?iz>;5uB2vGI;m8;@HH)HLn&P?tD|z3?xr
zirs2C&I>pe%Q=q6*+tTrhVvMJr4k&cI7Z+AjKd;03tz*fSP~y&G=_5b5Nw1xuN{Wr
z>$W`y3sO(PW;g>!;c=|Z{hc;-%n4($9Xn=YC|<)7cprnXP~H3<JEbs~x)%1s7w~ml
zf*SD?EQOKv%ysKyBz1c%i5XY{Ct*eI@2n)z4G*Ahcn&q9+o%gY#xN{V-(09VYNpyE
zPr>PmOr<jcU&JLi1+SydAN;(TnenLm%tD>N3O%~f2D@V~sskr60&ij;^lQLL*dO&M
z?qgB(ZD>Xmin>u%?1W9Q5Wb5#em-gj*I*m;VpV+Hkoor`iE3mnSRHkt2B?m7Kuz@k
z9F7?{27kmbAIC{%;WVQj-NbQHa2GbmDy*=II0%d3R8&Xip*p@AYvU&`F#ic8KhY3~
z<(oQA3yeaVoIzL%*I-?|fK{+qGjn`B)KoV`b?`8j#~0{DVeE|>`9SQ6nK%c(Mh&dL
zhr6j~>Bt-6j72Syji{N}kD7@K7>;+aEC%qPU&TtO5sgG$a4PDCb8Ni~eW^EM1a83!
z_zkLqp1UME;V*Qde@k;<Rpft8B7Z!Gxv1A@BkK6As2lFH^)akOeF60vK0>{&MG_sS
zFQ%d%#Szr`7m-hf$GJ(Oo`tnC&!i5r?wmnb5SO7={~FZH>_PSX6#C;8)J*&v)uF~O
znHg(?THJk5GntOM&LpgYi!eg(|9%o?)%gLNVdd85wQ{2loQ+)D*@@M#082O;W3UT$
z!z5gX)iLO0Gk|*NN1cv(?Xppiatap4g&4&Boz)~2aSK+)lgJz9JVd6*sr3pA5|hw{
zQ!pFXq8lUHnvP9C&DaLi$i1j3KZsgeXHXsYZ)X;LJbKil{v?{(;i&o@48SF}USs#~
zM6K>`ur%JW7HrSwmpTG9pq|KbaxP#WwRbRY%V^YnCZZn6{0<!6n`9FWn#!P#j>Djw
zzPJ?EV>fKeS0xpfqgH>B&SoUhs19|)#+Zg$tn0A|p1@GNjKO#hHPer6dqfwyTbzcP
z++96uj)n16RC^L?Dl;(%C!#;ThYZe{i!2-GCTfkub=9JBoE+3^mWLYY7S!VV64kM*
zSQPJgNOa*xs2&C~+|gJHv+#Y~j0IWZy74wFiF;5NK4t5l@OA1ZsMoGfcW#cKVJ~do
z!+et0VI68O^7I_fEfPJ;dVHSr4BMkdo@-r*;nW{tRXk+<6?I$~SJxC*MJ=v|s6{vc
z12F~F@l4bJN1|qQGIE~BnMV>v!+KOlzCcaUMbrtmY<(X~Q2VlAGy|orF{qhnj=D~F
z)OFG@$cGytFOoBhY1xgJQ5{&w$_&+V-9W<ZJNqymOEHhSQ6lO_JyFj(4Qt|V<m2Z2
ziV0Y|uX*+ZQQwgbSPSoA6Rgya-=eS|?!pj07CcqwIF|L0RPJwnemBMP)V)z7e-pKu
zCt(>}hZ^A*s1aPiVt5<1nEtjF9$?zTQO~*>R>#+|8BRmZ*b($7`JSX4K0qeH2~9RP
z%0OnznSz>$8>r*|M0KDTUmq>rNK}Vo(S;3B&%QV6*(alpAB^hgSk(2VyP1Doa2X96
z$u`upKWsf?54?`Lz#phZSa_iMG$&vTbx%}BCZj*jLUm|9>UyhDAGEEgMY{`iy<-EJ
z|Jo#1X;9BfykR<03H_-Pum(232y~-HHUagWm~NeGU5*;a2Gosqqt?=K)QGRy_J^pB
z1$qXV*DDN1&`=X~!dg@hcUh04*1-4p7XFDX@y!(TNOq%M(^IH{+_CMCP-`YM)!eWe
z>QUE69p~vnqN(eTnzA(OXjBiUT0cOYuoC^yi<+VB*1gt47(n|m^u;r%nY(}$@F5n)
zu)+EF^*E6vIw2OTVO`XX`=V|*6gBcOs2k3~@wf=5VTB>)5w1lS^(E8|9;40+9BRId
zk*JQ0!*;kB1NHv@LehYS`xuGwX=X+`p`K+Q)QLke8s9-p=~k?QM^VrEzqkl})6EBH
zDdx`*mZg0!YU(ed&U=7SdjBIb%mrS=8q{4;2aLmtxCZq_JB;eURn&JPaG2R2g__z#
z)T2qZb&B0T71e>Ys1EH%&G-@Y=mT+*q#*`mnlD%jbWu-2-FP+riF@!6ZqG7bL{GNq
z&~e;P`$N>*v@^&247iKB;eG6bk5G%d*KqSTqzz~OOVTibhEg~W<8UL!<7HbH;nmRE
zXpDMx1MxZBik0v@_Q1cfJ$8N5{JOpZb=(Ei%sj?mEHKinv0@{c{}37?Xb8o4ERHQu
z?Om*HyMF{~>T^+RVh!q<9<=R0*!qdB%Z@VFtB<-~Yt(Do3w8byk4<)?7T<SR1RtYj
zCTO(zE0YVEbte@y!Yf!1W5*C!8#TpAw%&^x$Q|VAI!~|+W{l-WJx)VC3eP?gEr!#`
z8{=HUy4Z%VOrQ=xP4QIJRIbNjcmj2UtG2#pYrRoAF9dl*^MAr^!pYQie7N~I^Q+w8
z@q9zLymOYM0SDy1ZF+hDn^V`DV1BH=iBqZfVq<JQ(fpz^33;5(=hzP$PGTP}#Oinh
z%VDv}=F3<E^>!tq+J|9D^>zkHMH-f40)BxN@ILCml2gp1sfn7x&ep-G<0hgXuE6<>
za4l}8Zo$`y7sB}+H4`bhTpQ0|9h~<Le^224&M}e$=s(?jSdL;J>T9SDHJf36k;p<9
z^=9mfCour4&NOdNJo5CML@bK?Q8RQB!|;`N`R-$X)U#iJ9*t-tiAH)DOXGF)$G@>1
z7I=@@!H%d$^&9GfvG1F|+qFb3)|IH&cn1dI33TCi7>tjwHx`;@{<iF%#r#LpaES(;
zSTN6Ypd41Au8rzoFVr*5!Wy_3OW+aIjjv!R{)QTW|7>Fg)Oq!=5GJA4$Y6}Zt+Sc`
z?j#p!*o6sm%rm`<S`$S-FsnZfHPxLk1bd=Z|6p5>K^;F6vv4CW#7c9`@q17m{023k
z>lluYJS2li!seMCdQcahhI)nzFcH^bL%fSxY}MzR3&&#wb#v4O`=X|LB(lz&$;f(i
zLKZNiEYA7ZgnA#nV_7(!CnQ}-W-Kz#>Kc}y_WhT6#-*_|bsW~iR@ex~qNa2QzJ&Wx
zYb9v0>1a<>$7iD+*+mRQ|0Vof!D7fHd7L>Uu{6XiH6NB<s2NDbu{at(#6M9TTe-|U
z^X>Qo^)U>?U{<I)`W!}JBP@qKu{`ErGR{I>=OKpZ{SR7UraA(3;~4bCCK!XwQ5{S}
zP3<Bqg6mL=bQ`+x3U<POP$TZN(u{a4>b%L;Jk+CIij}#)vx!8D>NHNko2W&Uy2`vp
zS5Q6v8C&5KtcHoJ%|A4x<15r_F$jOhs_3jS9gIfJOb1j)-oOEvjUJ8UyglG1YAT=D
zy3|^;T4PbKQ7eqXVb}xbVqd(6?XcrIbHl|ri25L^qj5Yx%}5U%gA*|qebzJoTGi9n
z^G|4a82vEdBlGNnQL8!{)zKEHsq2W(VPC9;6Hp!c1hpoLZZIFJb{I`P1>eJuaX2>L
zXugEoH!}aa;XNA4;C<9o7u{qoTnVdFcSWsw59&j;6E#!cVg<Zq>wu5V{tDJQSdslN
zTT{_Ror^tjy@$k0QgE~RxxNG6q7K|*p5+wOv&%zua6Jyh1Na)&;N&hi6?p@lOE?rq
zZ8h)rEsUog@rn7dz6K+yFJnLS{6nHC?Dwge+F4kVdKnhMPf;^)088LqEQP+?%*evA
zFm(ge{+6iod!QEMP%MNaQ5~CrZv2nY<8<F{F0>n6?6{12Z=ayv+p;^%Ygr#ds9U2h
z+zW$oAbx;Zs2M2y85hU3sQn9enn$$;OH=Pbb?_|a=>5M<GJ=MrUHm&RUcfxuzuWY@
z`yTTpOTtXr*Psi_?lrGtBh&}yZ7hpRu?FtMMEnukW9&Y&R>q)aY9Y4rkZd9;h!0Rx
z`3Uphg3rwef-#KtaMTEDVmP)&-LOCEQH@27_#Io%Lp`e1sPlJWB%Z=bcpp8wP?;~x
zg%Yr#5AQO*Li^PHe2nlks>eGIn5jE~dX_h^4R$_gZnOw>qb=AGzrw~?_K^8|MR)8(
zy#QO`FNc_aCAANm-}y#iTk2iN|C~Z!@*@+!#YwpQEAs)0K4LyJ?XfcLIhg;fQQw6%
zSQU?A75oh~Q)Q1D>tY4!jz^h)^*EgdP3>fS2^V7>youeh+}GyBEOb%N#A>(+Gw=fH
zhA$s8zw2e9u6qS_-TSB+EOOi|-bf6lj`fh#AZdt&aUd4LVW?F)+WH<=q+W$CJczpR
zO$@~+s2hZwFzr#O^P6B(?2IjO7B<3jSOh&Km|uUANK`{K7R7oPfQhJ)v_su68GGRv
z)a!T-b)%n9*Li|^<^{hs9c_Vu)B{ih9AX_|^f+&mXaqA*BUp-BwOdg)K4SgB?*9YJ
z(H?w~j}%6u7V!}*gEy>?QLkm#DSqH!9c+g?Q1=NqtpV};%aLd?)JC1q*_wgHsb^vo
zF2N8yh(UM`^$f3D@1bV!G3vaaGv@g6=tmugnxWd(hLZa`%}F%Xt<e`dVlC{72{;*b
zqaCOl96}v`8a36IFcibj8e=e$x+!YvlW-xX;tKRXM<?(@^l0&2A<;80eBOK*!ZCxo
zG3xc%fXR3oHSz`*%&*aj7(+c1H8VR=kLDQab^8f*BfpDgW}ipZucD66y~zA;CRs#7
zJhuPN^!P2TM?D4W;~vyZJizC%+9k6#`eSwKk*I;JL_NZ9uq6J9x~}hK(_S0ns5_yq
zH|{d?uV>@64ck#Yyp0i9@rrq7O;A(b5?{u)*bL`lPdty&m~hpMyf?n=!!H{ch@XFN
z-kKvnnAb1r8gB^gNgk3GocP9d^E2Q>)FSy9b8s7$!q^*T#4lQVVQJcjVI7=?iMR*b
zqTj#GOm)K7sB=*R`w=xG<!+i^(LAq^bfsY{Ho-zanqL%NLOtuTSO%wII4;LX+=Z3!
z3RXa$TjqUtq4qb&C>(&XI1RN{wpni=kIdtQ{A6}CK|RA%tcV|2KgD6xXR#Kx{@MHm
zV-#v_e1c(k2VLlQ+x#Un3Kvt4M=fU8FXk<J9}}q;;{v_^H%N40&mFU9He)9BA=Jnl
z{A%`hM!jYeu?Wt^S-1){bI;#3i+4C`sy(Pj<HZoXg?f~Kp{`T>9v>p^?>t8mg!OS6
zzKEys7>;L=EdLMR0P4!W@sEtS9(BXTzia+@|FIXocAo`>+i(MhKQRAg^f10iUEv|W
z8(@FT!C%qSk0kjIbHRfcNA3Hk89@SSW(Hz8oQL7K6|3NJ)Z)F5S_9AjWsd8PS_4_A
z8JuI?h&t{t`r^&M=syF@e;yOjS49DSoMH^=5Y=oo4EcYm=Q*~$9BQNmIcEye52qMy
zk<=fN4<%nh1QXA0SN~sV{@6Yx))Aj^;2``F<5B;fbHkpz3iaHzjU{>$@6y(W$hOCH
z#U!Ew`zp~1ZM<>LQew9~hBSX&e2yn||E=uM^Vff^(#Cpno)F(qC*xPd>%^yaKdBSU
z#pmH#V$(D2+Q)Lp|N1G{R+v~oyk?JUh5?+PL7S&D1#gz)gQtn<#M7;zO{!ZfW2haK
zn)=#f+u<?lqC^Bygk!$8`)Z?$w(w`pqjc_={hs{)+F75Xlxc7d;bjhJk1TvA0XyO>
zY=f1Emc&`&8u2l4n0-GJe-HzRafCKr1ZO$<zlmwYaq8_vN%CZ(k`MD=o(8>c5j1G~
z7qKEgGk+9%Cf9r1lH+z^UE+mj_T465$G%3kZJ0HRHoXPk+Uu*iIMIUoq=!H9)WY@#
z`D!f0R1G9QKz@)ILEeMlwa@?efqwWr^%fjXtR(m4oWbN(iL&JBv=t$=eS$yO{8j2K
z@{ftJgr^>VoFKIEJ#ap-c`fT>oItpU=h%N4e<Qk*Um$Li&mpvZYsmj|Du0f&?U%4V
z^@l_Nc`dw1>^0vnMow{uSZ`0*j)_DNBMGBj+dZNn@tz91o#B`(_MES2Yfj9iE<otV
zZX8jOYrKkou<sk<DEZT^fWDupG}Iy9wXGxY)H4VDLp_7|!tOuDzD~p<d(18Th4_<L
zVB6Yq>@{+IH8&IbIiYO}ZJSK$jF;TsDM4dBbkWnl$(IpFh!1GHh!u(A?2Dw%CPq_h
zJ4NWb9!njq2DUfJ_3wQARL=jm-{ItL@^m7N(AJpXhh_f%gG%>z-shkmO4v>i?T9NX
z?ADY0+8SUJoA<J+y#-N>4r<eaet}p+G$)$UR*INRK8i@vL3XR4`QJn1IpXQ2pKyJs
zOWF&rr2dNfb7C9uAL8jYp8PqY4-Lg}+tVEwPhFLGk9eE9Eo!t)aUb@^r|U2OZ?l7G
z$RxVu@8C;^g>62NL&p$nbdKF3*;kGHb?k<L>M;3Pd(K~Yn5HZunmh`%Z6*F?j|otZ
zUZyC)$s6!0F@sn^EMi|5e7e18^O~q1zuI=%wpj88`7Nw)yh(cnyRQJ(&LzK3yv)A6
z7(*;1JP9<ECMnE8-N_r0Kiz&O_dYGG&G5gpm$%3Lgd1tANc1DmATr78VlVuJ@FQQ0
zPq$Vi?-1|*fBq@%anM{`PH20F`b(lUp{<j_`3}FJZ4mK@{E}@iWRJ_k9k#8BRh%cz
z*?JhqbR_=K_kXHAu_rqpkWa_EgnmOAL;XDwPF{)`(pH`NOI(W2Zr7=I(y-q)uB8sN
z`2q3|iSvZEw+zlcy)I`cs$o%XFv;#Xg42laZ7ss>$*<sD!b|wuwwLU2zfyM~8WZhl
zn{V4!S(jjG?(^8zp1*9em=gxrJdJ!cF@@MoTTS9`yHCucU0Z2`<7a2akNP3|TH_63
z5_t&wX5w|~E<|~I>=1G`k8_ZnH%;OA+nvRzLug-*8}T(PgX3@+5y5fg?6IwAuRxo&
zqU5=_ALH<l8toRw@uB3O5kC+wam*|FBK%?x5Z!6iR?wP4{+-P?<DUGzbjIHNIBg|p
z>u=jrs6QggQrE!##M5o!GkIBZAFk1v`{(~|uY)SnIGY$n-pC$2TRYeu5Ibz!E%H?2
zd15A^ZH~ct#4#hu7ZSllU)%l`?f&F%qnp@8)YdUiNS<za!*av&2GkmscQ!XPuS0xr
zo+mdj@2$AY`S!0lKJQX)u(v~eh);pmDS6Fjl+635W<PI@gc1dU+N2Fk&m5YRosypB
zO{fzQ;>}6i72IW@Yh-$kYf#c~w<{@aq-$7?J4;7o#kf*)va(&7?u;QLUD@fb>_I76
zF89!+lp)u~%^u;dn#u7)MkI~Q;@pgk{6hx0hh(_YbF#g0ok#e3zv{N5gm+a+jL(XP
zss7%Q!#4PMFJ^vS+$Yw%dcxX*h0}7}LtL+>xYM${J*LI`<n5R-{h1;CkUyOFr?1d(
zG)!;5cdGi7YLT9nnx2#Cii*z3a%ZL`4Ru$`iplFXqn~&6%*h4HJ~P5BSM%iL6pbX!
zJ!FX6TmAiECB0v-iZ1TylHwYko|ENb#G_ov?yP5roVkBpMtWK@JF-%SW(;u;b*E*!
z_Ahk}aA&*RvH7ES#k$gTdRF?-p`4tZo}(Ty3+|jucg~w!(Oy0!*_|2Zv`HH<gdH?z
y<S>CllDq{!9p&fU^I2}VH|umapS(@qmd>krHozNxc5;CC=;dk!yrsWCTK<2d5I%GO

diff --git a/locale/zh-Hans/LC_MESSAGES/django.mo b/locale/zh-Hans/LC_MESSAGES/django.mo
index b0f7321a4fcbf885c5cfce9472a177a951cba9c0..7e17e6c2817f72d74f80547c1633401b7b363923 100644
GIT binary patch
delta 13657
zcmZwN2Y40Ly2kMdp%Z#9!XPcQP^DJ^1rbC*K#&rW9kL-LkU~@3p?4{v2%&`Dq#1e$
zO%SZuz=DEGb`lgt5Jive{@=Y89`1eaJm=%L+RUu^)|yG+xMP3t#S_84Yo+q8a5(Dc
zahxicSkiHFD8KutS{)}k%yCAb7iZwx*bI9&GET=d>W6V54s7f=RWS<(V{jA4nSjHv
zKVHT<Sg)z$bZ{J>)0aYJ8kS-^+=B)1J1l{BF#?0RYf&79FJKau!H+N$bC9_^C7PS_
z9!1rgVLt4Jov<fP!G+k2`#S|5bDVNCw8dW77fWFpmd11}f)`K|{TM^=HjcnQaTpG5
z;W$d#2`r1(QP=$it7Aw@GvP2)hPq%i?(dAGpc_s{-EakJ<~var%0OM{L)3+GQ5h=S
z%5hi?rxa>pov{lJ#W}bUb$;E}CL<kD_vwQ=KLUNa(HPq?6*Yk+_y}&np?DUTq1(nR
zK{^(reg@0n2dEqQ@mc%>3t_LeX8b@@20hpV$73DLXiNU{Qn*2bE|`nD(0$ZIin1Y;
z>gqTF!|)~CisgbxcYCv@t=UOl+NWS=%))9|yQAY2$0tyGX8`Ixk=P6qI{F-^DTVDc
z6vQv^alC<C!>QfLahjk9AH!8x8{b2XzlTcoU#JPr;_g-OPb`cTxtN~3CO(giaRtst
zJ(%lb!8Egm$Q$FdMWr+bm5FJnOsv9+xEm|sc^rUWqn@Z`S98H9P&e#n>%%dadJJkw
z$6-}`1vNq69tt|)D7ttKHPDaz&k644IJK}l*1%ZIhs#jsy^4C0Ew+9DAElm&dVRmf
z7w`@a$KFqvCE1Id?{iL4;M?K6jk@uFP-|1+NylLWJ5OUioQ36Z0V+eAP)~3K^W#}m
zM&80eYP*}vHAHRl&Zvy`LtV#<we|idQ_zjKBg^8P$4*#~tr~_sur^LY=H_g`x|ofj
zSmG%zimfpm7hyfTje3AeJ)OWN?}vK*2BDU83>N18j*mhSoR8ITCDz2l$eZU}MP;b$
z(`G5Up-X)XCgMW$U=Uv~O>7h@V@pv_z6$jg>_qLcW2lLLhd%B8(!I@$o<OB`u&u{o
z0qQeseSz)YfZF8;u{?fgy@|ZJPS7)2SjTCP>`x~XhpN4gd25EF?i1aIVOo=^Gz`HM
zR4Q*H5AAf}Ym$bGaWppWYj%Gs>In{`CUPCy;h(5Y+M0_L#i3XV$6yG)jLPr=+rGOW
z(=0*5Ng6bxOIR4QQ0=!-Db$ayB2Wso*{UKB>(oN_o0Evz8z)eEDfl__npH<VU?<e3
z8-SYFSS*Gw`Y7na^HDQgX$Ne^veXaYi+BMOunSxK03Jb2#5>STd>m^0EL%^-Vbu4d
zUccgl$S%g<VAR*B5cq~rXimX{><4EJmd9MwT57a1(azcnD^eeZb#Rh3&GuhJrTlZ$
z65T>=#<Hw$L9C3LcunMieNKG}N^vXHiBF+YH54_GL{!QaqB69`*0*D6>W8olzGc0J
z%EZs8>lEVgbsZOr1aTka&2+l5BQv#47gNv#dXX<pU^udjPCPck3#c32N8PB%aI^L<
zHl`kj`ckH0Q}m<uLWL3LdomoGP~U{@@e|ySrTAE!@KJb!0?X?pk2Jgc3Rb3m2diMw
z2=nCiP`kS&R=^>sCrm^=zyd6e>rk6(kM)FYe+RYHSFs+Jh$R1=D72-Zl)YqKhMK?*
zBstDG)QukHD?|32)~HOZM4h)AHGwmz&HOQHsjj1ow@_<eG|H@fIn?+^qR78y+K2{S
zumkFX{ZLQhMXmj0>m1a$6{rjBLT$nmSR1pj0Tvl$CejM?Q}2qJP*2qL24Mk=8b$uK
zyJKn41%22Im!c+i9yO6qP#4O=`uIIQg5{&llRbv|ZgjBru=YotKOA+RIMiNBMm@-K
zpY7O*n%QyG>va();<u<127Ao}V^J4Mw)Lgf&8R(b2w%qcu`Bi(Z8EwHb=@7P2Rn<k
z(D$Joa38hCMaP(l)I{xprl=EoV-XyRN~PC20X6X%)}^TN8!#{KMP)ACdfa*j3+Vm7
zNFkU3AD~kD30B3sSQtyjm>X9?PH;l8E;dHpcrfaQ(WneeMBQ)+PQz6=4=au}OS>6e
z>Yrj^z5l;a(22pZ=95_kHIWyw7p}&Fn1ikHC#;V3;>^UJMy>H6)OpbuinCD}-G{aD
zP1Mr;fNSw@EU))Jb(~ERR-%3!mHNwA6z^a${0DWRV&l!)J%%Ny55f8vgX(`3tKlis
zm+v}iLibVM6F1)Uw@05+J(Pmh>LpZtnjMgaMW~;~5PTOk!Ou}CzK2?pKd?ClCpb<U
zY=w_w0=jq@HIYy8cf5^n;>|?z-<!hzBs0T*@D1vr6U<uO!hF<SUIpE-HV(yxSQ;0g
zUZV}xgQ)MvTNsAdu@M%VWa=GIduJ?aX;)1m|1~K1X?PS1O=caj0cv8i@G<-ZHLma!
zlc_LNMw+3Ps1ugN-dGAppq3`Vw$HS#wEa6!OOfHDpiT1`YR!MO9i?70^+u?HJy92o
zM%`#K>iu4TI{yRfkEqQV@{*ZY7%D^Uum?ViWZy|eJ)p1nRFmRi*pP-u9E!_q{U_9o
ztMXN0|2U1X0&c_>cpSA9cTjsF9~tG1bBdxeHwE?f>_=tz7%G!rVsX9yPO`Z{38cZP
zZtG1@Cq9mR3Y?y}507B;Ab!i8W_~AJJKb?!r@g=o^LidfP4pgi#;BR*$MFuFOZ_&s
z!%4IB3l8@`M1kdZ?%)U<J)6Jn;5%3k%gixL(Ge?BAA)+_l5G1%REjgP8h(UL@h(=y
zTHLiVc111C2vi2AOYZNaQqaJIm={0B1fK9S976r+`R1QqcAzfYV1e1y!|@gBi!mOn
zE;N5{Sc(IvAI3y1y2!ka(@_&RkIFy}`YKVV$yM55M=XF-P-{LNy_kYpn!hjti!L_1
ze>`g9FQfX`VJX~WJ&k&8KgN#u1;$~eCFVD$`Af*ZPRO7^yYqc4jun;~LotMUD^$w5
z+4?ZlM8;qgUP3)ti)H4#LDp#0l1#!<_$q2Cc3UqjBmcU=4I1Q6s2@6iVJR$_VytWp
zLuIHlHo_iQ6DMN_T#sxc=PT5ML@YNZU`gsTQ0K2eWq6&Bf^NLmnt}R)UBsSv4L4%F
z73M<kTEDd3vi^x(7#FhAT(1vm0z<81QJ>_g*bq;nmd5uZ1x?@=)D!1fWlk)M8c+-S
zV*~3nyhZ&AHo-SuHB0deYK@;?ZBo1%b=^a#>z=h<Mol0W8|(cqx5nJ)NmNH~?20d8
zGdyGc1+@q2rrPfU@@;Z@;y`>0D`WMw=Em)<PvNt)4@6!dXQyp%zE0y<|IQTZ(a{^V
zMw6`zP$^u8rE!n-3=X1x8TEu=>y2%#-L21IF#RJ@n=r~c8@0!_N$&3)upK9`67?_f
zNxY9$u;T{vn!SL!;ftu0&b6kZGP4(zu?wip^#^JXg`}B(dKrW||ETpm`a)^=h(bmD
z1M6T}cAPTO9<>LeQ8$dUPDfp6h3(&j{iyH6LiiUda|JdT%cIV(V{L;qsQ21L{x$RQ
zG<3rG_&C0Unn<zD=BHZ=>`uKuR>yUywLXRI@hT3%id)RYlTevRLp{JJs0m!P{)l>j
zpshYrD7Mw4urlff&9ONSKyAtes2d)`ns^yw@IN>hM{P4VK8w2H52(F#4~t>`?dEMM
zi;q%&66@n=9|f(|O6ztEtdaG+ZU4x61Isi1o;75L*)uh<HSHZS2`6Jqyp7$l&Q7y5
z<51V1V)f0Tpx0wLK7-lV7F+D%FAErtW3cjWvl-`L1L|8)6ZsHZ;7zQH?rY`-PoXj}
z(AK?Jj`{@DQY<p<J}1pK>_MgOwCQjzSU<7t-(Vs7bFnwx#ctSnk8uuaLho7qs0sXK
zExy;(t6Q64LB0Ro0tGILWjSFWYOTj&9L~ci{2h6toDuuXMD>?=-JpQAB9@_EAGIes
z;Xq8qMfkI=Pdi{9<a4aU{hb>W^g$`|y7|yVVngbaP!ri^J&W3$*HD|#NjLRcsBuqX
zDU3j!KLPXM77W2%s0<&mo<yHI&f5VWS+84fp-%W6m3rr(u`rgVTE-e`ZD;L+`jACh
zefSOaHK@$Ibja+jPY;p*Vl*TlHm}KI)S9kG?cOXbfmMze8>0F<pmzIA)RUgX7I+Jr
zVU45a7mR_{x!8{OV>lCk#g+J?ejDvUq117cx)-c*s4wDlEP`vX4(_o1A6RdoGWe@C
zIK$LSSRb+0!^VtjiS;oW+u(8^1+Cd7)F<;>tcrJ0?{Uc!rhg6&q`n5V>F!$dW}5TL
zVL{q!TN|PFN-NY74z`A48S2rfiTkEf&;;gN*V&H!)=cZ$Sc!3;qQ>7v{fx+W(kww^
z)DsRvE!kq!jnhy!+HO5)+s~LffB&}~mob!q-=c0%<dm^0>OxIWH)w^Lh!^$5GqEr(
zvc78FjM}7ot!GgayJF43;(GsoqfnHNf~U=e%b`-=1Oqd-9<-jZzK^=#Rn&xUVFdnz
z+Jq5j%=cuKbr0%#Z(w!&084Uz=dKEv_pGrT>irJ2^<Jna9d3<AZOZZ1si^bkSyM4D
z^*yM}y>2~bJ&gruzkogsxI{rSx?=qeHPcFO80(-;XpVZ_+Mzb<XzLWLOnpA;JFyL?
z<9?iq&CZzzI)EB?1(or;=j_ja=e$W>MXXB4RP2RoQ4{$NJK}w;i7nqW?JuAv;zbuH
zqt0K0`jj6--S84>*ME=G(79lK+)uwi{_|5$r9lHXSx=&F{Dn0K>rlUk%0QKirvE8a
z<_2PIoQ&F>X{bGsfjaMf)Wm*8jW7F_v89hfUK*Z97l&EZt~E}xzJ_|Dqo@hLZ@r9q
z4Zp;8Sm14wsjjFS%|t!eHoS{x@dG^cj`<6VZ}z)px1PuSbo`D=@visGjV@WQU<B=7
zp>}=e_l<o~n=itegte&8!6vu|8{l<RhC(ixzm7LUm;L8Vp`aP2qP}oPup1U<nyv6T
ztcS0lp8OapwWqBgTeGddTSGoH<EmMkTDxI6&L0$z^^c>V)Xui9wZ3k>h`Ql5>m5|8
z^L}K0Iqi(f*l^Su&&1-m87p8qw#RpI0v7(*{7N<r^XvV8n?ghU5M%Hktbs9~m`%0>
z`%_<M>vvHZ`3K8jy~`#u9nnku349FqV?oSDP4Kq0%oQ`i*67nrdr&Bb&s(Fh5cP>T
z0H@(P{0vJ5@f4q$pW|~s<DXe+zkzyy#LvyY9c@CruFe<c$8;x5qB;e8;!n1{-Bs3K
zGoEnOocJ|%px)t2^K0@{R7%sVr%;>d8fwqv`^x-MS{=*jJZy^3p?-YN#cH?-wJFbH
z70ks-nC}|-cPY5nObR<A4;VO_@u!|n$K!^;pJns#D%nB5VSAz>!AJAoqd4_~jC*is
za&>9bB#IK1>1%?Y`)GV{+@SC@^}bjTQ;5fjWILcc9<b%XwAZvZU>gMfQt=UO<!E~w
z(}<slOhTC&N4!pXh&_KM<x-S=+8AqyZ;22Z9~|t#K#Hn8)K-RaBiauUlZiG2pM$`!
z;}H03dxM9@Z=mgaVm9#$p`$JR+T?M>ydeGjwMS1n_<7-+#c4R4&|WCS6P3UR#|O5+
z2QTnCsjBbB??g7|J~*@?SJ}G0q<`452M0VDr2BtE<q@08mXwQAeuhESuo<={o+9QD
z-H79iS&KgsH;EFAJ44$`lph?IDK8=(r7!-W_R*B}AFixmV3gYR{Pihh5bGYCjlZgs
zW0=9==Y}(owtsAUD9)wLWBWxZ+VnPs+qOm6%Z}Io^Vys_pZ~z;T0>qTeC_!oST&B*
z4EmJdLlyX~_zV1-xJcU);=ysBa^8pPrFqH&)W5WCUo-Fokxg8s?Q0^M@>{mQ7UQ>2
zUaaT;i;f3JCWY>Fyoq1f!4;A3OW=pdd91<7`j6Fy*#5@&8nMvUpJR-Ujnw<$sX&c?
zQ?QEKoUfyr@;{!!tHc|e@ReFQo*^C~_#8Mb?1ewXC#io&JbV<h7yFt12s-%j5IAP?
zXA1EG?Nu1lnesHsv4oCT;vK#J&k?UtIcPgV7+jTdNqgbt^!-6(5JhPFfWBFF?60)F
zXv_Mt<s<IddLPQuiI1t*BJNQxOKc^2P}i5#H;+Gbl%`=H@japAn87(mJ(tKK8WBeb
z9Z%wV;(a2Kc%F!-eGTe3rFQ&*7)eZ}uAecNiAc&ju|OX3|1OofR2mbvDHkAKr@Wic
zQI99yW{OTb`l=Aii5F>`i$&=lfWgE`J8lZ)GL#dDO}0%`CFa}u8OC%9V*U41(6Jjg
z6YGdOwk;n{Abuw*aidn4K<G#(f@oVCsQvek$83KveP2-?PlV826Vug4`<s$urQZMM
zR0iQ*+xRl&rIbrCusY?%ln)a<DPJXYl%THT8_dHv9buG@6Mb!;+Fn&Zv7Pc5+dfMj
z96PA%{?2v^V+lWH7sIeAQPo~}HEsHZ<NqF^^p_#l+m6$?i?I)mjubw#^>=M!N$T5d
zTb#cCU8&q4jxwN=9h7Vbe1cnO>uu{BDUYz_zpx4M5^bSGJ<6MLIv&9va1#3QAAA{g
zc&$fqgVz5i(;oO&uGW+X*#Y}0cc6UC*7w?RtFSt4@8eLSoo)Xd!)brs)*rR!)g?oJ
z+BR{Rs7Tu$`t$lId`ICNjXx6$2puPAi^Mwg>sUs8wJ8SvrQ;Rq{fY9n{|Wl^7Y(iF
z1v^e$XG~|}7Ue#89kVcoc$Tv7Bn2H`65WUuwyw5OL=N#cZS!q=Q>?&Er_f%J(D5{p
zMEhfb8XqD0i`%kGIg4@{(ULKn>~*G^exGxPLIG28D%nm|^<^AMEFfl3uZ(So;Y4BT
z^@*L7b-2VeTh2>)Hf1HI22p_+XZuD_?r6*Z!TieCB?_hK$R%{VK+K@+E=JhFHLw-+
z--wB}tqbPoE?e;u?K&nBV~IMn-Lm7VYbG4GiP1z`VlsVE*h}lB<3}Ptja>pY^T&Jk
z0>iK$ah@nh*B(2jyzT##`k%IJy8?`&t(a{uDv2OsA;o<}1<Jmg6s{0D4$&|e|3eg_
z{NOl9p)mEOIO(DGvXsl)K^G`rAyRF97d}gUC86U!5lwjx79x^})S$qYqhyaq81Rcd
zp}%e0fy;=eh{B}uTl$9*PuOv_F{S#Paw+-3zDl3bC|^)YZrF^9PGL82boaWoLX#3a
z@v-4!J#`Zr6i!KP9Fa1*VNxG6qJOkE!S##{_r|yr!xP*DPi&$a6(2X&O^o)qv2lss
zC~rh~qBkzqO^gqZO&Av!pXj!Wh>P@es1<51*{)Hb8kT;)aiu)zq0QP9s1f0bw<mhs
z#5gxRiHpT1>Ovkjd{nqMHX$)(=ZLC7Vd;b0tSD5qM;|vX-hIwa(jA+Wkm!!|xDnBw
zh%uhX^qel|LehhtO$>G;Jh2HL28NIFI8S>Ys=0kV5pnU6>ErvqmM7)(fGUw=nPE(r
zJCOUjF`lSI9&uda<OXhdOpF`oOK`*EJ?_}>MD7x42ZqPG;p4`+BqYHT<B3T0M4A(n
z3OZtJCh8=ZOQaVXxU_^jE-BIEryn!$IDI|;yCETc)u={6wfcGzl425FZ&V<!ed4&*
zWY;sv6Ok0iZ4~)W2unX79hAR}8|j(AvpM~A-3U`l&x}1BRQ8$veI9i7|F@hTH*RcD
z(72S7@vT$J#cvN9mwqz-TyV91p7;qKlG?Y28%1*a_3q(P|93Uhr%o7K(5HoKI5IrJ
z6G_rz61@$h!XpwH{m_DG<s(Q8>%lIHbVp8BDm<}~-q=xYIEfnTjfjh3P<U));MoE*
z(}lJ2%G|i{goKGKPM90mYYEYDNimUbTx`r_pRVeO4Idf9g-MMTM_V<4^THF|iC*d>
zy}GWh#IlTwkDK6)<guc|C$J>$f3v`DiHnW$j!KFTELwsa$F1Whdf6`F|IUErp6q&K
zS*LhbH)e9E?jP?N9aw5jz?-PcBx-{`{A^+AS6?m?l%C_u$e+@3&Sxnr=l+;dcCI&%
zQ#j@2c{Nft&wD;){p^Ge=7q}Mv*qUWy;&KDbCw^tnY<=v!`7S0%Wfu5`~Tk>*S~lv
zoi~!Fr~fi9C{KFu!p!`S`!^iVI{u3Lbl1*(-0ZcB{PQ>F?B18VZ(7!|ZMmmXb2l!`
zJ-$0DBlG62g*4`@nd#rVDSPgbf5+%zr<TnwST1{Wa`uL;F0WVi+?6@YcQDAmWKnvD
z)H6lWhi-2h+$4AJQUBt=l`~JNf5t5T>_g7~+nT#~zdv(D`l?;y^Mu??p6B1YCVR(5
z|M~?fXJ2dF-4wYmJ=qI(`j0Q?YB@U=_>V94FL~wmiG}{TtNja)-JG>3ci+~BdzpOp
zyyWb)^UM{}|9-7&@rqfeHs<b{=bt+}d&Pd|;Yv#96Teo^*|Rcd#n$Y3+sT7}%Yod3
zTeDXk<~lhUDcS4S>e*Xl-p*G#ckfC6mO0MNb*r<Jr<qE6)i?G8l@IJ0+xt*C{q1vI
z^%@m_^G9Bxzu#OO9C&9;j=4jY$xvW5{Hu59#Y$iJ_O}Im^yvW?@5{<yrPt)1n&V%)
z!@qBKPTDk{J^M(8e|{Rz;$M8kzigq|u~`|L>CIlZ)m+ppw`tUBZdv0`P0Kl$_V6n6
zTv-{jxUxxCPR3GJz(03?wr|gt?8Qs6PNtf4D-nT(zBwb)f8=#Co|C!P+|@j@G9Fmw
ztfLFE=PhC}v?NRRah4uq$u=#OnLRsWMrPIt%_i&UasR?u{w2H3ljJ5Z%-yv6=JM6K
Y`-<-Kuic-$U|CMaI^}-UM`!Z=4}Z*;pa1{>

delta 12164
zcmZA72Yk=h{>SleL}Da%Y#~8x5>ky>O6}Tv&#2fHG0TtG#A>V-MQuv)tG$9&X{$r4
z^j2FdO5026MY*c?_0IYD|L^0TM?Zaj&iStMJ>#3uo;eb@Wmll@$Gn-BdX(asJg*pr
z=JC9X<WD2j>Umu%d)_kaihb~RoQ7?yc-~sPfU!6x+PMwY{v(z|UySE<!*{VP{)I1L
zR8`L_%3*H+NgW!dU=}=zx$z_HkKbYrtX0kPdSFuw!;M%D4`Cj>j=Jsv7QkS7rS@<P
z!f33I)o}uj!C0Q}-6PQjQ7?F2ORR%=aW3Y=)fj@iksf<TF%-YUK6n#*VUz0ajW=O_
z>Ss~+{RuUg4>1f2y~t=|Wh}w-y;n)}z@exI`cOSjMcrs47Qn-(8=Xgu)W49?_nx9U
zRx!@=8e$Wih4WC?=d0mHrabC7wNTf$M4uki(GI+Z>c9jH#|79E-@`XCdrdbLt1&0_
z?Wi|8gnG~y*cQ_<8^+ag=f8{^!PZz7yJKdYR*Ui1jb_uJ8!Sh4U<Yc5Pv98*9N)l3
zwHb*3&pV0rsei}9Nx&j?J?~|ljwSFk=E9q(wet}5oXo7eSj>mju*pk|e^!zSG&I0z
z$Uoj`{#6x&>ak!j4$I&$)cH$LL%bT*!KnIf_pHL~)DNQG_(SZ9U*b}%Kri)TX{e5!
z^O3M4yzfy%8A>lS5|OBph{M9z0*hcgcETyBH@b+r;Z4*7|FHVs7)U*o1rd(9u{c&i
zb+9Gsd|wxm2$BJ)6KCKnxE@R4E!6f2rBN5;MLn>%)hl92>T#&;*A2BzhhT3!gPMwR
zjokG$kWYj63i3RkH=0Cq@+Pv*ywezje`5g*YV1a)7^>%0F&OKhMxr6ALvN!-Y%^+6
zA4ZMjIn;fwV;OvcdeO)xnsT4#)g!4-Lo!yuQ>YW~Bj<XBn|fY(?1SZSF1ANM_QfpC
zm{&|dy}%O8jOS3>?L4Yu>8KZYj2g+z&29hZCMiur46<{)j;JA8h*5YPBQPCDV{i-B
z0Zzp7coj8bA+NeO&x0EBQmC~Ri|Y6Q)T*D4>QEZ`wCKLEhTE8h`d?NL;&Z6ug|Qe`
z!GhSr?2qh3Zz3{~-hO1ccyX=VcVi-ErT!i2KG#rF@(8<Qj@DeJp-gDaP4OtM#cXXD
z1>A;%QC}6U{voJ0nThJq`^YE2`wX>Mv$b>EsxoTmYhx(3!V=is+9#qG>w<Q4TRmGt
zLw5YY4jjik)W5_KyoSMe2kE@`09hX1EA(D#Bn7pozD8}cd#E?f-N7xsGMIyUUCfCs
zQ1|WTBT)|r;zUfuM7)c;u|LD02j^$0hhZ_)jjLL{3HGAi1GViAV>c|+*?oc&@dfIW
zklFF}U_tb{xT*6MBGFKEFym1loH1Ay7nuj__!Z1c`#scDWajgx#a9_M*RiM$*Fn8l
zL)1vNL0#7m3t$q`5ucYrqM_M<x?qphk7GXS=TL8c)qIE=fe>C(H;P2PQ4I_U;6cbn
z@p`brj^bui2jUqXbzm$qxZYfh*0TMHL=Vc<(><sZYL07Q49-G6V%`C)hJT^vJce=S
zE9;HLs(1+N;%~SMEA;lfBltZsi{6SpZV}(XqSUkT@hHagy(kjBc>~lcZjFU75%q>C
zs5e-T+Shwgi|8Zs8*9Ign(IHX0+#FNK5Xq#BeulchU!2X`gj@dGKn5ktG`=BZBawM
z6LsM!R0qC8t=eBv9e#unn0bJk`zX}hS3#X$9o5k$sQYz7-ERo$MWzm5{5AKBX^?B|
z#2u&`oJ1|cZ?FtL#Y$L;&!0Nd2KB%ms1Ef<-Df1~LpB+;xM!m7w;W?}E2?8Z#54Zt
z$!|31Mo+OK1`c%lIU2R9TcW-Xoy@-GP}KEfQ4gAhT1zWXZ~UIMpFnl&JQl_)I2NDy
zNOZxd*IW;0nk!IiU>i=xQ}_xt803a<7V1W;QE#%}+E1gV@-pgyf1u_%Ai<p%jvBd2
zs1ftku%r>{f_7#f)QyK@W}Jk<m~7557hx9Kmt!EV!EjuU#qk7c<gQ@G+CiQF2+M2#
z|4pI?mmlmN7>9cE#;6DO#;G_E=in{W9F7{|7T+e!PW@xlb?1>C=>3Z7Nb{lY%QpzK
zQs0L)@i<0m|34-Pp`qw7H<x8m7sg>Z?1&oD$yf%LqUQPtuEKMu576M@HbPj0`W)2I
zZ$Mp_hEe!4>iQfbSZmt<#YuERb1Z?cqi(nu)q$;84A0x~yQrbfHPTH@6;wSIb$vTj
z2S%Yra6W3tm!Q56tFRV+g}w$Pp|884Y>j&GNPLX5@iZona$m$|iLOH{@D%MQP*X8u
zwEG!w5cR<0sPD>Y%!j3u+-|60wnTjg`Xw>`RY=Cs5RIEr^^3^j@Pfy<xr@P))F)#X
zT!*dj30B8u?4?rZLoL?z7>Zjk2kyl@cnbA1-~#5xTVol29e8Xfgp6}1grkN$2DKJi
zqULglwa>Ep2CJu`ZukT0es@sY)f?}wZ)EnzNSddjI=0?N5=OEco8f6>RK462+#62E
zAnIRZW&92`v{@#)dOYgEsmN@38?X=-c*FBv#AwtM3`DJg3CMc)l2Ie)yGx>N5jDvT
zaTU~1w#8hSgnGaXt1q+qCe(HNk)7tH;rm!=vip_oGWw}EVT5bqzfm2mKE?e}Z8J93
z{=ZE!n*%Xy@;Z1BYvV&?6uoN6{OXO{u_=a5b3ffWVo~Z-urRK|in!0(uc1cv8ERML
zo9=#m$D(%2KrE{LKZ8VbvJN$Lr_9T!6CYq^44c8!1n@9iLVf;B_gieqS?+H{CL>K=
zCf-KBC(J=D>La)Sf5UP(k*`=M+<=ih-}^U--aLG++qd1Y7WE|5ob5tQ!2wLbv#6<w
zo#+0Bq#<gxZ$@?a1Jv=aQLFvB9e-%`z!bMl3!twaCxnxXz@8X`=TH|u!)BOgzPn*}
za|njgJ`puyv#q`k`%~YE12HeJt&ts%>d;DaJ8DV}FJS!jpzmqWT;4IWFLVzmW5!~3
zj@L(>-@@!=zK$BH=@^YESQ?MuOL!HTH7{b3>&PZ^-y+6e`}H&py1^yPjaN`_c+Y%>
z`KgC2c7ITb#C6n%VJ^(|rn7_@ZPvqv9B+-fU#hjQHFx<)DsvzWgYgdP#0QucGo`v4
z=SLln!VXx;oQl6u{}!v_DORSY-~noCyDoJj`xffHdr|j2Y5FdZr~|h!1`8~64{CyH
zZ-uYm8yJfx%m=8sFTdP<2O1!s0Ivmh#<Qp?ja=a#T-R)lZE5d}tYe?I)egMymOJrf
ztiTDaFb|G5=b?srHRi(|<_YXV{Q~L@tGw;3Z8kMKVj#!+p%&l344MC#BwAdX%-wdv
z5iCOcWo&|vP}{5CO80<XsG%HUPR2si7o$dM8|KCzu?616-dKB;yMCqQ`Q8>1eHiv)
zVf+!x;-9FIh*<5Wqy_4M?aX-88;`T&Gq64N6wHQKP$Tw>`2=-+_II4&=qp7-42gQ)
z0qf&1Y=Apa9l3|$Sa^;51jnKF^%N|M?_ym%hTZWgs^eYOx{;WMTD<#F9XMuwwU+tU
z8{D8l-a~cd8R`KA*<&wYP1Ir>j(XrK)c!tzL-7afhRxq~58jA+;FqX1bP;pnZPYIL
z6H8)+^*;AQqvd)xSL4mOs1B_(w^;jL^E4LZ_(k(BYOQ41;C|Yb#3brHFb>aSQ_Q~6
zO-*~${d@W>8I0N%W3e@!#oAbS6YB#zVo!XAL$JqY_Y2AytVBH>)uFtc{32Gs^4J&k
zpn0f~SYh>TSb(~3KZ)k#b31U=>UU5>7_imdAgh@l)m{>_VR>wYvDgTc%`>PD<=o~h
zgX+LbW*eu^>t_w4F)Js`G#BCs>ML*{X5G#oE^q{@1G(OFH!NV5!!X)wq1Hlc?2OyY
zOgmhMyP+2K0PLcl|0yK;prm7Ee2iLTWp_FoVkGt6SQ@8VeUlwOgBrmbsOukL5JtW4
zMy?{N!!^u$*4|k1e6PJV^f8B_E|`GXaH=^E)zPKqR`aO&6>1TtoBCUbtJI64M&vJK
zR=qB}-EIij!~Ex@AvcNUt^{he#-qMmtIeHu{5aO6J;?9gv>s})4Z~R6fH8Q<%=Ur%
z#ikZcr+qB)W5auj%`kPZ{rvx7uN%VOQD4BoeeREB;i$PPk9o1JIRHbck2R;8i_Le;
z?WhhNz>0VqYhnKV?tX3dGyb_~=ubm&OhoP5H|>P12izhmidwyi<_y$z%TbGVv$+ek
zRt}=3@O$$bhEczb>i9F%3x)U&x}-SjKvnZ4vju8SyPz&e#0oeQwb*u}-tZ^Xl;u9;
z9vq3fUpce7wKuSOGt<|Jq#P&qM?E0LT!VUpJ*Wp9#3J|$>WzaAyPujl&BA7B%*XL)
zvmvTuoy|e0ksFUWSbyFe65V(?YUuZ1M$eBptD|nv0M)_v*dGU?7TqV9AD@|FN8NQ5
zP*WCXHZ!}Uw(+oxI`jV~iQZ^~xdTI}?=w%LZuGf%1v68>j~byz<})+snEPEa6m>id
zwI+(1bx|+aTWbFgCCP&0QFA&KHAL^5$FV5&FHqluUojaU;3OP(+`Z95)OkhI+#fFE
zun_e|s1fUh#qlJz#H;92Poht_Ul!}2hUN`a`#Mxdc47n`L*3vf%ouXi1H(?b)g6OV
zsW(DB_+!)vTtS`pvl)2GZR--Jn18)-6B_iuB#gvlEQ1?RYvWVY+}}if4<4gB68WJ!
zzrNWIGt)jDBXEwn4b|aKQ60K!-ujU7*LJ!~Lme#gksFE5sE#a0_52{-#|!u+o;mIQ
zVDZ++ZV_I>U9^XuaU*yX^`L9!ZR}6|chq9;aMl^`Bhlg-W6s7X>ThFJOv6feA2lK+
zK5>8f+!)od`Pdn^Vj~Rr)cr@OCRl;`6jVpHqegI#`H|_nWXZ4QGc(U;?t;>092VdP
z&CR~3AsuHfFgKWoP!Iglyp9^-hZv5r=Q2jh=d~r#T#i94wxy`Wvk~j!F&u+Wu_-2g
z?%wDKR;GRmhvGdfg}uITYbhB!P+w^E8>kVvhx!y3V;+O`^S>%d0u42=I=+ip@e-EC
zt7h<5u7efL+L)8$EzEA1jd}uh!bDt+pI|o}be{j3f~Qa&@9?#L|078zsfSmvCPsYY
zzJ%Sd1@$jc?Zqy*j&{PH)YI@KEdH(gZMG+BB&V2bP;2HGYOSPWF$}oqrm{Hts?kuL
zq%aP`5}1rygzus*ID^`T=@^0DB{v0;7(n$Q|MKG|yhaRHqm}jKU5G&HnTS6LZDEz%
znHc{y9OS#;Z6@OE!o21}+7=Khn~3YgEFvq%8{i%+k2{FXb`9zOm8!G_63k%6_M3^L
zh)_HCe1OKEqWOMa{@`GKq9IY7n9qT1_%YFrP|1XUxisT%y~3!c5j%)U#P38iVgT_8
zQHyigSl*9zO$b9VTDhM88Yk?r122$=k*A`{A!0I-l?%S0Ei-D0?vQsT#*i1om+=Es
zVYy^{Gv1-zk-Rg}l_*DDJ0yZoDM;Pdgk(lW)%`Blkw%qRQ+aK2c1=ckm7I0zWuqf~
z$YaR0Ncn(flohmva!jQ;xyk}l`4sX$i4bzul+RmCqSgHoji+!SenYG#ekE?vHXr}H
z47GYFjoJYRh*+W}p>mYymyz+eYuMM$|AqW@qC0UpqmA(&M5Qs6$5;XXCaRKum2m=z
zm8NEX-YyIIa-uxvXwPdGsVuQ;;>eRSTHH59+wv&K_FLO@@<YTcKD%Iuxz$b($7!oW
ztRvTlWE=Thd=K9zu8==3y{Pvf+7PRV{2bVcDuwY3agg}Q+SERT$XNgCL<=GZ4b6!j
zgvtXV4{v*wW9P~Bx1YW6A@NW0*KjBCyxbufL3=pYq>z6`zR?aAr0sb*M!UX*O9Oa*
zO)C4S=nM7C&L~COam(xD0OE6E4pEP&&vBJ1W_O%nxjW+iCS(F_orq^dW#R_0g%h6G
zN!_&nAJO<Z@eA?4<(xHaHw)qwJ8vcSBd*c*lz5Z;9XoG|ssF1kGx=k?M$P-l=Mfc&
z#u?*JV>IzH4ZDaS@_eW=4*x;)AzzCPh&AMu36&hwzsDd{DQ(V1{oGfXNUS36()PC+
zC?6BM2;Vl<DA_sqlS{piO#QD`>&d%fytOSN&uep;Ox~1G`Q4H6qr0``;s-mfd;@ts
z;x{6m=&$)#`IR_KLl-PZj3M8PGw~R1#TuycGx06;bUckJR~;EY?HZD2q5Ul!NW4wn
zn>a!qNfaU<fhqWw=D!h@0>txDivwkelEn8!D?;T<)Q{cQ@q)G8G`rFMF8NcU5wSuS
zSP6fg;9qurZSw4D*ZcoK{M!z^LVlCT`Cr?my&a?38%v(Uj%C5g)L*jWgYgZ*PYmYV
zRN}NQvJ%Ak`N+pveHi+3TctV|Js|$O{DVq0Yb$|K)N|qiq6smN`VzaKH|k{yS?AVq
zd?JxVd`DE_*bBroBD<aQhb}2<6@E){|4omRix3;Aw<Ur(euTQpcSJgQ9wLGGC-qa<
zk_aJwB=o!B2~<fS0=YhldPVZtL|vjS^}9IM)*tErmtv&95&t4`S@U8ph$KF-y7(7$
zm2>88Q*CXCsl-xMDAPDr7)N2rj28F5_f*oScNUS0US`JK#C4($CoRM0C9fqf(pG?T
zd*Ykc)(it^%S7zcHF!bC$oCR+h&QO##pOf<p>hv>6-Y*s9L5;jPJE`LluM3`|6TSG
zd0}qc4m%O|IZven@gezKtE+7)d1<_bxri{XQ@KriYUkB(`n=0D-XK;I7iqj?Cmf`%
zGMf5H;-ag1ubLxqJaLcM$noiz8_(j;Sj-;!E_Ib~+LG};v5Xi-J*Vcs2q&JQLFEK7
zDI??K!3kvum2Vy1+c=1}v(|3S8GnQu{=9-)IG$+rqU0Tj)<iz*)LJ|CwLTUB#PbqO
zo<`+8Yxn^B660wPetur|i2o_6y{jgr){QQnI;Ki`YPXm<{)W-v0r{FHL`0QKN{k;h
zyzj91@`;tWEcIzje}Bbl`7(tx8$NKvs9}9aCyW^Gul7RYEdG<V=V$XLH98X7eqhA-
z5lIn)`i_Z@=sSFT#Oq1%i8?K@QpDh-#L*F>;ztf0A2E7F#OOf@i4pO``X&s$Hf71!
z__Cuof9Tl0;}f}d<j9Ou2E`8@88IShw7*Kbv4Q@x9k*oi2X&p4+rKfPQo#C0gM<BH
zukQ%(|6^1_KtP++sHB>ylSXe2XycDc`Y_O+WBj13soRpD22}QMnszuiHShcp8SmJ2
z?v>QYlo6>7qYI_hoOdU6MM`+8Kc&0>^!z6Qq3JXB-8j7L#_@GGr@rq$zVKMEKW*8J
ztp0v$4uy2xlzj7@RX3Bj+*~#1#^J*^jxPOq+2Y&Fciugca_jy5=_}t!-!T8?jtxIA
z*_*y&(e31&HxBRPz4+(m?8P?@zn6Y&_Kky!Zcbl#<G>-^WZ|M4$5y5v*qJ_etH0p(
z`hosAJ4a^n&)QupSL*j^5B&E}+zIkO`FK-+|G?RXdb_8e+~LiB{d8fVf8`ffv-lTW
HIu!IDHU0#D


From 6b78e6e283f0c288ebf40e7e4dd59d2dae47be44 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 12:48:50 +0100
Subject: [PATCH 20/21] web: bump the eslint group in /tests/wdio with 1 update
 (#7635)

Bumps the eslint group in /tests/wdio with 1 update: [eslint](https://github.com/eslint/eslint).

- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.53.0...v8.54.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: eslint
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 tests/wdio/package-lock.json | 16 ++++++++--------
 tests/wdio/package.json      |  2 +-
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/tests/wdio/package-lock.json b/tests/wdio/package-lock.json
index 0344ef3b22bb..1ce9d60b5563 100644
--- a/tests/wdio/package-lock.json
+++ b/tests/wdio/package-lock.json
@@ -13,7 +13,7 @@
                 "@wdio/local-runner": "^8.23.1",
                 "@wdio/mocha-framework": "^8.23.1",
                 "@wdio/spec-reporter": "^8.23.1",
-                "eslint": "^8.53.0",
+                "eslint": "^8.54.0",
                 "eslint-config-google": "^0.14.0",
                 "eslint-plugin-sonarjs": "^0.23.0",
                 "npm-run-all": "^4.1.5",
@@ -382,9 +382,9 @@
             }
         },
         "node_modules/@eslint/js": {
-            "version": "8.53.0",
-            "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.53.0.tgz",
-            "integrity": "sha512-Kn7K8dx/5U6+cT1yEhpX1w4PCSg0M+XyRILPgvwcEBjerFWCwQj5sbr3/VmxqV0JGHCBCzyd6LxypEuehypY1w==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.54.0.tgz",
+            "integrity": "sha512-ut5V+D+fOoWPgGGNj83GGjnntO39xDy6DWxO0wb7Jp3DcMX0TfIqdzHF85VTQkerdyGmuuMD9AKAo5KiNlf/AQ==",
             "dev": true,
             "engines": {
                 "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
@@ -2924,15 +2924,15 @@
             }
         },
         "node_modules/eslint": {
-            "version": "8.53.0",
-            "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.53.0.tgz",
-            "integrity": "sha512-N4VuiPjXDUa4xVeV/GC/RV3hQW9Nw+Y463lkWaKKXKYMvmRiRDAtfpuPFLN+E1/6ZhyR8J2ig+eVREnYgUsiag==",
+            "version": "8.54.0",
+            "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.54.0.tgz",
+            "integrity": "sha512-NY0DfAkM8BIZDVl6PgSa1ttZbx3xHgJzSNJKYcQglem6CppHyMhRIQkBVSSMaSRnLhig3jsDbEzOjwCVt4AmmA==",
             "dev": true,
             "dependencies": {
                 "@eslint-community/eslint-utils": "^4.2.0",
                 "@eslint-community/regexpp": "^4.6.1",
                 "@eslint/eslintrc": "^2.1.3",
-                "@eslint/js": "8.53.0",
+                "@eslint/js": "8.54.0",
                 "@humanwhocodes/config-array": "^0.11.13",
                 "@humanwhocodes/module-importer": "^1.0.1",
                 "@nodelib/fs.walk": "^1.2.8",
diff --git a/tests/wdio/package.json b/tests/wdio/package.json
index f9fe4e7ad3ed..90ba2d765b33 100644
--- a/tests/wdio/package.json
+++ b/tests/wdio/package.json
@@ -10,7 +10,7 @@
         "@wdio/local-runner": "^8.23.1",
         "@wdio/mocha-framework": "^8.23.1",
         "@wdio/spec-reporter": "^8.23.1",
-        "eslint": "^8.53.0",
+        "eslint": "^8.54.0",
         "eslint-config-google": "^0.14.0",
         "eslint-plugin-sonarjs": "^0.23.0",
         "npm-run-all": "^4.1.5",

From c0b7d32b365520425e24d8a22940525d5327b205 Mon Sep 17 00:00:00 2001
From: ChandonPierre <80500072+ChandonPierre@users.noreply.github.com>
Date: Mon, 20 Nov 2023 09:29:18 -0500
Subject: [PATCH 21/21] sources/ldap: clean-up certs written from db (#7617)

* sources/ldap: clean-up certs written from db

* fix test when certificate is none
---
 authentik/sources/ldap/models.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/authentik/sources/ldap/models.py b/authentik/sources/ldap/models.py
index a097915939b7..2b939e02252c 100644
--- a/authentik/sources/ldap/models.py
+++ b/authentik/sources/ldap/models.py
@@ -1,5 +1,7 @@
 """authentik LDAP Models"""
 from os import chmod
+from os.path import dirname, exists
+from shutil import rmtree
 from ssl import CERT_REQUIRED
 from tempfile import NamedTemporaryFile, mkdtemp
 from typing import Optional
@@ -189,6 +191,11 @@ def connection(
                 raise exc
             server_kwargs["get_info"] = NONE
             return self.connection(server, server_kwargs, connection_kwargs)
+        finally:
+            if connection.server.tls.certificate_file is not None and exists(
+                connection.server.tls.certificate_file
+            ):
+                rmtree(dirname(connection.server.tls.certificate_file))
         return RuntimeError("Failed to bind")
 
     @property