- Added sonarqube folder to gitignore
- Added modified Ory email-password template
- Added totp to show account name in kratos schema
- Disabled magic links for recovery in kratos config
- Enabled login only for verified emails in kratos config
- Disabled login after registration in kratos config

- Added default password config keys
- Added a 15 min lifespan to any use of codes eg verification, recovery
- Added a 15 min lifespan to verification and recovery URLs - match the code lifespan
- Modified verification flow to go to login page
- Added key to enable/disable registration in config
- Disabled leak sensitive values and replace with redacted text in logs
- Modified hashing cost
- Added default session key values
- Enforce MFA if set up

- Updated postgres version to current
- Added methods that are explictly disabled - oidc, webauthn
- Disabled changing protected profile fields

- Added hibp password defaults

- Modified Oathkeeper config

- Disabled exposed kratos ports

- Added read_only option to containers
- Dropped all container capabilities by default
- Enabled no new privileges for containers
- Modified log level to info
- Updated postgres container version
- Updated ports formatting as strings