From ebcf71c30cf6ab0f2cb9caf95884294fd4458913 Mon Sep 17 00:00:00 2001
From: anjalitelang <49958114+anjaltelang@users.noreply.github.com>
Date: Tue, 18 Jan 2022 10:34:09 -0500
Subject: [PATCH 1/2] Update ROADMAP.md

Proposed changes based on multiple tracks of work- Compliance, IDP features
---
 ROADMAP.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ROADMAP.md b/ROADMAP.md
index 4cf5e5b4..6b7eb097 100644
--- a/ROADMAP.md
+++ b/ROADMAP.md
@@ -40,7 +40,9 @@ Last Updated: Sept 2021
 |Improving Security Posture|Supervisor token refresh fails when the upstream user is in an invalid state for LDAP/AD |Jan 2022|
 |Improving Security Posture|Set stricter default TLS versions and Ciphers |Jan 2022|
 |Improving Security Posture|Support FIPS compliant Boring crypto libraries |Feb 2022|
-|Improving Security Posture|Support Audit logging of security events related to Authentication |March 2022|
+|Multiple IDP support|Support multiple IDPs configured on a single Supervisor|March/April 2022|
+|Improving Security Posture|TLS hardening |March/April 2022|
+|Improving Security Posture|Support Audit logging of security events related to Authentication |April/May 2022|
 |Improving Security Posture|mTLS for Supervisor sessions |Exploring/Ongoing|
 |Improving Security Posture|Key management/rotation for Pinniped components with minimal downtime |Exploring/Ongoing|
 |Improving Security Posture|Support for Session Logout |Exploring/Ongoing|
@@ -52,7 +54,6 @@ Last Updated: Sept 2021
 |Improving Security Posture|Client side use of Secure Enclaves for Session data |Exploring/Ongoing|
 |Improving Security Posture|Enforce the use of HTTP Strict Transport (HSTS) |Exploring/Ongoing|
 |Improving Security Posture|Assert that Pinniped runs under the restricted PSP version2 levels  |Exploring/Ongoing|
-|Multiple IDP support|Support multiple IDPs configured on a single Supervisor|Exploring/Ongoing|
 |Wider Concierge cluster support|Support for OpenShift cluster types in the Concierge|Exploring/Ongoing|
 |Identity transforms|Support prefixing, filtering, or performing coarse-grained checks on upstream users and groups|Exploring/Ongoing|
 |CLI SSO|Support Kerberos based authentication on CLI |Exploring/Ongoing|

From 6143d665044c05cf15007b17bb64dd568ba928b7 Mon Sep 17 00:00:00 2001
From: Ryan Richard <richardry@vmware.com>
Date: Tue, 18 Jan 2022 10:06:53 -0800
Subject: [PATCH 2/2] Increase timeout on linter for when CI gets slow

---
 hack/module.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hack/module.sh b/hack/module.sh
index 8f64cd39..b421c7b2 100755
--- a/hack/module.sh
+++ b/hack/module.sh
@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 
-# Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
+# Copyright 2020-2022 the Pinniped contributors. All Rights Reserved.
 # SPDX-License-Identifier: Apache-2.0
 
 set -euo pipefail
@@ -13,7 +13,7 @@ function tidy_cmd() {
 }
 
 function lint_cmd() {
-  echo "golangci-lint run --modules-download-mode=readonly --timeout=10m"
+  echo "golangci-lint run --modules-download-mode=readonly --timeout=15m"
 }
 
 function test_cmd() {