Clarify https and baseurlpath even more.

Also mention under logging how this relates to loggingdir above.

It's just a module now.

This was a mixture of legacy supported options, some of them
deprecated, and data types, and also implemented differently
in some places than others.

This changes it once more but hopefully for the better:
* The value is always an array or null/unset.
* You can set it to a specific array to get a specific policy.
* You can leave it unset/null to keep the default policy.
* You can set it to the empty array to signal that you do not
want any policy to be sent.
* The string and bool types are no longer allowed.

All in all this means that we can make code much simpler, a lot
less if-branching, and also typewise make use of correct typehints.

The behaviour changes are as follows:
- We drop the already deprecated option to set it as a string
  (deprecated in 1.17).
- To not send the element you need to change false to [];
  this was not deprecated before but I believe setting it to
  false was already broken in master.

* Handle null value the same as unset

* Fix tests

* Remove obsolete if-statement

- Import SimpleSAML\Session twice case warnings.
- Remove other unused imports.

Bumps [json5](https://github.com/json5/json5) from 2.2.0 to 2.2.3.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](https://github.com/json5/json5/compare/v2.2.0...v2.2.3

)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Remove unused imports

* Extract child instruction and lower complexity

Add extra optional header template. This allows people to add extra header-lines without needing to override the base.twig template completely by creating _head.twig with their own meta/css/... lines. If the template is missing nothing is added.

* Fix return type
* Change how static $sessionHandler assigned so psalm
can detect it is no longer null.

Closes: #1732

It appears that the custom auth classes (i.e. UserPassBase) were moved from the modules/core/lib to modules/core/src.  Likewise, when creating a custom auth source, I found that the path in my module needs to match this path (e.g. modules/mymodule/src instead of modules/mymodule/lib).  Updated documentation page to reflect the change.

This would encode all attributes sent by the IdP (or decode received
by the SP) with base64. As far as I could deduce this is from the
early days of federation, used nowhere anymore, no one came forward
that did, but cannot get certainty. Best way to find out might just
be to drop it. We can easily reinstate it if some use case does turn
up.

Note that the IdP can still perform this behaviour with the more
generic attributeencodings feature.

Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.3 to 2.0.4.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md)
- [Commits](https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4

)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Change build-script to leverage composer archive

* No longer include data/ cache/ and log/ directories. They don't belong in the install-dir

* Remove unnecessary .gitkeep files

* Merge config&config-templates and metadata&metadata-templates; templates renamed to .dist

* Reduce git clone overhead

* Throw an exception if datadir not set

Co-authored-by: Thijs Kinkhorst <thijs@kinkhorst.com>