The bake recipt was missing the single `:alpine` tag for the alpine
builds when we were releasing a `stable/latest` version of Vaultwarden.

This PR fixes this by checking for those conditions and add the
`:alpine` tag too.

We will keep the `:latest-alpine` also, which i find even nicer then just
`:alpine`

Fixes #4035

When importing Bitwarden JSON exports, these would fail because the last
modification date was also imported and caused our out-off-sync check to
kick-in. This PR fixes this by checking if we are doing an import, and
skip this check.

Fixes #4005

* ci: add trivy workflow

to ensure critical and high vulnerabilties are detected quickly

* push trivy-action to 0.13.1

MariaDB/MySQL doesn't like the normal `"` quotes around the column name.
This needs to be a backtick **`**.

This PR changes the migration script to fix this issue.

Fixes #3993

* WIP: Container building changes

* Small updates

- Updated to rust 1.73.0
- Updated crates
- Updated documentation
- Added a bake.sh script to make baking easier

* Update GitHub Actions Workflow

- Updated workflow to use qemu and buildx bake

In the future i would like to extract the alpine based binaries and add
them as artifacts to the release.

* Address review remarks and small updates

- Addressed review remarks
- Added `podman-bake.sh` script to build Vaultwarden with podman
- Updated README
- Updated crates
- Added `VW_VERSION` support
- Added annotations
- Updated web-vault to v2023.9.1

* Update twofactor_email.hbs subject line to avoid triggering gmail content filter

Previous subject line was triggering Google's spam blocker, breaking the 2FA setup process if a gmail SMTP server is configured.  The new subject line does not (currently) run afoul of Google's filter.

* Update twofactor_email.html.hbs subject line to avoid triggering gmail content filter

Previous subject line was triggering Google's spam blocker, breaking the 2FA setup process if a gmail SMTP server is configured.  The new subject line does not (currently) run afoul of Google's filter.

* Update twofactor_email.hbs

Changed "Confirmation" to "Verification" for the sake of internal consistency

* Update twofactor_email.hbs

* Update twofactor_email.html.hbs

New config option disable email change

Fix External ID not set during DC Sync

Reopen log file on SIGHUP

While working on the fix I realised the location where the `external_id`
is stored was wrong. It was stored in the `users` table, but it actually
should have been stored in the `users_organizations` table.

This will move the column to the right table. It will not move the
values of the `external_id` column, because if there are more
organizations, there is no way to really know which organization it is
linked to. Setups using the Directory Connector can clear the sync
cache, and sync again, that will store all the `external_id` values at
the right location.

Also changed the function to revoke,restore an org-user and set_external_id to return a boolean.
It will state if the value has been changed or not, and if not, we can
prevent a `save` call to the database.

The `users` table is not changed to remove the `external_id` column, thi
to prevent issue when users want to revert back to an earlier version
for some reason. We can do this after a few minor release i think.

Fixes #3777

Adds LastActive on /admin/users API route

Fix small issues

README.md: Fix grammar nit

Remove unnecessary variable clone

The PostgreSQL migrations do not need this setting.
I tested this by running an old Vaultwarden instance (v1.18.0) on a new
PostrgreSQL database, created a few users and some vault items, after
that run the new code and it doesn't break.

Fixes #3930

During a WebSocket connection we currently also send several headers
which could cause issues with some reverse proxy, or with the CloudFlare
tunnel for example. This PR resolves these issues.

Fixes #3881

filter handlebars logs

csp: rename anonaddy.com to addy.io

Fix typos

Fix arm builds

Because of some changes in the packages of Debian we need to add an
extra package to request it also to install

Update GitHub Workflow

- Updated GitHub actions
- Fixed an issue with testing MSRV (It didn't)

Fix Login With Device without MasterPassword