35.  Add a password reset mechanism.  Turned off by default - enabled by a setting
       and configurable under the Setup/Access control panel.  There should be a warning
       that it is turned on in the security scan.  All password resets should be logged.
       Password resets should be disabled for any user with Admin, Setup, or UV-Push
       privileges.  Perhaps password-reset should be a three-level setting:
       (1) Off (the default).  (2) On.  (3) Message sent to moderators who much approve
       the reset before it is accomplished.

  36.  Thin clones →  For testing on a transient VPS (or using docker) it would be nice
       to be able to say:  "`fossil open https://sqlite.org/src`" without it cloning *everything*.
       In other words, it only pulls down enough to open the latest version.