Cap based on how long the scan has been running not just number of users
The length of the scan can vary wildly, so a cap on users isn't sufficient.
- Add a
limits.max_scan_duration
configuration option. - Before starting to scan a new user, check this duration hasn't already been exceeded. Stop if it has.