Changelog History
Page 2
-
v3.2.0 Changes
May 31, 2021โ Added
- PB-5054 French internationalization
- PB-5171 As logged-in user I can paginate the result of the users and resources index controllers
- PB-5854 As logged-in user I can save the locale of a user as account setting
- PB-5854 As admin I can save the locale the organization as organization setting
๐ Fixed
- ๐ PB-5523 Fix as system administrator I should see the healthcheck errors colored in red
- PB-5860 Fix password max length should be set to 4096 in resource type definitions
- PB-6031 Fix as LU I shouldn't get a fatal error when using a scalar instead of an array for some filters values
- PB-6131 Fix healthcheck error messages display
๐ Improved
- โ PB-5975 Test code with PHPStan - level 4
- Avatar table should use created and modified for timestamp and not created_at and modified_at
- ๐ Move avatar in database
๐ง Maintenance
- PB-5527 Migration to CakePHP4
๐ Security
- โ Remove X-XSS-Protection as per Cure53 audit recommendations
-
v3.1.0 Changes
March 17, 2021โ Added
- โ Add preview password plugin feature flag
-
v3.0.2 Changes
March 09, 2021๐ Fixed
- GITHUB-378 Fix healthcheck ssl fullBaseUrl check
- ๐ Fix email digest email preview should accept empty (null) template
- ๐ Fix send test email command should accept undefined username and password
-
v3.0.1 Changes
February 24, 2021๐ Fixed
- Fix resources population of resource_type_id field migration
-
v3.0.0 Changes
February 18, 2021๐ Deprecated
- โฌ๏ธ Drop support for API format v1, api-version parameter is deprecated
- โ Remove title from API response envelope format
- โฌ๏ธ Drop support for PHP < v7.3, application require PHP v7.3 by default
- โฌ๏ธ Drop support for Composer < v2, application requires Composer v2 by default
-
v2.13.5 Changes
July 30, 2019๐ Fixed
- ๐ Fix allow overriding rememberMe options in passbolt.php configuration file
- ๐ Fix all target blank link should contain rel noopener noreferrer
- ๐ Fix email sender, email subject should not exceed 255 characters.
- ๐ Fix secret access log on resource view with contain secret
- GITHUB-376 Fix missing route prefix on the recovery button
- GITHUB-373 Fix API format for create group (previously v1 instead of v2 format)
- GITHUB-372 Fix after modifying passwd, the modification time should be changed
- ๐ GITHUB-370 Fix metadata should be deleted for deleted resources
- GITHUB-369 Fix Notification Emails Have Wrong Tense In Subject/Body
- GITHUB-368 Clarify PHP extension requirements
- GITHUB-362 Fix wrong filename on healthcheck HELP message for assertConfigFiles
- ๐ GITHUB-356 As a user I shouldn't be able to export folders if export plugin is disabled
- GITHUB-350 Fix no mails are sent when providers offer AUTH PLAIN authentication only
- ๐ GITHUB-339 Fix web installer urls do not work when passbolt is installed in a directory
- ๐ Fix performance issues on resource / folder activity log
-
v2.13.1 Changes
July 06, 2019Song: https://youtu.be/tPBDMihPRJA
๐ This is a small maintenance release. It fixes a bug introduced with the latest release.
โ Thank you to everyone who helped us test and iron out the last kinks!
In other news, we just published an article on the blog to explain why passbolt requires an extension.
๐ Changelog
API
๐ Fixed
- PB-1372 Fix user setup completed admin email notification
-
v2.13.0 Changes
June 23, 2019Song: https://www.youtube.com/watch?v=JU5LMG3WFBw
๐ The team is pleased to announce the availability of Passbolt CE v2.13. This release includes new functionalities,
most notably the email digest functionality.Email digest
The email digest functionality will help you combine email notifications of the same
kind into one single message. So, it will group similar emails for a given user, for a given time period
๐ท (the frequency of passbolt email cronjob) or when a volume limit is reached. This will help reduce the
email notifications, especially when you import/share a lot of passwords at once.You can enable this feature by switching the following line in your server crontab:.
/var/www/passbolt/bin/cake EmailQueue.sender
To
/var/www/passbolt/bin/cake Passbolt/emailDigest.sender
โ You can also test the feature by calling it directly in the command line on your server.
Server key rotation
It is now possible to extend an expired server key and have the user accept the new server key without
performing an account recovery. When the key change, the user will be prompted to accept the new one.Migration to react
๐ Part of the work done with this release includes some major refactoring of the front end code
๐ as part of the migration process to React. So, you will see some other visual changes for example,
when loading the share dialog.๐ You can expect more visual changes in the upcoming releases.
๐ฅ Breaking changes
๐ Another notable change: as part of this release we upgraded the OpenPGP.js. This may be a breaking
๐ change if you are using old OpenPGP keys with unsecure 2-byte hash. If you use such a key we advise
you to try to re-export your private key from Gnupg to produce a more secure hash and perform an account recovery.๐ Changelog
API
โ Added
- ๐ PB-1168 Add baseline code and tests for Debian package build
- PB-1067 As a user I can receive digest emails when creating a lot of resources
- ๐ PB-1067 As a user I can receive digest emails when added/removed from a lot of groups
- PB-1284 Add tasks and services to re-validate existing data
๐ Improved
- ๐ Pro Styleguide version bump v2.13.13
- Appjs version bump v2.13.7
- โ PB-1046 Adapt Cleanup test runner to take in account cleanup that are adding records
- PB-1046 Adapt Cleanup shell task to allow external sources to add cleanup tasks
- ๐ PB-1046 Remove empty EmailTraits files
- โ Delete unused default keys (cleanup)
- โ Update to latest passbolt_test_data version.
- ๐จ Misc refactoring for email notifications
- ๐จ Misc refactoring to split model logic into services
- โ Clear plugins in tearDown of application test cases
๐ Fixed
- GITHUB-350 No mails are sent when providers offer AUTH PLAIN authentication only
- ๐ Fix appjs plugin requestUntilSuccess bug
- ๐ Fix load webinstaller plugin manually in plugin tests
- ๐ Fix composer php version.
- ๐ Fix misc checkstyle issues
- ๐ฒ PB-980: Fix "secret access logging in password activity log should not display other resources secret access after a multiple share"
-
v2.12.1 Changes
April 14, 2020๐ Release song
๐ Full release notes๐ This release contains a security fix, please update your server as soon as possible. Make sure you follow the minor update documentation to roll out this new version.
๐ This is a small maintenance release in order to update to jQuery v3.5. The library released an important security fix that could potentially result to an XSS in certain Passbolt setups where Content Security Policy (CSP) was disabled by the user. You can learn more about the issue here.
๐ Passbolt team is currently busy finalizing a release candidate with some new major features. You can learn more about it in our last blog post.
We hope you are safe.
๐ Fixed
- โก๏ธ PB-1209: Update client dependencies
-
v2.12.0 Changes
December 06, 2019๐ Release song
๐ Full release notes๐ This release is mainly a maintenance release. It ships with several fixes, mainly regarding the web extension.
๐ The previously published extension version contained some security fix for an issue in the quick access suggestion system reported by security researcher Rene Kroka.
You can learn more about it on the incident page.It also ships with a much demanded improvement: the possibility to resend a new invitation to a user.
โก๏ธ We hope youโll enjoy this update!
What next? The team focus is currently on the upcoming folders feature.
It is taking a substantial amount of energy to implement but the result should be matching your expectations.
It is now a matter of weeks before the feature is available. If you are interested to know how it will work, you can have a look at the specifications (feedback is welcome).
The screenshot below will give you a glimpse of its look and feel:The team wishes you great end-of-year celebrations, merry christmas & happy new year in advance, and good holidays if you are lucky enough to take some!
API
โ Added
- PB-687: As an admin I can resend an invitation for a user that didn't complete the setup
๐ Improved
- โก๏ธ PB-893: Update CakePHP to v3.8.6
๐ Fixed
- PB-771: Added purify subject for the email subscribers
- ๐ PB-856: Added migration fix to remove unused tables
- โฑ GITHUB-84: Fix gc_maxlifetime versus Session.timeout units
๐ Web extension
๐ Improved
- โก๏ธ PB-878: Update OpenPGP.js to v4.7
- 0๏ธโฃ PB-649: The quickaccess passphrase field text and background colors should remain as default when the field is not focused.
๐ Fixed
- PB-883: The quickaccess should filter passwords by uri protocol and port if provided.
- PB-766: Fix 414 server issues for features that work with batch of resources. Reduce the size of the batches.