All Versions
70
Latest Version
Avg Release Cycle
73 days
Latest Release
613 days ago

Changelog History
Page 2

  • v3.2.0 Changes

    May 31, 2021

    โž• Added

    • PB-5054 French internationalization
    • PB-5171 As logged-in user I can paginate the result of the users and resources index controllers
    • PB-5854 As logged-in user I can save the locale of a user as account setting
    • PB-5854 As admin I can save the locale the organization as organization setting

    ๐Ÿ›  Fixed

    • ๐Ÿ‘€ PB-5523 Fix as system administrator I should see the healthcheck errors colored in red
    • PB-5860 Fix password max length should be set to 4096 in resource type definitions
    • PB-6031 Fix as LU I shouldn't get a fatal error when using a scalar instead of an array for some filters values
    • PB-6131 Fix healthcheck error messages display

    ๐Ÿ‘Œ Improved

    • โœ… PB-5975 Test code with PHPStan - level 4
    • Avatar table should use created and modified for timestamp and not created_at and modified_at
    • ๐Ÿšš Move avatar in database

    ๐Ÿšง Maintenance

    • PB-5527 Migration to CakePHP4

    ๐Ÿ”’ Security

    • โœ‚ Remove X-XSS-Protection as per Cure53 audit recommendations

  • v3.1.0 Changes

    March 17, 2021

    โž• Added

    • โž• Add preview password plugin feature flag

  • v3.0.2 Changes

    March 09, 2021

    ๐Ÿ›  Fixed

    • GITHUB-378 Fix healthcheck ssl fullBaseUrl check
    • ๐Ÿ›  Fix email digest email preview should accept empty (null) template
    • ๐Ÿ›  Fix send test email command should accept undefined username and password

  • v3.0.1 Changes

    February 24, 2021

    ๐Ÿ›  Fixed

    • Fix resources population of resource_type_id field migration

  • v3.0.0 Changes

    February 18, 2021

    ๐Ÿ—„ Deprecated

    • โฌ‡๏ธ Drop support for API format v1, api-version parameter is deprecated
    • โœ‚ Remove title from API response envelope format
    • โฌ‡๏ธ Drop support for PHP < v7.3, application require PHP v7.3 by default
    • โฌ‡๏ธ Drop support for Composer < v2, application requires Composer v2 by default

  • v2.13.5 Changes

    July 30, 2019

    ๐Ÿ›  Fixed

    • ๐Ÿ›  Fix allow overriding rememberMe options in passbolt.php configuration file
    • ๐Ÿ›  Fix all target blank link should contain rel noopener noreferrer
    • ๐Ÿ›  Fix email sender, email subject should not exceed 255 characters.
    • ๐Ÿ›  Fix secret access log on resource view with contain secret
    • GITHUB-376 Fix missing route prefix on the recovery button
    • GITHUB-373 Fix API format for create group (previously v1 instead of v2 format)
    • GITHUB-372 Fix after modifying passwd, the modification time should be changed
    • ๐Ÿ“‡ GITHUB-370 Fix metadata should be deleted for deleted resources
    • GITHUB-369 Fix Notification Emails Have Wrong Tense In Subject/Body
    • GITHUB-368 Clarify PHP extension requirements
    • GITHUB-362 Fix wrong filename on healthcheck HELP message for assertConfigFiles
    • ๐Ÿ”Œ GITHUB-356 As a user I shouldn't be able to export folders if export plugin is disabled
    • GITHUB-350 Fix no mails are sent when providers offer AUTH PLAIN authentication only
    • ๐ŸŒ GITHUB-339 Fix web installer urls do not work when passbolt is installed in a directory
    • ๐Ÿ›  Fix performance issues on resource / folder activity log

  • v2.13.1 Changes

    July 06, 2019

    Song: https://youtu.be/tPBDMihPRJA

    ๐Ÿš€ This is a small maintenance release. It fixes a bug introduced with the latest release.

    โœ… Thank you to everyone who helped us test and iron out the last kinks!

    In other news, we just published an article on the blog to explain why passbolt requires an extension.

    ๐Ÿ”„ Changelog

    API

    ๐Ÿ›  Fixed

    • PB-1372 Fix user setup completed admin email notification

  • v2.13.0 Changes

    June 23, 2019

    Song: https://www.youtube.com/watch?v=JU5LMG3WFBw

    ๐Ÿš€ The team is pleased to announce the availability of Passbolt CE v2.13. This release includes new functionalities,
    most notably the email digest functionality.

    Email digest

    The email digest functionality will help you combine email notifications of the same
    kind into one single message. So, it will group similar emails for a given user, for a given time period
    ๐Ÿ‘ท (the frequency of passbolt email cronjob) or when a volume limit is reached. This will help reduce the
    email notifications, especially when you import/share a lot of passwords at once.

    You can enable this feature by switching the following line in your server crontab:.
    /var/www/passbolt/bin/cake EmailQueue.sender

    To
    /var/www/passbolt/bin/cake Passbolt/emailDigest.sender

    โœ… You can also test the feature by calling it directly in the command line on your server.

    Server key rotation

    It is now possible to extend an expired server key and have the user accept the new server key without
    performing an account recovery. When the key change, the user will be prompted to accept the new one.

    Migration to react

    ๐Ÿš€ Part of the work done with this release includes some major refactoring of the front end code
    ๐Ÿ‘€ as part of the migration process to React. So, you will see some other visual changes for example,
    when loading the share dialog.

    ๐Ÿš€ You can expect more visual changes in the upcoming releases.

    ๐Ÿ’ฅ Breaking changes

    ๐Ÿš€ Another notable change: as part of this release we upgraded the OpenPGP.js. This may be a breaking
    ๐Ÿ”„ change if you are using old OpenPGP keys with unsecure 2-byte hash. If you use such a key we advise
    you to try to re-export your private key from Gnupg to produce a more secure hash and perform an account recovery.

    ๐Ÿ”„ Changelog

    API

    โž• Added

    • ๐Ÿ— PB-1168 Add baseline code and tests for Debian package build
    • PB-1067 As a user I can receive digest emails when creating a lot of resources
    • ๐Ÿšš PB-1067 As a user I can receive digest emails when added/removed from a lot of groups
    • PB-1284 Add tasks and services to re-validate existing data

    ๐Ÿ‘Œ Improved

    • ๐Ÿ’… Pro Styleguide version bump v2.13.13
    • Appjs version bump v2.13.7
    • โœ… PB-1046 Adapt Cleanup test runner to take in account cleanup that are adding records
    • PB-1046 Adapt Cleanup shell task to allow external sources to add cleanup tasks
    • ๐Ÿšš PB-1046 Remove empty EmailTraits files
    • โœ‚ Delete unused default keys (cleanup)
    • โœ… Update to latest passbolt_test_data version.
    • ๐Ÿ”จ Misc refactoring for email notifications
    • ๐Ÿ”จ Misc refactoring to split model logic into services
    • โœ… Clear plugins in tearDown of application test cases

    ๐Ÿ›  Fixed

    • GITHUB-350 No mails are sent when providers offer AUTH PLAIN authentication only
    • ๐Ÿ›  Fix appjs plugin requestUntilSuccess bug
    • ๐Ÿ›  Fix load webinstaller plugin manually in plugin tests
    • ๐Ÿ›  Fix composer php version.
    • ๐Ÿ›  Fix misc checkstyle issues
    • ๐ŸŒฒ PB-980: Fix "secret access logging in password activity log should not display other resources secret access after a multiple share"

  • v2.12.1 Changes

    April 14, 2020

    ๐Ÿš€ Release song
    ๐Ÿš€ Full release notes

    ๐Ÿ“š This release contains a security fix, please update your server as soon as possible. Make sure you follow the minor update documentation to roll out this new version.

    ๐Ÿš€ This is a small maintenance release in order to update to jQuery v3.5. The library released an important security fix that could potentially result to an XSS in certain Passbolt setups where Content Security Policy (CSP) was disabled by the user. You can learn more about the issue here.

    ๐Ÿš€ Passbolt team is currently busy finalizing a release candidate with some new major features. You can learn more about it in our last blog post.

    We hope you are safe.

    ๐Ÿ›  Fixed

    • โšก๏ธ PB-1209: Update client dependencies

  • v2.12.0 Changes

    December 06, 2019

    ๐Ÿš€ Release song
    ๐Ÿš€ Full release notes

    ๐Ÿš€ This release is mainly a maintenance release. It ships with several fixes, mainly regarding the web extension.
    ๐Ÿ”’ The previously published extension version contained some security fix for an issue in the quick access suggestion system reported by security researcher Rene Kroka.
    You can learn more about it on the incident page.

    It also ships with a much demanded improvement: the possibility to resend a new invitation to a user.

    Resend invitation menu screen

    โšก๏ธ We hope youโ€™ll enjoy this update!

    What next? The team focus is currently on the upcoming folders feature.
    It is taking a substantial amount of energy to implement but the result should be matching your expectations.
    It is now a matter of weeks before the feature is available. If you are interested to know how it will work, you can have a look at the specifications (feedback is welcome).
    The screenshot below will give you a glimpse of its look and feel:

    Folders feature overview screen

    The team wishes you great end-of-year celebrations, merry christmas & happy new year in advance, and good holidays if you are lucky enough to take some!

    API

    โž• Added

    • PB-687: As an admin I can resend an invitation for a user that didn't complete the setup

    ๐Ÿ‘Œ Improved

    • โšก๏ธ PB-893: Update CakePHP to v3.8.6

    ๐Ÿ›  Fixed

    • PB-771: Added purify subject for the email subscribers
    • ๐Ÿšš PB-856: Added migration fix to remove unused tables
    • โฑ GITHUB-84: Fix gc_maxlifetime versus Session.timeout units

    ๐ŸŒ Web extension

    ๐Ÿ‘Œ Improved

    • โšก๏ธ PB-878: Update OpenPGP.js to v4.7
    • 0๏ธโƒฃ PB-649: The quickaccess passphrase field text and background colors should remain as default when the field is not focused.

    ๐Ÿ›  Fixed

    • PB-883: The quickaccess should filter passwords by uri protocol and port if provided.
    • PB-766: Fix 414 server issues for features that work with batch of resources. Reduce the size of the batches.