Passbolt changelog

Changelog History

Page 5

• v2.0.1 Changes

  April 09, 2018

  🛠 Fixed

  • GITHUB-239: Fix unsafe mode logic
  • 🔌 GITHUB-240: Make sure unconfigured 'passbolt.plugins' doesn't break the extension
  • PASSBOLT-2511: Improve healthcheck tables list so that tables are listed per major version number

• v2.0.0 Changes

  April 09, 2018

  ➕ Added

  • 🔧 PASSBOLT-2725: Implement start page when passbolt is not configured
  • ⚡️ PASSBOLT-2740: Update <3 link and add unsafe mode warning
  • PASSBOLT-2697: Add passbolt migrate shell with backup option prior migration
  • 🔧 PASSBOLT-2803: Make the privacy policy footer link configurable in the settings
  • 🚚 PASSBOLT-2720 Move dev dependencies out of the passbolt_api repo
  • 🚚 PASSBOLT-2511: passbolt pro bootstrap is moved in a separate folder

  🛠 Fixed

  • GITHUB-229: Fix passbolt can not run in a subdirectory
  • COMMUNITY-533: Fix plaintext should be initialized prior verification
  • 🔌 PASSBOLT-2776: Fix: As AN, settings entry point should be able to have plugins settings whitelisted
  • PASSBOLT-2762: Fix unexpected error on resource share
  • ✅ PASSBOLT-2754: Change the way to define if passbolt is installed while running the unit tests
  • PASSBOLT-2571: Delete secrets when a password is soft deleted
  • ✅ PASSBOLT-2688: Fix healtcheck warning if the development plugin passbolt_test_data is not loaded
  • PASSBOLT-2711: Delete orphans secrets
  • PASSBOLT-2678: Edit Appjs API calls to use version number
  • PASSBOLT-2694: Improve GPG lib to handle private keys validation
  • PASSBOLT-2744: Favorites delete on group user delete
  • ⚡️ PASSBOLT-2743: Favorites delete on permissions update
  • PASSBOLT-2705: Increase coverage, ensure all users who lost access to a resource have no a secret in db for this resource
  • PASSBOLT-2735: Display a specific message if a sidebar section has not content to display
  • PASSBOLT-2664: Change cakephpConfig into settings entry point and adjusted app-js to work with it

• v2.0.0-rc2 Changes

  February 20, 2018

  ➕ Added

  • 🔧 PASSBOLT-2638: Added command to test email configuration and SMTP communication
  • PASSBOLT-2608: Implement Sidebar v2 in the Appjs
  • PASSBOLT-2660: Add codacy badge
  • PASSBOLT-1741: Add more GPG healthchecks
  • PASSBOLT-1741: Add PHP extension checks to the healthcheck
  • ⬆️ PASSBOLT-2597: Add check before upgrade to ensure passbolt is already in latest 1.x
  • 0️⃣ PASSBOLT-2631: Add an env var to control which email transport to use and defaults to Smtp
  • PASSBOLT-2601: Add Travis v2: phpunit, coverage, phpcs

  🛠 Fixed

  • 🛠 PASSBOLT-2618: Fixes for PHP 7.2 compatibility
  • 🛠 PASSBOLT-2624: PR#219 Fixed use CONFIG instead of "ROOT . DS . 'config'"
  • 🔧 PASSBOLT-2631: Fixed default class for EmailTransport to Smtp in configuration
  • 🛠 PASSBOLT-2640: Fixed incomplete urls in email templates
  • 🛠 PASSBOLT-2640: Fixed escaping of non safe characters in emails
  • 🛠 PASSBOLT-2667: Fixed regression: create a user that has been deleted previously returns an error
  • 🛠 PASSBOLT-2673: Fixed regression: as AD I cannot create a group with the name of previously deleted group
  • 🛠 PASSBOLT-2545: Fixed regression: As AD deleting a group I should be notified that all members of the group gonna lose access to the passwords shared with the group
  • 🛠 PASSBOLT-2139: Fixed check sessions calls are logged as error
  • 🛠 PASSBOLT-2139: Fixed not found image on password workspace
  • 🛠 PASSBOLT-1741: Fixed set license to AGPL-3.0-or-later for composer compatibility
  • 🛠 PASSBOLT-2589: Fixed App-js should check request response code from the http response header and not from the body header
  • 🛠 PASSBOLT-2533: Fixed resource name, username, uri, description min length should be 1 char not 3
  • 🚚 PASSBOLT-2660: Fixed remove flash message from login layout

• v2.0.0-rc1 Changes

  January 12, 2018

  🔒 Security

  • ✅ XSS protection improvements, with a new test suite dedicated for XSS.
  • 🔒 HTTP security headers are enabled by default and can be disabled using configuration options.
  • Json responses server signature (experimental).

  👌 Improved

  • An expired setup link can be re-sent through the recovery procedure.
  • ⬇️ Dropped SQL views (will allow supporting additional database backends).
  • 🔧 Simplified configuration system. The entire configuration will be done in one dedicated file with safer defaults.
  • 🔧 Most configuration items are now available as environment variables.
  • Install commands perform additional health checks prior to running.
  • 🚚 CakePHP and other dependencies have been removed from the repository and are now installed with composer.
  • More flexible validation rules for inputs in most fields.
  • 👍 Emojis support where it make sense (comments, descriptions, etc).
  • Some notifications will not be sent if the user is the one doing the action (ex. delete password).
  • The App-JS code is now available on a dedicated repository.
  • 🔨 Misc javascript foundation code refactoring.
  • ➕ Added missing tables index to speed up some database queries.
  • “Owner” has been replaced by “Created by” in the password sidebar to be more relevant.
  • 📚 API supports a more standard response format (documentation coming soon).
  • ➕ Additional settings for controlling what is displayed in email notifications.
  • ➕ Added created date information in password sidebar.

  🔄 Changed

  • Passbolt api migration to CakePHP 3.
  • 👍 PHP 7.0 is now the minimum supported version.
  • ⬇️ Dropped table “controller_logs”. It will be soon replaced by the Audit Logs feature.
  • ⬇️ Dropped table “schema_migrations”.
  • ⬇️ Dropped table “cake_sessions”.
  • ⬇️ Dropped “anonymous statistics” feature (nobody opted in…).

  🛠 Fixed

  • “Passwords I own” filter displays all the passwords for which I have “is owner” permission.
  • An admin can delete a user if the user is the sole group member of a group owning passwords that are not shared.
  • An admin can delete a user if the user is the sole owner of a password that is not shared.

• v1.6.9 Changes

  January 12, 2018

  🛠 Fixed

  • 0️⃣ PASSBOLT-2599: PR#209: Expose the 'client' variable in the default email conf
  • 🚚 PASSBOLT-2599: PR#211: Remove stray apostrophe in the filter by group component
  • 🚚 PASSBOLT-2599: PR#214: Remove html purifier submodule
  • ✏️ PASSBOLT-2599: PR#208: Fix typos in emails
  • PASSBOLT-2599: PR#159: Rename license file
  • 🛠 PASSBOLT-2599 Fixed Travis
  • ✅ PASSBOLT-1453: Add optional predictable UUID for auth token in selenium testing
  • PASSBOLT-2474 New contributing guidelines for community forum

• v1.6.5 Changes

  September 12, 2017

  ➕ Added

  • PASSBOLT-2383: Add + and \ to the list of allowed characters for the Resource fields: name, username and description

  🛠 Fixed

  • PASSBOLT-2371: Force the charset of the cake_sessions table in utf8
  • PASSBOLT-2325: As system administrator I shouldn't be able to execute passbolt CLI commands as root
  • 👀 PASSBOLT-2397: As system administrator I should see in the healthcheck if app/tmp content and app/webroot/img/public content are writable
  • 👀 PASSBOLT-1991: As system administrator I should see in the healthcheck if the server key can be used for encrypting/decrypting

  🔒 Security

  • PASSBOLT-2409: Noopener on resource url in password workspace
  • PASSBOLT-2402: XSS on resource url in password workspace

• v1.6.4 Changes

  August 31, 2017

  🛠 Fixed

  • PASSBOLT-2358: As a user registering on the demo instance I must understand the disclaimer

• v1.6.3 Changes

  August 21, 2017

  🛠 Fixed

  • 🔀 PASSBOLT-2316: Merge the selenium & phpunit dummy data sets
  • PASSBOLT-2317: Speed up dummy secret creation task
  • 🐎 PASSBOLT-2327: Add a large set of dummy data for performance testing
  • PASSBOLT-2282: As admin on the user workspace, I should be able to distinguish visually the users who haven't activated their account yet

• v1.6.2 Changes

  August 12, 2017

  ➕ Added

  • PASSBOLT-2284: As an administrator I can set which notifications are enabled for my organization #98
  • PASSBOLT-2284: As an administrator I can prevent encrypted secret or username to be sent in email notification #114

  🛠 Fixed

  • 🚚 PASSBOLT-2301: Remove additional slashes in passbolt.js urls such as model/users::find #142
  • PASSBOLT-2270: Fix modified_by not set on resource edit regression
  • PASSBOLT-2271: Fix no wrap issue on resource description
  • PASSBOLT-1943: As an administrator I should not be able to install passbolt on a hostname that is not RFC3986 compliant
  • PASSBOLT-1937: As an administrator I should not be be able to install passbolt with a server key without an email id
  • 🔨 PASSBOLT-2002: Refactor install script to reuse healthcheck library

• v1.6.1 Changes

  July 26, 2017

  ➕ Added

  • PASSBOLT-2147: As a group member I should receive a notification when my role in the group has changed
  • PASSBOLT-2148: As a group manager I should receive a notification when a user who is part of one (or more) groups I manage is deleted
  • PASSBOLT-2225: As a demo user it should be explicit that I need to use a throway email account
  • PASSBOLT-2133: As LU I should be able to filter passwords by group on the passwords workspace
  • 👀 PASSBOLT-2012: As a user I can see which groups a user is a member of from the sidebar

  🛠 Fixed

  • PASSBOLT-2171: The group list component should be marked as ready once the API request is completed
  • ⚡️ PASSBOLT-2172: Newly added group manager shouldn't receive the group update summary notification
  • PASSBOLT-2174: Edit group dialog should be marked as ready if an admin edit a group the admin is not group manager
  • PASSBOLT-2155: As AD I shouldn't be able to delete as user if the user is the sole group manager of a group
  • 🚚 PASSBOLT-2075: Users should be removed from the groups they are member of after a soft delete operation
  • PASSBOLT-1934: GITHUB-40, GITHUB-120: As a user I should be allowed to add the a ldap path as username
  • PASSBOLT-2156: GITHUB-94: As a user I should be allowed to add text in JSON format in the description
  • PASSBOLT-2122: GITHUB-85: Username should be Minimum 1 characters in length (and not 3)
  • PASSBOLT-2180: GITHUB-85: As a user I should be allowed to add a space in a resource username
  • PASSBOLT-2125: GITHUB-86: As a logged in user creating/editing a password I should be able to use new line characters in the description
  • PASSBOLT-2188: Regression: As LU when I search for a user it shouldn't make an API request
  • ⚡️ PASSBOLT-2234: Regression: As newly added GM I shouldn't receive the group update summary when I'm just added as GM
  • PASSBOLT-2235: As AD editing a group the dialog shouldn't be marked as ready until the members list is loaded
  • PASSBOLT-2105: Anonymous statistics: fix "Warning Error: file_put_contents" issue at installation
  • ⚡️ PASSBOLT-2005: PR#44: Update allowed characters in a uri

• « First
• ‹ Prev
• 1
• 2
• 3
• 4
• 5
• 6
• 7
• Next ›
• Last »