Zombie

Release song: https://www.youtube.com/watch?v=6Ejga4kJUts

Version 4.4 of the Community Edition has launched with new capabilities and improvements.

With this release, users are able to manage TOTPs directly from the browser, providing an extended TOTP experience across all their devices. They can now be created, deleted, organised and shared with others just like any other resource type.

Another highlight of this release, administrators now have the ability to suspend/unsuspend users. This new feature will offer administrators with more control over access management of their instance. By example, they will be able to prevent access to the passbolt instance for users in temporary leave, therefore enforce company policies.

And that's not all – a number of fixes and enhancements have been implemented to improve user experience. Among them, notification emails are now aggregated in certain cases, including limiting emails when a user imports a large amount of passwords.

If you’re a system operator, please note that using older PHP versions will now trigger a healthcheck warning. Support for PHP 7.4 and 8.0 will be discontinued soon. Admins are encouraged to upgrade to PHP 8.1 or higher and use the latest version of the passbolt API.

Get the most out of passbolt – upgrade to version 4.4. Thanks for continuing to support passbolt and for being part of the community!

[4.4.0] - 2023-11-07

Added

• PB-27773 As an administrator I can deny access to the mobile setup screen with RBAC
• PB-27951 As system operator I should be warned in the healthcheck when using PHP < 8.1, as support for PHP versions 7.4 and 8.0 will soon be removed

Improved

• PB-27948 Guest identification by their username should be case-insensitive, unless specified in configuration
• PB-27957 Send notifications to all administrators when an administrator is deleted
• PB-27941 Send notifications to administrators when an administrator loses its administrator role
• PB-28171 Enable the email digest by default

Security

• PB-28274 Fixes an XSS Security issue with mail content sanitization

Fixed

• PB-25477 As an administrator, I should be able to recreate a user with an email that exists in the db via the command line
• PB-27799 As an administrator installing passbolt on PostgreSQL, the database encoding should be set to utf-8
• PB-27857 Fix help site release notes automation by adding flavour on help site release notes merge request

Maintenance

• PB-27932 Improve code static by using cakedccakephp/phpstan
• PB-28079 Remove deprecation warnings from the test suite

Zombie

Release song: https://www.youtube.com/watch?v=6Ejga4kJUts

Hey community members,

Prepare for an exciting update! 🥁

Passbolt is thrilled to announce that the v4.4.0 Release Candidate is officially available for testing.

The best part? All you have to do is head to GitHub and dive in! Of course, you have to make sure to follow the steps here. As always, your feedback is invaluable, please share and report any issues you come across.

Enjoy the testing journey! ♥️

[4.4.0-rc.1] - 2023-11-03

Added

• PB-27773 As an administrator I can deny access to the mobile setup screen with RBAC
• PB-27951 As system operator I should be warned in the healthcheck when using PHP < 8.1, as support for PHP versions 7.4 and 8.0 will soon be removed

Improved

• PB-27948 Guest identification by their username should be case-insensitive, unless specified in configuration
• PB-27957 Send notifications to all administrators when an administrator is deleted
• PB-27941 Send notifications to administrators when an administrator loses its administrator role
• PB-28171 Enable the email digest by default

Security

• PB-28274 Fixes an XSS Security issue with mail content sanitization

Fixed

• PB-25477 As an administrator, I should be able to recreate a user with an email that exists in the db via the command line
• PB-27799 As an administrator installing passbolt on PostgreSQL, the database encoding should be set to utf-8
• PB-27857 Fix help site release notes automation by adding flavour on help site release notes merge request

Maintenance

• PB-27932 Improve code static by using cakedccakephp/phpstan
• PB-28079 Remove deprecation warnings from the test suite

No One Knows

Release song: https://youtu.be/s88r_q7oufE

Introducing the newest release of passbolt – get to know version 4.3

This update extends the portability of TOTP (Time Based One Time Password) content. You can now access TOTP items from passbolt’s mobile app and web interface. While the ability to create a TOTP is still limited to mobile, this update lets you view them through the browser, adding to its flexibility and usability.

Improvements have also been made to the customisation of the grid in the password workspace. This update makes edits to the grid persistent, meaning that changes will now be saved between sessions. To further improve overall usability, an optional column for TOTP has also been added.

Thank you for using passbolt, for contributing to the vision, and your feedback.

[4.3.0] - 2023-09-26

Added

• PB-25405 As an administrator installing passbolt through the web installer, I should be able to configure authentication method for SMTP
• PB-25185 As a signed-in user on the browser extension, I want to export my account to configure the Windows application
• PB-25944 As an administrator I can define the schema on installation with Postgres
• PB-25497 As an administrator I can disable users (experimental)

Improved

• PB-25999 Performance optimisation of update secret process
• PB-26097 Adds cake.po translation files for all languages supported by CakePHP

Security

• PB-25827 As a user with encrypted message enabled in the email content visibility, I would like to see the gpg message encrypted with my key when a password is updated

Fixed

• PB-25802 As a user I want to see localized date in my emails
• PB-25863 Fix emails not sent due to message-id header missing
• PB-27799 As an administrator installing passbolt on PostgreSQL, the database encoding should be set to utf-8

Maintenance

• PB-25894 Run CI on postgres versions 13 and 15 instead of version 12 only
• PB-25969 As a developer, I can render emails in tests with html special chars
• PB-26107 Upgrade the cakephp/chronos library
• PB-26159 Update singpolyma/openpgp-php to improve compatibility with PHP 8.2
• PB-25247 Add integration tests on the MFA select provider endpoint

No One Knows

Release song: https://youtu.be/s88r_q7oufE

Hey community members,

Prepare for an exciting update! 🥁

Passbolt is thrilled to announce that the v4.3.0 Release Candidate is officially available for testing.

The best part? All you have to do is head to GitHub and dive in! Of course, you have to make sure to follow the steps here. As always, your feedback is invaluable, please share and report any issues you come across.

Enjoy the testing journey! ♥️

[4.3.0-rc.1] - 2023-09-21

Added

• PB-25405 As an administrator installing passbolt through the web installer, I should be able to configure authentication method for SMTP
• PB-25185 As a signed-in user on the browser extension, I want to export my account to configure the Windows application
• PB-25944 As an administrator I can define the schema on installation with Postgres
• PB-25497 As an administrator I can disable users (experimental)

Improved

• PB-25999 Performance optimisation of update secret process
• PB-26097 Adds cake.po translation files for all languages supported by CakePHP

Security

• PB-25827 As a user with encrypted message enabled in the email content visibility, I would like to see the gpg message encrypted with my key when a password is updated

Fixed

• PB-25802 As a user I want to see localized date in my emails
• PB-25863 Fix emails not sent due to message-id header missing

Maintenance

• PB-25894 Run CI on postgres versions 13 and 15 instead of version 12 only
• PB-25969 As a developer, I can render emails in tests with html special chars
• PB-26107 Upgrade the cakephp/chronos library
• PB-26159 Update singpolyma/openpgp-php to improve compatibility with PHP 8.2
• PB-25247 Add integration tests on the MFA select provider endpoint

The Man Who Sold The World

Release song: https://youtu.be/fregObNcHC8

Version 4.2 of the Community Edition introduces a number of enhancements and fixes to the passbolt experience.

One of the highlights of this release is the first brick of grid modernization. With it, you’re in control of what’s shown on the password grid. You can decide which columns you want to see, as well as their position and size. This first version is part of a larger improvement project. The aim is to make customization of the grid available and persistent with the next v4.3.0 release, and to later introduce new columns such as OTP, Icon & Tag.

Additionally, users will be pleased to see the new resource count chips displayed in the breadcrumb, providing an intuitive way to keep track of filtered resources.

Administrators are not left behind with this release as a few bugs with the command line healthcheck have been fixed and the feature is being prepared to be available in the UI soon.

Thank you for being a part of the community and for choosing passbolt.

[4.2.0] - 2023-08-24

Added

• PB-24987 As an administrator I can define the password policies from the administration UI
• PB-25462 As an administrator I can deactivate RBACs with a feature flag
• PB-25036 As an administrator I can select PostgreSQL as database driver on installation
• PB-21403 As an administrator I can purge the email queue table from the command line

Improved

• PB-24990 Performance optimisation of the cleanup command responsible to delete secrets without permissions
• PB-25263 Performance optimisation of the entry point retrieving the folders activity logs
• PB-25264 Performance optimisation of all the SQL queries retrieving user profiles
• PB-25199 Lower case UUIDs given as requests parameters before marshalling and persisting data
• PB-25389 As an administrator healthcheck/status.json requests should not be logged in the action_logs table
• PB-25734 As a user I do not want the first letters of my first and last names upper-cased when my profile is saved

Security

• PB-25181 CSRF cookie should have secure flag set when site is served under HTTPs
• PB-25798 Fixes laminas/laminas-diactoros vulnerability by using the longwave/laminas-diactoros package

Fixed

• PB-25472 As a user I can use an SMTP server using NTLM authentication
• PB-25475 As an administrator running the healthcheck, I should be warned for self-signed and wildcard certs instead of having a failure
• PB-25720 As an administrator I should not see a false error in the healthcheck when reading the App.base config

Maintenance

• PB-21412 Upgrade phpstan to v1.10.15
• PB-21413 Upgrade psalm version to v5.12.0
• PB-21414 Upgrade cakephp codesniffer to v4.7
• PB-21672 Bump lorenzo/cakephp-email-queue package to 5.1
• PB-21917 Bump bcrowe/cakephp-api-pagination to v3.0.0
• PB-21918 Bump spomky-labs/otphp to v10.0.3
• PB-21919 Update enygma/yubikey package
• PB-22052 Passbolt test data version bump to v4.1.0
• PB-25379 Update vierge-noire/cakephp-fixture-factories package
• PB-24575 As a developer release notes should be automatically published on Github on new tag release
• PB-25471 As a developer Crowdin should export only a selected subset of languages
• PB-25801 As a developer I can create unpublished test packages

The Man Who Sold The World - Release canditate 1

Release song: https://youtu.be/fregObNcHC8

Version 4.2 of the Community Edition introduces a number of enhancements and fixes to the passbolt experience.

One of the highlights in this release is the first brick of the modernization of the grid. With it, you’re in control of what’s shown on your password grid, you can decide which columns you want to see as well as their position and size. This first version is part of a bigger improvement project which consists of making available the customization of the grid and its persistence with the next v4.3.0 release, and later to introduce new columns such as OTP, icon & tag.

Additionally users will be pleased to see the new resources count chips displayed in the breadcrumb, this will provide an intuitive way to keep tabs on the filtered resources.

Administrators are not left behind with this release as PostgreSQL is now officially supported from the installation process. Few bugs on the command line healthcheck were fixed and the feature is getting prepared to be soon available in the UI.

Thank you for being a part of the community and for choosing passbolt.

[4.2.0-rc.1] - 2023-08-23

Added

• PB-25462 As an administrator I can deactivate RBACs with a feature flag
• PB-25036 As an administrator I can select PostgreSQL as database driver on installation
• PB-21403 As an administrator I can purge the email queue table from the command line

Improved

• PB-24990 Performance optimisation of the cleanup command responsible to delete secrets without permissions
• PB-25263 Performance optimisation of the entry point retrieving the folders activity logs
• PB-25264 Performance optimisation of all the SQL queries retrieving user profiles
• PB-25199 Lower case UUIDs given as requests parameters before marshalling and persisting data
• PB-25389 As an administrator healthcheck/status.json requests should not be logged in the action_logs table
• PB-25734 As a user I do not want the first letters of my first and last names upper-cased when my profile is saved

Security

• PB-25181 CSRF cookie should have secure flag set when site is served under HTTPs
• PB-25798 Fixes laminas/laminas-diactoros vulnerability by using the longwave/laminas-diactoros package

Fixed

• PB-25472 As a user I can use an SMTP server using NTLM authentication
• PB-25475 As an administrator running the healthcheck, I should be warned for self-signed and wildcard certs instead of having a failure
• PB-25720 As an administrator I should not see a false error in the healthcheck when reading the App.base config

Maintenance

• PB-21412 Upgrade phpstan to v1.10.15
• PB-21413 Upgrade psalm version to v5.12.0
• PB-21414 Upgrade cakephp codesniffer to v4.7
• PB-21672 Bump lorenzo/cakephp-email-queue package to 5.1
• PB-21917 Bump bcrowe/cakephp-api-pagination to v3.0.0
• PB-21918 Bump spomky-labs/otphp to v10.0.3
• PB-21919 Update enygma/yubikey package
• PB-22052 Passbolt test data version bump to v4.1.0
• PB-25379 Update vierge-noire/cakephp-fixture-factories package
• PB-24575 As a developer release notes should be automatically published on Github on new tag release
• PB-25471 As a developer Crowdin should export only a selected subset of languages
• PB-25801 As a developer I can create unpublished test packages

Bella Ciao

Song: https://youtu.be/leb5pvB3B20

Version 4.1.2 of passbolt is a maintenance release mainly solving small bugs reported by the community on the API as well as the browser extension.

The API ships with a fix that restores email notifications for organisations using NTLM to authenticate against their SMTP server.

On the client side, the browser extension ships with a long time due improvement that will help users to distinguish look alike characters while previewing a password. Furthermore and in a continuous effort to provide the best user experience, the extension ships with fixes about the auto-fill capabilities. It should be more resilient and integrate better with web applications.

Thank you for helping us make Passbolt better!

[4.1.2] - 2023-07-26

Fixed

• PB-25472 Fix emails not sent for SMTP server using NTLM authentication

Maintenance

• PB-25471 Crowdin should export only a selected subset of languages

Insane in the Brain

Song: https://youtu.be/RijB8wnJCN0

Version 4.1.1 of Passbolt is a fix release solving two false-fails on the healthcheck.

These were reported by our community members on the forum here and here.

Thank you for helping us make Passbolt better!

[4.1.1] - 2023-07-13

Fixed

• PB-25304 As an administrator the application healthcheck should compare passbolt version with the latest stable release
• PB-25325 As an administrator running the database healthcheck I should not see a false fail on the default database content

Insane in the Brain - Release candidate 2

Presenting the latest release candidate of passbolt, version v4.1.1-rc.2. This pre-release is for testing purpose only.

[4.1.1-rc.2] - 2023-07-11

Fixed

• PB-25304 As an administrator the application healthcheck should compare passbolt version with the latest stable release

[4.1.1-rc.1] - 2023-07-11

Fixed

• PB-25325 As an administrator running the database healthcheck I should not see a false fail on the default database content

Insane in the Brain - Release candidate 1

Presenting the latest release candidate of passbolt, version v4.1.1-rc.1. This pre-release is for testing purpose only.

[4.1.1-rc.1] - 2023-07-11

Fixed

• PB-25325 As an administrator running the database healthcheck I should not see a false fail on the default database content