v3.6.0 ~ New Morning (ce)

Release date: May 25th, 2022.

The team is pleased to announce the v3.6 immediate availability which, as you may already have seen, includes a design refresh of the application.

On top of that, this release ships with some more improvements and fixes.

• Performance boost on the client cryptographic operations;
• Additional key validations on setup for better error reporting;
• Experimental support for ECC keys.
• More performance fixes.

We wish to thank the contributors who participated:

• Alpha testers who helped us test the pre-release;
• All the community members who helped with the internationalization;

Next up? We’ll go through a maintenance cycle where we’ll be fixing issues reported in terms of performance (e.g. adding users to a group), as well as preparing for the migration to Manifest v3, and support for PHP 8.1.

Browser extension

[3.6.2] - 2022-06-03

Improved

• PB-16651 As LU I want to get a clear message if I enroll to a disabled account recovery program
• PB-15677 As LU I want to see openpgp assertions messages translated into my language

Fixed

• PB-16736 Fix as AN I can accept a new server key(GITHUB-150)

[3.6.1] - 2022-05-31

Improved

• PB-16116 Change user creation dialog tips following the introduction of account recovery
• PB-16119 As LU changing my security token I should be able to access documentation about phishing attacks
• PB-16166 Change nested folders icons size
• PB-16206 Change search bar padding
• PB-16207 Change midgar theme hover background colour
• PB-16208 Change midgar inset shadow highlight opacity
• PB-16209 Change inside fields buttons radius
• PB-16210 Change midgar hover/active grid lines backgrounds
• PB-16211 Change midgar active button background
• PB-16212 Change authentication loading spinner padding
• PB-16213 As LU I should see a beta pill next to the account recovery menu entry
• PB-16556 Change midgar sign-in form background
• PB-16559 Change user settings account recovery layout
• PB-16588 As GM editing group memberships, I want to see the tooltip icon aligned with the username
• PB-16589 Change the attention required icon color in the user settings menu
• PB-16592 Change quickaccess connecting state box background
• PB-16603 Change grids font weight
• PB-16605 Reduce letter spacings globally
• PB-16639 As LU enrolling to the account recovery program I should be requested my passphrase

Fixed

• PB-14278 As LU I should see warning messages on form fields
• PB-16117 As AD I should not see the MFA status in the user sidebar if the user is not active
• PB-16146 As AD I should not be able to copy the public key of a inactive user
• PB-16558 As AN on unauthenticated page I should not see “about us” cta tooltip
• PB-16604 As a LU I should be able to sort the grid by Username and URI
• PB-16661 As a AN I can accept a server key rotation when the server key stored in the local storage cannot be parsed

Maintenance

• PB-16155 Apply linter on all styleguide src code
• PB-14951 Move common test material

[3.6.0] - 2022-05-23

Added

• PB-15033 As a user who lost its credentials I can request help to an administrator
• PB-14672 As a user I should see the new design on the password workspace
• PB-14673 As a user I should see the new design on the user workspace
• PB-14674 As a user I should see the new design on the user settings workspace
• PB-15026 As a user I should see the new design on the administration workspace
• PB-14675 As a user I should see the new design on the authentication screens
• PB-14677 As a user I should see the new design on the quickaccess application
• PB-14960 As a user I should see the new design on the web integration inform menu
• PB-14131 As AN performing a setup, I can import ECC keys

Improved

• PB-14896 As AN performing a setup, I should not be able to import an already decrypted key
• PB-14816 As AN performing a setup, I should not be able to use a passphrase which is part of a data breach
• PB-14462 As AN on the authentication screens, I should see unexpected errors details
• PB-14203 As LU on the application, I should see unexpected errors details
• PB-13852 Improve encryption/decryption performances

Security

• PB-13908 As AN performing a setup, I generate key of 3072 bits
• PB-13908 As AN performing a setup, I cannot import keys weaker than 3072 bits

Fixed

• PB-15241 As a user I can use the web integration inform menu in iframe authentication forms
• PB-13901 As AN performing a sign-in, I should be prompted the server key changed only when the parsed key changed
• PB-14405 Fix misc sentences plural

Maintenance

• PB-14155 Upgrade node to version 16
• PB-13852 Upgrade openpgp.js to version 5
• PB-14672 Increase storybook screens coverage
• PB-14052 Increase browser extension code coverage

API

[3.6.0] - 2021-05-25

Added

• PB-9739 OpenPGP key and message validation refactoring
• PB-14141 Enhanced public/private key validation rules
• PB-13685 Enhanced secret validation rules
• PB-14138 Refactor setup and recover related controllers with dependency injection
• PB-14510 Three trivial endpoints, such as GET on login are not logged anymore

Security

• PB-14400 Upgrade firebase/php-jwt to 6.1

Fixed

• PB-14369 Fixes email settings issues in the test suite
• PB-15046 Handle user lost-passphrase scenarios with API <= v3.5

Maintenance

• PB-14812 Upgrade cakephp/cakephp to 4.3