v3.9.0 ~ Bunny (ce)

Release date: January 18th, 2023.

The team at passbolt is thrilled to announce the release of v3.9 for immediate availability!

Passbolt CE v3.9 ships with Multi Factor Authentication (MFA) for all community edition users! Users can now set up MFA using various methods, including Duo, TOTP (Google Authenticator, Authy), and YubiKey (with Yubico Cloud).

Additionally, v3.9 also includes support for PHP 8.2.

The team is glad to make MFA, a former passbolt Pro feature, more widely available, as it’s been a highly requested feature within our community (even though one could argue that the existing authentication protocol already combined 2 factors of authentication: the private key and the master passphrase). The goal at passbolt is to provide the best security possible first while constantly improving user experience. It wouldn’t be possible without the incredible community that surrounds passbolt. Thank you to everyone who contributed ideas, reported bugs, and provided input.

Big things are on their way! Keep an eye out for how passbolt continues to grow and evolve in the coming months with additional pro edition features becoming available in the CE such as folders! To show your support please give us a star on github or write a review on the app / extension webstore.

API

Added

• PB-20539 As a user I can protect the authentication to passbolt with a second factor method

Fixed

• PB-19601 As an admin running the healthcheck I should not see an unmanaged error if DB connection fails
• PB-21497 GITHUB-437 As an administrator I should see default user avatar in the email I receive when a user complete the setup
• PB-21501 GITHUB-411 As an administrator I should see the correct path relative to config tips in the health check report
• PB-21756 As an anonymous user switching MFA provider I should be redirected to the original target

Improved

• PB-19653 Rename Google authenticator into Totp authenticator
• PB-19807 As an administrator I want to know if email hostname availability is enabled in the health check report
• PB-20985 As an administrator I shouldn’t be able to send a test email in command line without defining the recipient
• PB-21502 As an administrator I want to know if I run a passbolt command without using the webserver user
• PB-21635 As an administrator I want to the cron events to be logged
• PB-21751 As anonymous user I don’t want to see the TOTP field auto-completed when I verify my second factor authentication
• PB-19715 As an administrator I want to lock the SMTP settings entry points

Maintenance

• PB-19212 Improve PHPUNIT performances
• PB-19541 Add composer audit job on development pipelines
• PB-19594 Avoid duplicated pipelines
• PB-19583 Remove deprecated usage of dummy auth token generation in tests
• PB-19594 Improve phpunit pipelines environment matrix
• PB-19706 Refactor favorites add controller into service
• PB-19707 Refactor favorites delete controller into service
• PB-20512 Ease debug by attaching original exception to InternalErrorException when missing
• PB-20541 Replace usage of Cake core Exception with CakeException when not done yet
• PB-21361 Remove deprecated usage of authenticateAs in tests
• PB-21658 Add support to PHP 8.2

Browser extension

Added

• PB-21383 As a signed-in administrator, I can save the SSO server settings
• PB-21383 As a signed-in administrator, I can disable the SSO server settings
• PB-21393 As a registered user I can use the SSO feature to sign in to passbolt
• PB-21400 As a signed-in user, I can rotate my private key’s passphrase and still be able to sign in via SSO
• PB-21735 As a signed-in administrator in the administrator workspace, I can see the user self registration settings option in the left-side bar
• PB-21740 As a signed-in administrator I can remove a domain from the user self registration list
• PB-21767 As an anonymous, I want to have the SSO login displayed by default when I have an SSO kit available
• PB-21768 As a signed-in administrator, I want my SSO kit to be generated when saving a new SSO settings if I don’t have already one
• PB-21769 As an anonymous user, I want to use SSO login from the quickaccess
• PB-21814 As a signed-in user, When rotating my passphrase I want to clean my SSO kit on the API
• PB-21842 As an anonymous user, I want to have help if I can’t remember my passphrase and SSO login is activated
• PB-21907 As a signed-in user on the self registration admin settings form, I want to see the warning message on a row domain even when there are errors on other domains rows
• PB-21908 As a signed-in administrator on the self registration admin settings form, I should not see an error when I enable the settings which previously were containing error
• PB-21909 As a signed-in administrator on the self registration admin settings form, I want to see the new row having focus when I click on the add a new row button
• PB-22006 - As a user finalising my recover I should be able to authenticate with SSO after my first sign out

Improved

• PB-21920 As a user I want to use the new PwnedPasswords service when I setup an account, recover an account, change my passphrase or generate a organisation recovery key
• PB-19793 As a user I want to see a consistent layout while signing-in to passbolt
• PB-20561 As a user changing my passphrase I would like to see the passphrase field description translated
• PB-21490 As an administrator I shouldn’t see the “save required” banner after saving the SMTP settings
• PB-20559 As an administrator I want clearer account recovery email notification descriptions relative to administrators
• PB-21746 As a signed-in user I want to autofill french authentication form using french language as field name
• PB-15269: As LU I do not want to call the API to find my resources multiple times in a row

Fixed

• PB-19649 As a user sharing a resource/folder, I should be able to see the number of users contained in groups search result
• PB-21443 As a user on the administration section I would like to see the passbolt logo
• PB-21476 As signed-in user, I want to copy content in my clipboard using passbolt over http
• PB-22022 Fix height for the svg Passbolt logo

Maintenance

• PB-19054 Remove the usage of the soon the soon unavailable global “window” object
• PB-19156 Replace setInterval by alarm in worker::waitExists
• PB-19292 As a user I want file downloads to be compatible with MV3 as well
• PB-19299 Remove the usage of the soon the soon unavailable global “window” object in the unit tests
• PB-19309 Remove the usage of the soon the soon unavailable global “window” object in the “Random” crypto helper
• PB-19586 Refactor administration screen actions components
• PB-19639 Refactor applications port connection bootstrap
• PB-19650 Handle MV3 port re-connection
• PB-19657 Add frameId to the ScriptExecution
• PB-21370 Reduce repository size
• PB-21435 Bootstrap MV3 service worker
• PB-21486 Increase code coverage relative to the SMTP authentication method recently added in the SMTP settings admin screen
• PB-21612 Refactor fileController into a dedicated service
• PB-21911 As a developer I want to know the source (author, url, license) of the src/react-extension/lib/Domain/Domains.js list