v3.9.0 ~ Bunny (pro)
Release date: January 18th, 2023.
The team at passbolt is thrilled to announce the release of v3.9 for immediate availability!
Passbolt Pro v3.9 ships with Single Sign On (SSO) in Alpha for all Pro users. This will allow authentication and onboarding via Azure SSO (via OAuth2 and OpenID Connect).
Learn more about configuring Azure SSO.
Important: Even though SSO is considered fairly stable as of now, it is strongly discouraged to roll it out in production environments without prior testing. This Alpha version is indeed released for end user evaluation and to receive your initial feedback. The final stable version will be released after SSO has been fully audited by a Cure53 in the next few weeks, and major issues reported by the communities are fixed, as it is usually the case with new sensitive features.
Additionally, v3.9 also includes support for PHP 8.2.
The team at passbolt is committed to continuous improvement. Passbolt thrives to provide the best security available while offering exceptional customer service and user experience. It wouldn’t be possible without the passbolt community. The contributions, bug reports, and input provided by the community is truly appreciated as well as essential.
Remarkable things are on their way! Among new features to look for are Duo v4 support, self-registration and MFA policies. Then expect support for additional SSO providers (Google, KeyCloak) and imnproved SSO integration during recover. Stay tuned to see how passbolt expands in the coming months.
API
Added
- PB-21828 As a user I can use Microsoft Azure as single sign on provider (Alpha)
Fixed
- PB-19601 As an admin running the healthcheck I should not see an unmanaged error if DB connection fails
- PB-21497 GITHUB-437 As an administrator I should see default user avatar in the email I receive when a user complete the setup
- PB-21501 GITHUB-411 As an administrator I should see the correct path relative to config tips in the health check report
- PB-21551 As an administrator I should be able to update with the web installer without getting an error due the subscription
- PB-21756 As an anonymous user switching MFA provider I should be redirected to the original target
- PB-21756 As an anonymous user switching MFA provider I should be redirected to the original target
Improved
- PB-19653 Rename Google authenticator into Totp authenticator
- PB-19807 As an administrator I want to know if email hostname availability is enabled in the health check report
- PB-20985 As an administrator I shouldn’t be able to send a test email in command line without defining the recipient
- PB-21502 As an administrator I want to know if I run a passbolt command without using the webserver user
- PB-21635 As an administrator I want to the cron events to be logged
- PB-21751 As anonymous user I don’t want to see the TOTP field auto-completed when I verify my second factor authentication
- PB-19715 As an administrator I want to lock the SMTP settings entry points
Maintenance
- PB-19212 Improve PHPUNIT performances
- PB-19541 Add composer audit job on development pipelines
- PB-19594 Avoid duplicated pipelines
- PB-19583 Remove deprecated usage of dummy auth token generation in tests
- PB-19594 Improve phpunit pipelines environment matrix
- PB-19706 Refactor favorites add controller into service
- PB-19707 Refactor favorites delete controller into service
- PB-20512 Ease debug by attaching original exception to InternalErrorException when missing
- PB-20541 Replace usage of Cake core Exception with CakeException when not done yet
- PB-21361 Remove deprecated usage of authenticateAs in tests
- PB-21658 Add support to PHP 8.2
Browser extension
Added
- PB-21383 As a signed-in administrator, I can save the SSO server settings
- PB-21383 As a signed-in administrator, I can disable the SSO server settings
- PB-21393 As a registered user I can use the SSO feature to sign in to passbolt
- PB-21400 As a signed-in user, I can rotate my private key’s passphrase and still be able to sign in via SSO
- PB-21735 As a signed-in administrator in the administrator workspace, I can see the user self registration settings option in the left-side bar
- PB-21740 As a signed-in administrator I can remove a domain from the user self registration list
- PB-21767 As an anonymous, I want to have the SSO login displayed by default when I have an SSO kit available
- PB-21768 As a signed-in administrator, I want my SSO kit to be generated when saving a new SSO settings if I don’t have already one
- PB-21769 As an anonymous user, I want to use SSO login from the quickaccess
- PB-21814 As a signed-in user, When rotating my passphrase I want to clean my SSO kit on the API
- PB-21842 As an anonymous user, I want to have help if I can’t remember my passphrase and SSO login is activated
- PB-21907 As a signed-in user on the self registration admin settings form, I want to see the warning message on a row domain even when there are errors on other domains rows
- PB-21908 As a signed-in administrator on the self registration admin settings form, I should not see an error when I enable the settings which previously were containing error
- PB-21909 As a signed-in administrator on the self registration admin settings form, I want to see the new row having focus when I click on the add a new row button
- PB-22006 - As a user finalising my recover I should be able to authenticate with SSO after my first sign out
Improved
- PB-21920 As a user I want to use the new PwnedPasswords service when I setup an account, recover an account, change my passphrase or generate a organisation recovery key
- PB-19793 As a user I want to see a consistent layout while signing-in to passbolt
- PB-20561 As a user changing my passphrase I would like to see the passphrase field description translated
- PB-21490 As an administrator I shouldn’t see the “save required” banner after saving the SMTP settings
- PB-20559 As an administrator I want clearer account recovery email notification descriptions relative to administrators
- PB-21746 As a signed-in user I want to autofill french authentication form using french language as field name
- PB-15269: As LU I do not want to call the API to find my resources multiple times in a row
Fixed
- PB-19649 As a user sharing a resource/folder, I should be able to see the number of users contained in groups search result
- PB-21443 As a user on the administration section I would like to see the passbolt logo
- PB-21476 As signed-in user, I want to copy content in my clipboard using passbolt over http
- PB-22022 Fix height for the svg Passbolt logo
Maintenance
- PB-19054 Remove the usage of the soon the soon unavailable global “window” object
- PB-19156 Replace setInterval by alarm in worker::waitExists
- PB-19292 As a user I want file downloads to be compatible with MV3 as well
- PB-19299 Remove the usage of the soon the soon unavailable global “window” object in the unit tests
- PB-19309 Remove the usage of the soon the soon unavailable global “window” object in the “Random” crypto helper
- PB-19586 Refactor administration screen actions components
- PB-19639 Refactor applications port connection bootstrap
- PB-19650 Handle MV3 port re-connection
- PB-19657 Add frameId to the ScriptExecution
- PB-21370 Reduce repository size
- PB-21435 Bootstrap MV3 service worker
- PB-21486 Increase code coverage relative to the SMTP authentication method recently added in the SMTP settings admin screen
- PB-21612 Refactor fileController into a dedicated service
- PB-21911 As a developer I want to know the source (author, url, license) of the src/react-extension/lib/Domain/Domains.js list
"Bunny"
Listen to the release song!