v3.5.0 ~ Wide Open (pro)

Release date: January 18th, 2022.

The team is pleased to announce the v3.5 immediate availability which includes the most awaited launch of the iOS and Android Mobile applications (currently pending review). Mobile support is available for all passbolt editions, including CE, PRO, and Cloud!

Watch the mobile apps video announcement to get a quick glimpse of what’s in it. And let us know what you think in the dedicated community forum thread.

You’ll be pleased to know that both the mobile apps have been entirely audited by Cure 53 prior public release. The audit reports are available here.

What else is in v3.5? Well, a bunch of other nice things:

• New languages: Japanese, Dutch and Polish.
• Postgresql support (experimental). The documentation on how to enable it will follow in the next few days.
• A brand new CLI, written in GO (and audited too): this CLI is a contribution by Samuel Lorch and supports all API entry points including share operations. It also supports operations related to folders management and sharing as well as Multi Factor Authentication.

On top of that, this release ships with some more improvements and fixes.

• Due to popular demand, the size of the resource.name and resource.username fields have been increased to 255 characters (previously 64).
• The In-Form menu positioning has been improved to appear where it should be with more accuracy.
• The overall performance of the api has been improved, primarily due to the optimization of the permissions table which is at the center of many operations.

We wish to thank the contributors who participated:

• Jesper Schmitz Mouridsen, for his much awaited PostgreSQL implementation.
• Samuel Lorch, for his amazing GO SDK and CLI, making it the first fully functional CLI for passbolt since the other nodejs CLI does not currently support all the operations.
• All the community members who reported bugs and submitted pull requests (weebl2000, garrettboone) and helped on the community forum to debug issues with mobile.

API

[3.5.0] - 2022-01-18

Added

• PB-13161 As LU I should be able to use passbolt with my Android mobile
• PB-13161 As LU I should be able to use passbolt with my IOS mobile
• PB-5967 As AD I can use passbolt with a PostgreSQL database provider [experimental]
• PB-5967 As AD I can migrate an existing instance to PostgreSQL with the help of the command line [experimental] and MySQL to Postgres migration tools, e.g. as described here: https://pgloader.readthedocs.io and here: https://pgloader.io/.

• PB-8513 As LU I can request gpg keys using pagination

• PB-6053 As LU I can request folders using pagination

• PB-13321 As a user I can use passbolt in Dutch
• PB-13321 As a user I can use passbolt in Japanese
• PB-13321 As a user I can use passbolt in Polish

Improvement

• PB-12817 As LU I can import avatars having a jpeg extension
• PB-12943 As AD I should be able to see log when a user tries to sign-in with an invalid bearer token
• PB-12888 Improve performances of the operations requiring permissions accesses by replacing the single index on type by a combined index involving the requested columns
• PB-13177 As AD I should be able to see any gpg keys errors from the healthcheck
• PB-13183 As LU I should be able create resource having a name or a username of 255 characters long
• PB-13265 As AD I can create a JWT key pair even if the database is not set
• PB-13164 As AD I can cleanup duplicate entries in the favorites tables, folder_relations , groups_users and permissions

Fixed

• PB-9887 Fix as AD I can send email digest from the /bin/cron script

• PB-12951 Fix as a user I shouldn’t get an error requesting the JWT refresh end point providing a MFA token with MFA disabled

• PB-12957 Fix multiple language issues reported by community
• PB-12914 Fix as a group manager I should not get multiple notifications when a group is updated
• PB-13158 As AD I should see a tip with proper directory permissions when the JWT assets healthcheck fails

Security

• PB-13217 PBL-06-011 Fix ACL on mobile transfer view controller

Maintenance

• PB-12835 Move users setup/recover/register controllers logic into services to welcome the upcoming account recovery feature

Browser extension

[3.5.0] - 2022-01-17

Added

• PB-13161 As LU I should be able to passbolt with my Android mobile
• PB-13161 As LU I should be able to passbolt with my IOS mobile
• PB-13321 As a user I can use passbolt in Dutch
• PB-13321 As a user I can use passbolt in Japanese
• PB-13321 As a user I can use passbolt in Polish

Improvement

• PB-9402 As LU I should be able to create and import passwords having a name and username of 255 characters long
• PB-13178 As a user visiting the web stores I should be aware that the application supports multiple languages
• PB-9748 Optimize in-form menu integration performance by avoiding the CTA mutation observer to be called when passbolt manipulates the DOM itself

Fixed

• PB-12819 Fix as LU I should autofill/auto-save on forms having only a password field
• GITHUB-136 Fix as LU I want to see the in-form menu CTA well positioned on pages having no scroll but CSS transformation
• GITHUB-137 Fix as a user I should see the in-form menu CTA on modal having a z-index greater that 1000
• PB-13268 As LU I should be able to put comma in my user names
• PB-12873 As LU I shouldn’t see double escaped characters on the translation of strings including variables

Security

• PB-13162 Upgrade QRCode library to v1.5.0

Maintenance

• PB-12955 Fix error and warning messages in unit test console
• PB-13309 Upgrade dev dependency webpack-dev-server to v4.7.2

iOS App

[1.3.0] - 2022-01-17

Added

• View presenting application logs allowing to share it easily
• Help menu in multiple contexts allowing access to logs and quick link to help page
• Quick account switch menu
• Account details view allowing change local label for accounts

Improved

• Added long loading messages appearing on loaders that take more time than expected
• Implemented session refresh based on refresh tokens

Fixed

• Delay on scanning QR codes
• Invalid resolve of urls on instances available under urls with additional path component
• Local JWT token verification issues

Security

• Removed custom application url scheme
• Added jailbreak detection

Maintenance

• Refactor displayable strings for easier usage
• Refactor session management

Android App

[1.3.0-4] - 2022-01-17

Added

• Session is being refreshed now when the app is resumed or the session expires instead of a new sign in
• Dark theme support to Autofill dropdown
• Possibility to turn on log recording and to access and share them
• Account switch drawer when clicking search avatar
• Account details screen with a possibility to change label

Improved

• Create resource from Autofill context - now it’s “Create and fill”

Fixed

• Resource list icons are now lighter and have correct corner radius
• Always display URL field on resource details (even if empty)
• When having at least 2 accounts with biometry enabled and adding a new fingerprint to the device - the biometry is deactivated on all accounts instead of only on current one

Security

• Added explicit hasFragileUserData flag to the Manifest with a default value of false to ensure all data is deleted when the app is uninstalled
• Added rootbeer library to show root detection warning

Maintenance

• Added publishing to Play Store straight from CI
• Refactored Authentication Presenters to reduce constructor dependencies count