Boom Boom

Release song: https://youtu.be/X70VMrH3yBg

This release is a maintenance release, with a few bug fixes and some additional settings to manage emails notifications.

The bulk of the work for this release was the migration for firefox, from the soon deprecated SDK plugin format to the new webextension format. Quite a bit of work went into upgrading the selenium testsuite and providing a fully transparent data migration from the old to the new format. This is why this version is still running as a “legacy” plugin, with all the code embedded as a webextension, to make sure users have nothing to do to migrate. However please make sure your users upgrade to this version this month, otherwise they may need to perform an account recovery with the next version. Fret not, because unless they have disabled automatic update, the only thing firefox users need to do to update is to have the browser running.

As a passbolt instance administrator I can find new settings manage email notifications in config/default.php under EmailNotification. If you want to override the default you can copy/paste them to your own app.php configuration. With these settings you can for example disable notifications when a user is added to a group, or when a password is deleted. It also allows to change the content of the notification and hide the username and/or the encrypted secret.

Thank you to @bluenetinc, @PoetiCode and @technogenus for their suggestions and contributions to this release.

Unless there is a major issue with the 1.6.2, our next release will be version v2.0, with an upgrade to Cakephp v3.

Read the full release notes : http://www.passbolt.com/release/notes#BoomBoom

Added

• PASSBOLT-2284: As an administrator I can set which notifications are enabled for my organization #98
• PASSBOLT-2284: As an administrator I can prevent encrypted secret or username to be sent in email notification #114

Fixed

• PASSBOLT-2301: Remove additional slashes in passbolt.js urls such as model/users::find #142
• PASSBOLT-2270: Fix modified_by not set on resource edit regression
• PASSBOLT-2271: Fix no wrap issue on resource description
• PASSBOLT-1943: As an administrator I should not be able to install passbolt on a hostname that is not RFC3986 compliant
• PASSBOLT-1937: As an administrator I should not be be able to install passbolt with a server key without an email id
• PASSBOLT-2002: Refactor install script to reuse healthcheck library

Fresh

Release song: https://youtu.be/sTJ1XwGDcA4

Thanks to this new release it is now possible to filter passwords by groups. It becomes easier to see which password belong to which groups. Of course, to see the groups in the sidebar, one will first need to be part of that group.

Similarly, in the user workspace, it is now possible to see which groups a user is member of in the right sidebar, when selecting a collaborator. Two new email notifications have been implemented, when your role in a group changes, or if you are the group manager, when a user is deleted.

This release also introduces a series of small improvements requested by the community, mostly to relax the validation rules for the password username and descriptions fields. And, of course, a small batch of bug fixes.

Read the full release notes: http://www.passbolt.com/release/notes#Fresh

Added

• PASSBOLT-2147: As a group member I should receive a notification when my role in the group has changed
• PASSBOLT-2148: As a group manager I should receive a notification when a user who is part of one (or more) groups I manage is deleted
• PASSBOLT-2225: As a demo user it should be explicit that I need to use a throway email account
• PASSBOLT-2133: As LU I should be able to filter passwords by group on the passwords workspace
• PASSBOLT-2012: As a user I can see which groups a user is a member of from the sidebar

Fixed

• PASSBOLT-2171: The group list component should be marked as ready once the API request is completed
• PASSBOLT-2172: Newly added group manager shouldn't receive the group update summary notification
• PASSBOLT-2174: Edit group dialog should be marked as ready if an admin edit a group the admin is not group manager
• PASSBOLT-2155: As AD I shouldn't be able to delete as user if the user is the sole group manager of a group
• PASSBOLT-2075: Users should be removed from the groups they are member of after a soft delete operation
• PASSBOLT-1934: GITHUB-40, GITHUB-120: As a user I should be allowed to add the a ldap path as username
• PASSBOLT-2156: GITHUB-94: As a user I should be allowed to add text in JSON format in the description
• PASSBOLT-2122: GITHUB-85: Username should be Minimum 1 characters in length (and not 3)
• PASSBOLT-2180: GITHUB-85: As a user I should be allowed to add a space in a resource username
• PASSBOLT-2125: GITHUB-86: As a logged in user creating/editing a password I should be able to use new line characters in the description
• PASSBOLT-2188: Regression: As LU when I search for a user it shouldn't make an API request
• PASSBOLT-2234: Regression: As newly added GM I shouldn't receive the group update summary when I'm just added as GM
• PASSBOLT-2235: As AD editing a group the dialog shouldn't be marked as ready until the members list is loaded
• PASSBOLT-2105: Anonymous statistics: fix "Warning Error: file_put_contents" issue at installation
• PASSBOLT-2005: PR#44: Update allowed characters in a uri

Let's Groove

Release date: June 21, 2017.

This release is mainly about shipping some of the missing "groups" features such as the email notifications. You will also find a few bug fixes, and an improvement in the default email configuration for those of you who use TLS authentication.

It was also the occasion to update our docker container. We fixed a few bugs and added email support.

Read the full release notes: https://www.passbolt.com/release/notes#LetsGroove

Added

• PASSBOLT-2099: As a user I should receive a notification when I am added to a group
• PASSBOLT-2100: As a user I should receive a notification when I am deleted of a group
• PASSBOLT-2102: As a group manager I should receive a notification when another group manager added a user to a group I manage
• PASSBOLT-2103: As a group manager I should receive a notification when another group manager removed a user from a group I manage
• PASSBOLT-2140: As a group manager I should receive a notification when another group manager changed the role of a user of a group I manage
• PASSBOLT-2138: The TLS parameter should be part of the default email configuration

Fixed

• PASSBOLT-2044: As an admin I shouldn’t be able to delete a user who is the sole owner of passwords shared with others
• PASSBOLT-2078: As GM/AD I shouldn't be able to add a user who didn't complete the registration process to a group I edit/create
• PASSBOLT-2111: As an admin I should be able to install passbolt under mydomain.tld/passbolt
• PASSBOLT-2142: As an admin I should not see multiple ASCII banner when running the install script
• PASSBOLT-1959: As LU when I unshare a password with a user or a group, associated secrets should be destroyed
• PASSBOLT-1954: Security: Trackable behavior should override created_by and deleted_by when provided

Grapevine

With this release we are very pleased to announce the beginning of the groups feature support in passbolt. You can learn more about it in the dedicated blog post or the summary below.

Full release notes: http://www.passbolt.com/release/notes#Grapevine

Disclaimer for Firefox users: Version 1.5.1 is still pending approval from volunteers at Mozilla reviewing addons. Therefore the automatic rollout has not started yet. If you want to start using groups with firefox, please switch to the development channel. Your profile will be kept and you can switch back later.
Switch to v1.5.1-RC2

[1.5.1] - 2017-05-23

Fixed

• PASSBOLT-2070: Delete unused code / exclude external libs from coverage
• PASSBOLT-2071: Drop exec bits from files which don't need them (@OdyX GITHUB PR #67)
• PASSBOLT-2073: As AP I should see a warning on the login page if the plugin and the api are not compatible
• PASSBOLT-2029: PHP7 compatibility, fix deprecated cakePHP String class calls (@leomazzo GITHUB-64)
• PASSBOLT-2074: Delete confirmation dialogs should fit the latest styleguide

[1.5.0] - 2017-05-16

Added

• PASSBOLT-1950: As a user I can see which groups a password is shared with from the sidebar
• PASSBOLT-1953: As a user I can share a password with a group
• PASSBOLT-1940: As a user when editing a password for a group, the secret should be encrypted for all the members
• PASSBOLT-1639: As a user editing a password description in the right sidebar should not get duplicated items in shared with section
• PASSBOLT-1938: As a user I can browse the list of groups in the groups section of the user workspace
• PASSBOLT-2000: As a user I can see which users are part of a given group from the sidebar and the users section
• PASSBOLT-1960: As a user I can see the list of users that are part of the group in the users grid by using the group filter
• PASSBOLT-1838: As a group manager I can edit the membership roles
• PASSBOLT-1838: As a group manager I can add a user to a group
• PASSBOLT-1838: As a group manager I can remove a user from a group using the edit group dialog
• PASSBOLT-1969: As a group manager I can edit a group from the contextual menu and from the groups sidebar
• PASSBOLT-1969: As a group manager I can see which users are part of a given group from the group edit dialog
• PASSBOLT-2000: As a group manager I can see which users are part of a given group from the sidebar and the users section
• PASSBOLT-2006: As an administrator I can delete a group from the group contextual menu
• PASSBOLT-1969: As an administrator I can edit a group
• PASSBOLT-2006: As an administrator I can delete a group
• PASSBOLT-1955: As an administrator I can create a group using the new button in the users workspace
• PASSBOLT-1939: As an administrator the healthcheck should be accessible in command line
• PASSBOLT-1943: As an administrator the healthcheck should tell if not using a proper domain name as base url
• PASSBOLT-1943: As an administrator the healthcheck should tell if SSL certificate is invalid
• PASSBOLT-1885: As an administrator the healthcheck should tell if the full base url is not reachable
• PASSBOLT-1838: Add v1.5.0 migration script
• PASSBOLT-1881: Add support for groups in the permission system
• PASSBOLT-1952: Add support for groups in the fixtures
• PASSBOLT-1928: Deploy styleguide with groups support

Cry to Me

Passbolt v1.4.0 is out! A cleanup release to ease the groups feature rollout and fix a few bugs. Some notable changes: you can now create an account with the same username as an account that was previously deleted, you can also use GPG keys that contain multiple identities. This release requires your database schema to be updated (see. update process in the documentation).

Fixed

• PASSBOLT-1863: Remove references to legacy features Category and Tags
• PASSBOLT-1883: Fix wrong usage of the permission entry point viewByAco
• PASSBOLT-1887: Remove the entry point PermissionController::simulateAcoPermissionsAfterChange
• PASSBOLT-1886: Remove the controller component PermissionHelperComponent
• PASSBOLT-1888: Remove the model behavior function PermissionableBehavior::getUsersWithAPermissionSet
• PASSBOLT-1889: Remove references to legacy models and tables (AuthenticationLogs, AuthenticationBlackList, Email, Adress, PhoneNumber)
• PASSBOLT-1890: Clean the Permission model validation functions & augment coverage
• PASSBOLT-1894: Reorganize ACL models tests
• PASSBOLT-1896: Remove references to legacy permission types CREATE and DENY
• PASSBOLT-1511: removed tracking of config file Config/email.php (@BaumannMisys GITHUB-34)
• PASSBOLT-1835: As a user I should be able to create an account with the same username as an account that was previously deleted (@bestlibre GITHUB-33)
• PASSBOLT-1646: GITHUB-20 Permissions views and queries do not work with Mysql57 / only_full_group_by enabled

Short Change Hero

Passbolt v1.3.2 is out! A very small release for you, with two bug fixes. We have removed the limit on the passphrase size. You can now create a master password that is longer than 50 characters. More importantly we are very pleased to share with you the wireframes and functional specifications for the groups feature. Please have a look and tell us what you think!
https://www.passbolt.com/release/notes#ShortChange

Fixed

• PASSBOLT-811: Error message look and feel is not consistent on register / recover

The World

What a better way to start 2017 than with a maintenance release? You guessed it, this new year release is mainly about bug fixes.

We also upgraded the API to the latest CakePHP version (v2.9.4) as well as the associated modules, which will improve even further the compatibility of passbolt with PHP v7.

Fixed

• PASSBOLT-1758: As LU sharing a password I should be able to filter users based on first name and last name
• PASSBOLT-1779: Remove debug statement
• PASSBOLT-1585: As AN I should be allowed to register if my lastname or firstname are 2 chars in length
• PASSBOLT-1783: Form validation and translation: malformed error messages
• PASSBOLT-1619: As AP I should not be allowed to recover my account if I have not completed the setup first
• PASSBOLT-1767: As a AD installing passbolt I should be told if webroot/img/public is not writable.
• PASSBOLT-1793: Upgrade to CakePHP v2.9.4
• PASSBOLT-1784: GITHUB-29 PHP7 compatibility issue in migration console tasks
• PASSBOLT-1790: Fixed update context sent by anonymous usage statistics

California Soul

[1.3.0]

Added

• PASSBOLT-1725 Misc changes for Chrome support
• PASSBOLT-1726 Implement anonymous usage data

Fixed

• PASSBOLT-1721 SSL detection not working in healthcheck
• PASSBOLT-1708 Accept JSON data content type for HTTP PUT during setup

Papa was a rolling stone

Fixed

• PASSBOLT-1719 GITHUB-14 The "." is not allowed in email address field
• PASSBOLT-1525 Remove unused controllers and components
• PASSBOLT-1718 Tidy up readme and contribution guidelines

Won't be long

Added

• PASSBOLT-1706 GITHUB-18 Resource Description length is too short, should be 10K characters
• PASSBOLT-1658 GITHUB-18 Resource URI length is too short, should be 1024 characters
• PASSBOLT-1637 GITHUB-14 The "+" is not allowed in the email address field while adding a new user
• PASSBOLT-1525 Test coverage for SetupControllerTest & CakeErrorController
• PASSBOLT-1694 Default config change: debug should be set to 0
• PASSBOLT-1660 Refactoring to simplify Chrome plugin development
• PASSBOLT-1649 Adjusted coveralls markup
• PASSBOLT-1648 Upgrade to Cakephp 2.9.1
• PASSBOLT-1250 Contribution guidelines

Fixed

• PASSBOLT-1700 Event names should stay backward compatible
• PASSBOLT-1668 Remove GPGAuth debug count
• PASSBOLT-1673 Restore avatars during quick install