v3.8.0
版本发布时间: 2022-11-14 18:57:02
passbolt/passbolt_api最新发布版本:v4.4.0(2023-11-07 18:38:42)
Song: https://youtu.be/37JidTgav2g
The team is pleased to announce the v3.8 immediate availability.
This release ships with two new themes, a light and dark Solarized themes. Along with the redesign that occurred earlier this year, these themes served as a foundation to propose additional look and feel, but also welcome your contributions. If you wish to build a new theme, checkout the blog article: How to create a custom passbolt theme with the UI Kit.
In a continuous effort to make passbolt more customizable, administrators will be pleased to find a new administration settings screen that will allow them to update the SMTP settings of their organization. More administration screens are in the works and will be released very soon. Spoiler alert, Multi Factor Authentication is on its way to be released in the community edition.
We wish to thank all the community members for:
- The help with the internationalization;
- The bugs reports and the pull requests on github;
- The help provided to other members on the community forum.
[3.8.0] - 2022-11-09
Added
- PB-19192: As an administrator, I want to manage SMTP settings in the administration workspace
- PB-19151: As a user, I want to use passbolt with the Solarized light theme
- PB-19151: As a user, I want to use passbolt with the Solarized dark theme
Improved
- PB-16948: As group manager, I should be able to add users to groups without getting timeout errors
- PB-19035: TOTP is now deactivated by default and should be activated by an administrator
- PB-19200: GpgAuthenticator now asserts the message is a valid OpenPGP message prior to decryption on stage 0
Fixed
- PB-19312: As a logged-in user, I want to see my first name and last name correctly displayed in email headers
- PB-18718: As a logged-in user, I want my locale not to be overwritten by the server config on pages served by the server
- PB-19261: As a logged-in user, I should not get an internal error if no filter is passed to the get resource.json entry point
- PB-19035: As a logged-in user, I should not get a not found error on MFA authentication if an administrator deactivated MFA
- PB-18515: As a user, I want to see User Agent and IP in account recovery emails
Security
- PB-19204: Sanitize MFA redirection by forbidding redirection to external URI
- PB-19090: Protect forms from spell-jacking attack
Maintenance
- PB-19235: Migrate comments controllers logic into services
- PB-19603: Cover additional “add user to group” case: As group manager I can add a user to a group which have no resources shared with
- PB-6081: Move enterprise plugins into plugins/PassboltEe
- PB-6081: Move community plugins into plugins/PassboltCe
- PB-19621: Stop changing folders permissions in installation tests
- PB-19255 As an administrator I can trigger 500 errors on demand to test my logs