Skip to content

I Want To Break Free
Compare
Choose a tag to compare
@kevinmuller kevinmuller released this 13 Aug 16:53
· 4132 commits to master since this release
v2.2.0
This tag was signed with the committer’s verified signature.
cedricalfonsi Cedric
GPG key ID: 8554DB3806A68771
Verified
Learn about vigilant mode.
ea8927e

Release song: https://youtu.be/f4Mc-NYPHaQ

Please note that Passbolt API V1.x will be officially unmaintained from 1st of September 2018. If you haven’t upgraded to V2.x yet, it is strongly advised to do it now since the next versions of the browser extension will not be compatible anymore with V1.x branch.

This release is mainly a maintenance release that also prepares the groundwork for the incoming ldap feature.

This release also includes a long awaited fix regarding performance issues. You can now manage thousands of passwords inside passbolt pretty smoothly.

The security has been improved even more with the implementation of CSRF protection. Now each request made by the client contains a token that is verified server side, hence protecting against CSRF attack types.

We have also upgraded canjs to version 4: It is the framework behind our javascript UI. This upgrade was long due and took quite a bit of efforts. After CakePHP 3.x, the upgrade of canjs is part of these invisible and painful but necessary upgrades that contribute to keep passbolt secure and maintainable.

Added

PASSBOLT-2906: Enable CSRF protection
PASSBOLT-2940: Implement app-js primary routes

Fixed

PASSBOLT-2805: Fix sort by date and sort by user first_name by default
PASSBOLT-2896: Fix filter by tag from the password details sidebar
PASSBOLT-2903: Fix logout link. It should target a full based url link
PASSBOLT-2926: Fix session timeout check
PASSBOLT-2927: Fix appjs ajax error handler
PASSBOLT-2941: Fix grid performance issues

Improved

PASSBOLT-2933: Upgrade to canjs 4

Assets 2
Loading