Bitwarden Rs Versions Save

Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs

1.28.0

1 year ago

Major changes

The project has changed license to the AGPLv3. If you're hosting a Vaultwarden instance, you now have a requirement to distribute the Vaultwarden source code to your users if they request it. The source code, and any changes you have made, need to be under the same AGPLv3 license. If you simply use our code without modifications, just pointing them to this repository is enough.
Added support for Argon2 key derivation on the clients. To enable it for your account, make sure all your clients are using version v2023.2.0 or greater, then go to account settings > security > keys, and change the algorithm from PBKDF2 to Argon2id.
Added support for Argon2 key derivation for the admin page token. To update your admin token to use it, check the wiki
New alternative registries for the docker images are available (In BETA for now):
- Github Container Registry: https://ghcr.io/dani-garcia/vaultwarden
- Quay: https://quay.io/vaultwarden/server

What's Changed

Remove patched multer-rs by @manofthepeace in https://github.com/dani-garcia/vaultwarden/pull/2968
Removed unsafe-inline JS from CSP and other fixes by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3058
Validate YUBICO_SERVER string (#3003) by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3059
Log message to stderr if LOG_FILE is not writable by @pjsier in https://github.com/dani-garcia/vaultwarden/pull/3061
Update WebSocket Notifications by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3076
Optimize config loading messages by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3092
Percent-encode org_name in links by @am97 in https://github.com/dani-garcia/vaultwarden/pull/3093
Fix failing large note imports by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3087
Change text/plain API responses to application/json by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/3124
Remove shrink-to-fit=no from viewport-meta-tag by @redwerkz in https://github.com/dani-garcia/vaultwarden/pull/3126
Update dependencies and MSRV by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3128
Resolve uninlined_format_args clippy warnings by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3065
Update Rust to v1.66.1 to patch CVE by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3136
Fix remaining inline format by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3130
Use more modern meta tag for charset encoding by @redwerkz in https://github.com/dani-garcia/vaultwarden/pull/3131
fix (2fa.directory): Allow api.2fa.directory, and remove 2fa.directory by @GeekCornerGH in https://github.com/dani-garcia/vaultwarden/pull/3132
Optimize CipherSyncData for very large vaults by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3133
Add avatar color support by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3134
Add MFA icon to org member overview by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3135
Minor refactoring concering user.setpassword by @sirux88 in https://github.com/dani-garcia/vaultwarden/pull/3139
Validate note sizes on key-rotation. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3157
Update KDF Configuration and processing by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3163
Remove arm32v6-specific tag by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/3164
Re-License Vaultwarden to AGPLv3 by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2561
Admin password reset by @sirux88 in https://github.com/dani-garcia/vaultwarden/pull/3116
"Spell-Jacking" mitigation ~ prevent sensitive data leak … by @dlehammer in https://github.com/dani-garcia/vaultwarden/pull/3145
Allow listening on privileged ports (below 1024) as non-root by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/3170
don't nullify key when editing emergency access by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/3215
Fix trailing slash not getting removed from domain by @BlockListed in https://github.com/dani-garcia/vaultwarden/pull/3228
Generate distinct log messages for regex vs. IP blacklisting. by @kpfleming in https://github.com/dani-garcia/vaultwarden/pull/3231
allow editing/unhiding by group by @farodin91 in https://github.com/dani-garcia/vaultwarden/pull/3108
Fix Javascript issue on non sqlite databases by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3167
add argon2 kdf fields by @tessus in https://github.com/dani-garcia/vaultwarden/pull/3210
add support for system mta though sendmail by @soruh in https://github.com/dani-garcia/vaultwarden/pull/3147
Updated Rust and crates by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3234
docs: add build status badge in readme by @R3DRUN3 in https://github.com/dani-garcia/vaultwarden/pull/3245
Validate all needed fields for client API login by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3251
Fix Organization delete when groups are configured by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3252
Fix Collection Read Only access for groups by @Misterbabou in https://github.com/dani-garcia/vaultwarden/pull/3254
Make the admin session lifetime adjustable by @mittler-works in https://github.com/dani-garcia/vaultwarden/pull/3262
Add function to fetch user by email address by @mittler-works in https://github.com/dani-garcia/vaultwarden/pull/3263
Fix vault item display in org vault view by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/3277
Add confirmation for removing 2FA and deauthing sessions in admin panel by @JCBird1012 in https://github.com/dani-garcia/vaultwarden/pull/3282
Some Admin Interface updates by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3288
Fix the web-vault v2023.2.0 API calls by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3281
Fix confirmation for removing 2FA and deauthing sessions in admin panel by @dpinse in https://github.com/dani-garcia/vaultwarden/pull/3290
Admin token Argon2 hashing support by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3289
Add HEAD routes to avoid spurious error messages by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/3307
Fix web-vault Member UI show/edit/save by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3315
Upd Crates, Rust, MSRV, GHA and remove Backtrace by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3310
Add support for /api/devices/knowndevice with HTTP header params by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/3329
Update Rust, MSRV and Crates by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3348
Merge ClientIp with Headers. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3332
add endpoints to bulk delete collections/groups by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/3354
Add support for Quay.io and GHCR.io as registries by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3363
Some small fixes and updates by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3366
Update web vault to v2023.3.0 by @dani-garcia

New Contributors

@manofthepeace made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2968
@pjsier made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3061
@am97 made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3093
@redwerkz made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3126
@sirux88 made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3139
@dlehammer made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3145
@BlockListed made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3228
@kpfleming made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3231
@farodin91 made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3108
@soruh made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3147
@R3DRUN3 made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3245
@Misterbabou made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3254
@mittler-works made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3262
@JCBird1012 made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3282
@dpinse made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/3290

Full Changelog: https://github.com/dani-garcia/vaultwarden/compare/1.27.0...1.28.0

1.27.0

1 year ago

New features

Event logs for organizations

With this feature enabled, actions occurring inside an organization will be recorded in a log, viewable by organization admins and owners. Check the official documentation to learn more: https://bitwarden.com/help/event-logs/ (Note that the Public API is not yet implemented, so the events are only viewable in the Web Vault)

To enable this feature, set ORG_EVENTS_ENABLED=true. By default all events will be stored indefinitely, if you want to limit that, you can use the EVENTS_DAYS_RETAIN option. You can also tune the cleanup schedule with EVENT_CLEANUP_SCHEDULE.

Group support (beta)

Enables the creation and use of groups inside an organization. At the moment this is in beta because there are some known issues (https://github.com/dani-garcia/vaultwarden/issues/2989). Still, the more this feature is tested, the faster we will be able to stabilize it.

To enable this feature, set ORG_GROUPS_ENABLED=true, make sure to make proper backups of your instance before hand.

What's Changed

Group support | applied .diff by @MFijak in https://github.com/dani-garcia/vaultwarden/pull/2846
Add Organizational event logging feature by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2868
Updated web vault to 2022.12.0 by @dani-garcia
Update diesel to 2.0.2 by @dani-garcia in https://github.com/dani-garcia/vaultwarden/pull/2724
Limit Cipher Note encrypted string size by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2945
fix invitations of new users when mail is disabled by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2773
attach images in email by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2784
allow registration without invite link by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2799
Fix master password hint update not working. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2834
Sync global_domains.json by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2840
verify email on registration by invite by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2804
Take ROCKET_ADDRESS into account in the Docker healthcheck by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2844
Update github workflows by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2852
feat: Bump web-vault to v2022.10.1 by @GeekCornerGH in https://github.com/dani-garcia/vaultwarden/pull/2859
Update Rust version, deps and workflow by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2888
Add /devices/knowndevice endpoint by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2893
fix: removed a double space by @GeekCornerGH in https://github.com/dani-garcia/vaultwarden/pull/2894
Support Org Export for v2022.11 clients by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2899
Use constant size generic parameter for random bytes generation by @samueltardieu in https://github.com/dani-garcia/vaultwarden/pull/2910
Update config comment to reflect rfc8314. by @skid9000 in https://github.com/dani-garcia/vaultwarden/pull/2911
Set "Bypass admin page security" as read-only by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2918
Fully remove DuckDuckGo email service. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2919
Added missing register endpoint to identity by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2920
Prevent DNS leak when icon regex is configured by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2921
Update settings description by @karbobc in https://github.com/dani-garcia/vaultwarden/pull/2928
allow managers to set groups of a collection by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2933
Update Vaultwarden Logo's by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2940
check if sqlite folder exists by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2873
redirect to admin login page when forward fails by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2886
Cleanups and Fixes for Emergency Access by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2936
Update dependencies for Rust and Admin interface. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2941
Fix admin repost warning. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2953
Add dev-only query logging support by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2954
Fix managers and groups link by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2947
use a custom 404 page by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2948
Increase privacy of masked config by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2963
Improve comments by @tessus in https://github.com/dani-garcia/vaultwarden/pull/2969
use black favicon for /admin by @tessus in https://github.com/dani-garcia/vaultwarden/pull/2970
Remove ctrlc crate and some updates by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2971
Fix org export (again) by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2973
Revert collection queries back to left_join by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2976
Fix recover-2fa not working. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2994
Disable groups by default and Some optimizations by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2995
Fix a panic during Yubikey register/login by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/3006

New Contributors

@MFijak made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2846
@GeekCornerGH made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2859
@samueltardieu made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2910
@skid9000 made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2911
@karbobc made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2928
@tessus made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2969

Full Changelog: https://github.com/dani-garcia/vaultwarden/compare/1.26.0...1.27.0

1.26.0

1 year ago

What's Changed

Updated web vault to v2022.10.0
Fix uploads from mobile clients (and dep updates) by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2675
Update deps and Alpine image by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2665
Add support for send v2 API endpoints by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2756
External Links | Optimize behavior by @Fvbor in https://github.com/dani-garcia/vaultwarden/pull/2693
Add Org user revoke feature by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2698
Change the handling of login errors. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2729
Added support for web-vault v2022.9 by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2732
add not_found catcher for 404 errors by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2768
Fix issue 2737, unable to create org by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2738
Rename/Fix revoke/restore endpoints by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2739
Update CSP for DuckDuckGo email forwarding by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2812
check if data folder is a writable directory by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2811
Update build workflow by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2744
fix: tooltip typo by @djbrownbear in https://github.com/dani-garcia/vaultwarden/pull/2746
Update libraries and Rust version by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2758
Fix organization vault export by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2765
allow the removal of non-confirmed owners by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2772
v2022.9.2 expects a json response while registering by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2803
make invitation expiration time configurable by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2805
return more descriptive JWT validation messages by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2806
Add CreationDate to cipher response JSON by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2813
fix link of license badge by @stefan0xC in https://github.com/dani-garcia/vaultwarden/pull/2816

New Contributors

@Fvbor made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2693
@djbrownbear made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2746
@stefan0xC made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2768

Full Changelog: https://github.com/dani-garcia/vaultwarden/compare/1.25.2...1.26.0

1.25.2

1 year ago

⚠️ Reminder: If you are still using the bitwardenrs/server* Docker images, you need to migrate to the new vaultwarden image. Check https://github.com/dani-garcia/vaultwarden/discussions/1642 for an explanation. The old images will not receive any new updates any longer.

Important

An incompatibility between the format in which some Bitwarden clients upload attachments and sends could lead to those uploads being silently corrupted. We believe this is occurring only when using the mobile clients and only on the latest vaultwarden 1.25.1. To mitigate this issue, we're releasing this quick patch to make any upload that could lead to a corrupted file explicitly return an error, notifying the user of the problem. We recommend updating as soon as possible, and checking that any recently uploaded attachments can be downloaded and opened correctly (The corrupted uploads will return an error when downloading or download a very small file).

We've also fixed the docker volume check added in 1.25.1, if you previously needed to set I_REALLY_WANT_VOLATILE_STORAGE=true to start the container, please try again without it, and open an issue if it still won't start.

What's Changed

Fix persistent folder check within containers by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2631
Mitigate attachment/send upload issues by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2650
Fix issue with CSP and icon redirects by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2624
Update build workflow for CI by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2632

Full Changelog: https://github.com/dani-garcia/vaultwarden/compare/1.25.1...1.25.2

1.25.1

1 year ago

What's Changed

Updated included web vault to version 2022.6.2 by @dani-garcia
Sync global_domains.json by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2555
Add TMP_FOLDER to .env.template by @fox34 in https://github.com/dani-garcia/vaultwarden/pull/2489
Allow FireFox relay in CSP. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2565
Fix hidden ciphers within organizational view. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2567
Add password_hints_allowed config option by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2586
Fall back to move_copy_to if persist_to fails while saving uploaded files. by @ruifung in https://github.com/dani-garcia/vaultwarden/pull/2605
Swap Websocket crate from ws to tungstenite, which is more maintained, supports async, and removes around 20 old duplicate versions of used crates by @dani-garcia
Fix armv6 issue with bullseye images by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2491
Add a persistent volume check. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2501, https://github.com/dani-garcia/vaultwarden/pull/2507
Adding "UserEnabled" and "CreatedAt" member to the json output of a User by @Lowaiz in https://github.com/dani-garcia/vaultwarden/pull/2523
Bump lettre to 0.10.0-rc.7 by @paolobarbolini in https://github.com/dani-garcia/vaultwarden/pull/2531
Small email sending code improvements by @paolobarbolini in https://github.com/dani-garcia/vaultwarden/pull/2532
A little depreciation change by @binlab in https://github.com/dani-garcia/vaultwarden/pull/2556
Fix identicons not always working by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2571
Small change in log-level for better debugging by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2577
Address inconsistency v{version} with and without a v in the version with most recent updates. by @nneul in https://github.com/dani-garcia/vaultwarden/pull/2595
Bump openssl-src from 111.21.0+1.1.1p to 111.22.0+1.1.1q by @dependabot in https://github.com/dani-garcia/vaultwarden/pull/2599
Add more clippy checks for better code/readability by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2611
Update deps, misc fixes and updates, small improvements on favicons and fix file-uploads by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2543, https://github.com/dani-garcia/vaultwarden/pull/2568, https://github.com/dani-garcia/vaultwarden/pull/2619

New Contributors

@fox34 made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2489
@Lowaiz made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2523
@binlab made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2556
@nneul made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2595
@dependabot made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2599
@ruifung made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2605

Full Changelog: https://github.com/dani-garcia/vaultwarden/compare/1.25.0...1.25.1

1.25.0

1 year ago

What's Changed

Updated included web vault to v2.28.1
Update Rocket to 0.5 and async, and compile on stable by @dani-garcia in https://github.com/dani-garcia/vaultwarden/pull/2276
Update async to prepare for main merge + several updates by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2292
Add IP address to missing/invalid password message for Sends by @jaen in https://github.com/dani-garcia/vaultwarden/pull/2313
Add support for custom .env file path by @TinfoilSubmarine in https://github.com/dani-garcia/vaultwarden/pull/2315
Added autofocus to pw field on admin login page by @taylorwmj in https://github.com/dani-garcia/vaultwarden/pull/2328
Update login API code and update crates to fix CVE by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2354
Several updates and fixes by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2379
disable legacy X-XSS-Protection feature by @Wonderfall in https://github.com/dani-garcia/vaultwarden/pull/2380
Fix building mimalloc on armv6 by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2397
Remove u2f implementation by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2398
Sync global_domains.json by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2400
Add /api/{alive,now,version} endpoints by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2433
Improve sync speed and updated dep. versions by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2429
Database connection init by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2440
Fix upload limits and disable color logs by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2480
Update Rust version in Dockerfile by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2481

New Contributors

@jaen made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2313
@TinfoilSubmarine made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2315
@taylorwmj made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2328
@Wonderfall made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2380

Full Changelog: https://github.com/dani-garcia/vaultwarden/compare/1.24.0...1.25.0

1.24.0

2 years ago

What's Changed

Add support for external icon services by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2158
- Add config option to set the HTTP redirect code for external icons by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2188
- Add support for legacy HTTP 301/302 redirects for external icons by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2218
Support all DB's for Alpine and Debian by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2172
Add support for API keys by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2245
Basic ratelimit for user login (including 2FA) and admin login by @dani-garcia in https://github.com/dani-garcia/vaultwarden/pull/2165
Upgrade Feature-Policy to Permissions-Policy by @iamdoubz in https://github.com/dani-garcia/vaultwarden/pull/2228
Set Expires header when caching responses by @RealOrangeOne in https://github.com/dani-garcia/vaultwarden/pull/2182
Increase length limit for email token generation by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2257
Small changes to icon log messages. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2170
Bump rust version to mitigate CVE-2022-21658 by @dscottboggs in https://github.com/dani-garcia/vaultwarden/pull/2255
Fixed #2151 by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2169
Fixed issue #2154 by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2194
Fix issue with Bitwarden CLI. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2197
Fix emergency access invites for new users by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2217
Sync global_domains.json by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2156
Sync global_domains.json by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2171

New Contributors

@iamdoubz made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2228
@dscottboggs made their first contribution in https://github.com/dani-garcia/vaultwarden/pull/2255

Full Changelog: https://github.com/dani-garcia/vaultwarden/compare/1.23.1...1.24.0

1.23.1

2 years ago

What's Changed

Add email notifications for incomplete 2FA logins by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2067
Fix conflict resolution logic for read_only and hide_passwords flags by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2073
Fix missing encrypted key after emergency access reject by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2078
Fix PostgreSQL migration by @jjlin in https://github.com/dani-garcia/vaultwarden/pull/2080
Macro recursion decrease and other optimizations by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2084
Enabled trust-dns and some updates. by @BlackDex in https://github.com/dani-garcia/vaultwarden/pull/2125
Update web vault to 2.25.0

Full Changelog: https://github.com/dani-garcia/vaultwarden/compare/1.23.0...1.23.1

1.23.0

2 years ago

Added emergency access feature
- Can be disabled setting EMERGENCY_ACCESS_ALLOWED=false
Added support for single organization policy
Fixed incorrect webauthn origin
Enforce personal ownership policy on imports
Fixed issue using uppercase characters on emails
Updated web vault to 2.23.0
Added organization bulk user management actions (reinvite/confirm/delete)
Removed limmit that disabled sending ciphers with attachments
Disabled enforcing of two factor organization policy on users that haven't been accepted yet
Added tzdata to the alpine containers, to be able to set a different timezone to UTC
Updated icon fetching to make it work on unicode websites
Docker images are now built using Github Actions, and the base images have been updated
Added database connection check to /alive endpoint
Updated dependencies

1.22.2

2 years ago

Updated web vault to 2.21.1.
Enforce 2FA policy in organizations.
Protect send routes against a possible path traversal attack.
Disable show_password_hint by default, it still can be enabled in the admin panel or with environment variables.
Disable user verification enforcement in Webauthn, which would make some users unable to login.
Fix issue that wouldn't correctly delete Webauthn Key.
Added Edge extension support for Webauthn.