Cryptr Versions Save

Changelog:

• Support for Namespaces, on all auth providers
• Support for user-provided Mount Paths, on all auth providers
• Support for root users with policies specifying /* on secret mounts
• Bugfix for issue with identities

There are two primary purposes of this release:

• Enable OIDC auth provider. Users may now login to Vault instances that support the OIDC vault provider.
• Enhanced Security: With the release of 0.5.0, tighter security measures have been implemented to ensure the code-safety of Cryptr as it interacts with sensitive data. Users are recommended to upgrade to gain these additional safety controls.

Other:

• Bugfix: Querying Vault policies are now deduplicated prior to requesting them from Vault.
• Enhancement: Improved error messages on failure to login

The primary purpose of this release is performance:

• Lazy Loading: The "folder" structure of secrets inside Vault will now only be loaded as needed. As a user navigates to a secret location, only those locations will loaded. This is a major performance increase for larger Vault instances and users who have access to many secrets (1,000's or >10,000 secrets).

Other:

• Tokens are now hidden from view (#45)
• Tokens which use identity now supported (#46)
• Caution against using HTTP, but no longer prevent its use (#48)

The primary features of this release are as follows:

• Support for Versioned Secrets (kv V2 secret engine)
  • Create, Read, Update, Delete, Undelete, Destroy, Move
• Support for multiple secret mounts of type Generic, KV or KV v2
• Increased platform security by removing capabilities
• New Secret preserves the folder path
• String Type checking for numbers, arrays, and non-key-value pairs
• Linux: more package types now available: deb, rpm, tar.gz, and AppImage
• New icons for "Hide Values" and "Raw"
• "Hide Values" is no longer reset when navigating between secrets

Changelog:

Support for Versioned Secrets (KV V2 secret engine)
- Create, Read, Update, Delete, Undelete, Destroy, Move operations all supported
- Added support for wildcard policies on v2 secret backends

Other
- Improved capabilities checking before executing move requests
- Upgrade: Update to Electron 4.0
- Feature: swap raw and hide values for icons
- Feature: make Hide Values persistent
- Fixed: numbers and arrays now get cast as strings and objects!!
- Fixed: object sub-properites modified in JSON did not propogate to UI
- Fixed: Values of type Number were cast as Strings on edit
- Fixed: Arrays were improperly cast as Object on edits
- Added: Stricter type checking
- Added: Support for non-key-value values in Arrays
- Added: Support for Numbers and Arrays
- Bug: Fixed case where new secret path is set to "secret/"
- Fix bug where Share fails to properly set type
- Disable middle click
- Remove nodeIntegration and require() ability to decrease attack surface. Refactor appropriately
- Swap clipboard for polyfill, removing dependency on node API
- Prevent window navigation when dropping a link
- Update copyright
- show icon or error when secret data is null
- clear "TOKEN" as username
- improve error output for move requests

The primary features of this release are as follows:

• Search: You can now search the secret name and path to find secrets. Support is found for strict searching and Fuzzy searching.
• Duplicate: In the Duplicate operation, the location is now auto-filled for the user.
• Dangling Secrets: Support for "dangling" secrets, where the user has no rights to parent folders, but does to a specific nested folder/secret

Changelog

• Feature: Support for "dangling" secrets, where the user has no rights to parent folders, but does to a specific nested folder/secret
• Feature: Search! Both using "strict" searching and "fuzzy" searching
• Bug: Duplicate secrets can be shown when multiple policies reference the same secrets
• Enhancement: Increased width of secret path field
• Enhancement: New secrets automatically inherit a location
• Enhancement: Duplicating secrets auto-fills the secret Location
• Enhancement: Minor enhancements to UI

The primary features of this release are as follows:

• Share Secrets: Now, utilizing Vault's Response Wrapping functionality, a user may easily and securely share a secret, whether that be a single key/value pair, a file, or a unstructured text.
• Multiple Vault Endpoints: The user may now specify multiple Vault endpoints to be saved in Cryptr
• Duplicate Secrets: A new "Duplicate" button allows users to easily duplicate a secret
• X-Cryptr-Version Header: When a Vault admin enables audit logging, all requests coming from Cryptr will specify Cryptr's version. This allows admins to track usage, and assists in designating what requests originate in Cryptr.
• Bare-Minimum network usage: Cryptr now only communicates with internet addresses the user provides. No other network connections are ever established. This is independently verifiable.

Changelog
- Feature: Easily share secrets!
- Feature: Added support for saving multiple Vault endpoints at login
- Feature: Ability to duplicate secrets
- Feature: "X-Cryptr-Version" header now send to Vault endpoint on every request
- Feature: Local fonts prevent app from reaching out to Google servers for fonts
- Enhancement: User is now thoroughly warned before taking destructive actions (delete/update/overwrite/move)
- Enhancement: Development on Windows is now supported
- Enhancement: Restructured a core component into reusable code
- Enhancement: Created framework for automated testing of Cryptr
- Enhancement: Overwrite alert is now only produced for secrets, not folders
- Updated screenshot

Create Secret page has a new UI, new vault dev server support, and prompting of the user to renew their auth token. JSON secrets can now be more easily created.

Changelog
- Feature: New "Create Secret" page
- Feature: Add Vault dev server support
- Feature: User is now prompted to renew before auth token expires
- Enhancement: White space is no longer concatenated in a secret name
- Enhancement: When a secret is created/updated/moved, it is automatically navigated to
- Enhancement: Underscore to Space conversions improved
- Enhancement: Move button is now more transparent
- Enhancement: Raw view improved
- Enhancement: Make topbar more draggable
- Bug: Navigating to secrets too quickly could cause odd behavior
- Bug: Switching to 'raw' on file and back, changes to JSON view and not File view
- Bug: Sidebar can be grow beyond 3/4 width of page
- Bug: JSON edited in RAW mode would not be reflected in structured view
- Updated screenshot

The ability to edit a secret in RAW view is under development, as well the ability to graphically add new objects/strings/arrays/numbers to an already existing secret.

Changelog

- Feature: Drastically faster loading time after login
- Feature: Added Multi-Value secret view and update support
- Feature: Toggle ability to see all hidden values
- Feature: Default hiding of "value" fields behind asterisks for secrets
- Feature: Raw JSON viewing support

- Enhancement: Improved UI for downloading files
- Enhancement: Improved UI for viewing secrets
- Enhancement: Enhanced clearing of data from RAM at logout
- Enhancement: Improved login URL checking
- Enhancement: Passwords/tokens no longer removed when changing Auth type on login screen
- Enhancement: Enhanced security: testing a provided vault endpoint more thoroughly before sending credentials
- Enhancement: Now tests the v1/sys/seal-status for vault validity test rather than v1/sys/init
- Enhancement: Enhanced error output surrounding token login
- Enhancement: Enhance UI of Delete function
- Enhancement: Consolidated Logout and ClearData functionality to one location
- Enhancement: Moved refreshData code to a better home, reducing code complexity
- Enhancement: Added warning when moving a secret would overwrite another secret
- Enhancement: Fixed bug where a move request would create a duplicate secret in sidebar hierarchy
- Enhancement: Enhanced placeholder UI for dashboard
- Enhancement: Optimize loading time for large vault folder structures
- Enhancement: Restrict the filesystem-saved user data to minimal set
- Enhancement: Update bower packages

- Bug: Fix for if a user has a deny policy removed while app is open and between logouts
- Bug: Fix issue where window doesn't appear at startup.
- Bug: Old login errors now disappear upon successful login

• Feature: Add "deny" policy support

• Feature: Improve boot UI for smoother transitions into app
• Bug: Secret name tied to secret key
• Enhancement: Handle error of creating of secrets at a folder
• Enhancement: Ability to move files in addition to secrets
• Bug: Moving a secret shows an empty parsedName value