Skip to content
Snippets Groups Projects
  1. Oct 24, 2024
  2. Oct 20, 2024
  3. Oct 19, 2024
    • Mathijs van Veluw's avatar
      Hide user name on invite status (#5110) · 13f4b66e
      Mathijs van Veluw authored
      A possible user disclosure when you invite an user into an organization which already has an account on the same instance.
      This was because we always returned the user's name.
      To prevent this, this PR only returns the user's name if the status is accepted or higher, else we will return null.
      This is the same as Bitwarden does.
      
      Resolves a reported issue.
      
      Also resolved a new `nightly` reported clippy regarding a regex within a loop.
      13f4b66e
    • Daniel's avatar
      Add `extension-refresh` feature flag (#5106) · c967d0dd
      Daniel authored
      - in case people want to try out the new extension design
      c967d0dd
  4. Oct 18, 2024
  5. Oct 13, 2024
  6. Oct 11, 2024
    • Mathijs van Veluw's avatar
      Fix `--version` from failing without config (#5055) · cd195ff2
      Mathijs van Veluw authored
      
      * Fix `--version` from failing without config
      
      Since we added the option to show the web-vault version also when running `--version` this causes the config to always be validated.
      While this is not very bad in general, it could cause the command to quit during the config validation, and not show the version, but also errors.
      This is probably not very useful for this specific command, unlike the `--backup` for example.
      
      To fix this, and preventing the config from being validated, i added an AtomicBool to check if we need to validate the config on first load.
      This prevents errors, and will just show the Vaultwarden version, and if possible the web-vault version too.
      
      Fixes #5046
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      
      * Adjusted the code bsaed upon review
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      
      ---------
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
    • Mathijs van Veluw's avatar
      Updates and collection management fixes (#5072) · e3541763
      Mathijs van Veluw authored
      * Fix collections not editable by managers
      
      Since a newer version of the web-vault we use manager were not able to create sub collections anymore.
      This was because of some missing details in the response of some json objects.
      
      This commit fixes this by using the `to_json_details` instead of the `to_json`
      
      Fixes #5066
      Fixes #5044
      
      * Update crates and GitHub Actions
      
      - Updated all the crates
      - Updated all the GHA dependencies
      - Configured the trivy workflow to only run on the main repo and not on forks
        Also selected a random new scheduled date so it will not run at the same time as all other forks.
        The two changes should help running this scan every day without failing, and also prevent the same for new or updated forks.
      e3541763
  7. Oct 06, 2024
    • Mathijs van Veluw's avatar
      Fix compiling for Windows targets (#5053) · f0efec7c
      Mathijs van Veluw authored
      The `unix::signal` was also included during Windows compilations.
      This of course will not work. Fix this by only including it for `unix` targets.
      
      Also changed all other conditional compilation options to use `cfg(unix)` instead of `cfg(not(windows))`.
      The latter may also include `wasm` for example, or any other future target family.
      This way we will only match `unix`
      
      Fixes #5052
      f0efec7c
  8. Sep 23, 2024
  9. Sep 20, 2024
  10. Sep 19, 2024
  11. Sep 18, 2024
  12. Sep 13, 2024
  13. Sep 10, 2024
  14. Sep 09, 2024
  15. Sep 07, 2024
  16. Sep 01, 2024
    • Timshel's avatar
      248e561b
    • Mathijs van Veluw's avatar
      Update web-vault, crates and gha (#4909) · 55623ad9
      Mathijs van Veluw authored
      
      - Updated the web-vault to fix an issue with personal export.
        Thanks to @stefan0xC for patching this.
        Fixes #4875
      - Updated crates to there latest version
      - Updated the GitHub Actions
      - Updated the xx image to the latest version
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      55623ad9
    • Mathijs van Veluw's avatar
      Add a CLI feature to backup the SQLite DB (#4906) · e9acd8bd
      Mathijs van Veluw authored
      
      * Add a CLI feature to backup the SQLite DB
      
      Many users request to add the sqlite3 binary to the container image.
      This isn't really ideal as that might bring in other dependencies and will only bloat the image.
      There main reason is to create a backup of the database.
      
      While there already was a feature within the admin interface to do so (or by using the admin API call), this might not be easy.
      
      This PR adds several ways to generate a backup.
      1. By calling the Vaultwarden binary with the `backup` command like:
        - `/vaultwarden backup`
        - `docker exec -it vaultwarden /vaultwarden backup`
      2. By sending the USR1 signal to the running process like:
        - `kill -s USR1 $(pidof vaultwarden)
        - `killall -s USR1 vaultwarden)
      
      This should help users to more easily create backups of there SQLite database.
      
      Also added the Web-Vault version number when using `-v/--version` to the output.
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      
      * Spelling and small adjustments
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      
      ---------
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      e9acd8bd
  17. Aug 30, 2024
    • Mathijs van Veluw's avatar
      Allow enforcing Single Org with pw reset policy (#4903) · 544b7229
      Mathijs van Veluw authored
      
      * Allow enforcing Single Org with pw reset policy
      
      Bitwarden only allows the Reset Password policy to be set when the Single Org policy is enabled already.
      This PR adds a check so that this can be enforced when a config option is enabled.
      
      Since Vaultwarden encouraged to use multiple orgs when groups were not available yet we should not enable this by default now.
      This might be something to do in the future.
      
      When enabled, it will prevent the Reset Password policy to be enabled if the Single Org policy is not enabled.
      It will also prevent the Single Org policy to be disabled if the Reset Password policy is enabled.
      
      Fixes #4855
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      
      * Removed some extra if checks
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      
      ---------
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      544b7229
  18. Aug 27, 2024
    • Mathijs van Veluw's avatar
      Allow Org Master-Pw policy enforcement (#4899) · 978f0092
      Mathijs van Veluw authored
      
      * Allow Org Master-Pw policy enforcement
      
      We didn't returned the master password policy for the user.
      If the `Require existing members to change their passwords` check was enabled this should trigger the login to show a change password dialog.
      
      All the master password policies are merged into one during the login response and it will contain the max values and all `true` values which are set by all the different orgs if a user is an accepted member.
      
      Fixes #4507
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      
      * Use .reduce instead of .fold
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      
      ---------
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      978f0092
    • Mathijs van Veluw's avatar
      Allow custom umask setting (#4896) · 92f1530e
      Mathijs van Veluw authored
      
      To provide a way to add more security regarding file/folder permissions
      this PR adds a way to allow setting a custom `UMASK` variable.
      
      This allows people to set a more secure default like only allowing the
      owner the the process/container to read/write files and folders.
      
      Examples:
       - `UMASK=022` File: 644 | Folder: 755 (Default of the containers)
         This means Owner read/write and group/world read-only
       - `UMASK=027` File: 640 | Folder: 750
         This means Owner read/write, group read-only, world no access
       - `UMASK=077` File: 600 | Folder: 700
         This measn Owner read/write and group/world no access
      
      resolves #4571
      
      Signed-off-by: default avatarBlackDex <black.dex@gmail.com>
      92f1530e
  19. Aug 24, 2024
  20. Aug 23, 2024
  21. Aug 22, 2024
  22. Aug 21, 2024
  23. Aug 20, 2024
  24. Aug 18, 2024
    • Mathijs van Veluw's avatar
      Fix Vaultwarden Admin page error messages (#4869) · 669b9db7
      Mathijs van Veluw authored
      Since the change to camelCase variables the error messages in the
      Vaultwarden Admin were not shown correctly anymore.
      
      This PR fixes this by changing the case of the json key's.
      Also updated the save and delete of the config to provide a more
      descriptive error instead of only `Io` or which ever other error might
      occure.
      
      Fixes #4834
      669b9db7
  25. Aug 17, 2024
Loading