Make sure you follow the update documentation to roll out this new version.
The team is pleased to announce the immediate availability of Passbolt version 3. As you may have noticed with the earlier
release in January and automatic rollout of the v3 webextension, this version contains a major redesign of the login
and setup screens. The goal of this redesign was to simplify the process and improve the usability. This version
also concludes our migration to React technology on the front end side, you can learn more about it in the
dedicated blog post.
Most notably, this release also introduces the concept of resource types. We will write more about it in a dedicated
blog post, but long story short, the goal of this change is to allow storing different types of secrets, other than a password.
The first example of a new resource type is the “password with encrypted description” which has now become the default. This change is transparent and backward compatible.
As you may know, data in passbolt is divided into two parts: the searchable non encrypted metadata called “resource”,
and the encrypted part containing, for example the password called “secret”. With resource types the solution will
support the encapsulation of structured data in the “secret” part in the form of a JSON object, following a JSON schema
defined as part of the resource type. In the future we want to allow administrators to be able to define their own
resource types, on top of the ones that are supported by default. In the meantime if you have suggestions for new
default resource types, and the formats you would like to see (for instance credit cards, ssh keys, etc...), please share your ideas on the community forum.
We encountered some issues during the release of the webextension v3, which have been summarized on this dedicated
incident page. The most prominent bugs encountered in the last release were
related to older installations where some database entries became incompatible with the new stricter validation rules on
the front-end side. These issues have now been resolved, but we sincerely apologize for any inconvenience caused, and have learnt a lot during the process.
Server side Passbolt API v3 is also a major release with the deprecation of PHP v7.2 and composer v1. Please make sure you have
the right dependencies installed on your server prior to upgrade. You can learn more about the update/upgrade procedures
on the dedicated page.
Feel free to report bugs on github if you encounter any new issues, or to get in
touch using the regular support channels.
On the artifacts side, we have published an ubuntu package and also all of our artifacts (vm, digital ocean, aws ami and docker image)
are using debian package. Using debian package introduces new changes on the installation paths of passbolt. Please read the following
documents for deprecation notices and changes:
For our next release(s) the team will focus on an upgrade to Cakephp v4, as well as small UX/UI improvements that
have been pending for a very long time, including the ability to translate the interface. And yes we also are
actively working on the Mobile apps, as well as other much demanded features such as Escrow.
A big thank you for people who have reported and documented bugs on github and the community forum including:
@DistrantThunder, @kyxyes, @chyff, @drzraf, @Alien-Richman, @VFS, @wnhre2ur8cxx8 (that’s a mouthful), @rctgamers3,
@norbertmm, @runderwo, @AnswerKAS, @raphhaselback, @PeanutStick, @JosephGarrone and many more.
Thank you for your continued support.
[3.0.0] - 2021-02-22
- Drop support for API format v1, api-version parameter is deprecated
- Remove title from API response envelope format
- Drop support for PHP < v7.3, application require PHP v7.3 by default
- Drop support for Composer < v2, application requires Composer v2 by default
- Add dark theme to the community edition
- Add new system check utilities in ./bin, for example ./bin/status-report
- Add web installer automatically populates mysql credentials (VM / Debian Package)
- Add support for multiple resource types
- Add resource with encrypted description as resource type
- Add generic cron job task in ./bin/cron
- Add support for untracked personal shell scripts under ./bin/my
- Add support for configurable footer link in config
- Add permissions filters on resource view and index
- Add permissions contain options on resource view
- Update OpenPGP-PHP dependencies to provide PHP 7.4 compatibility
- Remove unmaintained user agent parser library
- Fix PHP 7.4 warnings
- Improve testsuite execution times
- Refactor testsuite to not install data model from fixtures but use migrations instead
- Refactor testsuite to remove unused fixtures
- Migrate administration and mfa settings screen to React
- Add placeholder application skeleton when webextension is still loading
- Redesign of login and recover screens
- Add Mysql 8 support
- Fix allow overriding rememberMe options in passbolt.php configuration file
- Fix all target blank link should contain rel noopener noreferrer
- Fix email sender, email subject should not exceed 255 characters.
- Fix secret access log on resource view with contain secret
- GITHUB-376 Fix missing route prefix on the recovery button
- GITHUB-373 Fix API format for create group (previously v1 instead of v2 format)
- GITHUB-372 Fix after modifying passwd, the modification time should be changed
- GITHUB-370 Fix metadata should be deleted for deleted resources
- GITHUB-369 Fix Notification Emails Have Wrong Tense In Subject/Body
- GITHUB-368 Clarify PHP extension requirements
- GITHUB-362 Fix wrong filename on healthcheck HELP message for assertConfigFiles
- GITHUB-356 As a user I shouldn't be able to export folders if export plugin is disabled
- GITHUB-350 Fix no mails are sent when providers offer AUTH PLAIN authentication only
- GITHUB-339 Fix web installer urls do not work when passbolt is installed in a directory
- Fix performance issues on resource / folder activity log