Navigation:
Browse pkgsrc
(this page)| 2024-01-18 21:12:55 by Hauke Fath | Files touched by this commit (2) |
Log message: Update checksums after adding patch comments. Wrap long line in Makefile. No functional changes. |
2024-01-18 15:09:27 by Hauke Fath | Files touched by this commit (5) |  |
Log message:
Update security/vaultwarden to v1.30.1
Thanks go to the FreeBSD security/vaultwarden maintainer - I still
don't know how to update the package without their dependency list...
The openssl lib update patch is also from there.
From upstream's changelog:
Fix missing alpine tag during buildx bake by @BlackDex in #4043
Disable autofill-v2 by @BlackDex in #4056
Add Protected Actions Check by @BlackDex in #4067
Update crates by @BlackDex in #4074
Added passkey support, allowing the browser extensions to store
and use your passkeys, make sure the extension is updated to
version 2023.10.0 or newer for passkey support.
Updated web vault to 2023.10.0.
Fixed crashes in ARMv6 devices
Fixed crashes when trying to create/edit a cipher in the mobile applications.
Update Rust and Crates by @BlackDex in #3808
update web-vault to v2023.8.2 by @stefan0xC in #3821
Fix Login With Device without MasterPassword by @BlackDex in #3831
Update GitHub Workflow by @BlackDex in #3910
Fix arm builds by @BlackDex in #3911
Fix typos by @tuhanayim in #3959
csp: rename anonaddy.com to addy.io by @stefan0xC in #3950
filter handlebars logs by @stefan0xC in #3859
Remove unnecessary variable clone by @mvalois in #3981
README.md: Fix grammar nit by @AndreasHGK in #3965
Fix small issues by @BlackDex in #3964
Adds LastActive on /admin/users API route by @mvalois in #3951
Reopen log file on SIGHUP by @tobiasmboelz in #3909
Fix External ID not set during DC Sync by @BlackDex in #3804
New config option disable email change by @admav in #3986
2FA Confirmation Code Email subject line change to fix triggering
Google spam blocker by @aureateflux in #3572
Implement cipher key encryption by @dani-garcia in #3990
Container building changes by @BlackDex in #3958
Fix issue with MariaDB/MySQL migrations by @BlackDex in #3994
feat: Working passkeys storage by @GeekCornerGH in #4025
ci: add trivy workflow by @mightyBroccoli in #3997
Fix importing Bitwarden exports by @BlackDex in #4030
Fix .env.template file by @BlackDex in #3734
Fix UserOrg status during LDAP Import by @BlackDex in #3740
Update images to Bookworm and PQ15 and Rust v1.71 by @BlackDex in #3573
Implement "login with device" by @quexten in #3592
chore: Bump web vault to v2023.7.1 and bump Rust by @GeekCornerGH in #3769
Optimized Favicon downloading by @BlackDex in #3751
add UserDecryptionOptions to login response by @stefan0xC in #3813
add new secretsmanager plan for web-v2023.8.x by @stefan0xC in #3797
Allow Authorization header for Web Sockets by @BlackDex in #3806
Update admin interface by @BlackDex in #3730
Fix Org API Key generation on PosgreSQL by @BlackDex in #3678
feat: Add support for forwardemail by @GeekCornerGH in #3686
Fix some external_id issues by @BlackDex in #3690
Remove debug code during attachment download by @BlackDex in #3704
WebSocket notifications now work via the default HTTP port. No
need for WEBSOCKET_ENABLED and a separate port anymore.
The proxy examples still need to be updated for this. Support for
the old websockets port 3012 will remain for the time being.
Mobile Client push notification support, see #3304 thanks @GeekCornerGH!
Web-Vault updated to v2023.5.0 (v2023.5.1 does not add any improvements for us)
The latest Bitwarden Directory Connector can be used now (v2022.11.0)
Storing passkeys is supported, though the clients are not yet
released. So, it might be we need to make some changes once they
are released.
See: #3593, thanks @GeekCornerGH!
|
| 2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message: *: bump for openssl 3 |
| 2023-07-20 17:25:38 by Hauke Fath | Files touched by this commit (5) | |
Log message:
Update security/vaultwarden to v1.28.1
Note the license change from gnu-gpl-v3 to gnu-agpl-v3.
There is at this time no update to the current 1.29.0, because
o upstream is pulling in a non-release crate from github during build, again, and
o pkgsrc has no workable way to create an updated
"cargo-depends.mk". The make CARGO_ARGS="build --release" build
described in the pkgsrc guide 21.4.4 does not work, and I ended up
cribbing the cargo list from the FreeBSD package (thanks, guys!).
Upstream's change list:
1.28.1
What's Changed
Decode knowndevice X-Request-Email as base64url with no padding by @jjlin in \
#3376
Fix abort on password reset mail error by @BlackDex in #3390
support /users/<uuid>/invite/resend admin api by @nikolaevn in #3397
always return KdfMemory and KdfParallelism by @stefan0xC in #3398
Fix sending out multiple websocket notifications by @BlackDex in #3405
Revert setcap, update rust and crates by @BlackDex in #3403
1.28.0
Major changes
The project has changed license to the AGPLv3. If you're hosting a
Vaultwarden instance, you now have a requirement to distribute the
Vaultwarden source code to your users if they request it. The
source code, and any changes you have made, need to be under the
same AGPLv3 license. If you simply use our code without
modifications, just pointing them to this repository is enough.
Added support for Argon2 key derivation on the clients. To enable
it for your account, make sure all your clients are using version
v2023.2.0 or greater, then go to account settings > security >
keys, and change the algorithm from PBKDF2 to Argon2id.
Added support for Argon2 key derivation for the admin page
token. To update your admin token to use it, check the wiki
New alternative registries for the docker images are available (In BETA for now):
Github Container Registry: https://ghcr.io/dani-garcia/vaultwarden
Quay: https://quay.io/vaultwarden/server
What's Changed
Remove patched multer-rs by @manofthepeace in #2968
Removed unsafe-inline JS from CSP and other fixes by @BlackDex in #3058
Validate YUBICO_SERVER string (#3003) by @BlackDex in #3059
Log message to stderr if LOG_FILE is not writable by @pjsier in #3061
Update WebSocket Notifications by @BlackDex in #3076
Optimize config loading messages by @BlackDex in #3092
Percent-encode org_name in links by @am97 in #3093
Fix failing large note imports by @BlackDex in #3087
Change text/plain API responses to application/json by @jjlin in #3124
Remove shrink-to-fit=no from viewport-meta-tag by @redwerkz in #3126
Update dependencies and MSRV by @BlackDex in #3128
Resolve uninlined_format_args clippy warnings by @BlackDex in #3065
Update Rust to v1.66.1 to patch CVE by @BlackDex in #3136
Fix remaining inline format by @BlackDex in #3130
Use more modern meta tag for charset encoding by @redwerkz in #3131
fix (2fa.directory): Allow api.2fa.directory, and remove 2fa.directory by \
@GeekCornerGH in #3132
Optimize CipherSyncData for very large vaults by @BlackDex in #3133
Add avatar color support by @BlackDex in #3134
Add MFA icon to org member overview by @BlackDex in #3135
Minor refactoring concering user.setpassword by @sirux88 in #3139
Validate note sizes on key-rotation. by @BlackDex in #3157
Update KDF Configuration and processing by @BlackDex in #3163
Remove arm32v6-specific tag by @jjlin in #3164
Re-License Vaultwarden to AGPLv3 by @BlackDex in #2561
Admin password reset by @sirux88 in #3116
"Spell-Jacking" mitigation ~ prevent sensitive data leak \u2026 by \
@dlehammer in #3145
Allow listening on privileged ports (below 1024) as non-root by @jjlin in #3170
don't nullify key when editing emergency access by @stefan0xC in #3215
Fix trailing slash not getting removed from domain by @BlockListed in #3228
Generate distinct log messages for regex vs. IP blacklisting. by @kpfleming \
in #3231
allow editing/unhiding by group by @farodin91 in #3108
Fix Javascript issue on non sqlite databases by @BlackDex in #3167
add argon2 kdf fields by @tessus in #3210
add support for system mta though sendmail by @soruh in #3147
Updated Rust and crates by @BlackDex in #3234
docs: add build status badge in readme by @R3DRUN3 in #3245
Validate all needed fields for client API login by @BlackDex in #3251
Fix Organization delete when groups are configured by @BlackDex in #3252
Fix Collection Read Only access for groups by @Misterbabou in #3254
Make the admin session lifetime adjustable by @mittler-works in #3262
Add function to fetch user by email address by @mittler-works in #3263
Fix vault item display in org vault view by @jjlin in #3277
Add confirmation for removing 2FA and deauthing sessions in admin panel by \
@JCBird1012 in #3282
Some Admin Interface updates by @BlackDex in #3288
Fix the web-vault v2023.2.0 API calls by @BlackDex in #3281
Fix confirmation for removing 2FA and deauthing sessions in admin panel by \
@dpinse in #3290
Admin token Argon2 hashing support by @BlackDex in #3289
Add HEAD routes to avoid spurious error messages by @jjlin in #3307
Fix web-vault Member UI show/edit/save by @BlackDex in #3315
Upd Crates, Rust, MSRV, GHA and remove Backtrace by @BlackDex in #3310
Add support for /api/devices/knowndevice with HTTP header params by @jjlin \
in #3329
Update Rust, MSRV and Crates by @BlackDex in #3348
Merge ClientIp with Headers. by @BlackDex in #3332
add endpoints to bulk delete collections/groups by @stefan0xC in #3354
Add support for Quay.io and GHCR.io as registries by @BlackDex in #3363
Some small fixes and updates by @BlackDex in #3366
Update web vault to v2023.3.0 by @dani-garcia
1.27.0
New features
Event logs for organizations
With this feature enabled, actions occurring inside an organization
will be recorded in a log, viewable by organization admins and
owners. Check the official documentation to learn more:
https://bitwarden.com/help/event-logs/ (Note that the Public API is
not yet implemented, so the events are only viewable in the Web Vault)
To enable this feature, set ORG_EVENTS_ENABLED=true. By default all
events will be stored indefinitely, if you want to limit that, you can
use the EVENTS_DAYS_RETAIN option. You can also tune the cleanup
schedule with EVENT_CLEANUP_SCHEDULE. Group support (beta)
Enables the creation and use of groups inside an organization. At the
moment this is in beta because there are some known issues
(#2989). Still, the more this feature is tested, the faster we will be
able to stabilize it.
To enable this feature, set ORG_GROUPS_ENABLED=true, make sure to make
proper backups of your instance before hand.
What's Changed
Group support | applied .diff by @MFijak in #2846
Add Organizational event logging feature by @BlackDex in #2868
Updated web vault to 2022.12.0 by @dani-garcia
Update diesel to 2.0.2 by @dani-garcia in #2724
Limit Cipher Note encrypted string size by @BlackDex in #2945
fix invitations of new users when mail is disabled by @stefan0xC in #2773
attach images in email by @stefan0xC in #2784
allow registration without invite link by @stefan0xC in #2799
Fix master password hint update not working. by @BlackDex in #2834
Sync global_domains.json by @jjlin in #2840
verify email on registration by invite by @stefan0xC in #2804
Take ROCKET_ADDRESS into account in the Docker healthcheck by @jjlin in #2844
Update github workflows by @BlackDex in #2852
feat: Bump web-vault to v2022.10.1 by @GeekCornerGH in #2859
Update Rust version, deps and workflow by @BlackDex in #2888
Add /devices/knowndevice endpoint by @BlackDex in #2893
fix: removed a double space by @GeekCornerGH in #2894
Support Org Export for v2022.11 clients by @BlackDex in #2899
Use constant size generic parameter for random bytes generation by \
@samueltardieu in #2910
Update config comment to reflect rfc8314. by @skid9000 in #2911
Set "Bypass admin page security" as read-only by @BlackDex in #2918
Fully remove DuckDuckGo email service. by @BlackDex in #2919
Added missing register endpoint to identity by @BlackDex in #2920
Prevent DNS leak when icon regex is configured by @BlackDex in #2921
Update settings description by @karbobc in #2928
allow managers to set groups of a collection by @stefan0xC in #2933
Update Vaultwarden Logo's by @BlackDex in #2940
check if sqlite folder exists by @stefan0xC in #2873
redirect to admin login page when forward fails by @stefan0xC in #2886
Cleanups and Fixes for Emergency Access by @BlackDex in #2936
Update dependencies for Rust and Admin interface. by @BlackDex in #2941
Fix admin repost warning. by @BlackDex in #2953
Add dev-only query logging support by @BlackDex in #2954
Fix managers and groups link by @BlackDex in #2947
use a custom 404 page by @stefan0xC in #2948
Increase privacy of masked config by @BlackDex in #2963
Improve comments by @tessus in #2969
use black favicon for /admin by @tessus in #2970
Remove ctrlc crate and some updates by @BlackDex in #2971
Fix org export (again) by @BlackDex in #2973
Revert collection queries back to left_join by @BlackDex in #2976
Fix recover-2fa not working. by @BlackDex in #2994
Disable groups by default and Some optimizations by @BlackDex in #2995
Fix a panic during Yubikey register/login by @BlackDex in #3006
|
| 2023-02-22 17:28:37 by Hauke Fath | Files touched by this commit (5) | |
Log message:
Upgrade security/vaultwarden to v1.27
From upstream's excuse for a changelog:
1.27.0 Latest
New features
Event logs for organizations
With this feature enabled, actions occurring inside an organization
will be recorded in a log, viewable by organization admins and
owners. Check the official documentation to learn more:
https://bitwarden.com/help/event-logs/ (Note that the Public API is
not yet implemented, so the events are only viewable in the Web Vault)
To enable this feature, set ORG_EVENTS_ENABLED=true. By default all
events will be stored indefinitely, if you want to limit that, you can
use the EVENTS_DAYS_RETAIN option. You can also tune the cleanup
schedule with EVENT_CLEANUP_SCHEDULE. Group support (beta)
Enables the creation and use of groups inside an organization. At the
moment this is in beta because there are some known issues
(#2989). Still, the more this feature is tested, the faster we will be
able to stabilize it.
To enable this feature, set ORG_GROUPS_ENABLED=true, make sure to make
proper backups of your instance before hand.
What's Changed
Group support | applied .diff by @MFijak in #2846
Add Organizational event logging feature by @BlackDex in #2868
Updated web vault to 2022.12.0 by @dani-garcia
Update diesel to 2.0.2 by @dani-garcia in #2724
Limit Cipher Note encrypted string size by @BlackDex in #2945
fix invitations of new users when mail is disabled by @stefan0xC in #2773
attach images in email by @stefan0xC in #2784
allow registration without invite link by @stefan0xC in #2799
Fix master password hint update not working. by @BlackDex in #2834
Sync global_domains.json by @jjlin in #2840
verify email on registration by invite by @stefan0xC in #2804
Take ROCKET_ADDRESS into account in the Docker healthcheck by @jjlin in #2844
Update github workflows by @BlackDex in #2852
feat: Bump web-vault to v2022.10.1 by @GeekCornerGH in #2859
Update Rust version, deps and workflow by @BlackDex in #2888
Add /devices/knowndevice endpoint by @BlackDex in #2893
fix: removed a double space by @GeekCornerGH in #2894
Support Org Export for v2022.11 clients by @BlackDex in #2899
Use constant size generic parameter for random bytes generation
by @samueltardieu in #2910
Update config comment to reflect rfc8314. by @skid9000 in #2911
Set "Bypass admin page security" as read-only by @BlackDex in #2918
Fully remove DuckDuckGo email service. by @BlackDex in #2919
Added missing register endpoint to identity by @BlackDex in #2920
Prevent DNS leak when icon regex is configured by @BlackDex in #2921
Update settings description by @karbobc in #2928
allow managers to set groups of a collection by @stefan0xC in #2933
Update Vaultwarden Logo's by @BlackDex in #2940
check if sqlite folder exists by @stefan0xC in #2873
redirect to admin login page when forward fails by @stefan0xC in #2886
Cleanups and Fixes for Emergency Access by @BlackDex in #2936
Update dependencies for Rust and Admin interface. by @BlackDex in #2941
Fix admin repost warning. by @BlackDex in #2953
Add dev-only query logging support by @BlackDex in #2954
Fix managers and groups link by @BlackDex in #2947
use a custom 404 page by @stefan0xC in #2948
Increase privacy of masked config by @BlackDex in #2963
Improve comments by @tessus in #2969
use black favicon for /admin by @tessus in #2970
Remove ctrlc crate and some updates by @BlackDex in #2971
Fix org export (again) by @BlackDex in #2973
Revert collection queries back to left_join by @BlackDex in #2976
Fix recover-2fa not working. by @BlackDex in #2994
Disable groups by default and Some optimizations by @BlackDex in #2995
Fix a panic during Yubikey register/login by @BlackDex in #3006
1.26.0
What's Changed
Updated web vault to v2022.10.0
Fix uploads from mobile clients (and dep updates) by @BlackDex in #2675
Update deps and Alpine image by @BlackDex in #2665
Add support for send v2 API endpoints by @BlackDex in #2756
External Links | Optimize behavior by @Fvbor in #2693
Add Org user revoke feature by @BlackDex in #2698
Change the handling of login errors. by @BlackDex in #2729
Added support for web-vault v2022.9 by @BlackDex in #2732
add not_found catcher for 404 errors by @stefan0xC in #2768
Fix issue 2737, unable to create org by @BlackDex in #2738
Rename/Fix revoke/restore endpoints by @BlackDex in #2739
Update CSP for DuckDuckGo email forwarding by @jjlin in #2812
check if data folder is a writable directory by @stefan0xC in #2811
Update build workflow by @BlackDex in #2744
fix: tooltip typo by @djbrownbear in #2746
Update libraries and Rust version by @BlackDex in #2758
Fix organization vault export by @BlackDex in #2765
allow the removal of non-confirmed owners by @stefan0xC in #2772
v2022.9.2 expects a json response while registering by @stefan0xC in #2803
make invitation expiration time configurable by @stefan0xC in #2805
return more descriptive JWT validation messages by @stefan0xC in #2806
Add CreationDate to cipher response JSON by @jjlin in #2813
fix link of license badge by @stefan0xC in #2816
Thanks to pin@ for the workaround to patch a release crate.
|
| 2022-08-29 12:57:17 by Hauke Fath | Files touched by this commit (1) |
Log message: Correct tyop, re-word sentence. |
| 2022-08-17 17:44:17 by Hauke Fath | Files touched by this commit (10) |
Log message: Vaultwarden is a Bitwarden server API implementation written in Rust, compatible with upstream Bitwarden password manager clients. It is well-suited for self-hosted deployment, where running the official resource-heavy service might not be ideal. |
New packages: