Introspective
Song: https://open.spotify.com/track/3LU41qIkh4lND6PM4W8jHw?si=44039421ff734292
Release 3.12 includes a number of new features and enhancements, including the much-anticipated addition of folders in the Community Edition, which allows users to better organise resources.
Another notable new feature is the ability to customise passbolt to output the action logs in syslog or a file, giving administrators more control and visibility on what is happening on their instance and leverage other tools for threat and unusual activity detection. Administrators can also implement their own handler for action logs to further customise their passbolt instance reporting. A blog to demonstrate this new feature will be available soon.
Version 3.12 also includes important fixes, such as a fix to ensure that only administrators can see which users have MFA enabled. This regression was spotted during the Cure53 march security audit. The full report will be available shortly. Spoiler alert: no critical vulnerability was found.
Lastly, more file formats for export are included in release 3.12. This provides more options for migrating data between applications.
Overall, the release of version 3.12 provides several useful improvements. Thank you to the members of the community who’ve reported issues and helped us fix them.
[3.12.0] - 2023-03-15
Added
- PB-22521 As a signed-in user, I want to export resources in logmeonce csv
- PB-22520 As a signed-in user, I want to export resources in nordpass csv
- PB-22519 As a signed-in user, I want to export resources in dashlane csv
- PB-22518 As a signed-in user, I want to export resources in safari csv format
- PB-22517 As a signed-in user, I want to export resources in mozilla csv
- PB-22515 As a signed-in user, I want to export resources in bitwarden csv
- PB-22516 As a signed-in user, I want to export resources in chromium based browsers csv
- PB-22838 As an administrator I can customise the application email validation
Improvements
- PB-22896 Improve DUO style
Fix
- PB-23281 Fix as a user I should see an accurate entropy when a password contain words from a dictionary
{% if page.product == 'pro' %}- PB-23541 As a user I can use SSO recover when Passbolt is served from a subfolder{% endif %}
Security
- PB-23706 As an administrator I should be the only one to know which users have enabled MFA