* show the tags in the entry preview
* allow searching by tag
* add a sidebar listing the tags in the database
* filter entries by tag on click
* Introduce a new TagsEdit widget that provides pill aesthetics, fast removal functionality and autocompletion
* add tests for the tags feature
* introduce the "is" tag for searching. Support for weak passwords and expired added.
* Remove QuaZip dependency in favor of minizip
* Remove signature checks, but maintain signatures for backwards compatibility
* Remove UI components related to certificates except for personal certificate for backwards compatibility
* Default to unsigned containers (*.kdbx)
* Fix syntax to prevent compilation issue
Fix build failure with AppleClang 7 & 8.
Error was:
src/core/CustomData.cpp:30:41: error: default initialization of an object of const type 'const CustomData::CustomDataItem' without a user-provided default constructor
static const CustomData::CustomDataItem NULL_ITEM;
^
{}
src/core/Metadata.cpp:32:39: error: default initialization of an object of const type 'const Metadata::CustomIconData' without a user-provided default constructor
static const Metadata::CustomIconData NULL_ICON;
^
src/core/Metadata.cpp:32:48: note: add an explicit initializer to initialize 'NULL_ICON'
static const Metadata::CustomIconData NULL_ICON;
^
{}
* Add missing QUuid header
Fixes this compilation issue with LLVM clang 9, possibly also due to an old QT5
tests/TestTools.cpp:96:39: error: incomplete type 'QUuid' named in nested name specifier
auto validUuid = Tools::uuidToHex(QUuid::createUuid());
^~~~~~~
/opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:1887:1: note: forward declaration of 'QUuid'
QT_FOR_EACH_STATIC_CORE_CLASS(QT_FORWARD_DECLARE_STATIC_TYPES_ITER)
^
/opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:108:18: note: expanded from macro 'QT_FOR_EACH_STATIC_CORE_CLASS'
F(QUuid, 30, QUuid) \
^
tests/TestTools.cpp:101:40: error: incomplete type 'QUuid' named in nested name specifier
auto nonHexUuid = Tools::uuidToHex(QUuid::createUuid()).replace(0, 1, 'p');
^~~~~~~
/opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:1887:1: note: forward declaration of 'QUuid'
QT_FOR_EACH_STATIC_CORE_CLASS(QT_FORWARD_DECLARE_STATIC_TYPES_ITER)
^
/opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:108:18: note: expanded from macro 'QT_FOR_EACH_STATIC_CORE_CLASS'
F(QUuid, 30, QUuid) \
^
* fix compilation on Qt not having QOperatingSystemVersion::MacOSBigSur
The code uses 'QOperatingSystemVersion::MacOSBigSur' which doesn't exist
in all Qt versions (it has been backported to Qt 5.12.10+ & 5.15.1+ only).
On older macos systems like El Capitan the last supported
version of Qt is 5.11
This will fix compilation issue on such older systems and on systems
running with Qt not supporting QOperatingSystemVersion::MacOSBigSur
Compilation error was:
error: no member named 'MacOSBigSur' in 'QOperatingSystemVersion'
* Fix compilation when osx <= 10.9
* AppKitImpl.mm: button property is new in 10.10. It is used for a feature of
KeePassXC that is only available from 10.17 onwards. So we don't need it when
compiling on <= 10.9
error: property 'button' not found on object of type 'NSStatusItem *'
NSString* appearance = [dummy.button.effectiveAppearance.name lowercaseString];
^
* The code uses @available syntax which is supported by
AppleClang >= 9 or LLVM >= 5.
We check __clang_major__ to allow compilation on older versions
of macOS that don't have a recent clang. For example on El Capitan.
* Fix compilation when osx <= 10.8
* AppKitImpl.mm: AXIsProcessTrustedWithOptions exists from 10.9 onwards
error: use of undeclared identifier 'kAXTrustedCheckOptionPrompt'
error: use of undeclared identifier 'AXIsProcessTrustedWithOptions'
* Fix compilation when osx <= 10.7
* MacUtils.cpp: CoreGraphics exists from 10.8 onwards only, capslock detection
feature would have to be implemented on OSX <= 10.7
* AppKitImpl.mm: CGDisplayStreamRef exists from 10.8 onwards only. It is used for a
feature of KeePassXC that is only available from 10.15 onwards. So we don't need it
when compiling on <= 10.7
error: unknown type name 'CGDisplayStreamRef'
* AppKitImpl.mm: Syntax is not understood by 10.7, update it to be understandable
by <= 10.7
error: expected method to read dictionary element not found on object of type 'NSDictionary *'
NSRunningApplication* app = userInfo[NSWorkspaceApplicationKey];
^
* The code uses @available syntax which is supported by
AppleClang >= 9 or LLVM >= 5.
We check __clang_major__ to allow compilation on older versions
of macOS that don't have a recent clang.
* Fix compilation error on OS X 10.11
src/core/Alloc.cpp:44:10: error: no type named 'free' in namespace 'std'
std::free(ptr);
~~~~~^
This is a regression, since it was fixed in [1]
Per [2], std::free() needs #include <cstdlib>. That file is included
indirectly on newer systems.
[1] 7c6c027d33
[2] https://en.cppreference.com/w/cpp/memory/c/free
* fix compilation when macos SDK <= 10.14
These methods are only available from macOS 10.15
- kSecAccessControlWatch
- LAPolicy.deviceOwnerAuthenticationWithBiometricsOrWatch
The code uses @available syntax which is supported by
AppleClang >= 9 or LLVM >= 5.
We check __clang_major__ to allow compilation on older versions
of macOS that don't have a recent clang.
Shows a warning when trying to open with a newer minor version than what is currently supported.
We always try to save with the lowest KDBX version possible for maximum compatibility.
- Default backupFilePath is '{DB_FILENAME}.old.kdbx' to conform to existing standards
- Implement backupPathPattern tests.
- Show tooltip on how to format database backup location text field.
This commit allows users to put alternative wordlists in a `wordlists` subdirectory below their KeePassXC directory (e.g., under Linux, `~/.config/keepassxc/wordlists`). These wordlists will then appear in the dropdown menu in the *Password Generator* widget.
In order to differentiate between lists shipped with KeePassXC and user-provided lists, the former appears with a (SYSTEM) prefix.
Fixes#6942 and fixes#4443
- Return number of deleted entries
- Fix minor memory leak
- FdoSecrets: make all prompt truly async per spec and update tests
* the waited signal may already be emitted before calling spy.wait(),
causing the test to fail. This commit checks the count before waiting.
* check unlock result after waiting for signal
- FdoSecrets: implement unlockBeforeSearch option
- FdoSecrets: make search always work regardless of entry group searching settings, fixes#6942
- FdoSecrets: cleanup gracefully even if some test failed
- FdoSecrets: make it safe to call prompts concurrently
- FdoSecrets: make sure in unit test we click on the correct dialog
Note on the unit tests: objects are not deleted (due to deleteLater event not handled).
So there may be multiple AccessControlDialog. But only one of
it is visible and is the correctly one to click on.
Before this change, a random one may be clicked on, causing the
completed signal never be sent.
* Closes#6335
* Modify application settings presentation to allow for alternative saving strategies
* Transition Database::save calls to using flags to control saving behavior. Reduces boolean flags on function call.
* Made direct write save option a local setting to prevent unintentional carry over between platforms.
* Introduced in #6438, modified signal is not blocked at the Database level when emitting is blocked. This causes infinite saving to occur when Always Save After Every Change is enabled.
This allows one to directly use Diceware-compatible wordlists without having to convert the file to the plain wordlist format.
The accepted formats are described in the Diceware documentation:
https://diceware.readthedocs.io/en/stable/wordlists.html
* Introduce search CLI command to replace locate command. Search can provide the same functionality but in a more fine-grained fashion
* Replace use of Group::locate in code: Use EntrySearcher in clip cli command best-match option. This removes the matching against group hierarchy of an entry which is kind of nonsense as clip expects exactly one match. Matching against groups can be done using search command.
* Remove obsolete Group::locate method
Externally opened attachments are now lifecycle-managed properly.
The temporary files are created with stricter permissions and entirely
random names (except for the file extension) to prevent meta data leakage.
When the database is closed, the files are overwritten with random
data and are also more reliably deleted than before.
Changes to the temporary files are monitored and the user is asked
if they want to save the changes back to the database (fixes#3130).
KeePassXC does not keep a lock on any of the temporary files, resolving
long-standing issues with applications such as Adobe Acrobat on Windows
(fixes#5950, fixes#5839).
Internally, attachments are copied less. The EntryAttachmentsWidget
now only references EntryAttachments instead of owning a separate copy
(which used to not be cleared properly under certain circumstances).
* Use hash based storage for last used directories instead of a key/value for each type
* Explicitly declare certain operations as sensitive and follow the "Remember Last Database" setting for those.
* Introduce database backup directory location (close#6619)
Selected the [Botan crypto library](https://github.com/randombit/botan) due to its feature list, maintainer support, availability across all deployment platforms, and ease of use. Also evaluated Crypto++ as a viable candidate, but the additional features of Botan (PKCS#11, TPM, etc) won out.
The random number generator received a backend upgrade. Botan prefers hardware-based RNG's and will provide one if available. This is transparent to KeePassXC and a significant improvement over gcrypt.
Replaced Argon2 library with built-in Botan implementation that supports i, d, and id. This requires Botan 2.11.0 or higher. Also simplified the parameter test across KDF's.
Aligned SymmetricCipher parameters with available modes. All encrypt and decrypt operations are done in-place instead of returning new objects. This allows use of secure vectors in the future with no additional overhead.
Took this opportunity to decouple KeeShare from SSH Agent. Removed leftover code from OpenSSHKey and consolidated the SSH Agent code into the same directory. Removed bcrypt and blowfish inserts since they are provided by Botan.
Additionally simplified KeeShare settings interface by removing raw certificate byte data from the user interface. KeeShare will be further refactored in a future PR.
NOTE: This PR breaks backwards compatibility with KeeShare certificates due to different RSA key storage with Botan. As a result, new "own" certificates will need to be generated and trust re-established.
Removed YKChallengeResponseKeyCLI in favor of just using the original implementation with signal/slots.
Removed TestRandom stub since it was just faking random numbers and not actually using the backend. TestRandomGenerator now uses the actual RNG.
Greatly simplified Secret Service plugin's use of crypto functions with Botan.
* Closes#4216
Reduced to three-tiered rating system and fixed column implementation. Hide password strength indicator in entry view if excluded from reports.
Introduce password health caching to prevent unnecessary calculations.
* Close#2603 - Add support for modifier syntax (+, ^, and %)
* Fix#2633 - Allow reference syntax {REF:...} in Auto-Type sequences
* Close#5334 - Tell the user which part of the Auto-Type sequence is invalid for easy correction
* Fix#2401 - Select the right window on macOS prior to starting Auto-Type
* Allow for nested placeholders
