Henning
3fd2adc463
Merge branch 'dani-garcia:main' into main
2026-02-04 17:21:57 +01:00
Stefan Melmuk
feecfb20da
fix error message for purging auth requests ( #6776 )
Build / Build and Test ${{ matrix.channel }} (msrv) (push) Has been cancelled
Build / Build and Test ${{ matrix.channel }} (rust-toolchain) (push) Has been cancelled
Check templates / Validate docker templates (push) Has been cancelled
Hadolint / Validate Dockerfile syntax (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, debian) (push) Has been cancelled
Trivy / Trivy Scan (push) Has been cancelled
Code Spell Checking / Run typos spell checking (push) Has been cancelled
Security Analysis with zizmor / Run zizmor (push) Has been cancelled
Release / Merge manifests (alpine) (push) Has been cancelled
Release / Merge manifests (debian) (push) Has been cancelled
2026-02-01 22:35:55 +01:00
Timshel
347279a12c
Empty AccountKeys when no private key ( #6761 )
...
Co-authored-by: Timshel <timshel@users.noreply.github.com>
2026-02-01 22:35:22 +01:00
Helmut K. C. Tessarek
7f65a254b3
refactor: improve tooltips in diagnostics page ( #6765 )
...
The term "seems to" is used too loosely in many of the tooltips, but in
these 2 instances it is wrong wording.
An update is either available or not. If there is no update, one could
argue that "seems to" is valid, since the Internet could be down to
check for a new version. But in this situation the update is availble.
It is impossible that an update seems to be available.
2026-02-01 22:35:03 +01:00
Henning
15a92c3cd1
Merge branch 'dani-garcia:main' into main
2026-01-27 10:15:53 +01:00
Mathijs van Veluw
cc80f689ed
Update crates, web-vault, js, workflows ( #6749 )
...
Build / Build and Test ${{ matrix.channel }} (msrv) (push) Has been cancelled
Build / Build and Test ${{ matrix.channel }} (rust-toolchain) (push) Has been cancelled
Check templates / Validate docker templates (push) Has been cancelled
Hadolint / Validate Dockerfile syntax (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, debian) (push) Has been cancelled
Trivy / Trivy Scan (push) Has been cancelled
Code Spell Checking / Run typos spell checking (push) Has been cancelled
Security Analysis with zizmor / Run zizmor (push) Has been cancelled
Release / Merge manifests (alpine) (push) Has been cancelled
Release / Merge manifests (debian) (push) Has been cancelled
- Updated all crates
- Updated web-vault to v2025.12.2
- Updated all JavaScript files
- Updated all GitHub Action Workflows
Also added the `concurrency` option to all workflows.
Signed-off-by: BlackDex <black.dex@gmail.com>
2026-01-22 23:40:39 +01:00
Stefan Melmuk
4737192853
fix email as 2fa with auth requests ( #6736 )
...
* fix email as 2fa with auth requests
* increase expiry time of auth_requests to 15 minutes
2026-01-22 23:25:11 +01:00
Stefan Melmuk
0c6817cb4e
hide password hints via CSS ( #6726 )
Build / Build and Test ${{ matrix.channel }} (msrv) (push) Has been cancelled
Build / Build and Test ${{ matrix.channel }} (rust-toolchain) (push) Has been cancelled
Check templates / Validate docker templates (push) Has been cancelled
Hadolint / Validate Dockerfile syntax (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, debian) (push) Has been cancelled
Trivy / Trivy Scan (push) Has been cancelled
Code Spell Checking / Run typos spell checking (push) Has been cancelled
Security Analysis with zizmor / Run zizmor (push) Has been cancelled
Release / Merge manifests (alpine) (push) Has been cancelled
Release / Merge manifests (debian) (push) Has been cancelled
2026-01-18 15:25:20 +01:00
Stefan Melmuk
25a71d913f
use email instead of empty name for webauhn ( #6733 )
...
* if empty use email instead of name for webauhn
* use email as display name if name is empty
2026-01-18 15:23:21 +01:00
Henning
8db5c43134
Change OAuth2 expiration handling to use i64 for timestamps
2026-01-15 22:17:19 +01:00
Henning
c47afbf4f5
Merge branch 'dani-garcia:main' into main
2026-01-15 15:11:20 +01:00
Henning
1fc185c196
Fix syntax error in oauth2_callback function by adding missing comma
2026-01-15 15:01:56 +01:00
Henning
7a154975cc
Refactor OAuth2 callback function and improve error logging for URL validation
2026-01-15 14:55:04 +01:00
Henning
88d6453cfd
Enhance OAuth2 handling by ensuring HTTPS scheme for URLs and improving timestamp management
2026-01-15 14:46:44 +01:00
Mathijs van Veluw
b2cd556f3e
Fix User API Key login ( #6712 )
...
Build / Build and Test ${{ matrix.channel }} (msrv) (push) Has been cancelled
Build / Build and Test ${{ matrix.channel }} (rust-toolchain) (push) Has been cancelled
Check templates / Validate docker templates (push) Has been cancelled
Hadolint / Validate Dockerfile syntax (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, debian) (push) Has been cancelled
Trivy / Trivy Scan (push) Has been cancelled
Code Spell Checking / Run typos spell checking (push) Has been cancelled
Security Analysis with zizmor / Run zizmor (push) Has been cancelled
Release / Merge manifests (alpine) (push) Has been cancelled
Release / Merge manifests (debian) (push) Has been cancelled
When using the latest Bitwarden CLI and logging in using the API Key, it expects some extra fields, same as for normal login.
This PR adds those fields and login is possible again via API Key.
Fixes #6709
Signed-off-by: BlackDex <black.dex@gmail.com>
2026-01-14 13:11:43 +01:00
Mathijs van Veluw
4352fffeec
Fix web-vault version check and update web-vault ( #6686 )
2026-01-09 13:21:10 +01:00
Henning
03f7a5aada
Merge branch 'dani-garcia:main' into main
2026-01-08 15:58:51 +01:00
Stefan Melmuk
8d08697cf8
improve sso callback path ( #6676 )
...
* normalize base_url for sso_callback_path
* clean url when embedding images
2026-01-06 17:10:00 +00:00
Stefan Melmuk
9f1df42259
allow MasterPasswordHash for Android ( #6673 )
2026-01-06 14:24:05 +00:00
Stefan Melmuk
1e1f9957cd
return no content with status code 204 ( #6665 )
2026-01-05 18:52:24 +00:00
Stefan Melmuk
bf37657c08
update web-vault to fix org creation ( #6646 )
2026-01-01 16:52:11 +00:00
Daniel García
3e2cef7e8b
Try old refresh token if we fail to decode jwt ( #6629 )
2025-12-29 22:54:51 +01:00
Mathijs van Veluw
2af9d21158
Misc updates ( #6627 )
...
- Update crates and toml
- Update web-vault to v2025.12.1
- Update workflows
Signed-off-by: BlackDex <black.dex@gmail.com>
2025-12-29 22:27:12 +01:00
Daniel
c4f6c4e63b
Re-add alpine tag ( #6626 )
...
- fixes https://github.com/dani-garcia/vaultwarden/issues/6619
- also optimize the process while at it
2025-12-29 22:25:15 +01:00
Daniel García
eb2a56aea1
Update lockfile ( #6600 )
2025-12-28 01:07:17 +01:00
Daniel García
a4907f3539
Add wrapped named variants to UserDecryptionOptions ( #6598 )
2025-12-27 23:35:04 +01:00
Henning
a826a5a0f3
Fix formatting issue in XOAuth2 struct constructor
2025-12-26 15:56:25 +01:00
Henning
d545de4b54
Refactor imports and formatting in mail.rs and xoauth2.rs
2025-12-26 15:18:04 +01:00
Henning
405b50d044
Implement XOAuth2 model and database integration for SMTP OAuth2 tokens
2025-12-26 15:00:23 +01:00
Henning
418e4454c9
Merge branch 'dani-garcia:main' into main
2025-12-26 14:22:35 +01:00
Daniel
8801b47d80
Remove unnecessary output sharing between jobs ( #6555 )
...
Split step into 2 parts, since only 1 part is needed in the build job
2025-12-23 16:27:53 +01:00
Daniel
1ae9dc4119
Simplify binary extraction ( #6554 )
2025-12-23 16:26:28 +01:00
Mathijs van Veluw
02377eeac8
Update crates ( #6585 )
...
Signed-off-by: BlackDex <black.dex@gmail.com>
2025-12-23 16:25:56 +01:00
Henning
8927a1fea6
Refactor OAuth2 token exchange and refresh error handling
2025-12-21 19:15:42 +01:00
Henning
60924f6d8d
Merge branch 'dani-garcia:main' into main
2025-12-21 19:14:45 +01:00
Henning
2a360ff3de
Improve error handling for OAuth2 token exchange and parsing
2025-12-21 18:52:13 +01:00
Mathijs van Veluw
d9c75508c2
Fix posting cipher with readonly collections ( #6578 )
...
Build / Build and Test ${{ matrix.channel }} (msrv) (push) Has been cancelled
Build / Build and Test ${{ matrix.channel }} (rust-toolchain) (push) Has been cancelled
Check templates / Validate docker templates (push) Has been cancelled
Hadolint / Validate Dockerfile syntax (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, debian) (push) Has been cancelled
Trivy / Trivy Scan (push) Has been cancelled
Code Spell Checking / Run typos spell checking (push) Has been cancelled
Security Analysis with zizmor / Run zizmor (push) Has been cancelled
Release / Merge manifests (alpine) (push) Has been cancelled
Release / Merge manifests (debian) (push) Has been cancelled
* Fix posting cipher with readonly collections
This fix will check if a collection is writeable for the user, and if not error out early instead of creating the cipher first and leaving it.
It will also save some database transactions.
Fixes #6562
Signed-off-by: BlackDex <black.dex@gmail.com>
* Adjust code to delete on error
Signed-off-by: BlackDex <black.dex@gmail.com>
---------
Signed-off-by: BlackDex <black.dex@gmail.com>
2025-12-21 18:51:58 +01:00
Henning
c17837fa2a
Add SMTP OAuth2 configuration options and improve error handling
2025-12-21 18:00:48 +01:00
Henning
8bd2a0b26c
Merge branch 'dani-garcia:main' into main
2025-12-21 17:30:14 +01:00
Mathijs van Veluw
0ab7784b06
Update web-vault to v2025.12.0 ( #6577 )
...
Build / Build and Test ${{ matrix.channel }} (msrv) (push) Waiting to run
Build / Build and Test ${{ matrix.channel }} (rust-toolchain) (push) Waiting to run
Check templates / Validate docker templates (push) Waiting to run
Hadolint / Validate Dockerfile syntax (push) Waiting to run
Release / Build Vaultwarden containers (amd64, alpine) (push) Waiting to run
Release / Build Vaultwarden containers (amd64, debian) (push) Waiting to run
Release / Build Vaultwarden containers (arm/v6, alpine) (push) Waiting to run
Release / Build Vaultwarden containers (arm/v6, debian) (push) Waiting to run
Release / Build Vaultwarden containers (arm/v7, alpine) (push) Waiting to run
Release / Build Vaultwarden containers (arm/v7, debian) (push) Waiting to run
Release / Build Vaultwarden containers (arm64, alpine) (push) Waiting to run
Release / Build Vaultwarden containers (arm64, debian) (push) Waiting to run
Release / Merge manifests (alpine) (push) Blocked by required conditions
Release / Merge manifests (debian) (push) Blocked by required conditions
Trivy / Trivy Scan (push) Waiting to run
Code Spell Checking / Run typos spell checking (push) Waiting to run
Security Analysis with zizmor / Run zizmor (push) Waiting to run
Updated web-vault
Updated one crate
Signed-off-by: BlackDex <black.dex@gmail.com>
2025-12-21 00:01:30 +01:00
Daniel García
5c91058ba0
Add UserDecryptionOptions on /sync too ( #6574 )
2025-12-20 00:37:46 +01:00
Mathijs van Veluw
229b58fe4e
Update crates and Rust ( #6551 )
...
* Update crates and Rust
- Updated all the crates
- Updated Rust to v1.92.0
- Updated to Alpine v3.23
- Adjusted some nightly clippy lints
Signed-off-by: BlackDex <black.dex@gmail.com>
* Add new updates
Signed-off-by: BlackDex <black.dex@gmail.com>
* Updated more crates and fix mariadb
Updated more crates
Also removed older MariaDB library since Diesel has fixed this in the v2.3.5 version.
Signed-off-by: BlackDex <black.dex@gmail.com>
* Fix icon-fetch error
Signed-off-by: BlackDex <black.dex@gmail.com>
* Update GHA workflows
Signed-off-by: BlackDex <black.dex@gmail.com>
---------
Signed-off-by: BlackDex <black.dex@gmail.com>
2025-12-19 17:38:13 +01:00
Daniel García
061d320c7f
Add new accountKeys and masterPasswordUnlock fields ( #6572 )
...
* Add new accountKeys and masterPasswordUnlock fields
* Fmt
2025-12-19 13:34:43 +01:00
Stefan Melmuk
2c73c6c2f2
support UriMatchDefaults policy ( #6570 )
2025-12-19 12:07:58 +01:00
Daniel
b920caf285
Revert to gzip compression ( #6566 )
...
- zstd support has been added in Docker v23
- Debian Bookworm/Bullseye ships with Docker v20.10
- Revert for now to maintain compatibility with older releases
2025-12-19 12:07:05 +01:00
Henning
3b8af41c5f
Merge branch 'dani-garcia:main' into main
2025-12-15 13:03:46 +01:00
Stefan Melmuk
57bdab1550
add empty /api/tasks endpoint ( #6557 )
Build / Build and Test ${{ matrix.channel }} (msrv) (push) Has been cancelled
Build / Build and Test ${{ matrix.channel }} (rust-toolchain) (push) Has been cancelled
Check templates / Validate docker templates (push) Has been cancelled
Hadolint / Validate Dockerfile syntax (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, debian) (push) Has been cancelled
Trivy / Trivy Scan (push) Has been cancelled
Code Spell Checking / Run typos spell checking (push) Has been cancelled
Security Analysis with zizmor / Run zizmor (push) Has been cancelled
Release / Merge manifests (alpine) (push) Has been cancelled
Release / Merge manifests (debian) (push) Has been cancelled
2025-12-14 15:32:21 +01:00
Henning
860fff77d0
Merge branch 'dani-garcia:main' into main
2025-12-10 11:32:24 +01:00
Daniel
b77c01b8bb
Further fixes for the release workflow ( #6533 )
Build / Build and Test ${{ matrix.channel }} (msrv) (push) Has been cancelled
Build / Build and Test ${{ matrix.channel }} (rust-toolchain) (push) Has been cancelled
Check templates / Validate docker templates (push) Has been cancelled
Hadolint / Validate Dockerfile syntax (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (amd64, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v6, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm/v7, debian) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, alpine) (push) Has been cancelled
Release / Build Vaultwarden containers (arm64, debian) (push) Has been cancelled
Trivy / Trivy Scan (push) Has been cancelled
Code Spell Checking / Run typos spell checking (push) Has been cancelled
Security Analysis with zizmor / Run zizmor (push) Has been cancelled
Release / Merge manifests (alpine) (push) Has been cancelled
Release / Merge manifests (debian) (push) Has been cancelled
2025-12-07 16:07:07 +01:00
Mathijs van Veluw
9cca120fb3
Fix release workflow ( #6532 )
2025-12-07 13:12:05 +01:00
