Commit graph

4858 commits

Author SHA1 Message Date
Janek Bevendorff
860e51d8e9
Update translations.
Some checks failed
CodeQL / Analyze (push) Has been cancelled
2026-03-10 01:27:46 +01:00
Jonathan White
681886c8a5 Bump version number and Changelog 2026-03-10 01:22:14 +01:00
Janek Bevendorff
b4cf8fa435 Also override OPENSSL_ENGINES to prevent DLL injection (#13124) 2026-03-10 01:22:14 +01:00
Jonathan White
680f5dae7c Security: Prevent loading of openssl.cnf (#13118)
* Security: Prevent loading of openssl.cnf

Prevent loading openssl.cnf from the originating vcpkg folder tree to avoid DLL injections. This patch force sets the OPENSSL_CONF and OPENSSL_MODULES env vars to an invalid directory. This prevents openssl from attempting to load a cnf file which can contain settings to load arbitrary DLL files into KeePassXC memory space.

Thank you to zdi-disclosures for reporting this finding!
2026-03-10 01:22:14 +01:00
Sami Vänttinen
d7dc19bec6 Passkeys: Fix default BE and BS flag value (#13122) 2026-03-10 01:22:14 +01:00
Jonathan White
3743d7112b Support TIMEOTP autotype and entry placeholder (#13117)
* Additional fix for #7263 to support KeePass2 placeholder for TOTP

---------

Co-authored-by: Janek Bevendorff <janek@keepassxc.org>
2026-03-10 01:22:14 +01:00
Janek Bevendorff
30a540e8f7 Mock datetime to avoid test failures on second lapse (#13115)
Fixes #13059
2026-03-10 01:22:14 +01:00
Janek Bevendorff
1f217d65a0 Sanitise attachment file names before saving (#13114)
Reported by @yuki-matsuhashi
2026-03-10 01:22:14 +01:00
Sami Vänttinen
4352f0fad8 Fix showing correct checkbox value in entry Browser Integration settings (#12980)
Co-authored-by: varjolintu <sami.vanttinen@ahmala.org>
2026-03-10 01:22:14 +01:00
Sami Vänttinen
f58a56db6f Add support for nested folders with Bitwarden import (#13081)
Co-authored-by: varjolintu <sami.vanttinen@ahmala.org>
2026-03-10 01:22:14 +01:00
Sami Vänttinen
be2fa37b07 Passkeys: Set BE and BS flags to true (#13042)
Passkeys: Set BE flag to true

---------

Co-authored-by: varjolintu <sami.vanttinen@ahmala.org>
2026-03-10 01:22:14 +01:00
Sami Vänttinen
2d41de5e7c Fix setting browser related values to customData (#13026)
Co-authored-by: varjolintu <sami.vanttinen@ahmala.org>
2026-03-10 01:22:14 +01:00
Jonathan White
586b895230 Revert Auto-Type change that caused race condition (#12738)
* Fixes #12723
2026-03-10 01:22:14 +01:00
Janek Bevendorff
284486c056 Check version in vcpkg.json and appstream XML well-formedness, add translator listing (#12968)
* Check version in vcpkg.json and appstream XML well-formedness

* Move translator list utility to release-tool
2026-03-10 01:22:14 +01:00
xboxones1
0d88e602d4 Fix minor font and theme issues (#12814)
* Fix font size for all platforms

* Fix font size for TOTP in preview panel

* Styles: drop Windows-specific palette overrides

* Fix encoding of EditEntryWidgetMain.ui

* Fix tab width
2026-03-10 01:22:14 +01:00
varjolintu
9a240357ff Fix showing URls in browser access dialog 2026-03-10 01:22:14 +01:00
Anton Bobov
1036cf1099 fix(gui): enable Auto-Type help button when feature is active
The 'openHelpButton' in the Auto-Type configuration widget is now
enabled whenever the main 'Enable Auto-Type for this entry' checkbox is
checked, regardless of whether a custom sequence is defined.

Previously, the help button's state depended on the custom sequence
being enabled, which was inconsistent and confusing. The help is now
available whenever the main Auto-Type feature is enabled, providing
assistance for both default and window-specific sequences.
2026-03-10 01:22:14 +01:00
Sami Vänttinen
ab7c4f87f7 Passkeys: Add publicKey to register response (#12757) 2026-03-10 01:22:14 +01:00
Janek Bevendorff
d6c708e5a7 Fix Linux test failures (#13113)
* Fix test failure introduced by ab31a748fa (#10993)

* Fix tray hiding test failure

Introduced by 43904d87b7 (#10928), but somehow hasn't posed an issue until now.

---------

Co-authored-by: Jonathan White <support@dmapps.us>
2026-03-10 01:22:14 +01:00
Janek Bevendorff
5b156893b1 Advance vcpkg baseline 2026-03-10 01:22:14 +01:00
Pranmya Joshi
6bd8360261
Fix: Disable 'Remove' button in Plugin Data when no row is selected (#12916)
Some checks failed
CodeQL / Analyze (push) Has been cancelled
* Fix: Disable Remove button in Plugin Data when no row is selected
2026-01-09 13:42:24 -05:00
Jonathan White
18973351de Fix AppImage not finding Auto-Type library
* Fixes #12719 and Fixes #12721
* Also fixes missing <ul> in the appdata xml
2025-11-25 01:52:44 +01:00
Jonathan White
815bba3d78 Add explicit encoding when reading text from files 2025-11-25 01:52:44 +01:00
Janek Bevendorff
faaf5e97de Fix release-tool merge cmd and rename to "tag" 2025-11-25 01:52:44 +01:00
Jonathan White
9ac9440845 Fix setting entitlements on KeePassXC executable
* Fixes #12713
* Also fixes motorization to use the built packages instead of glob discovery
2025-11-25 01:52:44 +01:00
Janek Bevendorff
01e5b6ee1d
Update translations. 2025-11-23 23:15:03 +01:00
Janek Bevendorff
d90c2ae731
Fix release-tool merge cmd and rename to "tag" 2025-11-23 23:13:32 +01:00
Janek Bevendorff
6feb42a19b
Bump version to 2.7.11 2025-11-23 22:50:31 +01:00
Janek Bevendorff
9529c4f299 Fix AppRun path issue, fixes #12612 2025-11-23 22:45:57 +01:00
dependabot[bot]
a3d26d3790 Bump golang.org/x/crypto in /utils/keepassxc-cr-recovery
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.35.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.35.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-11-23 22:45:57 +01:00
Jonathan White
a3b17f4b68 Fix error in hardware key detection code on Windows 2025-11-23 22:45:57 +01:00
Jonathan White
dc9c9c443f Prevent interface lockups during startup with multiple tabs
Fixes #11998

Avoids UI lockups by removing several unnecessary mutex blocks  and avoiding redundant key detection calls.

Detect Yubikeys dynamically when challenging:

Prevents issue where correct key cannot be found if the internal state was reset prior to saving

This can occur if a user has multiple tabs open and multiple keys connected. Then switches to a locked tab without their DB key inserted which resets detection state.

Side Benefit - ensures proper cascade between USB and PC/SC interfaces so users can switch between the two modes seamlessly.
2025-11-23 22:45:57 +01:00
Jonathan White
dfd4a1c12c Implement Group sync for KeeShare (#11593)
---------

Co-authored-by: ever <ever@brokenmouse.studio>
Co-authored-by: Ben Kluwe <ben.kl@go4more.de>
2025-11-23 22:45:57 +01:00
Jonathan White
e76637a1a5 Allow for escape syntax to enable literal placeholders
* Fixes #11890
2025-11-23 22:45:57 +01:00
Jonathan White
fcf993766f Don't clear clipboard if previously cleared
* Fixes #12591
2025-11-23 22:45:57 +01:00
Sven Strickroth
337baa0e79 Do not show misleading error message if user clicked cancel
Signed-off-by: Sven Strickroth <email@cs-ware.de>
2025-11-23 22:45:57 +01:00
Sven Strickroth
b9bd1c3c00 Escape accelerators
(fixes issue #12037)

Signed-off-by: Sven Strickroth <email@cs-ware.de>
2025-11-23 22:45:57 +01:00
Markus Theil
61413e7a61 fix build with Botan 3.10
This fixes a compiler error I got,
when trying to build with Botan 3.10.

A static_cast to RSA_PrivateKey was not possible,
as the base class is virtual.

Fix by using a dynamic_cast instead.

Signed-off-by: Markus Theil <theil.markus@gmail.com>
2025-11-23 22:45:57 +01:00
Jonathan White
d8f7d602b4 Take delays into account when Auto-Type TOTP values
* Fixes #12682
2025-11-23 22:45:57 +01:00
Jonathan White
9526f42536 Prevent launch on installer finish when run as SYSTEM
* This condition will only happen when KeePassXC is installed by MECM or similar deployment tool. This prevents accidental launch on exit if the packager forgot to set LAUNCHAPPONEXIT=0 in the msiexec call. Allowing launch on exit in these conditions would potentially allow a non-privileged user to assume the role of SYSTEM through the KeePassXC application.

* Fixes weakness reported by HackAndPwn, thank you!
2025-11-23 22:45:57 +01:00
copilot-swe-agent[bot]
5211852d7e Fix CSV import regression with root group names
Fix the issue where CSV export/import creates nested root groups when the database has a custom root group name.

Added comprehensive tests to verify the fix works for both custom and default root group names, and preserves existing behavior for single-level groups.

Implement heuristic approach for CSV import root group detection:

- Analyzes all CSV rows before processing to find consistent first path components
- Only skips the first component if it appears in 80% or more of paths
- Handles absolute paths (starting with "/") by ignoring them in analysis
- Preserves existing behavior when no clear common root is found

Co-authored-by: droidmonkey <2809491+droidmonkey@users.noreply.github.com>
2025-11-23 22:45:57 +01:00
Jonathan White
e6b546f179 Support building with clang on Windows 2025-11-23 22:45:57 +01:00
Janek Bevendorff
510cd03ce5 Integrate macOS code signing into CMake
Moves code signing from the release-tool to CMake and unifies the Windows-equivalent code.
2025-11-23 22:45:57 +01:00
Janek Bevendorff
d92f9b1f49 Correctly restore window geometry when minimised to tray on startup
Fixes #10537
Fixes #11982
2025-11-23 22:45:57 +01:00
Janek Bevendorff
4a2f64ed4d Set default idle lock timeout to 15 minutes.
Addendum to #12689

The previous default of 240 seconds was too low. If we enable the lock
timeout by default, we should also set a more lenient default timeout by
default.
2025-11-23 22:45:57 +01:00
Janek Bevendorff
d473525098 Change Security/LockDatabaseIdle default to true 2025-11-23 22:45:57 +01:00
Janek Bevendorff
4daf5cee54 Enable CodeQL for all PRs and production branches 2025-11-23 22:45:57 +01:00
Janek Bevendorff
28f255733e Remove theme-based menubar icon toggle on macOS
The menubar theme detection on macOS has always been wonky, and with Liquid Glass it has become entirely useless. This removes the icon theme switch and uses the monochrome light icon as a mask until we find a better solution. This should look okay in most cases, unless the user has a very bright wallpaper.
2025-11-23 22:45:57 +01:00
Janek Bevendorff
72fa0ed58f Update sponsors list and translators fetch script 2025-11-23 22:45:57 +01:00
Janek Bevendorff
33b2e373da Add Liquid Glass icon 2025-11-23 22:45:57 +01:00