Windows desktop application 1.0 🚀

We’re pleased to announce the release of the Passbolt Windows Desktop Application Version 1.0, marking the first stable iteration of the application. This version follows a detailed security audit conducted by Cure53, reflecting our focus on maintaining high security standards. As usual, the audit’s findings are available publicly on the passbolt website.

passbolt-windows app


This version also aligns with Passbolt v4.6 feature set, ensuring that users transitioning between the web and the desktop environment have a consistent experience. If you want to know more about the current and future status of the application, checkout this blog article: Stable Release of Passbolt Windows Desktop Application

Thank you for your support and for trusting Passbolt. Stay tuned for more updates and the detailed security report.

[1.0.0] - 2024-04-10

Added

  • PB-29559 - Support v4.6 in desktop app

Fixed

  • PB-32394 As a user defining my passphrase while activating my account I want to know if my passphrase is part of a dictionary on form submission

  • PB-32396 As a user defining my new passphrase while changing it I want to know if my new passphrase is part of a dictionary on form submission

  • PB-32401 As an administrator defining the passphrase of the generated organisation account recovery key I want to know if the passphrase is part of a dictionary on form submission

  • PB-32407 As a user editing a password I am invited to confirm its edition when this one very weak in a separate dialog on form submission

  • PB-32395 As a user defining my passphrase while requesting an account recovery I want to know if my new passphrase is part of a dictionary on form submission

  • PB-32397 As a user verifying my private key passphrase while activation my account I do not want to know if my passphrase is part of a dictionary at this stage

  • PB-32399 As a user confirming my passphrase while completing an account recovery (Admin approved) I do not want to know if my passphrase is part of a dictionary on form submission

  • PB-32398 As a user confirming my passphrase while importing my private key during an account recover I do not want to know if my passphrase is part of a dictionary on form submission

  • PB-32404 As a user creating a password from the quickaccess I am invited to confirm its creation when this one is part of a dictionary in a separate dialog on form submission

  • PB-32403 As a user updating a password I am invited to confirm its edition when this one is part of a dictionary in a separate dialog on form submission

  • PB-32405 As a user auto-saving a password from the quickaccess I should not be notified if the password is part of an exposed dictionary

  • PB-32402 As a user creating a password I am invited to confirm its creation when this one is part of a dictionary in a separate dialog on form submission

  • PB-32400 As a user confirming my passphrase while importing an account kit on the desktop app I do not want to know if my passphrase is part of a dictionary on form submission

  • PB-32406 As a user creating a password I am invited to confirm its creation when this one very weak in a separate dialog on form submission

  • PB-32427 As a user creating a password from the quickaccess I am invited to confirm its creation when this one is VERY WEAK in a separate page on form submission

  • PB-32351 As a desktop app user I should be able to change my current locale

Improved

  • PB-29289 Make pipelines fail when test jobs output an error

  • PB-29106 Merge desktop bext into develop

Security

  • PB-32286 - PBL-11-001 WP1: Insecure Regex pattern allows canNavigate bypass (Medium)

  • PB-32290 - PBL-11-005 WP1: Insecure CSP Configuration in renderers (Low)

  • PB-32289 - PBL-11-004 WP1: Arbitrary requestId used as topic in background IPC (Medium)

7 Likes

That is awesome! Now we can use Passbolt fully without opening (or keeping open) the browser :smile:

2 Likes