1. Replaces words removed by pull 6914 <23b9e35de9> for possible offense. This restores the total word count.
Add replacement: grope -> . . . -> grouch
Change: hardcopy -> hardcopy -> hardback
Replace: hardcore -> . . . -> hardball
(I couldn't see "hardcopy" as a single word in American dictionaries from the turn of the century. It's too much of a neologism [and if we can't have "hardcore," then there's nothing else I can fit in that gap]. I had to remove another word to allow the addition of two new words here to preserve ordering. It's also an improvement because "hardcopy" is not a single word in dictionaries older than a decade or so.)
Add replacement: swinger -> . . . -> swindle
2. Yo-yo and yoyo are two spelling of the same exact word, and the latter spelling is "non-standard."
Keeping: yo-yo (t-shirt is the one other hyphenated word and I can't find a suitable candidate for either without creating several conflicts on the long wordlist)
Change: yoyo -> young
3. Word repetition: two spellings of same word hankie.
Keeping: hankie (as the "correct" spelling because "hanky" is more common in "hanky-panky").
Change: hanky -> hanoi
(The other option was to insert "hansom" between "hanky" and "haphazard," but "handsome" is a homophone because the "d" became silent many years ago.)
4. Changed proper nouns and brand names to regular nouns:
dropbox -> dropforge
ebay -> eaves
google -> goosey as in "loosey-goosey" (the real word is "googol," anyhow)
This necessitated changing goon -> gooseneck
ipad -> iota
iphone -> ire
ipod -> iridium
This necessitated irate -> iris
kleenex -> knack (the word "tissue" exists)
lego -> legitimate
xbox -> xenon (which sounds like x box or x-box, too)
Keeping: xerox (now genericized like aspirin)
5. Replaced non-standard words around "drop" and the brand name in there
drop-down -> drop-in
ebook -> (genericized like "email")
ecard -> echelon
This necessitated eccentric -> echidna
harddisk -> hardedge (Hardedge is an art style. Hard disk is always two words or else is abbreviated as HDD for hard disk drive)
6. Replaced flirtatious activity
footsie -> footstool
Which necessitated making footsore -> footway
7. Potentially sensitive anatomy
gonad -> golly
siamese -> sial (Siamese = Thai, but "twins" is also on the list and "Siamese" could precede "twins," which is slur for conjoined twins.)
8. Politically sensitive
islamist -> island (An Islamist is someone who wants to enforce political Islam on all with a literal and conservative interpretation of the Qu'ran. It does not mean Muslim.)
marxism -> marzipan (I'm a big old lefty, myself, but I need to be consistent)
********
These necessitated a couple changes to nearby words where a drop-in replacement word did not exist, which required shifting neighboring words slightly.
Alphabetical order preserved and total word count should match EFF's modified and the original Diceware list. No breaking changes.
* Fix#7726 - Ignore BEEP Auto-Type token when it includes spaces and numbers as well
* Close#8103 - Allow specifying specific attribute to use with PICKCHARS. If none specified, it defaults to Password.
* Fix#7811 - Notes height no longer truncated
* Fix#7949 - Improve copying attribute value to clipboard in entry preview
* Fix#7898 - Prevent copying url when copy password selected after clicking url in preview pane
* Fix#7982 - Double clicking hidden attributes in preview pane copies the value instead of ●●●●●●
* Fixes#7776
Implement QRegularExpression::escape within Tools::convertToRegex to allow usage on older Qt versions.
Also wrap EXACT_MODIFIER patterns in a non-capture group to prevent misinterpreted regex.
Fix#7607 - Don't disable core dumps when building for snap distribution. Doing so will not allow the xdg-desktop-portal from opening the file dialog. This is because the portal attempts to call entries from /proc/[pid]/xxxx which are restricted to root when core dumps are disabled.
This commit implements the following logic:
* If there're already unlocked collections, just use those,
* otherwise, show the unlock dialog until there's an unlocked and exposed collection.
* Fixes#7574
Limit the use of zxcvbn based password entropy estimation to 256 bytes. After this threshold, the average per-byte entropy from the zxcvbn calculation is added for each additional byte. In practice, this produces a slightly higher entropy calculation for purely randomized passwords than zxcvbn would normally calculate. However, the time to calculate is capped leading to a much better user experience and removing unnecessary calculations.
Fixes#7712
This is mostly to ease setup and configuration with sandboxed browsers.
The socket currently existing in `$XDG_RUNTIME_DIR`. When sandboxing a browser, it would be unsafe to mount this directory inside the sandbox.
Mounting the socket into the sandbox's filesystem is also not possible in cases where KeePassXC is [re]started after the browser has started.
This commit moves the socket into its own isolated subdirectory, which can be safely mounted into sandboxes. Sandbox engines can create the directory themselves (in case the browser starts before KeePassXC). Both Flatpak and Firejail support this configuration.
A symlink is also created, linking the previous location to the new location. This is meant for backwards compatibility and should eventually be dropped.
The directory can't be named `org.keepassxc.KeePassXC.BrowserServer`,
since that would collide with the symlink. Instead, the directory has been created to match the format used for Flatpak builds, which make it a bit less of a snowflake build, while following accepted conventions.
Given that the preferred path now matches what Flatpak uses, the block handling Flatpak and non-Flatpak is now the same.
If `$XDG_RUNTIME_DIR` is undefined, the temporary directory is used, though reading the socket from this location is discouraged.
Closes: https://github.com/keepassxreboot/keepassxc/issues/8018
References: https://github.com/keepassxreboot/keepassxc/discussions/6741
In the password generator widget, the checkable push button for the math
symbols is missing the GREATER-THAN SIGN (U+003E), even though it is
among the possible characters during password generation when the button
is checked. Add the missing character to the text displayed to users.
While at it, also fix a wrong comment containing the possible
characters.
The exit status of `whiptail` was masked by the subsequent call to
`clear`.
This correct the capture of whiptail's exit status so that pressing the
`[Cancel]` button can be correctly detected by the script.
Fixes#7830
Otherwise, assertions in TestKdbx4::testCustomData() may fail on rare
occasions, because the customData in a cloned entry won't be identical
to its original, because of its potentially-updated LastModified
property.
Originally noticed in
https://github.com/keepassxreboot/keepassxc/pull/7783#issuecomment-1101404487.
* minizip-ng has slightly different defines and function names than the original minizip. These changes adapt the existing code to use the minizip-ng versions if necessary.
* Replace rarely hit asserts with defined nullptr checks when replacing references without a group
* Fix#7603
* Replace TOTP history comparison with checking the actual TOTP output instead of a compiled string
* Split calls to finding hardware keys into sync and async methods. This has the side effect of simplifying the code.
* Check for keys before performing challenge/response if no keys have been found previously.
* Correct timeout of user interaction message to interact with the hardware key.
* Correct error in TestCli::testYubiKeyOption
* Fix#7743 - Include # in placeholder list
* This change fixes typing single character placeholders (escaped placeholders) on Windows. Previously we were sending these as raw key presses which didn't properly press Shift or other modifiers. Now they are sent as unicode characters unless in virtual mode (the expected behavior).
* Fix#7672 - notes preview spans the entire length of the preview pane again
* Fix#4242 - Allow selecting entry title text in preview
* Improve multi-line tag preview
* Fixup alignment and spacing of fields
* Remove parallel left/right block calculations in favor of calculating both blocks simultaneously. This brings the calculation within parity of 2.6.6.
* Fix#7682