Avoids prompting the user for a password if unlocking is likely to fail
due to some problem with the database file (i.e. not found, not a file,
not readable).
Add unit tests.
This allows `t:word` instead of `title:word` and `p:word` instead of `password:word`, and so on. The rule is that an abbreviated name expands to the first field name that starts with it, with exceptions
`u:` expanding to `username:` instead of `url:` and `pw:` expanding to `password:`.
* Fix#3376. Set font for password preview to Font::fixedFont()
* Add a menu entry opening the shortcuts documentation in the browser
* Fixed duplicate item in CLI documentation
Summary of changes:
* Extract function for creating password generator from options into
`Generate` command. This function is now reused in `Add` and `Edit`
commands.
* Updated manpage with missing password generation options.
* Updated manpage with missing longer forms of password generation options.
* Added unit tests for new password generation options in `Add` and
`Edit`.
* Handle case when `-g` and `-p` options are used at the same time.
This PR adds password generation functionalities while reducing
code duplication, but at the cost of 2 small breaking changes:
* The password generation option for `Add` and `Edit` for specifying
password length is now `-L` instead of `-l`, to not clash with the
`-l --lower` option.
* The `-u` shorthand for the `--upper` option has to be removed, to not
clash with the `-u --username` option.
* Add -U variant for uppercase.
* QFileDialog returns UNIX paths, even on Windows. This patch converts what QFileDialog returns to the native path format.
* Improve const correctness
* Avoid imposing file extension on Linux
* This patch improves things like unneeded passes by values, missing const qualifiers, ugly copies because of variable reuse and consistency in variable names.
* Fix#3407
* Read-only files now disable auto-save and show as modified correctly. This allows the GUI to prompt to "save-as" instead of silently discarding changes when the read-only database is locked or closed.
* Add application settings reset button
- Corrects accessibility findings GP.2
* Use icons in addition to color to indicate password mismatch
- Corrects accessibility finding CN.2
* Announce begin/end of list navigation
- Corrects accessibility finding KF.4
* Fixes for keyboard navigation
- Add Ctrl+F10 keyboard shortcut to show group/entry context menus. Fixes#3140
- Improve movement between form fields
* Fix loading system-defined language in translator
- Fixes#3202
- Bypass built-in Qt loading of QLocale for translations. The order of loading languages doesn't consider all file names prior to moving to the next language in the list. This resulted in English being chosen no matter what language is the top priority.
* Improve message box defaults and fix documentation links
* Better support for screen readers
* Add accessible names on form fields
* Prevent changing values during settings widget scrolling
- Add an event filter to combo boxes and spin boxes on the settings page to prevent the mouse wheel from changing the values without having focus
- Add horizontal stretch to the security settings to make the spin boxes more manageable.
* Empty destructors are replaced with default destructors
* A few loop variables made into const references to avoid copies
* Add missing `override` spec for some `Command::execute` methods
* Selecting one or more entries to download icons always forces the download (ie, if a new URL exists the new icon will be downloaded and set)
* Instead of downloading for each entry, the web url's are scraped from the provided entries and only those urls are downloaded. The icon is set for all entries that share a URL. This is useful if a group contains many entries that point to the same url, only 1 download call will occur.
* The icon download dialog displays whether you are doing one entry, many entries, or an entire group. It is also modal so you have to dismiss it to use KeePassXC again.
* Moved DuckDuckGo fallback notice into the download dialog.
This adds support for OnlyKey and requires yubikey-personalization library 1.20.0 or newer. The function yk_open_key_vid_pid was added to yubikey-personalization in version 1.20.0.
* Add demo kdbx file (password is `secret`)
The demo.kdbx password safe contains a number of realistically looking
but imaginary accounts for popular web services (Amazon, eBay, Google,
etc.) The owner's name is supposed to be John Doe, his e-mail address
is john.doe@example.com.
The intended use of this file is:
* To try out features (like the upcoming Paper Backup, #3277) without
using one's own database.
* To have a more-or-less realistic database file. The other kdbx files
in the tests/data directory all have some peculiarity or another.
* To have a password database from which one can take screenshots in
order to demonstrate bugs or new features. So, the recommendation
"don't include screen shots of your database" can be changed to
"include screen shots of the demo database".
* To have something you can mess around with without being afraid to
mess up your own database. If you mess up too bad, use git to revert
your changes.
The location of the demo database is `tests/data/demo.kdbx`. The
password is `secret`.
So far, the demo database is in the source tree only, to be used
by developers. Someone else may decide whether it could be placed in the
distribution, or maybe even made available for download from the KeePassXC
web site so that new users have something to play around with.
* Add more sophistication to the demo database
Add a second group that contais more sophisticated items:
Attachments, attributes, notes, expiration.
Note that the "ssh key" is completely imaginary and cannot
be used for anything realistic. For example, the public and
private keys don't fit together, the pass phrase and finger
print don't match, etc. It's just for demo purposes, like
anything in this file.
This new subcommand checks all passwords in the given database against a given list of SHA-1 password hashes. Such lists are available from the "Have I Been Pwned" project at https://haveibeenpwned.com/Passwords.
Note that this support offline checking only. The HIBP project also provides a web API for checking specific hash ranges; this is not currently supported.
Updating mingw-w64-x86_64-qt5 to version 5.12.4-2 caused EditEntryWidget to fail
building. Fixed that with proper includes. Also ran `make format` which revealed
one file in need of formatting.
* Fixes#3126
* Limit autocompletion to the top ten used usernames
- Load common usernames when database is opened
- Transition from QLineEdit to QComboBox for usernames
- Dropdown menu of the combobox lets user choose a common username
- Common usernames are autocompleted via inline completion
- Common usernames are sorted by frequency (first) and name (second)
* Add notes to General tab
* Combine Attributes and Attachments tabs into Advanced
* Remove extra viewTotpWidget
* Shrink minimum size of preview panel
With this change we get rid of the confusing key component checkboxes.
Now a component is either there or not (if left empty). There is
no redundant distinction between "unset" and "emtpy" anymore.
For compatibility with older databases that have "empty" passwords,
KeePassXC will ask if the user wants to retry with an empty password
if unlocking failed and the password field was left blank.
Besides these functional changes, the widget's layout has been
rearranged to be more compact, less stretched out (e.g. input fields
do not fill the full window width anymore), and more user-friendly
by providing a help tooltip for the hardware key field and accessible
descriptions for screen readers.
* Moved KeeShare Quiet Success message setting to the KeeShare portion of the application settings
* Removed an assert that caused the application to crash in debugging when a share file could not be found
* Corrected database settings security icon
* Unbreak build on FreeBSD
```
In file included from src/core/Alloc.cpp:24:
/usr/include/malloc.h:3:2: error: "<malloc.h> has been replaced by <stdlib.h>"
^
src/core/Alloc.cpp:65:28: error: use of undeclared identifier 'malloc_usable_size'
::operator delete(ptr, malloc_usable_size(ptr));
^
2 errors generated.
```
Non-standard APIs like `malloc_usable_size()` [1] are defined in
`malloc_np.h` on FreeBSD, so use it instead of `malloc.h` there.
[1] https://man.freebsd.org/jemalloc(3)
* Allow Browser HostInstaller to work on FreeBSD and other OS's
* Drop custom GNUInstallDirs cmake module and use cmake's own module
It seems to be an outdated version and cmake generally provides it
itself, so there should be no need for keepassxc to provide its own
custom version.
On FreeBSD this fixes the issue that man pages were installed into
the wrong directory, i.e., `/usr/local/share/man` vs `/usr/local/man`
as per FreeBSD's current packaging policy.
Signed-off-by: Tobias Kortkamp <tobik@FreeBSD.org>