* Fixes#5037
* F1 focuses group view, if already focused it opens the focused group for editing
* F2 focuses entry view, if already focused it opens the focused entry for editing
* F3 focuses search
* Fix#5107
* Change setting for non-data changes to Auto save on database lock (or not) instead of marking modified.
* When enabled, database will be auto-saved if there are only non-data changes, but will not prompt the user if saving has failed.
* When disabled, database will not auto-save if there are only non-data changes (same behavior as 2.5 and below) and will not mark the database dirty.
Fixes#4444
Some websites these days do not present both the "username" and the "password"
input box on the same webpage (e.g. Google, Amazon). So no custom sequence is
possible to enter both the said attributes in one go.
So, two new context menu actions have been added:
1. Perform Auto-Type of just the username
2. Perform Auto-Type of just the password
These context menu actions are analogous to "Copy username" and "Copy
password", except it avoids sending all characters via clipboard.
* Create a sub-menu in the Context Menu of Entry.
* The sub-menu offers the following sequences:
- {USERNAME}
- {USERNAME}{ENTER}
- {PASSWORD}
- {PASSWORD}{ENTER}
Definitions:
* Database Key - Cryptographic hash used to perform encrypt/decrypt of the database.
* Database Credentials - User facing term to refer to the collection of Password, Key File, and/or Hardware Key used to derive the Database Key.
Changes:
* Remove the term "master" and "key" from the user's lexicon and clarify the code base based on the definitions above.
* Clean up wording in the UI to be clearer to the end user.
* Add support for 'ifDevice' feature, closes#2871
* Resolve placeholders for username and password to support references, fixes#2078
* Add support for open databases from an entry when the url starts with 'kdbx://'. Uses the same syntax as AutoOpen. Closes#1536.
Introduce a third unsorted status that shows entries in the order they occur in the KDBX file.
* Add keyboard shortcut Ctrl+Alt+Up/Down to move entries up and down in sort order
* Add entry context menu icons to achieve movement up/down
* Only show menu icons when in natural sort order
* Add Material Design icons for moving up/down
* Add feature to track non-data changes and force a save on exit to ensure they are not lost when locking a database. This allows users to make entry movements and group expand/collapse operations and not lose that state.
Remove saveas
Add an option in the 'Database' menu to save a backup of the current database.
Add unit test for saving database copy
* Open a test database, mark it as modified, and save a copy
* Fail if the copy is not a valid database
* Fail if the original database is saved
* Fail if the original database is no longer marked as modified
* Override Qt's default [broken] behavior of handling Tab/Shift+Tab to navigate around the MainWindow. Completely fixes trapped focus.
* Improve handling of search results when navigating the UI.
* Fix selecting first entry after ending a search.
* Add keyboard shortcuts to directly focus on search (F1), Group List (F2), and Entry List (F3)
* Fixes#2878, #4636, and #4221
* Add saving mutex to database class to prevent re-entrant saving
* Prevent saving multiple times to the same file if the database is not marked as modified
* Prevent locking the database while saving. This also prevents closing the application and database tab while saving.
* FileWatcher: only perform async checksum calculations when triggered by timer (prevents random GUI freezes)
* Re-attempt database lock when requested during save operation
* Prevent database tabs from closing before all databases are locked on quit
Introduce a password health check to the application that evaluates every entry in a database. Entries that fail various tests are listed for user review and action. Also moves the statistics panel to the new Database -> Reports widget. Recycled entries are excluded from the results.
We now have two classes, PasswordHealth to deal with a single password and HealthChecker to deal with all passwords of a database.
Tests include passwords that are expired, re-used, and weak.
* Closes#551
* Move zxcvbn usage to a centralized class (PasswordHealth) and replace its usages across the application to ensure standardized interpretation of entropy calculations.
* Add new icons for the database reports view
* Updated the demo database to show off the reports
* Fix#3933 and fix#3857. Interaction with entries and groups is disabled while the database is being reloaded or saved to prevent changes from occurring. Prevent the database from being reloading if an entry or group is currently being edited.
* Fix#3941 - Only notify components when the database file actually changes (determined by checksum). This prevents spurious merge requests when the file is merely touched by another service (e.g., DropBox).
* Fix code format of ElidedLabel.cpp
* Fixes#2118
Enables select entry actions when editing an entry. This allows users to copy the password of the entry, for example.
Note: unsaved changes to the entry will not be copied to the clipboard.
* Fix#3506
* Fix#2389
* Fix#2536
* Fix#2230
Every database that has been opened now watch's it's own file. This allows the database class to manage file changes and detect fail conditions during saving. Additionally, all stakeholders of the database can listen for the database file changed notification and respond accordingly.
Performed significant cleanup of the autoreload code within DatabaseWidget. Fixed several issues with handling changes due to merging, not merging, and other scenarios while reloading.
Prevent database saves to the same file if there are changes on disk that have not been merged with the open database.
* Selecting one or more entries to download icons always forces the download (ie, if a new URL exists the new icon will be downloaded and set)
* Instead of downloading for each entry, the web url's are scraped from the provided entries and only those urls are downloaded. The icon is set for all entries that share a URL. This is useful if a group contains many entries that point to the same url, only 1 download call will occur.
* The icon download dialog displays whether you are doing one entry, many entries, or an entire group. It is also modal so you have to dismiss it to use KeePassXC again.
* Moved DuckDuckGo fallback notice into the download dialog.
* Support importing 1Password vaults (.opvault folders) into KDBX database
* Entry attributes are filled based on section and field name
* Expiration dates are set for entries
* Entry URL's are set from a wider array of fields
* DatabaseTabWidget::newDatabase returns the created DatabaseWidget
* Emit DatabaseTabWidget::databaseOpened signal before a new tab is added
* EntrySearcher can now search attribute values including custom ones
* Add Group::applyGroupIconTo to set the group icon on the supplied entry
* Implement desktop notifications through the system tray icon
* Add DatabaseWidget::deleteEntries to delete a list of entries
* Add Aes128 in SymmetricCipher::algorithmIvSize
* Add DatabaseWidget::databaseReplaced signal
* Add a helper class to override the message box's parent (prevent bugs)
* Mark database dirty if saving fails
* Restore database file from backup if unsafe save fails between deleting database file and copying temporary file into place
* Improve error message display for opening and saving database files
* Do not automatically retry saving after failure. This prevents deletion of the backup database file and improves user awareness of issues.
* When viewing a shared group, the sharing state is indicated by a label
similar to the search label.
* Banner shows on children of shared groups
* When searching, share banner is hidden
* Fixed issue where group/entry information was not updated after change
* Fix crash when canceling save of new database
* Standardize use of DatabaseWidget::save() function
* Close new database tabs that are "discarded"
* Fixes#2604. autoSaveOnExit setting
* Re-implement autosave functionality
This patch removes redundant lock widget members of the DatabaseWidget
and consolidates all unlocking functionality into a single
DatabaseOpenWidget (with the exception of KeePass1OpenWidget).
Distinction between different unlock actions is now done via a dedicated
Intent enum class instead of using individual widgets.
Further, the DatabaseUnlockDialog has been generalized so that it is
usable for unlock intents other than just Auto-Type and is now also
used for merging databases which is less confusing to the user.
The KeePassXC main window is no longer a parent of the
DatabaseUnlockDialog and has the Qt::ForeignWindow flag set, which
should cause fewer issues with Auto-Type trying to type into KeePassXC
after unlock instead of the intended target window.
In addition, its instance has been moved into the DatabaseTabWidget
class so that it is no longer bound to individual DatabaseWidgets,
potentially allowing for database selection during Auto-Type. The actual
selection has not yet been implemented, but Auto-Type has been adjusted
to use the currently selected tab instead of the first one as an
intermediary improvement.
The Database, DatabaseWidget, and DatabaseTabWidget classes share many responsibilities in inconsistent ways resulting in impenetrable and unmaintainable code and a diverse set of bugs and architecture restrictions. This patch reworks the architecture, responsibilities of, and dependencies between these classes.
The core changes are:
* Move loading and saving logic from widgets into the Database class
* Get rid of the DatabaseManagerStruct and move all the information contained in it into the Database
* Let database objects keep track of modifications and dirty/clean state instead of handing this to external widgets
* Move GUI interactions for loading and saving from the DatabaseTabWidget into the DatabaseWidget (resolves#2494 as a side-effect)
* Heavily clean up DatabaseTabWidget and degrade it to a slightly glorified QTabWidget
* Use QSharedPointers for all Database objects
* Remove the modifiedImmediate signal and replace it with a markAsModified() method
* Implement proper tabName() method instead of reading back titles from GUI widgets (resolves#1389 and its duplicates #2146#855)
* Fix unwanted AES-KDF downgrade if database uses Argon2 and has CustomData
* Improve code
This patch is also the first major step towards solving issues #476 and #2322.
* Cleanup entry change notification with entryview focus in/out
* Change Open URL shortcut to CTRL+SHIFT+U to conform with an "action"
including SHIFT
* Change Copy URL shortcut to CTRL+U to conform with "copy" without SHIFT
* Entry specific toolbar and menu items are disabled unless the entry
row has focus (prevents unintended actions)
* Reword security setting for password visibility in entry edit view
* Add shortcut to hide/unhide usernames (CTRL+SHIFT+B)
* Organize entry menu
* Fix#1588 - show keyboard shortcuts in context menu
* Fix#2403 - Change auto-type shortcut to CTRL + SHIFT + V
* Fix#2096 - Add (CTRL+F) to search bar background
* Fix#2031 & Fix#2266 - add shortcut to hide/unhide passwords (CTRL+SHIFT+C)
* Fix#2166 - Add reveal password button to entry preview
The CLI module was lacking unit test coverage and showed some severe
coding style violations, which this patch addresses.
In addition, all uses of qCritical() with untranslatble raw char*
sequences were removed in favor of proper locale strings. These are
written to STDERR through QTextStreams and support output
redirection for testing purposes. With this change, error messages don't
depend on the global Qt logging settings and targets anymore and go
directly to the terminal or into a file if needed.
This patch also fixes a bug discovered during unit test development,
where the extract command would just dump the raw XML contents without
decrypting embedded Salsa20-protected values first, making the XML
export mostly useless, since passwords are scrambled.
Lastly, all CLI commands received a dedicated -h/--help option.
* Resolves#764
* Add libqrencode and qtsvg dependencies
* Ensure QR code remains square
* Auto-close QR code dialog when database is locked
* Add databaseLocked() Signal to databaseWidget
* Correct otpauth URI output in Totp::writeSettings(...)
Rename UI elements involved with the bottom preview panel to use the
terminology "entry preview panel" instead of "details view" or "preview
panel". Change all associated variables, widgets, and classes to
reference EntryPreviewPanel. Create Config::upgrade() function and
deprecation mapping to help rename/remove previous config settings in a
clean manner.
Fixes#2327
* Add source folder keeshare for sharing with corresponding define WITH_XC_KEESHARE
* Move common crypto parts to src/crypto/ssh
* Extended OpenSSHKey
* Move filewatching to own file (currently in two related classes DelayedFileWatcher and BulkFileWatcher)
* Small improvements for style and code in several classes
* Sharing is secured using RSA-Keys which are generated on demand
* Publisher signs the container using their private key
* Client can verify the signed container and choose to decline an import,
import only once or trust the publisher and automatically import all
data of this source henceforth
* Integration of settings into Group-Settings, Database-Settings and Application-Settings
* Introduced dependency QuaZip as dependency to allow combined export of
key container and the (custom format) certificate
This patch implements a new database wizard to guide users through the process
of setting up a new database and choosing sane encryption settings.
It also reimplements the master key settings to be more
user-friendly. Users can now add, change, or remove individual composite
key components instead of having to set all components at once. This
avoids confusion about a password being reset if the user only wants to
add a key file.
With these changes comes a major refactor of how database composite keys and key
components are handled. Copying of keys is prohibited and each key
exists only once in memory and is referenced via shared pointers. GUI
components for changing individual keys are encapsulated into separate
classes to be more reusable. The password edit and generator widgets
have also been refactored to be more reusable.
Update state syncer (class DatabaseWidgetStateSync) to account for new
features:
- properly sync view state when switching tabs
- properly read/write view state from/to config
Update classes EntryModel and EntryView to consistenly name list/search
modes. Before, both classes defined list mode as 'group mode' and search
mode as 'entry list mode', which differed from naming in other classes
such as DatabaseWidget.
