Replaces all string configuration options with enum types
that can be checked by the compiler. This prevents spelling
errors, in-place configuration definitions, and inconsistent
default values. The default value config getter signature was
removed in favour of consistently and centrally default-initialised
configuration values.
Individual default values were adjusted for better security,
such as the default password length, which was increased from
16 characters to 32.
The already existing config option deprecation map was extended
by a general migration procedure using configuration versioning.
Settings were split into Roaming and Local settings, which
go to their respective AppData locations on Windows.
Fixes#2574Fixes#2193
Hard-coded widget state colours (error, warning, health etc.)
are replace by a central palette class, which also takes care
of determining if KeePassXC is in dark or light mode.
Colours expected to be used as background for normal text
were tested for WCAG level A compliance. Health colours were
adjusted for better harmony with the application theme and
tested for sufficient contrast with a colour blindness simulator.
* Changed style so that only default buttons have full background highlight. This prevents confusion as to which button in various dialogs is the default/desired choice.
* Move password generator popup into static function outside of PasswordEdit so other parts of the program can easily access it.
* QDialog forces 'autoDefault' property on all buttons causing them to obtain background highlight when they are focused. Moved Password Generator outside of a QDialog and forced 'autoDefault' to false on Browser Access Dialog.
* Fixed button ordering in Totp Setup Dialog
* About dialog close button is now the default button
Fixes#4407Fixes#4637
Additional changes:
- Fix reference entry colour being incompatible with dark themes
- Fix QWizard page being too bright in dark mode
- Prevent unfocused wheel scroll changes to theme setting
The recent macOS security patch renders our codesigning
"fix" of setting the sandbox entitlement to false twice
unusable. This patch adds a full provisioning profile
and adjusts the signing procedure to not include
entitlements for Qt frameworks.
The patch also changes the app and bundle ID, so granted
accessibility privileges have to be granted again after
installing the update.
Fixes#4398Fixes#4515
* Prevent using double memory when benchmarking Argon2 performance.
* Improve benchmark results by not overusing CPU and memory simultaneously. Parallel benchmarks were causing artificially strained calculations resulting in a lower than desired number of rounds.
* Fixes#1083
* Add online HIBP checker dialog to the database reports widget. Permission is requested from the user prior to performing any network operations.
* The number of times a password has been found in a breach is shown to the user.
* If no passwords are breached then a positive message is presented.
* Source of HIBP icon: https://github.com/simple-icons/simple-icons/blob/develop/icons/haveibeenpwned.svg
Authored-by: Wolfram Rösler <wolfram@roesler-ac.de>
Co-authored-by: Jonathan White <support@dmapps.us>
* Add ability to create database with an empty password
* Add password repeat check
* Standardize process between `db-create` and `import` commands
* Improve db-create tests with new password repeat
Co-authored-by: Jonathan White <support@dmapps.us>
* Use KeePassXC executable icon for the start menu shortcut on Windows to prevent the icon from being deleted on installation of a new version. Fixes#4226
* Support improvements to windeployqt in Qt 5.14.1+
See issue #3271 for a motivation of this feature.
This patch adds an additional text input to the advanced view of the password generator. All characters of this input field (if not empty) will be added as another group to the password generator. The characters from the excluded field have precedence over the characters from this new field, meaning any character added to both fields will *not* appear in any generated password. As the
characters from this new field will be added as their own group to the password generator, checking the 'Include characters from every group' checkbox will
force at least character to be chosen from the new input field.
The `PasswordGenerator` class has also been changed so that the `isValid` method returns `true` if only characters from the new input field would be used.
There is a new, simple test that covers the new feature. While the test only uses ASCII characters, any Unicode characters can be used with the new feature.
* Remove repeat password on entry edit
* Move show/hide password and password generator buttons into the field as actions.
* Register keyboard shortcut Ctrl+H to toggle password visibility
* Register keyboard shortcut Ctrl+G to open the password generator
* Cleanup code and improve interactions between elements
* Simplify Password Generator button layout; convert advanced mode button to toggle button
* Update GUI tests
* Fixes#4120
* Add function to Application to quickly determine if in light or dark theme
* Add kpxcApp symbol
* Explicitly define main function for GUI tests to improve performance and use custom Application.
* Wrap key transformation in AsyncTask when reading a database. Significantly reduces user interface lockup.
* Replace root group with new group instead of deleting the pointer (fulfills member validity promise).