* This removes the application setting to require typing the password in again even though it is visible.
* Removed automatic password repeat when the password is made visible on changing.
* Closes#7545 - Support 1Password 1PUX import format based on https://support.1password.com/1pux-format/
* Closes#8367 - Support Bitwarden JSON import format (both unencrypted and encrypted) based on https://bitwarden.com/help/encrypted-export/
* Fixes#9577 - OPVault import when fields have the same name or type
* Introduce the import wizard to handle all import tasks (CSV, KDBX1, OPVault, 1PUX, JSON)
* Clean up CSV parser code to make it much more efficient and easier to read
* Combine all importer tests (except CSV) into one test file
* Previously our base style sheet added roughly 20px of margin to the top and bottom of all QGroupBox. This caused visual errors where that margin was not needed/desired.
* Transferred padding to the specific layouts instead where it belongs.
Refactors the Passkey implementation to include more checks and a structure that is more aligned with the official specification.
Notable changes:
- _BrowserService_ no longer does the checks by itself. A new class _BrowserPasskeysClient_ constructs the relevant objects, acting as a client. _BrowserService_ only acts as a bridge between the client and _BrowserPasskeys_ (authenticator) and calls the relevant popups for user interaction.
- A new helper class _PasskeyUtils_ includes the actual checks and parses the objects.
- _BrowserPasskeys_ is pretty much intact, but some functions have been moved to PasskeyUtils.
- Fixes Ed25519 encoding in _BrowserCBOR_.
- Adds new error messages.
- User confirmation for Passkey retrieval is also asked even if `discouraged` is used. This goes against the specification, but currently there's no other way to verify the user.
- `cross-platform` is also accepted for compatibility. This could be removed if there's a potential issue with it.
- Extension data is now handled correctly during Authentication.
- Allowed and excluded credentials are now handled correctly.
- `KPEX_PASSKEY_GENERATED_USER_ID` is renamed to `KPEX_PASSKEY_CREDENTIAL_ID`
- Adds a new option "Allow localhost with Passkeys" to Browser Integration -> Advanced tab. By default it's not allowed to access HTTP sites, but `http://localhost` can be allowed for debugging and testing purposes for local servers.
- Add tag `Passkey` to a Passkey entry, or an entry with an imported Passkey.
Fixes#10287.
* Fix#9847 - don't provide TOTP values if settings are blank or completely wrong
* Fix#6838 - don't reset the ui when creating a new entry and applying TOTP to it
* Move totp source into the core folder
* Fix#7892 - Pressing escape when the quick unlock prompt is shown will now go back to the main unlock dialog view.
* Fix#9030 - Quick unlock will be automatically invoked in the unlock dialog upon being shown.
* Fix#9554 - Quick unlock application setting will be updated every time the settings widget is shown instead of just on first launch.
* Show warning that quick unlock is not enabled if user cancels Windows Hello prompt. This should limit people thinking there is a security issue. Also improve documentation describing this behavior.
* Disable quick unlock in gui tests
