Update translations

This was noted as a problem in several issues and it finally occurred to me and I traced it to the fact that a timing issue sometimes allowed the file watcher to trigger a "file changed" alert right when saving starts. I fixed this by moving where the mutex lock is made for saving and preventing database reload during a save operation.

.clang-format

@@ -81,7 +81,7 @@ SpacesInContainerLiterals: true
 SpacesInCStyleCastParentheses: false
 SpacesInParentheses: false
 SpacesInSquareBrackets: false
-Standard:        c++17
+Standard:        Cpp11
 TabWidth:        4
 UseTab:          Never
 ...

.github/CONTRIBUTING.md

@@ -38,7 +38,7 @@ We will accept contributions of good code that we can use from anyone.
  - “contributions”: This means just about anything you wish to contribute to the project, as long as it is good code we can use. The easier you make it for us to accept your contribution, the happier we are, but if it’s good enough, we will do a reasonable amount of work to use it.
  - “of good code”: This means that we will accept contributions that work well and efficiently, that fit in with the goals of the project, that match the project’s coding style, and that do not impose an undue maintenance workload on us going forward. This does not mean just program code, either, but documentation and artistic works as appropriate to the project.
  - “that we can use”: This means that your contribution must be given freely and irrevocably, that you must have the right to contribute it for our unrestricted use, and that your contribution is made under a license that is compatible with the license the project has chosen and that permits us to include, distribute, and modify your work without restriction.
- - “from anyone”: This means exactly that. We don’t care about anything but your code. We don’t care about your race, religion, national origin, biological gender, perceived gender, sexual orientation, lifestyle, political viewpoint, or anything extraneous like that. We will neither reject your contribution nor grant it preferential treatment on any basis except the code itself. We do, however, reserve the right to limit your access to our community if you violate our [Code of Conduct](../CODE-OF-CONDUCT.md).
+ - “from anyone”: This means exactly that. We don’t care about anything but your code. We don’t care about your race, religion, national origin, biological gender, perceived gender, sexual orientation, lifestyle, political viewpoint, or anything extraneous like that. We will neither reject your contribution nor grant it preferential treatment on any basis except the code itself. We do, however, reserve the right to tell you to go away if you behave too obnoxiously toward us.
 
 #### If Your Contribution Is Rejected
 

.github/ISSUE_TEMPLATE/bug-report.md

@@ -0,0 +1,39 @@
+---
+name: Bug Report
+about: provide information about a problem
+title: 
+labels: bug
+assignees: ''
+
+---
+## Overview
+[TIP]:  # ( DO NOT include screenshots of your actual database! )
+[NOTE]: # ( Give a BRIEF summary about your problem )
+
+
+## Steps to Reproduce
+[NOTE]: # ( Provide a simple set of steps to reproduce this bug. )
+1. 
+2. 
+3. 
+
+## Expected Behavior
+[NOTE]: # ( Tell us what you expected to happen )
+
+
+## Actual Behavior
+[NOTE]: # ( Tell us what actually happens )
+
+
+## Context
+[NOTE]: # ( Give us any additional information you may have. )
+
+
+[NOTE]: # ( Paste debug info from Help → About here )
+KeePassXC - VERSION
+Revision: REVISION
+
+[NOTE]: # ( Pick choices based on your environment )
+Operating System: Windows/Linux/macOS
+Desktop Env: Gnome/KDE/XFCE/Mate/Cinnamon
+Windowing System: X11/Wayland

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -1,83 +0,0 @@
-name: Bug Report
-description: Provide information about a problem you are experiencing.
-type: Bug
-
-body:
-  - type: checkboxes
-    attributes:
-      label: Have you searched for an existing issue?
-      description: |
-        Use the issue search box to see if one already exists for the bug you encountered.
-        Also take a moment to review our pinned issues.
-      options:
-      - label: Yes, I tried searching and reviewed the pinned issues
-        required: true
-
-  - type: textarea
-    id: summary
-    attributes:
-      label: Brief Summary
-      description: |
-        Provide an overview of the problem, include any information that may help us triage this issue.
-        Provide screenshots if possible, but do NOT show sensitive data (use View -> Allow Screen Capture).
-    validations:
-      required: true
-
-  - type: textarea
-    id: steps
-    attributes:
-      label: Steps to Reproduce
-      description: Provide a simple set of steps to reproduce this bug.
-      placeholder: |
-        1. 
-        2. 
-        3. 
-    validations:
-      required: true
-
-  - type: textarea
-    id: expected_vs_actual
-    attributes:
-      label: Expected Versus Actual Behavior
-      description: Tell us what you expected to happen and what actually happened.
-
-  - type: textarea
-    id: debug_info
-    attributes:
-      label: KeePassXC Debug Information
-      placeholder: "Paste the output of: Help -> About -> Debug Info"
-      render: Text
-
-  - type: dropdown
-    id: os
-    attributes:
-      label: Operating System
-      description: Select your operating system.
-      options:
-        - Windows
-        - Linux
-        - macOS
-        - Other (BSD, Haiku, etc)
-
-  - type: dropdown
-    id: desktop_env
-    attributes:
-      label: Linux Desktop Environment
-      description: If on Linux, please select your desktop environment.
-      options:
-        - Gnome
-        - KDE
-        - XFCE
-        - Mate / Cinnamon
-        - Sway
-        - i3
-        - Other
-
-  - type: dropdown
-    id: window_system
-    attributes:
-      label: Linux Windowing System
-      description: If on Linux, please select your windowing system.
-      options:
-        - X11
-        - Wayland

.github/ISSUE_TEMPLATE/feature-request.md

@@ -0,0 +1,19 @@
+---
+name: Feature Request
+about: tell us about a new feature you want
+title: 
+labels: new feature
+assignees: ''
+
+---
+## Summary
+[TIP]:  # ( DO NOT include screenshots of your actual database! )
+[NOTE]: # ( Provide a brief overview of what the new feature is all about )
+
+
+## Examples
+[NOTE]: # ( Show us a picture or mock-up of your proposal )
+
+
+## Context
+[NOTE]: # ( Why does this feature matter to you? What unique circumstances do you have? )

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -1,34 +0,0 @@
-name: Feature Request
-description: Tell us about a new feature you want.
-type: Feature
-
-body:
-  - type: checkboxes
-    attributes:
-      label: Have you searched for an existing feature request?
-      description: Use the issue search box to see if one already exists for the feature you want.
-      options:
-      - label: Yes, I tried searching
-        required: true
-
-  - type: textarea
-    id: summary
-    attributes:
-      label: Brief Summary
-      description: |
-        Provide an overview of the feature you are interested in adding.
-        Provide screenshots if possible, but do NOT show sensitive data (use View -> Allow Screen Capture).
-    validations:
-      required: true
-
-  - type: textarea
-    id: example
-    attributes:
-      label: Example
-      description: Provide an example of how this feature would be used.
-
-  - type: textarea
-    id: context
-    attributes:
-      label: Context
-      description: Why does this feature matter to you? What unique circumstances do you have?

.github/ISSUE_TEMPLATE/prerelease_bug_report.yml

@@ -1,85 +0,0 @@
-name: Pre-Release Bug Report
-description: Report an issue with pre-release code (e.g. snapshot builds).
-type: Bug
-labels: PRE-RELEASE BUG
-assignees: droidmonkey
-
-body:
-  - type: checkboxes
-    attributes:
-      label: Have you searched for an existing issue?
-      description: |
-        Use the issue search box to see if one already exists for the bug you encountered.
-        Also take a moment to review our pinned issues.
-      options:
-      - label: Yes, I tried searching and reviewed the pinned issues
-        required: true
-
-  - type: textarea
-    id: summary
-    attributes:
-      label: Brief Summary
-      description: |
-        Provide an overview of the problem, include any information that may help us triage this issue.
-        Provide screenshots if possible, but do NOT show sensitive data (use View -> Allow Screen Capture).
-    validations:
-      required: true
-
-  - type: textarea
-    id: steps
-    attributes:
-      label: Steps to Reproduce
-      description: Provide a simple set of steps to reproduce this bug.
-      placeholder: |
-        1. 
-        2. 
-        3. 
-    validations:
-      required: true
-
-  - type: textarea
-    id: expected_vs_actual
-    attributes:
-      label: Expected Versus Actual Behavior
-      description: Tell us what you expected to happen and what actually happened.
-
-  - type: textarea
-    id: debug_info
-    attributes:
-      label: KeePassXC Debug Information
-      placeholder: "Paste the output of: Help -> About -> Debug Info"
-      render: Text
-
-  - type: dropdown
-    id: os
-    attributes:
-      label: Operating System
-      description: Select your operating system.
-      options:
-        - Windows
-        - Linux
-        - macOS
-        - Other (BSD, Haiku, etc)
-
-  - type: dropdown
-    id: desktop_env
-    attributes:
-      label: Linux Desktop Environment
-      description: If on Linux, please select your desktop environment.
-      options:
-        - Gnome
-        - KDE
-        - XFCE
-        - Mate / Cinnamon
-        - Sway
-        - i3
-        - Other
-
-  - type: dropdown
-    id: window_system
-    attributes:
-      label: Linux Windowing System
-      description: If on Linux, please select your windowing system.
-      options:
-        - X11
-        - Wayland

.github/ISSUE_TEMPLATE/release-preview-bug-report.md

@@ -0,0 +1,39 @@
+---
+name: Release Preview Bug report
+about: report a bug with a release preview (e.g., 2.6.0-beta1)
+title: 
+labels: PRE-RELEASE BUG
+assignees: droidmonkey
+
+---
+## Overview
+[TIP]:  # ( DO NOT include screenshots of your actual database! )
+[NOTE]: # ( Give a BRIEF summary about your problem )
+
+
+## Steps to Reproduce
+[NOTE]: # ( Provide a simple set of steps to reproduce this bug. )
+1. 
+2. 
+3. 
+
+## Expected Behavior
+[NOTE]: # ( Tell us what you expected to happen )
+
+
+## Actual Behavior
+[NOTE]: # ( Tell us what actually happens )
+
+
+## Context
+[NOTE]: # ( Give us any additional information you may have. )
+
+
+[NOTE]: # ( Paste debug info from Help → About here )
+KeePassXC - VERSION
+Revision: REVISION
+
+[NOTE]: # ( Pick choices based on your environment )
+Operating System: Windows/Linux/macOS
+Desktop Env: Gnome/KDE/XFCE/Mate/Cinnamon
+Windowing System: X11/Wayland

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,15 +1,15 @@
 [NOTE]: # ( Describe your changes in detail, why is this change required? )
 [NOTE]: # ( Explain large or complex code modifications. )
-[NOTE]: # ( If it fixes an open issue, please add "Fixes #XXX". )
+[NOTE]: # ( If it fixes an open issue, please add "Fixes #XXX" )
 
 
 ## Screenshots
-[NOTE]: # ( Do not include screenshots of your actual database! )
+[TIP]:  # ( Do not include screenshots of your actual database! )
-[TIP]:  # ( Use View -> Allow Screen Capture )
+
 
 ## Testing strategy
 [NOTE]: # ( Please describe in detail how you tested your changes. )
-[TIP]:  # ( We expect new code to be covered by unit tests and include helpful comments. )
+[TIP]:  # ( We expect new code to be covered by unit tests and documented with doc blocks! )
 
 
 ## Type of change

.github/workflows/codeql.yml

@@ -1,70 +0,0 @@
-name: "CodeQL"
-
-on:
-  push:
-    branches: [ 'develop', 'release/2.7.x' ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ 'develop' ]
-  schedule:
-    - cron: '5 16 * * 3'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
-    timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'cpp' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Use only 'java' to analyze code written in Java, Kotlin or both
-        # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both
-        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-
-    - if: matrix.language == 'cpp'
-      name: Install dependencies
-      run: |
-        sudo apt update
-        sudo apt install build-essential cmake g++
-        sudo apt install qtbase5-dev qtbase5-private-dev qttools5-dev qttools5-dev-tools libqt5svg5-dev libargon2-dev libkeyutils-dev libminizip-dev libbotan-2-dev libqrencode-dev zlib1g-dev asciidoctor libreadline-dev libpcsclite-dev libusb-1.0-0-dev libxi-dev libxtst-dev  libqt5x11extras5-dev
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-
-        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-        queries: security-and-quality
-
-    - if: matrix.language == 'cpp'
-      name: Build C++
-      run: |
-        mkdir build && cd build
-        cmake -DWITH_XC_ALL=ON -DWITH_TESTS=OFF ..
-        make -j $(nproc)
-
-    # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - if: matrix.language != 'cpp'
-      name: Autobuild
-      uses: github/codeql-action/autobuild@v3
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
-      with:
-        category: "/language:${{matrix.language}}"

.gitignore

@@ -24,10 +24,5 @@ desktop.ini
 # MSVC Files
 CMakeSettings.json
 CMakePresets.json
-CMakeUserPresets.json
 .vs/
-out/
+out/
-
-# vcpkg
-vcpkg_installed*/
-

.tx/config

@@ -1,19 +1,14 @@
 [main]
 host = https://www.transifex.com
 
-[o:keepassxc:p:keepassxc:r:share-translations-keepassxc-en-ts--develop]
+[keepassxc.share-translations-keepassxc-en-ts--develop]
-file_filter            = share/translations/keepassxc_<lang>.ts
+source_file = share/translations/keepassxc_en.ts
-source_file            = share/translations/keepassxc_en.ts
+file_filter = share/translations/keepassxc_<lang>.ts
-source_lang            = en
+source_lang = en
-type                   = QT
+type = QT
-replace_edited_strings = false
-keep_translations      = false
-
-[o:keepassxc:p:keepassxc:r:share-translations-keepassxc-en-ts--master]
-file_filter            = share/translations/keepassxc_<lang>.ts
-source_file            = share/translations/keepassxc_en.ts
-source_lang            = en
-type                   = QT
-replace_edited_strings = false
-keep_translations      = false
 
+[keepassxc.share-translations-keepassxc-en-ts--master]
+source_file = share/translations/keepassxc_en.ts
+file_filter = share/translations/keepassxc_<lang>.ts
+source_lang = en
+type = QT

CHANGELOG.md

@@ -1,249 +1,6 @@
 # Changelog
 
-## 2.8.0 (Pending)
+## 2.7.2 (2022-10-22)
-* Placeholder for future release notes
-
-## 2.7.10 (2025-03-02)
-
-### Changes
-* Allow adjusting application font size [#11567]
-* Add Proton Pass importer [#11197]
-* Support KeePass2 TOTP settings [#11229]
-* Add New/Preview Entry Attachments dialog and functionality [#11637, #11699, #11650]
-* Add database name, color, and icon options for unlock view [#10819, #11725]
-* Show entry background color as column [#6798]
-* Use icons for password strength [#9844]
-* Add "Group Full Path" column in entry view [#10278]
-* Passphrase "MIXED case" Type [#11255]
-* Allow deleting extension plugin data from Browser Statistics [#11218]
-* Add --minimized option to keepassxc [#11693]
-* Implement T-CONV and T-REPLACE-RX entry placeholders [#11453]
-* Option to disable opening browser when URL field double-clicked [#11332]
-* Overhaul action states and add icons to toolbar [#11047]
-* Show character count in password generator dialog [#10940]
-* Add ability to expire entries from context menu [#8731]
-* Add copy field shortcuts to Auto-Type select dialog [#11518]
-* Passkeys: Add support for selecting group on creation [#11260]
-* Browser: Refactor Access Control Dialog [#9607]
-* Browser: Add support for URL wildcards and exact URL [#9835, #11752]
-* Browser: Allow groups to restrict by browser integration key [#9852]
-* CLI: Add `-d` dry-run shortcut to merge command [#11192]
-* CLI: HTML export [#11590]
-* macOS: Add option to disable database lock when switching user [#9707]
-* SSH Agent: Implement feature to clear all identities [#10649]
-
-### Fixes
-* Major enhancements to documentation [#11745, #10875]
-* Various UI and style fixes [#11535, #11672, #11511, #11445, #11426, #11273, #11455, #11321, #11594, #11539, #11351, #11354, #10748, #11602, #11303, #11291, #10091, #9417]
-* Various improvements to tags [#11676, #11652, #11625]
-* Reset splitter sizes on database unlock [#11014]
-* Remember sort order in Auto-type popup dialog [#9508]
-* Fix database password clearing when modifying key file / hardware key [#11001]
-* Fix issues with reloading and handling of externally modified db file [#10612]
-* Support passkeys with Bitwarden import [#11401]
-* Fix various quirks with CSV import [#11787]
-* Show Auto-Type select dialog even if window title is empty [#11603]
-* Refactor hardware key code to avoid deadlock [#11703, #10872]
-* Show a clear error if hardware key is found slots are not configured [#11609]
-* Fix signal/slot disconnect when opening import wizard [#11039]
-* Fix setting window title as modified [#11542]
-* Fix assert hit when viewing entry history [#11413]
-* Fix multiple crashes on Linux [#11513]
-* Fix backup file path time substitution [#10834]
-* Prevent long-running threads from deadlocking the program with only 1 CPU [#11155]
-* Hide the menubar when menus lose focus (if toggled off) [#11355, #11605]
-* CLI: Restore the original codepage on windows [#11470]
-* Passkeys: Various fixes [#10934, #10951]
-* Browser: Fix cancel with database unlock dialog [#11435]
-* Browser: Resolve references in Access Confirm dialog [#11055]
-* SSH Agent: Add timeout to streams to prevent deadlock [#11290]
-* macOS: Replace legacy code for screen recording permissions [#11428]
-* macOS: Implement Secure Input Mode [#11623]
-* macOS: Fix showing ambigious name in settings [#11373]
-* macOS: Fix copy-to-clipboard shortcut in entry preview widget [#10966]
-* Linux: Prevent multiple lock requests [#11306]
-* Snap: Prevent need for snap helper script to configure browser extension [#10924]
-* Windows: Detect outdated VC Redist with MSI installer [#11469]
-* Windows: Additional exclusion fields for clipboard [#11521]
-
-## 2.7.9 (2024-06-19)
-
-### Changes
-* Passkeys: Ability to easily remove a passkey from an entry [#10777]
-* Snap: Use new desktop portal for native messaging integration [#10906]
-
-### Fixes
-* Improve entry placeholder/reference feature [#10846]
-* Improve CSV importing when title field isn't specified [#10843]
-* Improve encrypted Bitwarden importing [#10800]
-* Improve database settings UX [#10821]
-* Improve handling of clipboard actions from entry preview [#10810]
-* Improve group/entry view resize behavior and set sensible defaults [#10641]
-* Passkeys: Fix incorrect username fill [#10874]
-* Passkeys: Return additional data to the extension [#10857]
-* Fix password clear timer inconsistency on unlock view [#10708]
-* Fix portability check [#10760]
-* Fix page overflow on HTML exports [#10735]
-* Fix broken builds when using system provided zxcvbn [#10717]
-* Fix copy password button when text is selected [#10853]
-* Fix tab ordering on application settings pages [#10907]
-* SSH Agent: Fix broken decrypt button [#10638]
-* Windows: Fix ALT Auto-Type modifier [#10795]
-* Windows: Fix wrong DACL memory size allocation [#10712]
-* macOS: Fix monospace font sizing [#10739]
-* Flatpak: Fix configuration settings off-by-one error [#10688]
-* BSD: Fix compiling with libusb implementation [#10736]
-
-## 2.7.8 (2024-05-05)
-
-### Changes
-- Add hotkey for showing search help [#10591]
-- Add hotkey for group switching (Ctrl+Shift+PgUp/PgDown) [#10625]
-- Add per-database auto-save delay setting [#9100]
-- Add setting to hide menubar [#10341]
-- Improve Bitwarden 1PUX import and support organization collections [#10499]
-- Show advanced settings checkbox only for settings that have them [#6513]
-- Remove obsolete setting for requiring repeated password entry [#9722]
-- Passkeys: Allow registering Passkeys to existing entries [#10408]
-- Passkeys: Show warning about data being unencrypted before Passkey export [#10411]
-- Passkeys: Support NFC and USB transports [#10402]
-- Passkeys: Pass extension JSON data to browser [#10615]
-- SSH Agent: Do not use entries from recycle bin [#10518]
-- Linux: Change hotkey sequence used for {CLEARFIELD} Auto-Type [#10008]
-- Windows: Improve DACL memory access protection [#10618]
-
-### Fixes
-- Fix crash when deleting history items [#10451]
-- Fix crash on screen lock or computer sleep [#10458]
-- Fix search field not being focused after unlock [#10459]
-- Fix loss of window focus when Auto-Type needs to unlock a database [#10555]
-- Fix inconsistent TOTP visibility on unlock [#10009]
-- Fix CSV import skipping over single-name groups [#10575]
-- Fix key file folder being remembered even if disabled in settings [#10636]
-- Fix issues with entry editing and database locking [#10667]
-- Fix key file text when provided on command line [#10642]
-- Fix issues with hardware key auto detection [#10663]
-- Do not override monospace font size [#10282]
-- Perform group sort only when group view is in focus [#10202]
-- Do not show decimals for attachment sizes in Bytes [#10595]
-- Prevent merging of global custom data when merging databases [#10452]
-- Fix minor translation issues [#10635]
-- Passkeys: Fix StrongBox incompatibility [#10420]
-- Passkeys: Set RP ID to effective domain if unset instead of returning an error [#10384]
-- Passkeys: Various UI fixes and improvements [#10427, #10608, #10609]
-- AppImage: Fix URL opening [#10624]
-- Flatpak: Fix application autostart [#10563]
-- Linux/macOS: Fix button sizes on modal alert popups [#10500]
-- Linux: Fix clipboard clear on Wayland [#10500]
-- Windows: Preserve file-hidden attribute [#10343]
-
-## 2.7.7 (2024-03-09)
-
-### Changes
-- Support USB Hotplug for Hardware Key interface [#10092]
-- Support 1PUX and Bitwarden import [#9815]
-- Browser: Add support for PassKeys [#8825, #9987, #10318]
-- Build System: Move to vcpkg manifest mode [#10088]
-
-### Fixes
-- Fix multiple TOTP issues [#9874]
-- Fix focus loss on save when the editor is not visible anymore [#10075]
-- Fix visual when removing entry from history [#9947]
-- Fix first entry is not selected when a search is performed [#9868]
-- Prevent scrollbars on entry drag/drop [#9747]
-- Prevent duplicate characters in "Also choose from" field of password generator  [#9803]
-- Security: Prevent byte-by-byte and attachment inference side channel attacks [#10266]
-- Browser: Fix raising Update Entry messagebox [#9853]
-- Browser: Fix bugs when returning credentials [#9136]
-- Browser: Fix crash on database open from browser [#9939]
-- Browser: Fix support for referenced URL fields [#8788]
-- MacOS: Fix crash when changing highlight/accent color [#10348]
-- MacOS: Fix TouchID appearing even though lid is closed [#10092]
-- Windows: Fix terminating KeePassXC processes with MSI installer [#9822]
-- FdoSecrets: Fix database merge crash when enabled [#10136]
-
-## 2.7.6 (2023-08-15)
-
-### Changes
-- Significant improvement to visual when drag/drop entries [#9698]
-- Automatically prompt for Quick Unlock when showing unlock dialog [#9697]
-- Improve colorful lock icon and fix file MIME icon on KDE [#9632]
-- Ability to search by entry UUID [#9571]
-- Add challenge-response support for NitroKey 3 [#9631]
-- Auto-Type: Disable entry level Auto-Type when disabled at group/entry [#9672]
-- Browser: Show warning when adding duplicate URL's to entry [#9588][#9635]
-- Browser: Improve error message when proxy cannot be found [#9385]
-
-### Fixes
-- Fix crash on exit on macOS [#9620]
-- Fix crash on search if entry doesn't have a group [#9633]
-- Fix several issues with Quick Unlock [#9697]
-- Enable save button when not auto-saving non-data changes [#9634]
-- Several UI/UX fixes [#9647]
-- Move toolbar back to top of window when disabling movement [#9699]
-- Browser: Fix closing password generator dialog with X button [#9636]
-- Browser: Fix handling of expired credentials [#9595]
-- Windows: Prevent white flicker when launching application [#9637]
-- Linux: Fix warning message about allow screencapture [#9638]
-- FdoSecrets: Fix access confirmation dialog showing even when disabled [#9690]
-
-## 2.7.5 (2023-05-14)
-
-### Changes
-- Add menu option to allow screenshots [#8841]
-- Add support for Botan 3 [#9388]
-- Increase max TOTP step to 24 hours [#9149]
-- Improve HTML export layout [#8987]
-- Turn search reset off by default [#9153]
-- Use QClipboard::clear() instead of setting blank text [#9148]
-- Hide group column header choice when not in search [#9171]
-- Improve look of KeePassXC logo and icons [#9355]
-- Add keyboard shortcuts for app and database settings [#9007]
-- Hide rename button from attachments preview panel [#8842]
-- Linux: Set SingleMainWindow in .desktop file [#7430]
-
-### Fixes
-- Fix crash when search clears while creating new entry [#9230]
-- Fix crash when using Windows Hello in a Remote Desktop session [#9006]
-- Fix crash in Group Edit after enabling Browser Integration [#8778]
-- Fix canceling quick unlock when it is unavailable [#9034]
-- Set password input field font correctly [#8732]
-- Greatly improve performance when rendering entry view [#9398]
-- Fix various accessibility issues [#9138]
-- Fix arrows size when expand/collapse a group [#9096]
-- Select the clone instead of the original after cloning an entry [#9070]
-- Fix bugs with preview widget [#9170]
-- Fix status bar update when switching to other DB [#9073]
-- Fix database settings spin box bug [#9101]
-- Fix Ctrl+Tab shortcut to cycle databases in unlock dialog [#8839]
-- Fix TOTP QR code maintaining square ratio [#9027]
-- Fix Auto-Type configuration page on custom sequence selection [#8752]
-- Fix unexpected behavior of `--lock` when KeePassXC is not running [#8889]
-- Make open folder icon exempt from "Apply group icon to entry" [#9205]
-- Allow setting default file open directory with env var [#9192]
-- SSH Agent: Fix support for AES-256/GCM openssh keys [#8968]
-- Browser: Fix Native Messaging script path with BSD OS's [#8835]
-- MacOS: Fix text selection for Auto-Type clear field [#9066]
-- MacOS: Don't rely on AppleInterfaceStyle for theme switching [#8615]
-- Windows: Remove registry detection of desktop shortcut [#9380]
-
-## 2.7.4 (2022-10-29)
-
-### Changes
-- Add 2 months expiration preset [#8687]
-- CLI: Add Unicode support on Windows [#8618]
-
-### Fixes
-- Fix crash on macOS when unlocking database [#8676]
-- Fix display of passwords in preview panel [#8633]
-- Fix clicking links in entry preview panel [#8644]
-- Prevent expired entries search if no results returned [#8643]
-- Browser: Revert code causing connection problems [#8665]
-- Browser: Fix socket file symbolic link on Linux [#8656]
-- Flatpak: Fix launching browser proxy service [#8680]
-- SSH Agent: Fix pageant support on Windows [#8619]
-
-## 2.7.3 (2022-10-23)
 
 ### Changes
 - Enhance Tags Support and Add Saved Searches [#8435, #8607]
@@ -1124,7 +881,7 @@
 - Compare window title to entry URLs #556
 - Implemented inline error messages #162
 - Ignore group expansion and other minor changes when making database "dirty" #464
-- Updated license and copyright information on source files #632
+- Updated license and copyright information on souce files #632
 - Added contributors list to about dialog #629
 
 ## 2.1.4 (2017-04-09)

CMakeLists.txt

@@ -14,7 +14,7 @@
 #  You should have received a copy of the GNU General Public License
 #  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-cmake_minimum_required(VERSION 3.10.0)
+cmake_minimum_required(VERSION 3.3.0)
 
 project(KeePassXC)
 set(APP_ID "org.keepassxc.${PROJECT_NAME}")
@@ -53,7 +53,6 @@ set(WITH_XC_ALL OFF CACHE BOOL "Build in all available plugins")
 option(WITH_XC_AUTOTYPE "Include Auto-Type." ON)
 option(WITH_XC_NETWORKING "Include networking code (e.g. for downloading website icons)." OFF)
 option(WITH_XC_BROWSER "Include browser integration with keepassxc-browser." OFF)
-option(WITH_XC_BROWSER_PASSKEYS "Passkeys support for browser integration." OFF)
 option(WITH_XC_YUBIKEY "Include YubiKey support." OFF)
 option(WITH_XC_SSHAGENT "Include SSH agent support." OFF)
 option(WITH_XC_KEESHARE "Sharing integration with KeeShare" OFF)
@@ -99,7 +98,6 @@ if(WITH_XC_ALL)
     set(WITH_XC_AUTOTYPE ON)
     set(WITH_XC_NETWORKING ON)
     set(WITH_XC_BROWSER ON)
-    set(WITH_XC_BROWSER_PASSKEYS ON)
     set(WITH_XC_YUBIKEY ON)
     set(WITH_XC_SSHAGENT ON)
     set(WITH_XC_KEESHARE ON)
@@ -120,8 +118,8 @@ if(UNIX AND NOT APPLE AND NOT WITH_XC_X11)
 endif()
 
 set(KEEPASSXC_VERSION_MAJOR "2")
-set(KEEPASSXC_VERSION_MINOR "8")
+set(KEEPASSXC_VERSION_MINOR "7")
-set(KEEPASSXC_VERSION_PATCH "0")
+set(KEEPASSXC_VERSION_PATCH "2")
 set(KEEPASSXC_VERSION "${KEEPASSXC_VERSION_MAJOR}.${KEEPASSXC_VERSION_MINOR}.${KEEPASSXC_VERSION_PATCH}")
 set(OVERRIDE_VERSION "" CACHE STRING "Override the KeePassXC Version for Snapshot builds")
 
@@ -205,16 +203,6 @@ if(${CMAKE_VERSION} VERSION_GREATER_EQUAL "3.14.0")
     check_pie_supported()
 endif()
 
-# Find Botan early since the version affects subsequent compiler options
-find_package(Botan REQUIRED)
-if(BOTAN_VERSION VERSION_GREATER_EQUAL "3.0.0")
-    set(WITH_XC_BOTAN3 TRUE)
-elseif(BOTAN_VERSION VERSION_LESS "2.11.0")
-    # Check for minimum Botan version
-    message(FATAL_ERROR "Botan 2.11.0 or higher is required")   
-endif()
-include_directories(SYSTEM ${BOTAN_INCLUDE_DIR})
-
 # Create position independent code for shared libraries and executables
 set(CMAKE_POSITION_INDEPENDENT_CODE ON)
 
@@ -310,10 +298,6 @@ if(CMAKE_BUILD_TYPE_LOWER STREQUAL "debug")
     check_add_gcc_compiler_flag("-Wshadow-compatible-local")
     check_add_gcc_compiler_flag("-Wshadow-local")
     add_gcc_compiler_flags("-Werror")
-    # This is needed since compiling against Botan3 requires compiling against C++20
-    if(WITH_XC_BOTAN3)
-        add_gcc_compiler_cxxflags("-Wno-error=deprecated-enum-enum-conversion -Wno-error=deprecated")
-    endif()
 endif()
 
 if (NOT HAIKU)
@@ -359,11 +343,7 @@ if(UNIX AND NOT APPLE)
 endif()
 
 set(CMAKE_C_STANDARD 99)
-if(WITH_XC_BOTAN3)
+set(CMAKE_CXX_STANDARD 17)
-    set(CMAKE_CXX_STANDARD 20)
-else()
-    set(CMAKE_CXX_STANDARD 17)
-endif()
 set(CMAKE_CXX_STANDARD_REQUIRED ON)
 
 check_cxx_compiler_flag("-fsized-deallocation" CXX_HAS_fsized_deallocation)
@@ -395,7 +375,7 @@ if (MSVC)
     if(MSVC_TOOLSET_VERSION LESS 141)
         message(FATAL_ERROR "Only Microsoft Visual Studio 17 and newer are supported!")
     endif()
-    add_compile_options(/permissive- /utf-8 /MP)
+    add_compile_options(/permissive- /utf-8)
     if(IS_DEBUG_BUILD)
         add_compile_options(/Zf)
         if(MSVC_TOOLSET_VERSION GREATER 141)
@@ -467,7 +447,7 @@ if(WITH_COVERAGE)
     append_coverage_compiler_flags()
 
     set(COVERAGE_EXCLUDES
-            "'^(.+/)?thirdparty/.*'"
+            "'^(.+/)?(thirdparty|zxcvbn)/.*'"
             "'^(.+/)?main\\.cpp$$'"
             "'^(.+/)?cli/keepassxc-cli\\.cpp$$'"
             "'^(.+/)?proxy/keepassxc-proxy\\.cpp$$'")
@@ -512,8 +492,8 @@ else()
     find_package(Qt5 COMPONENTS ${QT_COMPONENTS} REQUIRED)
 endif()
 
-if(Qt5Core_VERSION VERSION_LESS "5.12.0")
+if(Qt5Core_VERSION VERSION_LESS "5.2.0")
-    message(FATAL_ERROR "Qt version 5.12.0 or higher is required")
+    message(FATAL_ERROR "Qt version 5.2.0 or higher is required")
 endif()
 
 get_filename_component(Qt5_PREFIX ${Qt5_DIR}/../../.. REALPATH)
@@ -549,6 +529,12 @@ endif()
 # Make sure we don't enable asserts there.
 set_property(DIRECTORY APPEND PROPERTY COMPILE_DEFINITIONS_NONE QT_NO_DEBUG)
 
+# Find Botan2
+find_package(Botan2 REQUIRED)
+if(BOTAN2_VERSION VERSION_LESS "2.11.0")
+    message(FATAL_ERROR "Botan2 2.11.0 or higher is required")
+endif()
+include_directories(SYSTEM ${BOTAN2_INCLUDE_DIR})
 # Find Argon2 -- Botan 2.18 and below does not support threaded Argon2
 find_library(ARGON2_LIBRARIES NAMES argon2)
 find_path(ARGON2_INCLUDE_DIR NAMES argon2.h PATH_SUFFIXES local/include)
@@ -561,18 +547,9 @@ if(ZLIB_VERSION_STRING VERSION_LESS "1.2.0")
 endif()
 include_directories(SYSTEM ${ZLIB_INCLUDE_DIR})
 
-# Find Minizip
-find_package(Minizip REQUIRED)
-
 if(WITH_XC_YUBIKEY)
     find_package(PCSC REQUIRED)
     include_directories(SYSTEM ${PCSC_INCLUDE_DIRS})
-
-    if(UNIX AND NOT APPLE)
-        find_library(LIBUSB_LIBRARIES NAMES usb-1.0 REQUIRED)
-        find_path(LIBUSB_INCLUDE_DIR NAMES libusb.h PATH_SUFFIXES "libusb-1.0" "libusb" REQUIRED)
-        include_directories(SYSTEM ${LIBUSB_INCLUDE_DIR})
-    endif()
 endif()
 
 if(UNIX)
@@ -607,12 +584,6 @@ endif()
 
 include_directories(SYSTEM ${ZLIB_INCLUDE_DIR})
 
-find_library(ZXCVBN_LIBRARIES zxcvbn)
-if(NOT ZXCVBN_LIBRARIES)
-    add_subdirectory(src/thirdparty/zxcvbn)
-    set(ZXCVBN_LIBRARIES zxcvbn)
-endif(NOT ZXCVBN_LIBRARIES)
-
 add_subdirectory(src)
 add_subdirectory(share)
 if(WITH_TESTS)

COPYING

@@ -1,5 +1,5 @@
 KeePassXC - http://www.keepassxc.org/
-Copyright (C) 2016-2023 KeePassXC Team <team@keepassxc.org>
+Copyright (C) 2016-2020 KeePassXC Team <team@keepassxc.org>
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -27,24 +27,28 @@ Copyright: 2010-2012, Felix Geyer <debfx@fobos.de>
            2000-2008, Tom Sato <VEF00200@nifty.ne.jp>
            2013, Laszlo Papp <lpapp@kde.org>
            2013, David Faure <faure@kde.org>
-           2016-2023, KeePassXC Team <team@keepassxc.org>
+           2016-2020, KeePassXC Team <team@keepassxc.org>
 License: GPL-2 or GPL-3
 
 Comment: The "KeePassXC Team" in every copyright notice is formed by the following people:
            - droidmonkey
            - phoerious
-           - varjolintu
+           - TheZ3ro <io@thezero.org>
-           - hifi
            - louib
+           - weslly
          Every other contributor is listed on https://github.com/keepassxreboot/keepassxc/graphs/contributors
 
 Files: cmake/CodeCoverage.cmake
 Copyright: 2012 - 2015, Lars Bilke
 License: BSD-3-clause
 
-Files: cmake/FindBotan.cmake
+Files: cmake/FindYubiKey.cmake
-Copyright: none
+Copyright: 2014 Kyle Manna <kyle@kylemanna.com>
-License: LGPL-2.1
+License: GPL-2 or GPL-3
+
+Files: cmake/FindBotan2.cmake
+Copyright: 2018 Ribose Inc.
+License: BSD-2-clause
 
 Files: cmake/GenerateProductVersion.cmake
 Copyright: 2015 halex2005 <akharlov@gmail.com>
@@ -137,27 +141,22 @@ Files: share/icons/badges/2_Expired.svg
        share/icons/database/C46_Help.svg
        share/icons/database/C53_Apply.svg
        share/icons/database/C61_Services.svg
-       share/icons/application/scalable/actions/proton.svg
 Copyright: 2022 KeePassXC Team <team@keepassxc.org>
 License: MIT
 
 Files: share/icons/application/scalable/actions/application-exit.svg
-       share/icons/application/scalable/actions/arrow-collapse-down.svg
        share/icons/application/scalable/actions/attributes-copy.svg
        share/icons/application/scalable/actions/auto-type.svg
-       share/icons/application/scalable/actions/bitwarden.svg
        share/icons/application/scalable/actions/bugreport.svg
        share/icons/application/scalable/actions/chevron-double-down.svg
        share/icons/application/scalable/actions/chevron-double-right.svg
        share/icons/application/scalable/actions/clipboard-text.svg
        share/icons/application/scalable/actions/configure.svg
-       share/icons/application/scalable/actions/csv.svg
        share/icons/application/scalable/actions/database-change-key.svg
        share/icons/application/scalable/actions/database-lock.svg
        share/icons/application/scalable/actions/database-lock-all.svg
        share/icons/application/scalable/actions/database-merge.svg
        share/icons/application/scalable/actions/database-search.svg
-       share/icons/application/scalable/actions/database-settings.svg
        share/icons/application/scalable/actions/dialog-close.svg
        share/icons/application/scalable/actions/dialog-ok.svg
        share/icons/application/scalable/actions/document-close.svg
@@ -178,7 +177,6 @@ Files: share/icons/application/scalable/actions/application-exit.svg
        share/icons/application/scalable/actions/entry-delete.svg
        share/icons/application/scalable/actions/entry-restore.svg
        share/icons/application/scalable/actions/entry-edit.svg
-       share/icons/application/scalable/actions/entry-expire.svg
        share/icons/application/scalable/actions/entry-new.svg
        share/icons/application/scalable/actions/favicon-download.svg
        share/icons/application/scalable/actions/fingerprint.svg
@@ -198,16 +196,13 @@ Files: share/icons/application/scalable/actions/application-exit.svg
        share/icons/application/scalable/actions/move-up.svg
        share/icons/application/scalable/actions/object-locked.svg
        share/icons/application/scalable/actions/object-unlocked.svg
-       share/icons/application/scalable/actions/onepassword.svg
        share/icons/application/scalable/actions/paperclip.svg
        share/icons/application/scalable/actions/password-copy.svg
-       share/icons/application/scalable/actions/passkey.svg
        share/icons/application/scalable/actions/password-generator.svg
        share/icons/application/scalable/actions/password-show-off.svg
        share/icons/application/scalable/actions/password-show-on.svg
        share/icons/application/scalable/actions/qrcode.svg
        share/icons/application/scalable/actions/refresh.svg
-       share/icons/application/scalable/actions/remote-sync.svg
        share/icons/application/scalable/actions/reports.svg
        share/icons/application/scalable/actions/reports-exclude.svg
        share/icons/application/scalable/actions/sort-alphabetical-ascending.svg
@@ -229,7 +224,6 @@ Files: share/icons/application/scalable/actions/application-exit.svg
        share/icons/application/scalable/actions/username-copy.svg
        share/icons/application/scalable/actions/view-history.svg
        share/icons/application/scalable/actions/web.svg
-       share/icons/application/scalable/actions/yubikey-refresh.svg
        share/icons/application/scalable/apps/internet-web-browser.svg
        share/icons/application/scalable/apps/keepassxc.svg
        share/icons/application/scalable/apps/keepassxc-dark.svg
@@ -244,12 +238,9 @@ Files: share/icons/application/scalable/actions/application-exit.svg
        share/icons/application/scalable/status/dialog-information.svg
        share/icons/application/scalable/status/dialog-warning.svg
        share/icons/application/scalable/status/security-high.svg
-       share/icons/application/scalable/actions/lock-open-alert.svg
+Copyright: 2019 Austin Andrews <http://templarian.com/>
-       share/icons/application/scalable/actions/lock-open.svg
+License: SIL OPEN FONT LICENSE Version 1.1
-       share/icons/application/scalable/actions/lock.svg
+Comment: Taken from Material Design icon set (https://github.com/templarian/MaterialDesign/)
-Copyright: 2023 Pictogrammers <https://pictogrammers.com/docs/general/about/>
-License: Apache-2.0
-Comment: Some icons are modified to fit KeePassXC design (https://pictogrammers.com/library/mdi/)
 
 Files: src/streams/qtiocompressor.*
        src/streams/QtIOCompressor
@@ -257,7 +248,7 @@ Files: src/streams/qtiocompressor.*
 Copyright: 2009-2012, Nokia Corporation and/or its subsidiary(-ies)
 License: LGPL-2.1 or GPL-3
 
-Files: src/thirdparty/zxcvbn/zxcvbn.*
+Files: src/zxcvbn/zxcvbn.*
 Copyright: 2015-2017, Tony Evans
 License: MIT
 

INSTALL.md

@@ -6,21 +6,34 @@ For more information, see also the [_Building KeePassXC_](https://github.com/kee
 
 The [QuickStart Guide](https://keepassxc.org/docs/KeePassXC_GettingStarted.html) gets you started using KeePassXC on your Windows, macOS, or Linux computer using pre-compiled binaries from the [downloads page](https://keepassxc.org/download).
 
-Toolchain and Build Dependencies
+Build Dependencies
-================================
+==================
 
-The following build tools must exist within your PATH:
+The following tools must exist within your PATH:
 
-* cmake (>= 3.10.0)
+* make
-* make (>= 4.2) or ninja (>= 1.10)
+* cmake (>= 3.3.0)
-* g++ (>= 4.9) or clang++ (>= 6.0)
+* g++ (>= 4.7) or clang++ (>= 6.0)
 * asciidoctor (>= 2.0)
 
-* Besides a working C++ toolchain, KeePassXC also has a number of direct build and runtime dependencies. For detailed information about how to install them, please refer to the GitHub wiki:
+The following libraries are required:
 
-* [Set up Build Environment on Linux](https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-Linux)
+* Qt 5 (>= 5.9.5): qtbase5, qtbase5-private, libqt5svg5, qttools5, qt5-image-formats-plugins
-* [Set up Build Environment on Windows](https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-Windows)
+* botan (>= 2.12)
-* [Set up Build Environment on macOS](https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-macOS)
+* libargon2
+* zlib
+* minizip
+* readline (for completion in cli)
+* qtx11extras, libxi, and libxtst (for auto-type on X11)
+* qrencode
+* libusb-1.0, pcsc-lite (for Yubikey support on Linux)
+
+Prepare the Building Environment
+================================
+
+* [Building Environment on Linux](https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-Linux)
+* [Building Environment on Windows](https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-Windows)
+* [Building Environment on MacOS](https://github.com/keepassxreboot/keepassxc/wiki/Set-up-Build-Environment-on-macOS)
 
 Build Steps
 ===========
@@ -44,13 +57,13 @@ To compile from source, open a **Terminal (Linux/MacOS)**, the **MSVC Tools Comm
    git pull
    ```
 
-   For a stable build, it is recommended to check out the `latest` tag.
+   For a stable build, it is recommended to check out the `latest` branch.
 
    ```
    git checkout latest
    ```
 
-2. Navigate to the directory where you have downloaded KeePassXC and run:
+2. Navigate to the directory where you have downloaded KeePassXC and type these commands:
 
    ```
    mkdir build
@@ -58,37 +71,40 @@ To compile from source, open a **Terminal (Linux/MacOS)**, the **MSVC Tools Comm
    cmake -DWITH_XC_ALL=ON ..
    make
    ```
-      
-If you have `vcpkg` installed, add `-DCMAKE_TOOLCHAIN_FILE=${VCPKG_ROOT}/scripts/buildsystems/vcpkg.cmake` to the `cmake` command to automatically download and install all required build and runtime dependencies locally to your build directory before compiling KeePassXC. Using `vcpkg` is the preferred way to install dependencies on macOS and required on Windows if using the MSVC toolchain.
 
-For more detailed build instructions for each platform, please refer to the [GitHub wiki](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC).
+Note: These steps place the compiled KeePassXC binary inside the `./build/src/` directory.
-
-Note: These steps place the compiled KeePassXC binary inside the `./build/src/` directory (`src/KeePassXC.app/Contents/MacOS` on macOS).
 
 ## MacOS Build Notes
 
-If you installed Qt@5 via Homebrew and CMake fails to find your Qt installation, you can specify it manually by adding the following parameter:
+If you installed Qt5 via Homebrew, you should be able to compile KeePassXC without any changes. If CMake fails to find your Qt installation, you can specify it manually by adding the following parameter:
 
-`-DCMAKE_PREFIX_PATH=$(brew --prefix qt@5)/lib/cmake`
+`-DCMAKE_PREFIX_PATH=$(brew --prefix qt5)/lib/cmake`
+
+(or whatever your Qt installation path is)
 
 When building with ASAN support on macOS, you need to use `export ASAN_OPTIONS=detect_leaks=0` before running the tests (LSAN is no supported on macOS).
 
 ## Windows Build Notes
 
+For detailed build steps see the [Windows Build Instructions](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC#windows).
+
+If you are using MSVC, you may have to specify your Vcpkg toolchain by adding the following CMake parameter: `-DCMAKE_TOOLCHAIN_FILE=C:\vcpkg\scripts\buildsystems\vcpkg.cmake`
+
 If you are using MSYS2, you have to add ```-G "MSYS Makefiles"``` at the beginning of the cmake command.
 
 CMake Configuration Options
 ==========================
 
-## Recommended CMake Build Parameters
+## Common Parameters
 
 ```
+-DCMAKE_INSTALL_PREFIX=$(brew --prefix)
 -DCMAKE_VERBOSE_MAKEFILE=ON
 -DCMAKE_BUILD_TYPE=<RelWithDebInfo/Debug/Release>
 -DWITH_GUI_TESTS=ON
 ```
 
-## Additional CMake Parameters
+## KeePassXC Parameters
 
 KeePassXC comes with a variety of build options that can turn on/off features. Most notably, we allow you to build the application with all TCP/IP networking code disabled. Please note that we still require and link against Qt5's network library in order to use local named pipes on all operating systems. Each of these build options are supplied at the time of calling cmake:
 
@@ -96,7 +112,6 @@ KeePassXC comes with a variety of build options that can turn on/off features. M
 -DWITH_XC_AUTOTYPE=[ON|OFF] Enable/Disable Auto-Type (default: ON)
 -DWITH_XC_YUBIKEY=[ON|OFF] Enable/Disable YubiKey HMAC-SHA1 authentication support (default: OFF)
 -DWITH_XC_BROWSER=[ON|OFF] Enable/Disable KeePassXC-Browser extension support (default: OFF)
--DWITH_XC_BROWSER_PASSKEYS=[ON|OFF] Enable/Disable Passkeys support for browser integration (default: OFF)
 -DWITH_XC_NETWORKING=[ON|OFF] Enable/Disable Networking support (e.g., favicon downloading) (default: OFF)
 -DWITH_XC_SSHAGENT=[ON|OFF] Enable/Disable SSHAgent support (default: OFF)
 -DWITH_XC_FDOSECRETS=[ON|OFF] (Linux Only) Enable/Disable Freedesktop.org Secrets Service support (default:OFF)

README.md

@@ -1,5 +1,4 @@
-# <img src="https://keepassxc.org/assets/img/keepassxc.svg" width="40" height="40"/> KeePassXC
+# <img src="https://keepassxc.org/images/keepassxc-logo.svg" width="40" height="40"/> KeePassXC
-[![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/6326/badge)](https://bestpractices.coreinfrastructure.org/projects/6326)
 [![TeamCity Build Status](https://ci.keepassxc.org/app/rest/builds/buildType:\(project:KeepassXC\)/statusIcon)](https://ci.keepassxc.org/?guest=1)
 [![codecov](https://codecov.io/gh/keepassxreboot/keepassxc/branch/develop/graph/badge.svg)](https://codecov.io/gh/keepassxreboot/keepassxc)
 [![GitHub release](https://img.shields.io/github/release/keepassxreboot/keepassxc)](https://github.com/keepassxreboot/keepassxc/releases/)
@@ -22,13 +21,12 @@ KeePassXC has numerous features for novice and power users alike. Our goal is to
 * Password generator
 * Auto-Type passwords into applications
 * Browser integration with Google Chrome, Mozilla Firefox, Microsoft Edge, Chromium, Vivaldi, Brave, and Tor-Browser
-* Support for passkeys using the browser integration
 * Entry icon download
-* Import databases from CSV, 1Password, Bitwarden, Proton Pass, and KeePass1 formats
+* Import databases from CSV, 1Password, and KeePass1 formats
 
 ### Advanced
 * Database reports (password health, HIBP, and statistics)
-* Database export to CSV, XML, and HTML formats
+* Database export to CSV and HTML formats
 * TOTP storage and generation
 * Field references between entries
 * File attachments and custom attributes

SECURITY.md

@@ -1,46 +0,0 @@
-### Reporting Security Issues
-
-The KeePassXC team takes security vulnerabilities very seriously and appreciates your responsible disclosure efforts. We will make every effort to acknowledge your contributions and handle them promptly.
-
-To report a security issue, please use one of the following methods:
-
-- **GitHub Security Advisory:** Use the ["Report a Vulnerability"](https://github.com/keepassxreboot/keepassxc/security/advisories/new) tab on our GitHub repository.
-- **Private Matrix Message:** Contact any of the following KeePassXC team members privately (also encrypted):
-  - [@droidmonkey_kpxc](https://matrix.to/#/@droidmonkey_kpxc:matrix.org)
-  - [@varjolintu](https://matrix.to/#/@varjolintu:matrix.org)
-  - [@phoerious](https://matrix.to/#/@phoerious:matrix.org)
-- **Send an Email:** Send your report to team@keepassxc.org. We recommend encrypting the email if possible.
-
-Please **DO NOT** use public channels (e.g., GitHub issues, Matrix chat channels) for initial reporting of bona fide security vulnerabilities.
-
-Once you report a security issue, our team will respond with the next steps. After our initial reply, we will keep you informed of the progress towards a fix and full announcement. We may ask for additional information or guidance during this process. If we disagree that your report constitutes a genuine security vulnerability, we will inform you and close the report. Your report may be turned into an issue for further tracking.
-
-If you discover vulnerabilities in third-party modules used by KeePassXC, please report them to the maintainers of the respective modules. If the vulnerability impacts KeePassXC directly, we encourage you to notify us using the above methods. We will validate if the vulnerability is exploitable from KeePassXC code; please note that not all vulnerabilities are actually exploitable and do not constitute an immediate concern for the KeePassXC application.
-
-### Example Security Vulnerabilities
-
-When reporting, please ensure the issue falls under what can be considered a genuine security vulnerability for KeePassXC. Some examples include:
-
-- Unauthorized access to sensitive user data (e.g., passwords).
-- Remote code execution or escalation of privileges.
-- Bypassing authentication or encryption mechanisms.
-- Broken or improperly implemented encryption methods. 
-
-### Counter Examples
-
-The following issues are **not** considered security vulnerabilities:
-
-- Bugs caused by locally modifying the application (e.g., injecting DLLs, altering code).
-- Crashes or misbehavior resulting from normal use (report this as a normal issue).
-- Vulnerabilities found in third-party modules (should be reported to the module’s maintainers).
-  
-### CVE Reporting Policy
-
-Please **DO NOT** submit a report to a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA) before confirming the security vulnerability with the KeePassXC team. If we do not respond to your report within 30 days, this restriction no longer applies.
-
-
-### Other Communication
-
-For other inquiries (e.g., developer questions, user questions), please use the public channels on Matrix:
-- **User's Channel:** [#keepassxc:mozilla.org](https://matrix.to/#/#keepassxc:mozilla.org)
-- **Developer's Channel:** [#keepassxc-dev:mozilla.org](https://matrix.to/#/#keepassxc-dev:mozilla.org)

cmake/CLangFormat.cmake

@@ -16,8 +16,9 @@
 set(EXCLUDED_DIRS
         # third-party directories
         src/thirdparty
+        src/zxcvbn
         # objective-c directories
-        src/quickunlock/touchid
+        src/touchid
         src/autotype/mac
         src/gui/osutils/macutils)
 

cmake/FindBotan.cmake

@@ -1,65 +0,0 @@
-# - Find botan
-# Find the botan cryptographic library
-#
-# This module defines the following variables:
-#   BOTAN_FOUND  -  True if library and include directory are found
-# If set to TRUE, the following are also defined:
-#   BOTAN_INCLUDE_DIRS  -  The directory where to find the header file
-#   BOTAN_LIBRARIES  -  Where to find the library files
-#
-# This file is in the public domain (https://github.com/vistle/vistle/blob/master/cmake/Modules/FindBOTAN.cmake)
-
-include(FindPackageHandleStandardArgs)
-
-set(BOTAN_VERSIONS botan-3 botan-2)
-set(BOTAN_NAMES botan-3 botan-2 botan)
-set(BOTAN_NAMES_DEBUG botand-3 botand-2 botand botan botan-3)
-
-find_path(
-    BOTAN_INCLUDE_DIR
-    NAMES botan/build.h
-    PATH_SUFFIXES ${BOTAN_VERSIONS}
-    DOC "The Botan include directory")
-if(BOTAN_INCLUDE_DIR)
-    file(READ "${BOTAN_INCLUDE_DIR}/botan/build.h" build)
-    string(REGEX MATCH "BOTAN_VERSION_MAJOR ([0-9]*)" _ ${build})
-    set(BOTAN_VERSION_MAJOR ${CMAKE_MATCH_1})
-    string(REGEX MATCH "BOTAN_VERSION_MINOR ([0-9]*)" _ ${build})
-    set(BOTAN_VERSION_MINOR ${CMAKE_MATCH_1})
-    string(REGEX MATCH "BOTAN_VERSION_PATCH ([0-9]*)" _ ${build})
-    set(BOTAN_VERSION_PATCH ${CMAKE_MATCH_1})
-    set(BOTAN_VERSION "${BOTAN_VERSION_MAJOR}.${BOTAN_VERSION_MINOR}.${BOTAN_VERSION_PATCH}")
-endif()
-
-find_library(
-    BOTAN_LIBRARY
-    NAMES ${BOTAN_NAMES}
-    PATH_SUFFIXES release/lib lib
-    DOC "The Botan (release) library")
-if(MSVC)
-    find_library(
-        BOTAN_LIBRARY_DEBUG
-        NAMES ${BOTAN_NAMES_DEBUG}
-        PATH_SUFFIXES debug/lib lib
-        DOC "The Botan debug library")
-    find_package_handle_standard_args(
-        Botan
-        REQUIRED_VARS BOTAN_LIBRARY BOTAN_LIBRARY_DEBUG BOTAN_INCLUDE_DIR
-        VERSION_VAR BOTAN_VERSION)
-else()
-    find_package_handle_standard_args(
-        Botan
-        REQUIRED_VARS BOTAN_LIBRARY BOTAN_INCLUDE_DIR
-        VERSION_VAR BOTAN_VERSION)
-endif()
-
-if(BOTAN_FOUND)
-    set(BOTAN_INCLUDE_DIRS ${BOTAN_INCLUDE_DIR})
-    if(MSVC)
-        set(BOTAN_LIBRARIES optimized ${BOTAN_LIBRARY} debug ${BOTAN_LIBRARY_DEBUG})
-    else()
-        set(BOTAN_LIBRARIES ${BOTAN_LIBRARY})
-    endif()
-endif()
-
-mark_as_advanced(BOTAN_INCLUDE_DIR BOTAN_LIBRARY BOTAN_LIBRARY_DEBUG)

cmake/FindBotan2.cmake

@@ -0,0 +1,106 @@
+# Copyright (c) 2018 Ribose Inc.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+
+#.rst:
+# FindBotan2
+# -----------
+#
+# Find the botan-2 library.
+#
+# IMPORTED Targets
+# ^^^^^^^^^^^^^^^^
+#
+# This module defines :prop_tgt:`IMPORTED` targets:
+#
+# ``Botan2::Botan2``
+#   The botan-2 library, if found.
+#
+# Result variables
+# ^^^^^^^^^^^^^^^^
+#
+# This module defines the following variables:
+#
+# ::
+#
+#   BOTAN2_FOUND          - true if the headers and library were found
+#   BOTAN2_INCLUDE_DIRS   - where to find headers
+#   BOTAN2_LIBRARIES      - list of libraries to link
+#   BOTAN2_VERSION        - library version that was found, if any
+
+# find the headers
+find_path(BOTAN2_INCLUDE_DIR
+  NAMES botan/version.h
+  PATH_SUFFIXES botan-2
+)
+
+# find the library
+find_library(BOTAN2_LIBRARY NAMES botan-2 libbotan-2 botan)
+
+# determine the version
+if(BOTAN2_INCLUDE_DIR AND EXISTS "${BOTAN2_INCLUDE_DIR}/botan/build.h")
+    file(STRINGS "${BOTAN2_INCLUDE_DIR}/botan/build.h" botan2_version_str
+      REGEX "^#define[\t ]+(BOTAN_VERSION_[A-Z]+)[\t ]+[0-9]+")
+
+    string(REGEX REPLACE ".*#define[\t ]+BOTAN_VERSION_MAJOR[\t ]+([0-9]+).*"
+           "\\1" _botan2_version_major "${botan2_version_str}")
+    string(REGEX REPLACE ".*#define[\t ]+BOTAN_VERSION_MINOR[\t ]+([0-9]+).*"
+           "\\1" _botan2_version_minor "${botan2_version_str}")
+    string(REGEX REPLACE ".*#define[\t ]+BOTAN_VERSION_PATCH[\t ]+([0-9]+).*"
+           "\\1" _botan2_version_patch "${botan2_version_str}")
+    set(BOTAN2_VERSION "${_botan2_version_major}.${_botan2_version_minor}.${_botan2_version_patch}"
+                       CACHE INTERNAL "The version of Botan which was detected")
+endif()
+
+include(FindPackageHandleStandardArgs)
+find_package_handle_standard_args(Botan2
+  REQUIRED_VARS BOTAN2_LIBRARY BOTAN2_INCLUDE_DIR
+  VERSION_VAR BOTAN2_VERSION
+)
+
+if(BOTAN2_FOUND)
+  set(BOTAN2_INCLUDE_DIRS ${BOTAN2_INCLUDE_DIR} ${PC_BOTAN2_INCLUDE_DIRS})
+  set(BOTAN2_LIBRARIES ${BOTAN2_LIBRARY})
+endif()
+
+if(BOTAN2_FOUND AND NOT TARGET Botan2::Botan2)
+  # create the new library target
+  add_library(Botan2::Botan2 UNKNOWN IMPORTED)
+  # set the required include dirs for the target
+  if(BOTAN2_INCLUDE_DIRS)
+    set_target_properties(Botan2::Botan2
+      PROPERTIES
+        INTERFACE_INCLUDE_DIRECTORIES "${BOTAN2_INCLUDE_DIRS}"
+    )
+  endif()
+  # set the required libraries for the target
+  if(EXISTS "${BOTAN2_LIBRARY}")
+    set_target_properties(Botan2::Botan2
+      PROPERTIES
+        IMPORTED_LINK_INTERFACE_LANGUAGES "C"
+        IMPORTED_LOCATION "${BOTAN2_LIBRARY}"
+    )
+  endif()
+endif()
+
+mark_as_advanced(BOTAN2_INCLUDE_DIR BOTAN2_LIBRARY)

cmake/FindPCSC.cmake

@@ -21,38 +21,16 @@ endif()
 
 if(NOT PCSC_FOUND)
    # Search for PC/SC headers on Mac and Windows
-
-   # Additional search paths for Windows if not running in Visual Studio environment
-   if (WIN32) 
-      # Resolve the ambiguity of using two names for one architechture
-      if(CMAKE_SYSTEM_PROCESSOR STREQUAL "AMD64" OR CMAKE_SYSTEM_PROCESSOR STREQUAL "x64")
-         set(ARCH_DIR "x64")
-      else()
-         set(ARCH_DIR "${CMAKE_SYSTEM_PROCESSOR}")
-      endif()
-
-      # Locate Windows SDK Paths
-      if (CMAKE_WINDOWS_KITS_10_DIR)
-         set(WINSDKROOTC_INCLUDE "${CMAKE_WINDOWS_KITS_10_DIR}/Include/${CMAKE_VS_WINDOWS_TARGET_PLATFORM_VERSION}/um")
-         set(WINSDKROOTC_LIB     "${CMAKE_WINDOWS_KITS_10_DIR}/LIB/${CMAKE_VS_WINDOWS_TARGET_PLATFORM_VERSION}/um/${ARCH_DIR}")
-      else()
-         set(WINSDKROOTC_INCLUDE "$ENV{ProgramFiles\(x86\)}/Windows Kits/10/Include/${CMAKE_VS_WINDOWS_TARGET_PLATFORM_VERSION}/um")
-         set(WINSDKROOTC_LIB     "$ENV{ProgramFiles\(x86\)}/Windows Kits/10/LIB/${CMAKE_VS_WINDOWS_TARGET_PLATFORM_VERSION}/um/${ARCH_DIR}")
-      endif()
-   endif()
-
    find_path(PCSC_INCLUDE_DIRS winscard.h
       HINTS
-         ${CMAKE_C_IMPLICIT_INCLUDE_DIRECTORIES}
+      ${CMAKE_C_IMPLICIT_INCLUDE_DIRECTORIES}
-         /usr/include/PCSC
+      /usr/include/PCSC
-         ${WINSDKROOTC_INCLUDE}
       PATH_SUFFIXES PCSC)
 
    # MAC library is PCSC, Windows library is WinSCard
    find_library(PCSC_LIBRARIES NAMES pcsclite libpcsclite WinSCard PCSC
       HINTS   
-         ${CMAKE_C_IMPLICIT_LINK_DIRECTORIES}
+      ${CMAKE_C_IMPLICIT_LINK_DIRECTORIES})
-         ${WINSDKROOTC_LIB})
 endif()
 
 include(FindPackageHandleStandardArgs)

cmake/FindQREncode.cmake

@@ -15,12 +15,12 @@
 
 find_path(QRENCODE_INCLUDE_DIR NAMES qrencode.h)
 
-if(WIN32 AND MSVC)
+if (VCPKG_INSTALLED_DIR)
-	find_library(QRENCODE_LIBRARY_RELEASE qrencode)
+    find_library(QRENCODE_LIBRARY_RELEASE qrencode)
-	find_library(QRENCODE_LIBRARY_DEBUG qrencoded)
+    find_library(QRENCODE_LIBRARY_DEBUG qrencoded)
-	set(QRENCODE_LIBRARY optimized ${QRENCODE_LIBRARY_RELEASE} debug ${QRENCODE_LIBRARY_DEBUG})
+    set(QRENCODE_LIBRARY optimized ${QRENCODE_LIBRARY_RELEASE} debug ${QRENCODE_LIBRARY_DEBUG})
 else()
-	find_library(QRENCODE_LIBRARY qrencode)
+    find_library(QRENCODE_LIBRARY qrencode)
 endif()
 
 mark_as_advanced(QRENCODE_LIBRARY QRENCODE_INCLUDE_DIR)

cmake/KPXCMacDeployHelpers.cmake

@@ -1,5 +1,5 @@
 # Running macdeployqt on a POST_BUILD copied binaries is pointless when using CPack because
-# the copied binaries will be overridden by the corresponding install(TARGETS) commands.
+# the copied binaries will be overriden by the corresponding install(TARGETS) commands.
 # That's why we run macdeployqt using install(CODE) on the already installed binaries.
 # The precondition is that all install(TARGETS) calls have to be called before this function is
 # called.

codecov.yaml

@@ -1,27 +1,8 @@
-codecov:
-  require_ci_to_pass: false
 coverage:
   range: 60..80
   round: nearest
   precision: 2
-  status:
-    project:
-      default:
-        target: auto
-        threshold: 0.5%
-        paths:
-          - "src"
-    patch:
-      default:
-        target: 50%
-        threshold: 0%
-        informational: true
-        paths:
-          - "src"
 fixes:
   - "*/src/::"
-ignore:
-  - "src/gui/styles/**"
-  - "src/thirdparty/**"
 comment:
   require_changes: true

docs/FuzzTest.md

@@ -27,7 +27,7 @@ A special "instrumented build" is used that allows the fuzzer to look into the p
     $ CXX=afl-g++ AFL_HARDEN=1 cmake -DWITH_XC_ALL=ON ..
     $ make
 
-In the source code, special behavior for fuzz testing can be implemented with `#ifdef __AFL_COMPILER`. For example, in fuzz builds, the KeePassXC CLI takes the database password from environment variable `KEEPASSXC_AFL_PASSWORD` to allow non-interactive operation.
+In the source code, special behavior for fuzz testing can be implemented with `#ifdef __AFL_COMPILER`. For example, in fuzz builds, the KeePassXC CLI takes the database password from environment variable `KEYPASSXC_AFL_PASSWORD` to allow non-interactive operation.
 
 ## Prepare Fuzzer Input
 
@@ -35,18 +35,18 @@ To get the fuzzer started, we provide empty password database files (the passwor
 
     $ cd buildafl
     $ mkdir -p findings/testcases
-    $ cp ../utils/fuzz-testing/empty*.kdbx findings/testcases
+    $ cp ../share/empty*.kdbx findings/testcases
 
 The fuzzer works by running KeePassXC with variations of this input, mutated in ways that make the program crash or hang.
 
 ## Run The Fuzzer
 
     $ cd buildafl
-    $ KEEPASSXC_AFL_PASSWORD=secret afl-fuzz -i findings/testcases -o findings -m 2000 -t 1000 src/cli/keepassxc-cli ls @@
+    $ KEYPASSXC_AFL_PASSWORD=secret afl-fuzz -i findings/testcases -o findings -m 2000 -t 1000 src/cli/keepassxc-cli ls @@
 
 This fuzz-tests the `ls` command of the KeePassXC CLI, which loads and decrypts a database file and then lists its contents. The parameters mean:
 
-* `KEEPASSXC_AFL_PASSWORD=secret`: In fuzz test builds, the KeePassXC CLI takes the database password from this environment variable.
+* `KEYPASSXC_AFL_PASSWORD=secret`: In fuzz test builds, the KeePassXC CLI takes the database password from this environment variable.
 * `-i findings/testcases`: The directory which contains the initial fuzzer input.
 * `-o findings`: The directory in which to store fuzzer results.
 * `-m 2000`: Fuzzer memory (in megabytes). Adjust as required if the fuzzer fails to start up.

docs/GettingStarted.adoc

@@ -26,8 +26,8 @@ include::topics/DownloadInstall.adoc[tags=*;!advanced]
 
 include::topics/UserInterface.adoc[tags=*;!advanced]
 
-include::topics/DatabaseOperations.adoc[tags=*;!advanced]
-
 include::topics/PasswordGenerator.adoc[tags=*;!advanced]
 
-include::topics/BrowserIntegration.adoc[tags=*;!advanced]
+include::topics/DatabaseOperations.adoc[tags=*;!advanced]
+
+include::topics/BrowserPlugin.adoc[tags=*;!advanced]

docs/UserGuide.adoc

@@ -6,7 +6,6 @@ KeePassXC Team <team@keepassxc.org>
 :imagesdir: images
 :stylesheet: styles/dark.css
 :toc: left
-:sectanchors:
 ifdef::backend-pdf[]
 :title-page:
 :title-logo-image: {imagesdir}/kpxc_logo.png
@@ -24,18 +23,16 @@ include::topics/UserInterface.adoc[tags=*]
 
 include::topics/DatabaseOperations.adoc[tags=*]
 
-include::topics/PasswordGenerator.adoc[tags=*]
-
 include::topics/ImportExport.adoc[tags=*]
 
-include::topics/KeeShare.adoc[tags=*]
+include::topics/PasswordGenerator.adoc[tags=*]
 
-include::topics/BrowserIntegration.adoc[tags=*]
+include::topics/BrowserPlugin.adoc[tags=*]
-
-include::topics/Passkeys.adoc[tags=*]
 
 include::topics/AutoType.adoc[tags=*]
 
+include::topics/KeeShare.adoc[tags=*]
+
 include::topics/SSHAgent.adoc[tags=*]
 
 include::topics/Reference.adoc[tags=*]