KeePass file watching on Android is now more reliable, particularly for files accessed via the content:// scheme and on older OS versions. One-time password generation has been improved; exported otpauth:// URIs are now spec-compliant and the mOTP period has been corrected to the standard 10 seconds. This release also rejects pre-login KDF downgrades, cleans up stale SSH agent state on restart, and properly binds the agent socket in Flatpak environments.
All changes
- 793c953a - fix: Reject pre-login KDF downgrade
- 14edc0ff - fix(Android): Observe the .kdbx file under content:// scheme
- ffd0b477 - fix(otpauth): Make exported otpauth:// URIs spec-compliant
- a378651b - fix: Use the standard 10s period for mOTP instead of a custom 30s one
- 1d95b0e2 - fix: Fully clean-up old stale ssh agent state on agent restart
- 5b0f47b6 - fix: Http connection leak if file preview fails early
- 5a8ee16c - fix: Notification worker now respects app's lifecycle
- 5d68da5d - fix: Support desktop file watcher cancellation
- b9177ecc - fix(KeePass): Support file watching before Android 10
- 5ce5d665 - fix: Propagate HIBP password range HTTP errors
- dc3485c6 - refactor(Linux): Observe portal color scheme over DBus
- efd7ff3d - refactor: Safely handle case where biometric result contains no crypto object
- 3622a4a6 - fix(Desktop): Prevent URL override command execution from blocking on output
- ffe5ef92 - fix(Sync): Compare cipher folder using local ids
- e0f3a96e - fix(export): Fail on attachment download errors
- f3164a6e - fix: reject unsupported MD5 OTP algorithms
- c763a09f - fix(Desktop): Bind SSH agent socket to a visible path in flatpak #640
- 51b1bf81 - Add required display length for flatpak metadata (#1452)
- 4efd77bf - @JustAdreamerFL has signed the CLA in #1452
- 92f31e17 - fix(Desktop): Mark concealed Linux clipboard contents as sensitive (#1448)
- 36146845 - @jbwfu has signed the CLA in #1448