dani-garcia/vaultwarden 1.36.0 on GitHub

Security Fixes

This release contains security fixes for the following advisories. We strongly advice to update as soon as possible.

These are private for now, pending CVE assignment.

SSO fallback to UserInfo preferred_username by @Timshel in #7128
Dummy identifier need to pass for a guid by @Timshel in #7154
add new /identity/accounts/prelogin/password by @stefan0xC in #7156
Add DuckDuckGo browser device type by @dfunkt in #7147
Apply duration_suboptimal_units lint findings by @dfunkt in #7144
Apply ref_option lint findings by @dfunkt in #7143
Fix hardcoded sso identifier by @Timshel in #7157
Update crates and fix a nightly lint by @BlackDex in #7161
Fix Host/IP resolving by @BlackDex in #7162
Several SSO Fixes by @BlackDex in #7163
Add support for archiving items by @matt-aaron in #6916
Fix favicon fetching to check all icon links instead of just the first one by @Shocker in #6880
Fix merge conflict by @dani-garcia in #7164
Replace organization_uuid unwrap with proper error handling by @xjohnyknox in #6936
fix: return Err instead of panic on unknown cipher atype in to_json() by @mango766 in #7068
Allow SQLite to be linked against dynamically by @ISSOtm in #7057
Update crates and web-vault by @BlackDex in #7171
Update hickory by @BlackDex in #7175

Full Changelog: 1.35.8...1.36.0

You can discuss this release here #7177