github nilsteampassnet/TeamPass 3.1.6.13
on GitHub

latest release: v3.1.7.0-rc.1
4 hours ago

What's Changed

New Features

  • API: GET /api/item/allTags endpoint — Returns the complete sorted list of unique tags stored in the
    database. Requires allowed_to_read permission. (docs)
  • Health: Corrupted items scanner by @guerricv in #5116 — New on-demand tool in the Health dashboard that scans items via the
    TP_USER sharekey and detects corrupted password blobs (empty key, decryption failure, binary content, length
    mismatch). Results are displayed in-page with per-item detail. Also available as a CLI script:
    scripts/scan_corrupted_items.php.
  • Health: Apache error log viewer — New section in the Health dashboard to check and copy the Apache/web
    server error log directly from the UI.
  • Health: Full database version in tooltip — The database version field now shows the full version string on
    hover.

Bug Fixes

  • Fix #5124 — Install: missing column in fresh install — The teampass_sharekeys_files table was created
    without the encryption_version column and its index during a fresh installation, causing a mismatch with
    upgrade-installed instances. (install/install-steps/run.step5.php)
  • Security: XSS sanitization on new Health fields — Added output sanitization on two newly introduced fields
    in the Health utilities to prevent XSS.
  • Security: Guard against empty master key — Added a defensive check when the master encryption key is empty
    to prevent unexpected behavior during item operations.

Internals

  • All language files updated with new translation keys for the corrupted items scanner and Apache log viewer
    sections.
  • API permission check updated to include allTags action in the allowed_to_read gate.

Full Changelog

3.1.6.12...3.1.6.13

Last important topics

  • 3.1.6.0 - Migration is forced when user is login. If you want to migrate progressively, set FORCE_PHPSECLIBV3_MIGRATION to FALSE (in file ./includes/config/include.php).
  • 3.1.5.10 - Refactor: Remove user password sanitization (see documentation)
  • 3.1.5.2 - New: Personal items migration phase implemented with improved management (see documentation)
  • 3.1.5.0 - New: transparent user password recovery in case of password change in external AD (please read documentation)

Important

Languages

Please join Teampass v3 translation project on Poeditor and translate it for your language.

Installation

Follow instructions from Documentation.

Upgrade

Follow instructions from Documentation.

Ideas and comments

Are welcome ... please use Discussions.

Download TeamPass

Check out latest releases or
releases around nilsteampassnet/TeamPass 3.1.6.13

Don't miss a new TeamPass release

NewReleases is sending notifications on new releases.

Get notifications