github nilsteampassnet/TeamPass 3.1.7.0-rc.4
on GitHub

pre-release5 hours ago

What's Changed

Breaking Changes

  • Least-permissive multi-role conflict resolution; When a user belongs to multiple roles with conflicting permissions on the same folder, the most restrictive type now wins (priority: Read-only > No-Delete/No-Edit > Write). Previously, Write access would override Read-only. Existing role configurations should be reviewed before deploying. All active sessions must be invalidated after upgrade for the new rules to take effect.
  • firebase/php-jwt upgraded to v7.0; Existing API JWT tokens are invalidated after deployment. API clients must re-authenticate via /api/authorize to obtain a new token.

New Features

Permissions & Folder Rights

  • Restored direct folder grants: Folders directly assigned to a user (via users_groups) now always grant full write access, even if a role-based restriction would limit it to read-only. Denied folders still override grants.
  • Real-time rights push via WebSocket: Saving a user's folder grants now instantly refreshes that user's visible folders without requiring a page reload.
  • Improved "Visible folders" panel in user admin: Folder rights are now displayed in a scrollable modal with an animated progress bar during loading, client-side filter buttons (W / ND / NE / R / no access), and a Roles column showing per-role permission badges.
  • Cache invalidation on role changes: When a role's folder assignments are modified, the folder cache for all affected users is invalidated immediately.

Roles & Folders Admin Page

  • Faster and continuous folder loading.
  • Role and folder forms now open as modals instead of inline card sections.

Fixes

  • Docker installer: Fixed "MySQL server has gone away" error when connecting via TCP (empty DB::$ssl array replaced with null). Added innodb_flush_method=fsync in MariaDB config for WSL2 compatibility.
  • WebSocket admin panel: Fixed the Stop button being ineffective when the WebSocket server is managed by systemd (Restart=always). The server is now stopped via systemctl stop when running as a systemd service.
  • ListerItems UX: Loading spinner now appears immediately on folder click; stale AJAX responses no longer wipe the active loading indicator when switching folders quickly; race condition that blocked subsequent folder loads is resolved.

Dependency Updates

  • firebase/php-jwt: v6.9 → v7.0 (enforces minimum 256-bit HMAC key length for HS256)
  • Composer libraries updated to latest compatible versions.

Full Changelog

3.1.7.0-rc.3...3.1.7.0-rc.4

Important

  • Requires at least PHP 8.1

Languages

Please join Teampass v3 translation project on Poeditor and translate it for your language.

Installation

Follow instructions from Documentation.

Upgrade

Follow instructions from Documentation.

Ideas and comments

Are welcome ... please use Discussions.

Download TeamPass

Check out latest releases or
releases around nilsteampassnet/TeamPass 3.1.7.0-rc.4

Don't miss a new TeamPass release

NewReleases is sending notifications on new releases.

Get notifications