Song: https://www.youtube.com/watch?v=LQUXuQ6Zd9w
Version 4.1 of Passbolt introduces the long-awaited Role-Based Access Control (RBAC) feature. In its first version, RBAC provides admins with the ability to control the capabilities offered to users through the user interface (UI). As passbolt evolves, subsequent releases will expand on this, eventually providing control over API capabilities.
On the performance side, while passbolt was able to handle thousands of passwords, sharing on large volumes was a challenge due to the end-to-end model. With this new version, users will be pleased to experience enhanced performance when sharing their passwords with others. More improvements are yet to come in future releases, so stay tuned.
Additionally, users will notice improvements in some areas: passwords are now easier to read, special characters and numbers are highlighted with contrasting colors, and multi-factor authentication is now able to remember the last method used.
Finally, this release also includes the latest security fixes (minor and info) identified during the March security audit by Cure53. As usual, the full report along with the mitigations will be fully disclosed on the website.
Thank you for choosing passbolt. Your support and feedback are greatly appreciated.
[4.1.0] - 2023-07-03
Added
- PB-24169 As an administrator I want to customise what capabilities users are allowed to access on the UI of my organisation
- PB-24598 SSO allow administrators to remap email/username properties
Fixed
- PB-14174 As a user I want the inform menu not to be displayed outside my browser window
- PB-24657 As a user I should see the triage page even when SSO is misconfigured
- PB-25031 Fix margin on folder name in the information panel
Improvement
- PB-24619 As LU I should see the link on the same line in a paragraph
- PB-24646 As LU, I should see colored passwords
Maintenance
- PB-24622 Put back the rolled-back code for LDAP multi-domain and field-mapping feature
- PB-24794 Adapt browser extension to not crash when unknown content types are retrieved from the API
Security
- PB-23852 PBL-02-002 As a user I should sign-out using POST method
- PB-24997 Change static images URL to be served from the browser extension instead of the API