|
1 | | -Release song: https://www.youtube.com/watch?v=F5uXomY94w8 |
| 1 | +Release song: https://www.youtube.com/watch?v=QNa5o85Q-FE |
2 | 2 |
|
3 | | -Passbolt 5.8.0 introduces dynamic role management, allowing organizations to define additional roles that better align with internal policies, compliance requirements, and operational needs. This release also adds drag & drop user assignment to groups, simplifying day-to-day user and group management. |
| 3 | +Passbolt 5.9 is designed to keep upgrades predictable and everyday use reliable. It expands runtime compatibility with PHP 8.5, |
| 4 | +makes environment risks easier to spot earlier through health checks, and closes a couple of security gaps that could otherwise be |
| 5 | +used to probe accounts or mislead users during navigation. |
4 | 6 |
|
5 | | -**Warning**: Ensure that all users have updated their browser extension to at least version 5.8 before assigning new roles. Otherwise, they will not be able to connect to Passbolt. |
| 7 | +**Warning:** If you run MariaDB 10.3 or 10.5, or MySQL 5, pay particular attention to the environment section below. |
| 8 | +Support for these versions is planned to stop in January 2027, and this release starts flagging them proactively so you can schedule upgrades before they become urgent. |
6 | 9 |
|
7 | | -## Dynamic role management |
| 10 | +## Environment support and deprecation signals you can act on early |
| 11 | +Passbolt 5.9 adds PHP 8.5 support, helping administrators and platform teams validate upcoming runtime upgrades in advance. |
| 12 | +Moreover, while PHP 8.2 is still supported until 2027, it has entered security maintenance, and administrators should plan its upgrade this year. |
8 | 13 |
|
9 | | -As was already the case with the default User role, Passbolt allows administrators to restrict what users can do by limiting access to specific capabilities. With version 5.8, this model is extended beyond the default Admin and User roles, making it possible to create additional roles and assign them to users for more granular control. |
| 14 | +At the same time, this release improves environment health checks to surface database versions that have reached end of life. MariaDB 10.3 and 10.5, and MySQL 5, |
| 15 | +are now flagged as deprecated allowing administrators to identify risky deployments during routine maintenance rather than responding under time pressure. |
| 16 | +These notices are explicitly tied to a planned end of support in January 2027, giving teams a clear runway to align database upgrades with regular change windows and internal upgrade policies. |
10 | 17 |
|
11 | | -Dynamic roles also enable the delegation of administrative responsibilities. Rather than granting full administrative access, administrators can now assign selected capabilities to custom roles and distribute operational tasks across multiple users. Initial support covers group creation, as well as handling account recovery requests in Passbolt Pro. |
| 18 | +## Safer account recovery responses to reduce email enumeration risk |
| 19 | +Account recovery endpoints can reveal whether a user exists, which makes targeted attacks easier. In Passbolt 5.9, the recover endpoint no longer leaks information when a user does |
| 20 | +not exist in the database, reducing the signal attackers rely on for email or username enumeration. |
12 | 21 |
|
13 | | -At this stage, dynamic role management comes with a defined scope and set of constraints. |
| 22 | +## Stronger protection against clickjacking and deceptive overlays |
| 23 | +Clickjacking and overlay techniques aim to trick users into clicking something different from what they believe they are interacting with. Passbolt 5.9 reinforces defenses against |
| 24 | +these UI-level attacks in edge-case conditions, including scenarios where a compromised website tries to influence user interactions when a password could be suggested. |
14 | 25 |
|
15 | | -- The default Admin and User roles keep fixed names and cannot be renamed or deleted. |
16 | | -- As before, the User role can be restricted, but it cannot be assigned delegated administrative responsibilities. |
17 | | -- The Admin role, by contrast, always retains access to all capabilities and cannot be restricted. |
18 | | -- Custom roles are currently limited to two per instance and support a first set of administrative capabilities. |
| 26 | +In practice, this extra layer of strengthening helps ensure users cannot be guided into interacting with sensitive Passbolt components when those components are not fully visible and clearly presented to them. |
19 | 27 |
|
20 | | -This scope will be expanded progressively as additional needs and use cases are identified by the community. |
| 28 | +## Better visibility and efficiency around email digest operations |
| 29 | +Large folder operations can generate a lot of email activity and can be difficult to reason about as queues grow. Passbolt 5.9 improves digest handling related to folder operations, |
| 30 | +helping reduce unnecessary mail churn in workspaces where folder structure and permissions evolve frequently. |
21 | 31 |
|
22 | | -## Drag & drop users to groups |
| 32 | +In addition, the passbolt _email_digest_ command now reports how many emails were sent and how many remain in the queue. This makes it easier for administrators to confirm progress, |
| 33 | +anticipate bursts, and troubleshoot queue behavior using logs. |
23 | 34 |
|
24 | | -Managing group membership often requires repetitive actions when working with large teams or frequently changing group structures. With Passbolt 5.8, administrators can now add users to a group by dragging them directly onto it from the Users & Groups workspace. This removes the need to open and edit each group individually and makes day-to-day group management faster and more fluid. |
| 35 | +## Maintenance work that improves stability over time |
| 36 | +Passbolt 5.9 continues the migration work of its UI framework for authentication-related applications. The first applications have been migrated as part of a larger foundation effort |
| 37 | +aimed at improving stability and long-term performance as more areas move to the new framework. |
25 | 38 |
|
26 | | -## Miscellaneous improvements |
| 39 | +## Conclusion |
| 40 | +This release also includes additional fixes and improvements beyond the highlights above. Check out the release notes to learn more. Thanks to the community members and teams who |
| 41 | +reported issues and helped validate fixes. |
27 | 42 |
|
28 | | -As usual, this release includes fixes and smaller improvements intended to improve the overall experience. For the full list of changes, please refer to the changelog. |
29 | | - |
30 | | -Many thanks to everyone who provided feedback and helped refine these features. |
31 | | - |
32 | | -## [5.8.0] - 2025-12-22 |
| 43 | +## [5.9.0] - 2026-01-26 |
33 | 44 | ### Added |
34 | | -- PB-46972 As an administrator I can create a new custom role |
35 | | -- PB-46973 As an administrator I can update a custom role |
36 | | -- PB-46968 As an administrator I can soft delete custom roles |
37 | | -- PB-46971 As an administrator I can list roles including deleted ones via filter |
38 | | -- PB-47169 As a user I receive an email notification when my role is changed |
39 | | -- PB-47345 As an administrator I receive an email notification when a role is created or updated |
40 | | -- PB-46975 As an administrator I can list RBACs including Actions |
41 | | -- PB-46976 As an administrator I can update RBACs for Actions |
42 | | -- PB-47006 As a logged-in user my role is fetched on every request to reflect role changes immediately |
43 | | -- PB-47083 As a user with appropriate RBAC permissions I can create groups |
44 | | -- PB-47196 As an administrator I can run the healthcheck command in POSIX mode |
45 | | -- PB-47274 As an administrator I can run a command to populate created_by and modified_by fields in secrets |
46 | | -- PB-47275 As an administrator I can run a command to populate secret revisions for existing secrets |
| 45 | +- PB-44749 As an administrator I should get notified in the healthcheck about the deprecation of the database type and version |
| 46 | +- PB-47893 As an administrator running the bin/cron command, I can see in the logs the number of emails left to send |
| 47 | +- PB-46111 As a user I should receive a single email digest when more than one folders are created, updated or deleted |
47 | 48 |
|
48 | 49 | ### Fixed |
49 | | -- PB-46374 As first admin I should not receive emails regarding encrypted metadata enablement during the first setup |
50 | | -- PB-46613 Fix web installer not working in HTTP when not in secure context |
51 | | -- PB-46640 Fix warnings in mfa_user_settings_reset_self.php email template |
52 | | -- PB-46645 Optimize action logs purge command dry run query |
53 | | -- PB-46913 Fix MfaUserSettingsDisableCommand to support case sensitive username comparison |
54 | | -- PB-46935 Fix 500 error on /metadata/session-keys/{uuid}.json endpoint when the request is sent twice |
55 | | -- PB-47236 Reduce the PHP memory load of the V570PopulateSecretRevisionsForExistingSecrets migration |
| 50 | +- PB-47991 As an administrator I should not get a data-check error for deleted resources with no active metadata keys |
| 51 | +- PB-47987 As an administrator I should not get a data-check error for deleted secrets |
56 | 52 |
|
57 | 53 | ### Security |
58 | | -- PB-46890 Upgrade js-yaml dependency (Medium severity) |
| 54 | +- PB-47276 As a non-logged in user I cannot enumerate user emails using the recover endpoint |
59 | 55 |
|
60 | 56 | ### Maintenance |
61 | | -- PB-45979 Add CACHE_CAKETRANSLATIONS_CLASSNAME environment variable for _cake_translations_ cache config |
62 | | -- PB-46388 Fix PHPUnit 11 deprecations |
| 57 | +- PB-47701 Specify 1.1.0 version as minimum duo universal SDK package version in composer.json |
| 58 | +- PB-47794 Update composer/composer to fix security-check job due to CVE-2025-67746 |
0 commit comments