Newer versions of the Bitwarden client use Base64 with padding.
Since this is not a streaming string, but a defined length, we can just strip the `=` chars.
Fixes#6960
Signed-off-by: BlackDex <black.dex@gmail.com>
- Update Rust to v1.93.1
- Updated all the crates
Adjust changes needed for the newer `rand` crate
- Updated GitHub Actions
Signed-off-by: BlackDex <black.dex@gmail.com>
Fix an issue where it was possible for users who were not eligible to access all org ciphers to be able to download and extract the encrypted contents.
Only Managers with full access and Admins and Owners should be able to access this endpoint.
This change will block and prevent access for other users.
Signed-off-by: BlackDex <black.dex@gmail.com>
The term "seems to" is used too loosely in many of the tooltips, but in
these 2 instances it is wrong wording.
An update is either available or not. If there is no update, one could
argue that "seems to" is valid, since the Internet could be down to
check for a new version. But in this situation the update is availble.
It is impossible that an update seems to be available.
- Updated all crates
- Updated web-vault to v2025.12.2
- Updated all JavaScript files
- Updated all GitHub Action Workflows
Also added the `concurrency` option to all workflows.
Signed-off-by: BlackDex <black.dex@gmail.com>
When using the latest Bitwarden CLI and logging in using the API Key, it expects some extra fields, same as for normal login.
This PR adds those fields and login is possible again via API Key.
Fixes#6709
Signed-off-by: BlackDex <black.dex@gmail.com>
* Fix posting cipher with readonly collections
This fix will check if a collection is writeable for the user, and if not error out early instead of creating the cipher first and leaving it.
It will also save some database transactions.
Fixes#6562
Signed-off-by: BlackDex <black.dex@gmail.com>
* Adjust code to delete on error
Signed-off-by: BlackDex <black.dex@gmail.com>
---------
Signed-off-by: BlackDex <black.dex@gmail.com>
* fix email as 2fa for sso
* allow saving device without updating `updated_at`
* check if email is some
* allow device to be saved in postgresql
* use twofactor_incomplete table
* no need to update device.updated_at
* Some small admin js/css updates
- Updated JS libraries
- Fixed some eslint errors
- Small update on the theme icon's to be a bit smaller and better sized.
Used OXVG via OXVGUI to shrink and optimze them.
Probably Fixes#6493
Signed-off-by: BlackDex <black.dex@gmail.com>
* Adjust the size of the moon to be more inline with the other icons
Signed-off-by: BlackDex <black.dex@gmail.com>
---------
Signed-off-by: BlackDex <black.dex@gmail.com>
This PR adds an option to prefer IPv6 resolving before IPv4.
On IPv6 only systems this could be very useful, but will not solve IPv4 only domains of course.
For that you need a DNS64 + NAT64 solution
Fixes#6301
Signed-off-by: BlackDex <black.dex@gmail.com>
As reported in #6477, redirection of favicon's didn't allowed caching.
This commit fixes this by adding the `Cached` wrapper around the response.
It will use the same TTL's used for downloading icon's locally.
Also removed `_` as valid domain character, these should not be used in FQDN's at all.
Those only serve as special chars used in domain labels, mostly used in SRV or TXT records.
Fixes#6477
Signed-off-by: BlackDex <black.dex@gmail.com>
