1.15.1

• Fixed error when cloning attachments with ciphers, note that attachments are not cloned
• Fixed version check when a commit hasn't been made since the last release
• Added openssl extern crate to fix some builds
• Updated admin page, added attachments count per user and users count per organization and fixed issue with DNS not resolving

1.15.0

IMPORTANT: This is a required update when using newer clients, otherwise the delete functionality won't work

• Added support for soft deletion of items (trash functionality)
• Redesigned admin page:
• Separated into multiple pages
  • Icon to indicate users verified emails, and counter of the number of items they have
  • Added diagnostics page
• Updated web vault to 2.14
• Added IP address to the logs on TOTP failure, alowing fail2ban use
• Some email and domain whitelist fixes
• Fixed issue deleting notes in PostgreSQL
• Updated dependencies and other bug fixes

1.14.2

• Fixed bug with sync error in mobile clients.
• Update web vault to 2.13.2.
• Fix websockets missing id.
• Improvements to docker health check, including subdirectory support.
• Allow changing the build version with BWRS_VERSION env variable during cargo build.
• Other dependency updates and bug fixes.

1.14.1

• Added support for organization policies
• Added support for cloning ciphers
• Update web vault to version 2.13
• Allow the SMTP login mechanism to be provided without quotes or initial uppercase
• Updated dependencies
• Make panics loggable
• Fix errors when importing into an org or accepting invites

1.14

• Added support for running on subpath, simply add the subpath to the DOMAIN variable: DOMAIN=https://example.com/custom-path
• Attachment size limits, per-user and per-organization, set USER_ATTACHMENT_LIMIT or ORG_ATTACHMENT_LIMIT to a value in kilobytes to apply it.
• Updated U2F library which might solve some U2F certificate errors.
• Added SMTP test button in the admin page.
• Use web vault built by docker autobuild, using the hash to reference the image for extra security

---

• Now accepting y/n, True/False, 1/0 as config options that are booleans.
• Fixed error Unique constraint violation when using Two Factor and Postgres.
• Fixed error with can_signup_user that didn't allow to change the email address.
• Don't error if admin token is empty but disabled
• Now email domains are converted to punycode before sending
• Enable icons to be cached in the clients
• Added option to change invitation org name
• Enabled the sending of invitations from the admin panel, even when disabled
• Dependency updates

1.13.1

• New collapsed log messaging, filtering the useless stuff like static file accesses and removing duplicate error messages. To get a more complete logging, use a LOG_LEVEL value of debug or trace.
• Fix crash when cipher page points to huge file
• Addded config option to change client IP header, IP_HEADER, by default it's X-Client-IP for backwards compat reasons.
• Printed current server time when failing TOTP, for easy debugging
• Protected websockets server against panics
• Add a logout button on the admin page
• Add endpoint to delete specific U2F key
• Updated dependencies

1.13.0

• Implemented email verification, to disable users until the email is verified you can use SIGNUPS_VERIFY=true, default is false. There are also options to change the options for verification mail resending, check the .env.template file.
• Also implemented welcome email, change email confirmation and account deletion confirmation.
• Modified icon parsing to accept favicons using DataURLs
• Updated dependencies

1.12.0

• Improved error message when HIBP key is not set, include a link to the page.
• Added check for both the previous and next timeslots in TOTP, which is more forgiving of time mismatches (1.5 minutes now vs 30 seconds before), can be disabled setting AUTHENTICATOR_DISABLE_TIME_DRIFT=true.
• Made the domain icon blacklist be cached, improving performance.
• Recovery codes are now generated when adding email and Duo 2FA.
• Removed MySQL libraries from SQLite images.
• Added configurable SMTP timeout, and reduced the default to 15 seconds.
• Updated images to be able to be built with Podman.
• Added option to allow signups from specific domains only (SIGNUPS_DOMAINS_WHITELIST=domain.com,example.org).
• Updated web vault to fix twofactorauth.org integration.
• Updated dependencies

1.11.0

Important note: If you are using the old mprasil/bitwarden image, you need to migrate to the newer bitwardenrs/server to access the new releases, the images are compatible so you can follow the instructions on updating the image from the wiki.

• Initial support for PostgresSQL! 🎉 Currently still a bit untested and without docker images
  • To compile enable the postgresql feature (cargo build --features="postgresql")
  • Currently there are no migration guides available, but check the previous release for some tips about migrating to MySQL
• Added new icon blacklisting option, to block all non global IPs (ICON_BLACKLIST_NON_GLOBAL_IPS)
• Added SQLite binary in the SQLite images, to enable backup option
• Admin page scripts are loaded locally instead of using a CDN
• Added CORS support
• Added docker healthcheck
• Added email 2FA
• Updated web vault to 2.12.0

1.10.0

This is a big one!

Important note: If you are using the old mprasil/bitwarden image, you need to migrate to the newer bitwardenrs/server to access the new releases, the images are compatible so you can follow the instructions on updating the image from the wiki.

MySQL Support! 🎉

• To enable you need to use the bitwardenrs/server-mysql image, instead of the current one.
• If you are self compiling, enable the mysql feature (cargo build --features="mysql")
• A SQLite -> MySQL migration requires manual steps, the short version is:
  • Start the bitwarden_rs MySQL instance to generate the database tables (don't create any users). Wait until the log prints Rocket has launched from http://x.x.x.x:xx, then stop the service.
  • To move the data from SQLite to MySQL, for this you can use:
    • The sqlite and mysql command lines: #497 (comment)
    • Navicat Premium (paid): #497 (comment)
    • MySQL Workbench (untested): https://dev.mysql.com/doc/workbench/en/wb-migration-overview-supported.html

Other stuff

• Added backup option in the admin panel for the SQLite backend, remember to transfer those copies to separate drives!
  -Updated HaveIBeenPwned API to V3, which requires a paid API key: https://www.troyhunt.com/authentication-and-the-have-i-been-pwned-api/
• Added option in admin panel to remove users two factor authentication, in case of loss or bug
• Allowed explicitly defining the SMTP authentication mechanism
• Added notification email when a user logs in on a new device
• Updated web vault to 2.11.0
• Added proxy support for the icon fetching service
• Other bug fixes