Merge branch 'develop' into 'master'

Develop

See merge request passbolt/desktop/passbolt-windows!53

.editorconfig

@@ -0,0 +1,16 @@
+; This file is for unifying the coding style for different editors and IDEs.
+; More information at http://editorconfig.org
+
+root = true
+
+[*]
+indent_style = space
+end_of_line = lf
+insert_final_newline = false
+trim_trailing_whitespace = true
+
+[*.js]
+indent_size = 2
+
+[*.cs]
+indent_size = 4

.github/workflows/release.yaml

@@ -0,0 +1,17 @@
+name: Create Release
+
+on:
+  push:
+    tags:
+      - "v[0-9]+.[0-9]+.[0-9]+"
+
+jobs:
+  build:
+    name: Create release
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - env:
+          GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
+        name: Create Release
+        run: gh release create "${GITHUB_REF#refs/*/}" -t "${GITHUB_REF#refs/*/}" --notes-file RELEASE_NOTES.md

.github/workflows/release_candidate.yaml

@@ -0,0 +1,17 @@
+name: Create Release Candidate
+
+on:
+  push:
+    tags:
+      - "v[0-9]+.[0-9]+.[0-9]+-rc.[0-9]+"
+
+jobs:
+  build:
+    name: Create release candidate
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - env:
+          GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
+        name: Create Release candidate
+        run: gh release create "${GITHUB_REF#refs/*/}" -t "${GITHUB_REF#refs/*/}" -p --notes-file RELEASE_NOTES.md

.gitlab-ci.yml

@@ -0,0 +1,33 @@
+default:
+  retry:
+    max: 2
+    when:
+      - runner_system_failure
+      - stuck_or_timeout_failure
+      - api_failure
+      - stale_schedule
+
+image: alpine:latest
+
+stages:
+  - build
+  - test
+  - release
+
+.rules:
+  rules:
+    - if: "$CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS"
+      when: never
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_BRANCH || $CI_COMMIT_TAG'
+
+include:
+  - local: ".gitlab-ci/jobs/release.yml"
+  - local: ".gitlab-ci/jobs/test.yml"
+
+workflow:
+  rules:
+    - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+    - if: $CI_COMMIT_BRANCH && $CI_OPEN_MERGE_REQUESTS
+      when: never
+    - if: $CI_COMMIT_BRANCH
+    - if: $CI_COMMIT_TAG

.gitlab-ci/jobs/release.yml

@@ -0,0 +1,21 @@
+release_notes:
+  image: registry.gitlab.com/gitlab-org/release-cli:latest
+  release:
+    description: "./RELEASE_NOTES.md"
+    tag_name: $CI_COMMIT_TAG
+  rules:
+    - if: '$CI_COMMIT_TAG =~ /^v[0-9]+\.[0-9]+\.[0-9]+$/'
+      when: on_success
+  script: echo "Creating relase notes for $CI_COMMIT_TAG"
+  stage: release
+
+release_notes_candidate:
+  image: registry.gitlab.com/gitlab-org/release-cli:latest
+  release:
+    tag_name: $CI_COMMIT_TAG
+    description: $CI_COMMIT_TAG
+  rules:
+    - if: '$CI_COMMIT_TAG =~ /^v[0-9]+\.[0-9]+\.[0-9]+-rc\.[0-9]+$/'
+      when: on_success
+  script: echo "Creating relase notes for $CI_COMMIT_TAG"
+  stage: release

.gitlab-ci/jobs/test.yml

@@ -0,0 +1,75 @@
+rendered-tests:
+  allow_failure: true
+  extends: .rules
+  stage: test
+  image: node:16
+  coverage: /Lines\s* [:] ([\d\.]+)%/
+  script:
+    - cd passbolt/Webviews/Rendered
+    - npm install
+    - npm run test:coverage
+  artifacts:
+    when: always
+    reports:
+      junit:
+        - junit.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage/cobertura-coverage.xml
+
+rendered-linter:
+  allow_failure: true
+  stage: test
+  image: node:16
+  extends: .rules
+  script:
+    - cd passbolt/Webviews/Rendered
+    - npm install
+    - npm run eslint
+
+rendered-audit:
+  allow_failure: true
+  extends: .rules
+  stage: test
+  image: node:16
+  script:
+    - cd passbolt/Webviews/Rendered
+    - npm audit
+
+background-tests:
+  allow_failure: true
+  extends: .rules
+  stage: test
+  image: node:16
+  coverage: /Lines\s* [:] ([\d\.]+)%/
+  script:
+    - cd passbolt/Webviews/Background
+    - npm install
+    - npm run test:coverage
+  artifacts:
+    when: always
+    reports:
+      junit:
+        - junit.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage/cobertura-coverage.xml
+
+background-linter:
+  allow_failure: true
+  stage: test
+  image: node:16
+  extends: .rules
+  script:
+    - cd passbolt/Webviews/Background
+    - npm install
+    - npm run eslint
+
+background-audit:
+  allow_failure: true
+  extends: .rules
+  stage: test
+  image: node:16
+  script:
+    - cd passbolt/Webviews/Background
+    - npm audit

RELEASE_NOTES.md

@@ -0,0 +1,19 @@
+Version 0.4.0 (Release Candidate) of the desktop app from Passbolt is now available, packed full of improvements and new functionalities.
+
+With this release, users can now configure MFA directly from the desktop application with Yubikey and TOTP, just like you would in the browser edition (Duo support is in the works for a future update). Please note that this feature is currently available for user-level settings only; admin-level settings are coming soon. Once MFA is set up using Yubikey or TOTP, you can use them for authentication within the desktop app. The experience even mirrors the web version, making the transition even smoother. 
+
+Another highlight of this release, to bolster security and safeguard against potential threats, your account kit is now signed with your private key. This ensures that the account is authenticated and it’s verified during the import process. It confirms that no changes have been made to your exported Account Kit data and verifies that it comes from a trusted source. 
+
+Upgrade to version 0.4.0 to take advantage of these improvements. Thank you for using and supporting passbolt!
+
+## [0.4.0] - 2024-11-06
+## Windows application
+### Added
+- PB-28378 - MFA screen should be display depending on the application
+- PB-28304 - CSRF token not working when not using MFA
+- PB-27605 - As a sign-in user I can setup Yubikey as 2FA on the desktop application
+- PB-27606 - As a sign-in user I can setup TOTP as 2FA on the desktop application
+- PB-27608 - As a user I can sign-in with TOTP and Yubikey as 2FA on the desktop application
+
+### Security
+- PB-25688 - As a desktop app exporting the account kit I should sign it with openpgp