7d5681665f
feat: enhance deployment process and update dependencies
...
- Updated the deployment script to build the web application before deploying.
- Upgraded Wrangler dependency from 4.61.1 to 4.69.0.
feat: add import item limit and request body size limit
- Introduced a new limit for the maximum total items allowed in a single import (5000).
- Set a hard body size limit for JSON API endpoints (25 MB).
feat: validate KDF parameters during registration and password change
- Added validation for KDF parameters to ensure compliance with Bitwarden's minimum requirements.
- Enhanced error handling for invalid KDF parameters during user registration and password change.
feat: clean up R2 files on user deletion
- Implemented cleanup of R2 files associated with user attachments and sends before deleting user metadata.
feat: verify folder ownership when creating or updating ciphers
- Added checks to ensure that users cannot reference folders owned by other users when creating or updating ciphers.
fix: handle corrupted cipher data gracefully
- Improved error handling when retrieving ciphers from the database to avoid crashes due to corrupted data.
feat: increment send access count atomically
- Added a method to atomically increment the access count for sends and return whether the update was successful.
fix: enforce request body size limits
- Implemented checks to reject oversized request bodies for non-file upload paths.
fix: update error handling for database initialization
- Enhanced error logging for database initialization failures while providing a generic message to clients.
feat: enhance security with Content Security Policy
- Added a Content Security Policy to the web application to improve security against XSS attacks.
fix: remove plaintext TOTP secret from localStorage
- Updated the TOTP enabling process to remove the plaintext secret from localStorage after it is stored on the server.
fix: ensure only PBKDF2 hash is sent for public send access
- Modified the public send access payload to ensure only the PBKDF2 hash is sent, never the plaintext password.
2026-03-02 00:10:44 +08:00
e9ace523e6
feat: enhance password security with server-side hashing and constant-time comparisons
2026-03-02 00:10:44 +08:00
1a94f8dd44
feat: enhance password security with server-side hashing and constant-time comparisons
2026-03-02 00:10:44 +08:00
4390251c1e
feat: unify API rate limiting and enhance request budgets
2026-03-02 00:10:44 +08:00
66f995d981
feat: unify API rate limiting and enhance request budgets
2026-03-02 00:10:44 +08:00
aef0c2f688
docs: update capability descriptions in README files for clarity
2026-03-02 00:10:44 +08:00
234e3a5e96
docs: update capability descriptions in README files for clarity
2026-03-02 00:10:44 +08:00
594ca0c7ea
feat: add TOTP recovery code field to users table
2026-03-02 00:10:44 +08:00
d3b515fd99
feat: add TOTP recovery code field to users table
2026-03-02 00:10:44 +08:00
26447cd9b4
docs: update README files for clarity on deployment steps and features
2026-03-02 00:10:44 +08:00
68f66cf4e6
docs: update README files for clarity on deployment steps and features
2026-03-02 00:10:44 +08:00
f5a2523f91
feat: add JWT secret safety checks and warning page for insecure configurations
2026-03-02 00:10:44 +08:00
9061ab52b6
feat: add JWT secret safety checks and warning page for insecure configurations
2026-03-02 00:10:44 +08:00
bbf4094943
fix: remove unnecessary zoom property from html in styles.css
2026-03-02 00:10:44 +08:00
1d170baaaf
fix: remove unnecessary zoom property from html in styles.css
2026-03-02 00:10:44 +08:00
9f14bca99a
feat(i18n): add internationalization support with English and Chinese translations
2026-03-02 00:10:44 +08:00
bacf27b936
feat(i18n): add internationalization support with English and Chinese translations
2026-03-02 00:10:44 +08:00
8641df3cff
feat: add recovery code functionality and device management
2026-03-02 00:10:44 +08:00
1810e0aa7a
feat: add recovery code functionality and device management
2026-03-02 00:10:44 +08:00
8852127743
feat: update README files to reflect full user management and support for text and file sends
2026-03-02 00:10:44 +08:00
3a650740a1
feat: update README files to reflect full user management and support for text and file sends
2026-03-02 00:10:44 +08:00
053ce887f9
fix: update README to clarify NodeWarden as a third-party Bitwarden server
2026-03-02 00:10:44 +08:00
9b490016aa
fix: update README to clarify NodeWarden as a third-party Bitwarden server
2026-03-02 00:10:44 +08:00
2fbe29a0d9
feat: add NodeWarden logo to README files for improved branding
2026-03-02 00:10:44 +08:00
0db5f957c8
feat: add NodeWarden logo to README files for improved branding
2026-03-02 00:10:44 +08:00
15b87025ad
feat: enhance send functionality with improved key handling and decryption, update UI components for better user experience
2026-03-02 00:10:44 +08:00
8481e2756e
feat: enhance send functionality with improved key handling and decryption, update UI components for better user experience
2026-03-02 00:10:44 +08:00
0e823e80a6
feat: enhance SendsPage with notes display and update VaultPage for improved filtering and history tracking
2026-03-02 00:10:44 +08:00
b7dfd1b3ad
feat: enhance SendsPage with notes display and update VaultPage for improved filtering and history tracking
2026-03-02 00:10:44 +08:00
bb50617b16
feat: add PublicSendPage and SendsPage components for managing sends
2026-03-02 00:10:44 +08:00
9c1c5e2c26
feat: add PublicSendPage and SendsPage components for managing sends
2026-03-02 00:10:44 +08:00
be3b68956b
feat: add favicon and logo assets, update App component to use logo
2026-03-02 00:10:44 +08:00
15e0a29bb1
feat: add favicon and logo assets, update App component to use logo
2026-03-02 00:10:44 +08:00
0f132f4f43
feat: add SSH key utilities and improve field decryption
2026-03-02 00:10:44 +08:00
205ccdad8b
feat: add SSH key utilities and improve field decryption
2026-03-02 00:10:44 +08:00
32c695c81f
feat: enhance VaultPage and App layout with new UI components and styles
2026-03-02 00:10:44 +08:00
389872d491
feat: enhance VaultPage and App layout with new UI components and styles
2026-03-02 00:10:44 +08:00
651eb69bd6
feat: enhance authentication and settings UI
2026-03-02 00:10:44 +08:00
d7c41edad4
feat: enhance authentication and settings UI
2026-03-02 00:10:44 +08:00
0cf8028087
feat: add cryptographic utilities and types for secure data handling
2026-03-02 00:10:44 +08:00
5509492563
feat: add cryptographic utilities and types for secure data handling
2026-03-02 00:10:44 +08:00
3494471cad
feat: add toast notifications and dialog components for improved user interaction
2026-03-02 00:10:44 +08:00
7c7d32de30
feat: add toast notifications and dialog components for improved user interaction
2026-03-02 00:10:44 +08:00
59566f88e3
feat: implement vault locking mechanism with auto-lock settings and unlock functionality
2026-03-02 00:10:44 +08:00
4831a0915c
feat: implement vault locking mechanism with auto-lock settings and unlock functionality
2026-03-02 00:10:44 +08:00
172f6626c0
feat: add QR code generation support and rate limiting for known device probes
2026-03-02 00:10:44 +08:00
930f4f86cc
feat: add QR code generation support and rate limiting for known device probes
2026-03-02 00:10:44 +08:00
829008db7f
Add vault-utils.js with utility functions for field type parsing, selection counting, cipher type mapping, URI handling, and extracting first cipher URI
2026-03-02 00:10:44 +08:00
ceb4bef9e4
Add vault-utils.js with utility functions for field type parsing, selection counting, cipher type mapping, URI handling, and extracting first cipher URI
2026-03-02 00:10:44 +08:00
363aec1652
Add runtime configuration loader and styles for web application
2026-03-02 00:10:44 +08:00
shuaiplus