2FAuth - Package Updates
-
[1.4.1]
- Update 2FAuth to 5.4.2
- Full Changelog
- CSP has been turned off (for now) since it breaks the app under Google Chrome. (#417)
- Fix XSS & SSRF vulnerabilities (thx to the XBOW team).
- Content Security Policy is now available and enable by default. CSP helps to prevent or minimize the risk of certain types of security threats.\
-
[1.4.2]
- Update 2FAuth to 5.4.3
- Full Changelog
- issue #408 Deleted icon is back after saving from the advanced form
- issue #417 Login page does not load after v5.4.1 update
- issue #418 Opening of the footer menu submits the advanced form
- issue #420 QR codes are cropped on small screens
- issue #421 Freeze when switching to Manage mode
- issue #423 Icon for accounts without an icon doesn't exist
- CSS styles are no longer loaded from tailwindcss.com in the
/upview
-
[1.4.3]
- Checklist added to CloudronManifest
-
[1.5.0]
- Update to correct base image 5.0.0
-
[1.6.0]
- Update 2FAuth to 5.5.0
- Full Changelog
- It is now possible to define custom defaults for user preferences as well as to lock the preferences from being changed by users. This feature requires a bit of configuration, a dedicated page has been added to the documentation site to guide you through the process. (#413)
- A user preference to enable precalculation and display of the next OTP code.\
- Don't be surprised if you don't see the next code right after enabling this option, the code fades in slowly in order to maintain good readability of the current code. (#416)
- New languages: Danish, Dutch, Italian, Korean, Portuguese (Brazilian)
- The version number has been removed from the footer and from the About page for unauthenticated users. (#432)
- 2FAuth now starts searching as soon as the user starts typing, without having to explicitly give focus to the search field. (#441)
-
[1.6.1]
- Update 2FAuth to 5.5.2
- Full Changelog
- The Show next OTP user preference is enabled by default
- issue #472 QR scan reader blocked by csp
-
[1.7.0]
- Update 2FAuth to 5.6.0
- Full Changelog
- The Get official icon feature now includes two new icon providers, selfh.st and dashboardicons.com, as well as the ability to select a preferred variant or to switch between providers directly from the Advanced form. (#475).
OPENID_HTTP_VERIFY_SSL_PEER: Enable or disable SSL peer verification during OpenID authentication process (doc).- Personal Access Token (PAT) can be used when authentication is restricted to SSO only. This is particularly useful when you want to use the 2FAuth web extension. Check out the new Allow PAT usage setting in the Admin > Auth > SSO section (#474).
- issue #477 Steam OTP codes don't refresh when become invalid
/api/v1/icons/defaultPOST path added (doc).
-
[1.7.1]
- Fix website link
-
[1.7.2]
- Update 2FAuth to 5.6.1
- Full Changelog
- issue #510 Composer 2.7+ blocks installation due to svg-sanitize advisory
-
[1.8.0]
- Update 2FAuth to 6.0.0
- Full Changelog
- 2FAuth can now fetch icons from offline icon packs. Visit the new Icon documentation page to learn how to set them up (#203).
- The sort order of 2FA accounts is saved to user preferences when changed from the Manage mode. This allows the account list to be reordered automatically after a new account is registered. (#377).
- Groups can be reordered (manually, from the Group management view) (#419).
- A new filter is available to only show 2FA accounts that do not belong to any group (#430).
- The Import feature now supports Bitwarden export (#501).
- Group names now accept single quote (#465).
- Upon logging out, users are now redirected to the last login form they used: Password, SSO or Webauthn. (#478).
- Catchable errors that occur during the sending of a test email are now displayed in the UI to help you understand what's going on.
- issue #447 Unable to import Google Authenticator.
- issue #464 Import error not correctly reported in the GUI.
