c3464d7769
Merge pull request 'release/v0.4.0' ( #5 ) from release/v0.4.0 into master
...
Release Docker Image / Build & Push Docker Image (release) Successful in 11m26s
Reviewed-on: #5
2026-04-09 20:58:45 +00:00
09b3333571
Release: v0.4.0-alpha
PR Tests / Lint, Build & Test (pull_request) Successful in 8m31s
Security Scan / Go Vulnerability Check (pull_request) Successful in 8m3s
2026-04-09 22:38:46 +02:00
d8cb1a2f97
Update dashboard screenshot
PR Tests / Lint, Build & Test (pull_request) Has been cancelled
Security Scan / Go Vulnerability Check (pull_request) Has been cancelled
2026-04-09 22:34:00 +02:00
789ef6f10f
fix: align upload button layout in login background image section
2026-04-09 22:27:23 +02:00
c2b96563cb
remove: login card style dropdown and subtitle setting, glass effect now always active
2026-04-09 22:20:36 +02:00
b4424b1e64
feat: auto-detect login text color based on background image brightness
2026-04-09 22:09:30 +02:00
2f55ec84b8
feat: add glassmorphism effect to all cards, header, sidebar and standalone pages
2026-04-09 21:41:42 +02:00
07ea917726
fix: master key deploy now logged in deployment history, add flash feedback after deploy
2026-04-09 15:13:41 +02:00
da6d66e048
feat: add TZ timezone support for all displayed timestamps
2026-04-09 13:37:51 +02:00
c15bac108d
feat: rework footer – remove license, link Keywarden to keywarden.app, link version to releases page
2026-04-08 23:24:17 +02:00
b665e623f9
feat: add login page customization (background image, glass card style, subtitle)
2026-04-08 23:12:30 +02:00
dae6c6ae02
fix: add icon text spacing to standalone pages
2026-04-08 22:44:28 +02:00
ce36939d31
docs: update architecture, security and contributing docs for gzip and font subsetting
2026-04-08 22:32:51 +02:00
8a10981ecc
perf: subset tabler-icons font/CSS to used icons only (801KB -> 18KB woff2, 217KB -> 4KB CSS)
...
- Remove unused .ttf and .woff font files
- Fix preload URL mismatch causing double font download
- Remove content-visibility: auto (Firefox freeze on tab hover)
- Add font-display: swap for non-blocking font loading
- Add tools/subset-icons.py for future icon subsetting
2026-04-08 22:32:33 +02:00
34ce8a8fc3
feat: add gzip compression middleware for HTTP responses
2026-04-08 22:32:12 +02:00
3a860914d5
fix: auto-detect version from version.go in Dockerfile, pass git tag in CI release
2026-04-08 21:37:49 +02:00
dd4af5b25c
feat: allow owner to deploy system master key from deploy page
2026-04-08 21:37:27 +02:00
1cf7f50bfb
feat: centralize version in internal/version package, fix updater for pre-release tags, show version in footer
2026-04-08 21:10:07 +02:00
ca402eb88e
fix: harden auth timing, cookie attrs, password gen bias, email template escaping; add security tests
2026-04-08 20:45:16 +02:00
fe31ef5a3c
Merge pull request 'v0.3.0-alpha' ( #4 ) from v0.3.0-alpha into master
...
Release Docker Image / Build & Push Docker Image (release) Successful in 6m44s
Reviewed-on: #4
2026-04-08 18:22:02 +00:00
eb1f4e0738
fix: bump Go from 1.26.1 to 1.26.2 to resolve stdlib vulnerabilities
PR Tests / Lint, Build & Test (pull_request) Successful in 6m7s
Security Scan / Go Vulnerability Check (pull_request) Successful in 5m33s
2026-04-08 20:09:40 +02:00
653592e68f
feat: add automatic update checker with version injection
...
PR Tests / Lint, Build & Test (pull_request) Successful in 5m45s
Security Scan / Go Vulnerability Check (pull_request) Failing after 5m42s
- Add internal/updater package (queries Gitea releases API every 6h)
- Inject version at build time via -ldflags (-X main.Version)
- Show update badge in header for admin/owner users
- Show version on system info page
- Add VERSION build arg to Dockerfile
- Update docs (deployment, architecture, admin-guide, contributing, README)
2026-04-07 23:13:26 +02:00
465a44fae9
feat: show public key in modal with copy button instead of plain text page
2026-04-07 22:57:58 +02:00
05f8698c6b
fix: add clipboard fallback for master key copy on HTTP
2026-04-07 22:43:47 +02:00
a63f3fb5ff
feat: add 5 theme pairs (ocean, forest, sunset, rose, nord) with light/dark/auto modes\n\n- Override Tabler dark-mode surface/border CSS variables per theme to remove blue tint\n- Add theme accent colors for badges, buttons, links, forms\n- Make Ocean the default theme, auto-migrate legacy values (auto/light/dark)\n- Update settings dropdown with grouped theme options\n- Update user-guide docs with new theme descriptions"
2026-04-07 22:14:56 +02:00
c4171e5b87
feat: protect initial owner from role change and deletion
2026-04-07 20:47:22 +02:00
8b9de9e83d
feat: add Bastillion-style SSH key enforcement worker
2026-04-06 00:17:03 +02:00
3a843354b6
docs: add dashboard screenshot to README
2026-04-05 22:46:09 +02:00
61cc63d3f9
Merge pull request 'v0.2.1-alpha' ( #3 ) from v0.2.1-alpha into master
...
Release Docker Image / Build & Push Docker Image (release) Successful in 5m31s
Reviewed-on: #3
2026-04-05 20:30:39 +00:00
f893d26791
fix: enforce LF line endings for shell scripts (.gitattributes)
PR Tests / Lint, Build & Test (pull_request) Successful in 5m30s
Security Scan / Go Vulnerability Check (pull_request) Successful in 4m47s
2026-04-05 22:17:51 +02:00
68777a5516
feat: add CLI password reset command (docker exec reset-password)
2026-04-05 22:17:46 +02:00
0fcd99a191
Merge pull request 'v0.2.0-alpha' ( #2 ) from v0.2.0-alpha into master
...
Release Docker Image / Build & Push Docker Image (release) Successful in 5m33s
Reviewed-on: #2
2026-04-05 17:56:47 +00:00
025d23e5a6
docs: add container registry URL to deployment docs and README
PR Tests / Lint, Build & Test (pull_request) Successful in 5m0s
Security Scan / Go Vulnerability Check (pull_request) Successful in 4m46s
2026-04-05 19:45:47 +02:00
be05dd5eac
fix: add entrypoint.sh to fix /data permission denied on bind-mount
PR Tests / Lint, Build & Test (pull_request) Has been cancelled
Security Scan / Go Vulnerability Check (pull_request) Has been cancelled
2026-04-05 19:42:18 +02:00
bb3bf0330f
security: fix data loss on container restart due to relative paths
...
Root cause: .env.example used relative paths (./data/...) which resolve
to /app/data/ inside the container instead of the persistent volume at
/data/. This caused the database to be recreated on every container
restart, resetting the admin password to a new initial value.
Fixes:
- .env.example: comment out path settings with clear warning about
relative paths; Dockerfile already provides correct absolute defaults
- auth: add initial_setup_complete flag in settings table as
defence-in-depth so EnsureAdmin never re-creates an admin after
the initial setup, even if the users table is unexpectedly empty
- main: add validateDataPaths() startup check that warns when relative
container paths are detected (potential data-loss misconfiguration)
- auth_test: extend TestEnsureAdmin to verify the flag prevents
admin re-creation after user deletion
2026-04-05 19:21:15 +02:00
c2d4148de6
add build to docker-compose
2026-04-05 19:12:44 +02:00
ea3e7e71ca
refactor: convert force_password_change to standalone layout (no sidebar)
2026-04-05 19:03:32 +02:00
5bd77de32d
Merge pull request 'v0.1.1-alpha' ( #1 ) from v0.1.1-alpha into master
...
Release Docker Image / Build & Push Docker Image (release) Successful in 5m11s
Reviewed-on: #1
2026-04-05 16:41:18 +00:00
43827d0d9e
docs: add Matrix community chat links
PR Tests / Lint, Build & Test (pull_request) Successful in 5m14s
Security Scan / Go Vulnerability Check (pull_request) Successful in 4m48s
2026-04-05 18:28:26 +02:00
1d60ba2999
fix: add nodejs to security-scan container for checkout action
PR Tests / Lint, Build & Test (pull_request) Has been cancelled
Security Scan / Go Vulnerability Check (pull_request) Has been cancelled
2026-04-05 18:25:46 +02:00
268955732a
fix: use net.JoinHostPort for IPv6-compatible address formatting
PR Tests / Lint, Build & Test (pull_request) Successful in 5m19s
Security Scan / Go Vulnerability Check (pull_request) Failing after 17s
2026-04-05 18:18:26 +02:00
1083b54fb9
fix: add nodejs to alpine container for actions/checkout
PR Tests / Lint, Build & Test (pull_request) Failing after 4m29s
Security Scan / Go Vulnerability Check (pull_request) Failing after 13s
2026-04-05 18:07:56 +02:00
45baaf8db8
docs: add secure key generation guide for session and encryption keys
PR Tests / Lint, Build & Test (pull_request) Failing after 45s
Security Scan / Go Vulnerability Check (pull_request) Failing after 14s
2026-04-05 17:58:02 +02:00
fbff33d201
docs: update feedback link to GitHub Issues
2026-04-05 17:53:59 +02:00
e994f13526
refactor: rename KEYWARDEN_ADMIN_USER/EMAIL env vars to KEYWARDEN_OWNER_USER/EMAIL
...
- Rename environment variables to match the owner role
- Add backward compatibility: legacy ADMIN vars still accepted with deprecation warning
- Update .env.example, docs and quickstart accordingly
2026-04-05 17:45:43 +02:00
775186038e
feat: use prebuilt image, bind mount and custom network in docker-compose
2026-04-05 17:41:06 +02:00
6cbcb272d0
fix(ci): handle empty tag in workflow_dispatch trigger
...
- Fallback to latest git tag when github.event.release.tag_name is empty
- Add fetch-depth: 0 to checkout step so git tags are available
- Fail with clear error if no tag exists at all
2026-04-05 17:19:05 +02:00
91e4758bb8
ci: add workflow_dispatch trigger to release-docker workflow
2026-04-05 17:15:09 +02:00
7a448034e4
fix(ci): remove protocol prefix from Docker image tags
2026-04-05 17:13:30 +02:00
fd13e67aef
Release: v0.1.0-alpha
Release Docker Image / Build & Push Docker Image (release) Failing after 1m30s
2026-04-05 16:56:16 +02:00
