Release song: https://youtu.be/t12nOxmB278

Passbolt 5.7.2 fixes an issue introduced in v5.7.0 that affected the health check when it was run after the cleanup command.
The bug caused the server metadata private key to be incorrectly deleted, resulting in health check failures.
This has now been resolved, and the cleanup process works as expected.

We thank the community again for reporting this issue!

[5.7.2] - 2025-11-17

Fixed

• PB-46826 As an administrator running the cleanup task, the server metadata private key entry should not be deleted

Release song: https://youtu.be/XZMFeDxW60A?si=OJshLL0aEMe_5yTe

Passbolt 5.7.1 fixes an issue introduced in the previous version that affected logging in with Duo MFA. Authentication with Duo is now fully restored.

We thank the community for reporting this issue!

[5.7.1] - 2025-11-14

Fixed

• PB-46680 Fix DUO authentication form blocked by CSP header

Release song: https://youtu.be/fMnh5Tn8aeM

Passbolt 5.7.0 introduces secret history, a highly demanded feature that gives users visibility and control over previous
versions of their secrets. This release also includes several usability improvements requested and bug fixes reported by the community.

Secret history

It is now possible to access previous revisions of a secret directly from Passbolt.

Secret history helps reduce the impact of human error and offers a safer way to manage evolving secrets. For instance,
this enables users to undo an accidental update on the spot. Note that the feature is disabled by default and requires
an administrator to enable it from the administration workspace.

User and group workspace improvements

A new “Remove from group” action has been added to the user and group workspaces. This addition eliminates the confusion
between permanently deleting a user and simply removing them from a specific group.

Moreover, administrators can now instantly filter users that require attention via the “Attention Required” filter in
the workspace. For instance: identifying users with a pending account recovery request to review, or missing metadata keys.

Import report

The application now displays a summary dialog after an import, offering accurate and actionable information.
The report precisely categorises alerts into successes, warnings and errors, providing end users with additional logs.

Miscellaneous improvements

As usual this release is packed with improvements and bug fixes reported by the community. Notably, the reliability of autofill
has been improved across a wider range of websites. If you find that autofill does not work on a particular website, feel free
to open a bug report including the website details to help us identify the custom selector. For more, check out the changelog below.

Many thanks to everyone who provided feedback, reported issues, and helped refine these new features.

[5.7.0] - 2025-11-12

Added

• PB-46107 As an administrator I can define the number of past secret revisions persisted in DB
• PB-46109 As an administrator I can block the edition of the secret revisions settings with a configuration flag
• PB-46110 As a logged-in user I can view the past secret revisions of a resource
• PB-45059 As an administrator I can see in the healthcheck if zero knowledge is activated and the server has access to the key
• PB-45496 As an administrator I can run a clean-up task to delete metadata private keys entries of soft & hard-deleted users
• PB-45567 As an administrator I can run a passbolt user_index command to list all users
• PB-45567 As an administrator I can run a passbolt user_promote_to_administrator command to promote users to administrators
• PB-45567 As an administrator I can run a passbolt mfa_user_settings_disable command to disable MFA for a given user
• PB-46146 As an administrator I can hide the warning on commands run as non web-user with a configuration flag

Security

• PB-45158 Adds frame-ancestors:none and form-action:self to the CSP header

Fixed

• PB-44623 The API should return a 400 instead of 500 on /auth/jwt/logout.json when refresh_token isn't a UUID
• PB-45760 Fixes a translation in setup recover abort email reported by community
• PB-45262 Prevent activity log from showing secret creation during resource share as a secret update

Maintenance

• PB-45731 As a developer I can ensure by unit tests that all Crowdin translations are parsable
• PB-45788 Updates sessions.sql file as per the latest cakephp skeleton
• PB-43742 Updates PHPUnit vendor to v11
• PB-45829 Upgrades Passbolt API Web Installer to use OpenPGP.js version 6

Release song: https://youtu.be/SUu9aEoQOL8

Passbolt 5.6.1 addresses a security issue identified in the underlying CakePHP framework.
The issue has been fully mitigated through a framework update.
All administrators are advised to update to this version to maintain a secure environment.

[5.6.1] - 2025-11-04

Security

• PB-45919 Fix security issue in query generation for CakePHP

Release song: https://www.youtube.com/watch?v=bu50DtPF1Ac

Passbolt 5.6.0 introduces standalone notes to store sensitive secrets beyond passwords and shared metadata key rotation to give organisations stronger control over their encrypted data. This release also delivers several long-awaited usability improvements on the main workspaces that make the day-to-day experience smoother.

Standalone notes

It is now possible to create notes as standalone resources, no longer tied to a password or TOTP entry. This offers a dedicated resource type for text-based secrets that don’t fit into existing supported types such as passwords, TOTPs, or custom fields.

Standalone notes benefit from the same permissions, encryption, and audit trail as passwords, ensuring they remain just as secure and shareable. Each note supports up to 50 KB of text, leaving ample room for certificates, SSH keys, or other long-form secrets that Passbolt plans to support natively in the future. Import and export flows have been updated accordingly and any imported resources that contain only a description will now be recognised and created as standalone notes.

Resizable sidebars: more space where it matters

Both the main workspace and the Users & Groups workspace now feature sidebars that can be resized, giving users more control over how they view their data. This improvement makes it easier to read long folder names and navigate deeply nested folder structures.

The ability to resize sidebars adds to the overall customisation of the interface, complementing existing options such as adjusting the width of the main workspace grid columns or choosing which information to display. Once adjusted, the sidebar adapts smoothly to the preferred width, and a quick double-click on the handle resets it to the default size.

Shared metadata key rotation

Administrators can now rotate the shared metadata key directly from the organisation settings without disrupting the availability of the instance. This capability gives organisations greater control over their encrypted metadata and is another milestone in completing the encrypted metadata roadmap.

Rotating the shared key enhances security in several important ways. It supports compliance with internal security policies or industry standards that require periodic key rotation. It also strengthens forward secrecy: when a collaborator leaves the organisation, administrators can generate and distribute a new shared metadata key to ensure that former members cannot access metadata encrypted after their departure.

Miscellaneous Improvements

This release is also packed with minor bug fixes and performance improvements, notably in group management where large updates are now split into smaller requests. This change reduces the load on the API and resolves timeout issues that could occur when many changes were applied to the same group at once. For the full list of changes, check out the changelog.

Many thanks to everyone who shared feedback, reported issues, and helped refine these features.

[5.6.0] - 2025-10-08

Added

• PB-45058 Add datacheck to check for existing metadata key with no metadata private keys
• PB-44187 As an admin I cannot delete a metadata key associated with a deleted resource
• PB-44183 As a user that is sole owner of v4 resources when v4 resources types are disabled, v4 resources should be ignored on an ownership transfer request
• PB-44770 As a user I want to configure the trusted_proxies list as an environment variable
• PB-45471 Add new database migration to add standalone notes resource type
• PB-45472 Update resource types endpoints tests to assert enable/disable is working for new standalone notes resource type
• PB-45473 Update resources endpoints tests to accommodate new standalone notes resource type

Fixed

• PB-45222 Fix EmailDigest not working for v5 resources
• PB-45447 Fix PUT /metadata/keys/.json endpoint returning 500 error with trailing data
• PB-45436 As an administrator I can define the default cache engine with an environment variable
• PB-45454 Fix 500 error due to MySQL deadlock on create resource endpoint
• PB-45456 Allow editing of v4 resources even when v4 resource type creation is disabled
• PB-45258 Fix grammatical errors in the resource update email content
• PB-45057 Reduce memory consumption on the action logs endpoints
• PB-45057 Reduce memory consumption on resources and folders index endpoints

Maintenance

• PB-44813 Bring back DDEV ldap related services for development environment
• PB-44593 Bump i18next version
• PB-45161 Fix regularly failing UsersIndexControllerPaginationTest.php test
• PB-45270 Add custom exception message with client IP in /healthcheck/error.json
• PB-45062 Fix user_setup_complete.php template in LU folder instead of AD

Release song: https://www.youtube.com/watch?v=bu50DtPF1Ac

Passbolt 5.6.0-rc.1 is a feature release candidate introducing standalone notes, shared metadata key rotation and resizable sidebars. This release comes as usual with security reinforcement by updating 3rd party libraries and other bug fixes.

In addition, it also includes bug fixes and maintenance updates:

• export of account kit is compatible with bigger private keys
• group membership update process is updated to reduce request size and avoid some size limitations
• folders name sort includes now natural number counting

Make sure to follow the steps here. As always, your feedback is invaluable, give it a try and report any issues you come across.
Enjoy the testing journey! ❤️

[5.6.0-rc.1] - 2025-10-06

Added

• PB-45058 Add datacheck to check for existing metadata key with no metadata private keys
• PB-44187 As an admin I cannot delete a metadata key associated with a deleted resource
• PB-44183 As a user that is sole owner of v4 resources when v4 resources types are disabled, v4 resources should be ignored on an ownership transfer request
• PB-44770 As a user I want to configure the trusted_proxies list as an environment variable
• PB-45471 Add new database migration to add standalone notes resource type
• PB-45472 Update resource types endpoints tests to assert enable/disable is working for new standalone notes resource type
• PB-45473 Update resources endpoints tests to accommodate new standalone notes resource type

Fixed

• PB-45222 Fix EmailDigest not working for v5 resources
• PB-45447 Fix PUT /metadata/keys/.json endpoint returning 500 error with trailing data
• PB-45436 As an administrator I can define the default cache engine with an environment variable
• PB-45454 Fix 500 error due to MySQL deadlock on create resource endpoint
• PB-45456 Allow editing of v4 resources even when v4 resource type creation is disabled
• PB-45258 Fix grammatical errors in the resource update email content
• PB-45057 Reduce memory consumption on the action logs endpoints
• PB-45057 Reduce memory consumption on resources and folders index endpoints

Maintenance

• PB-44813 Bring back DDEV ldap related services for development environment
• PB-44593 Bump i18next version
• PB-45161 Fix regularly failing UsersIndexControllerPaginationTest.php test
• PB-45270 Add custom exception message with client IP in /healthcheck/error.json
• PB-45062 Fix user_setup_complete.php template in LU folder instead of AD

Release song: https://youtu.be/RyP8hGuyknA

Passbolt 5.5.2 resolves an issue introduced in the previous version that affected the editing of encrypted metadata settings. Due to zero-knowledge mode being required in some conditions, administrators were unable to edit the metadata key settings. This has now been fixed, restoring the ability to customize these settings.

We thank the community for reporting this issue!

[5.5.2] - 2025-09-29

Fixed

• PB-45439 As an administrator I can edit the metadata key settings when not editing zero-knowledge mode

Release song: https://youtu.be/L3Wo8jcNrkQ

Passbolt 5.5.0 is a feature release introducing encrypted metadata in zero-knowledge mode and SCIM provisioning (beta) for automated user management.

Encrypted Metadata Zero-Knowledge Mode

This mode is designed for organizations that prioritize privacy over server-side auditability. In this setup, the server never has access to the shared metadata private key.

• Key distribution: When a new user joins, the server does not distribute the metadata key.
  Administrators are notified by email and can review which users are missing the key in the Users & Groups workspace. Keys must then be shared manually.
• User experience: Until the key is received, the user’s actions are limited. Operations that depend on metadata, such as sharing a resource, moving a private item into a shared folder or creating resources intended to be shared are blocked.
• Guidance in UI: If a restricted action is attempted, the interface provides an explanation and steps to resolve the issue.

More details are available in the dedicated blog post on encrypted metadata and zero-knowledge.

Several bugs reported by the community have also been fixed. As always, thank you to everyone who took the time to file issues and suggest improvements. Checkout the changelog for more information.

[5.5.0] - 2025-09-15

Added

• PB-44639 As an administrator, when updating metadata settings from friendly mode to zero knowledge, I should see the server key dropped in DB
• PB-44756 Updates metadata keys settings endpoint to accept server metadata private key
• PB-44752 Adds a new data check for existing resources v5 encrypted with hard or soft deleted shared metadata key

Fixed

• PB-45060 Fixes custom fields json schema properties type
• PB-45062 Fixes user_setup_complete.php template in LU folder instead of AD
• PB-44760 Fixes health check "record not found in table organization_settings" issue (GITHUB #563)

Maintenance

• PB-44915 Changes DDEV containers names and URLs from passbolt-ce-api to passbolt-api
• PB-44813 Updates ddev config
• PB-44772 Speeds up continuous integration by splitting pipelines in two distinct test suites

Release song: https://youtu.be/L3Wo8jcNrkQ

Passbolt 5.5.0-rc.1 is a feature release candidate introducing encrypted metadata in zero-knowledge mode and SCIM provisioning (beta) for automated user management.

Encrypted Metadata Zero-Knowledge Mode

This mode is designed for organizations that prioritize privacy over server-side auditability. In this setup, the server never has access to the shared metadata private key.

• Key distribution: When a new user joins, the server does not distribute the metadata key.
  Administrators are notified by email and can review which users are missing the key in the Users & Groups workspace. Keys must then be shared manually.
• User experience: Until the key is received, the user’s actions are limited. Operations that depend on metadata, such as sharing a resource, moving a private item into a shared folder or creating resources intended to be shared are blocked.
• Guidance in UI: If a restricted action is attempted, the interface provides an explanation and steps to resolve the issue.

More details are available in the dedicated blog post on encrypted metadata and zero-knowledge.

Several bugs reported by the community have also been fixed. As always, thank you to everyone who took the time to file issues and suggest improvements. Checkout the changelog for more information.

[5.5.0-rc.1] - 2025-09-12

Added

• PB-44639 As an administrator, when updating metadata settings from friendly mode to zero knowledge, I should see the server key dropped in DB
• PB-44756 Updates metadata keys settings endpoint to accept server metadata private key
• PB-44752 Adds a new data check for existing resources v5 encrypted with hard or soft deleted shared metadata key

Fixed

• PB-45060 Fixes custom fields json schema properties type
• PB-45062 Fixes user_setup_complete.php template in LU folder instead of AD
• PB-44760 Fixes health check "record not found in table organization_settings" issue (GITHUB #563)

Maintenance

• PB-44915 Changes DDEV containers names and URLs from passbolt-ce-api to passbolt-api
• PB-44813 Updates ddev config
• PB-44772 Speeds up continuous integration by splitting pipelines in two distinct test suites

Release song: https://www.youtube.com/watch?v=6tpGC4lgpMg

This hot-fix addresses several issues introduced in recent v5.x releases.

Since v5.3, organizations running Passbolt on servers with a locale different from en-UK could encounter issues to update or later to use the application, which have now been resolved.

It also fixes a problem where organizations that had manually disabled encrypted metadata using the kill switch available to system administrators were unable to initiate imports
credentials from the web application. This was a side effect of recent work preparing for the upcoming zero-knowledge capability, which will further strengthen the encrypted
metadata feature introduced earlier.

Finally, since v5.0, resources whose secrets had been modified, irrespective of whether the secret was a password, a TOTP, or a secure note, have had their expiration dates
automatically rotated, which was not the expected behaviour. The expected behaviour is now restored: the expiration date is rotated only when the password is edited.

We thank the community for promptly reporting these issues.

[5.4.1] - 2025-08-13

Fixed

• PB-44220 Enforces the format to datetime string when persisting the last_logged_in field on users login