This repository was archived by the owner on Apr 17, 2025. It is now read-only.
Releases: adobe/cryptr
Releases · adobe/cryptr
0.6.0
0.5.0
There are two primary purposes of this release:
- Enable OIDC auth provider. Users may now login to Vault instances that support the OIDC vault provider.
- Enhanced Security: With the release of 0.5.0, tighter security measures have been implemented to ensure the code-safety of Cryptr as it interacts with sensitive data. Users are recommended to upgrade to gain these additional safety controls.
Other:
- Bugfix: Querying Vault policies are now deduplicated prior to requesting them from Vault.
- Enhancement: Improved error messages on failure to login
0.4.0
The primary purpose of this release is performance:
- Lazy Loading: The "folder" structure of secrets inside Vault will now only be loaded as needed. As a user navigates to a secret location, only those locations will loaded. This is a major performance increase for larger Vault instances and users who have access to many secrets (1,000's or >10,000 secrets).
Other:
0.3.0
The primary features of this release are as follows:
- Support for Versioned Secrets (kv V2 secret engine)
- Create, Read, Update, Delete, Undelete, Destroy, Move
- Support for multiple secret mounts of type Generic, KV or KV v2
- Increased platform security by removing capabilities
- New Secret preserves the folder path
- String Type checking for numbers, arrays, and non-key-value pairs
- Linux: more package types now available: deb, rpm, tar.gz, and AppImage
- New icons for "Hide Values" and "Raw"
- "Hide Values" is no longer reset when navigating between secrets
Changelog:
Support for Versioned Secrets (KV V2 secret engine)
- Create, Read, Update, Delete, Undelete, Destroy, Move operations all supported
- Added support for wildcard policies on v2 secret backends
Other
- Improved capabilities checking before executing move requests
- Upgrade: Update to Electron 4.0
- Feature: swap raw and hide values for icons
- Feature: make Hide Values persistent
- Fixed: numbers and arrays now get cast as strings and objects!!
- Fixed: object sub-properites modified in JSON did not propogate to UI
- Fixed: Values of type Number were cast as Strings on edit
- Fixed: Arrays were improperly cast as Object on edits
- Added: Stricter type checking
- Added: Support for non-key-value values in Arrays
- Added: Support for Numbers and Arrays
- Bug: Fixed case where new secret path is set to "secret/"
- Fix bug where Share fails to properly set type
- Disable middle click
- Remove nodeIntegration and require() ability to decrease attack surface. Refactor appropriately
- Swap clipboard for polyfill, removing dependency on node API
- Prevent window navigation when dropping a link
- Update copyright
- show icon or error when secret data is null
- clear "TOKEN" as username
- improve error output for move requests
0.2.0
The primary features of this release are as follows:
- Search: You can now search the secret name and path to find secrets. Support is found for strict searching and Fuzzy searching.
- Duplicate: In the Duplicate operation, the location is now auto-filled for the user.
- Dangling Secrets: Support for "dangling" secrets, where the user has no rights to parent folders, but does to a specific nested folder/secret
Changelog
- Feature: Support for "dangling" secrets, where the user has no rights to parent folders, but does to a specific nested folder/secret
- Feature: Search! Both using "strict" searching and "fuzzy" searching
- Bug: Duplicate secrets can be shown when multiple policies reference the same secrets
- Enhancement: Increased width of secret path field
- Enhancement: New secrets automatically inherit a location
- Enhancement: Duplicating secrets auto-fills the secret Location
- Enhancement: Minor enhancements to UI
0.1.6
The primary features of this release are as follows:
- Share Secrets: Now, utilizing Vault's Response Wrapping functionality, a user may easily and securely share a secret, whether that be a single key/value pair, a file, or a unstructured text.
- Multiple Vault Endpoints: The user may now specify multiple Vault endpoints to be saved in Cryptr
- Duplicate Secrets: A new "Duplicate" button allows users to easily duplicate a secret
- X-Cryptr-Version Header: When a Vault admin enables audit logging, all requests coming from Cryptr will specify Cryptr's version. This allows admins to track usage, and assists in designating what requests originate in Cryptr.
- Bare-Minimum network usage: Cryptr now only communicates with internet addresses the user provides. No other network connections are ever established. This is independently verifiable.
Changelog
- Feature: Easily share secrets!
- Feature: Added support for saving multiple Vault endpoints at login
- Feature: Ability to duplicate secrets
- Feature: "X-Cryptr-Version" header now send to Vault endpoint on every request
- Feature: Local fonts prevent app from reaching out to Google servers for fonts
- Enhancement: User is now thoroughly warned before taking destructive actions (delete/update/overwrite/move)
- Enhancement: Development on Windows is now supported
- Enhancement: Restructured a core component into reusable code
- Enhancement: Created framework for automated testing of Cryptr
- Enhancement: Overwrite alert is now only produced for secrets, not folders
- Updated screenshot
0.1.5
Create Secret page has a new UI, new vault dev server support, and prompting of the user to renew their auth token. JSON secrets can now be more easily created.
Changelog
- Feature: New "Create Secret" page
- Feature: Add Vault dev server support
- Feature: User is now prompted to renew before auth token expires
- Enhancement: White space is no longer concatenated in a secret name
- Enhancement: When a secret is created/updated/moved, it is automatically navigated to
- Enhancement: Underscore to Space conversions improved
- Enhancement: Move button is now more transparent
- Enhancement: Raw view improved
- Enhancement: Make topbar more draggable
- Bug: Navigating to secrets too quickly could cause odd behavior
- Bug: Switching to 'raw' on file and back, changes to JSON view and not File view
- Bug: Sidebar can be grow beyond 3/4 width of page
- Bug: JSON edited in RAW mode would not be reflected in structured view
- Updated screenshot
0.1.4
The ability to edit a secret in RAW view is under development, as well the ability to graphically add new objects/strings/arrays/numbers to an already existing secret.
Changelog
- Feature: Drastically faster loading time after login
- Feature: Added Multi-Value secret view and update support
- Feature: Toggle ability to see all hidden values
- Feature: Default hiding of "value" fields behind asterisks for secrets
- Feature: Raw JSON viewing support
- Enhancement: Improved UI for downloading files
- Enhancement: Improved UI for viewing secrets
- Enhancement: Enhanced clearing of data from RAM at logout
- Enhancement: Improved login URL checking
- Enhancement: Passwords/tokens no longer removed when changing Auth type on login screen
- Enhancement: Enhanced security: testing a provided vault endpoint more thoroughly before sending credentials
- Enhancement: Now tests the v1/sys/seal-status for vault validity test rather than v1/sys/init
- Enhancement: Enhanced error output surrounding token login
- Enhancement: Enhance UI of Delete function
- Enhancement: Consolidated Logout and ClearData functionality to one location
- Enhancement: Moved refreshData code to a better home, reducing code complexity
- Enhancement: Added warning when moving a secret would overwrite another secret
- Enhancement: Fixed bug where a move request would create a duplicate secret in sidebar hierarchy
- Enhancement: Enhanced placeholder UI for dashboard
- Enhancement: Optimize loading time for large vault folder structures
- Enhancement: Restrict the filesystem-saved user data to minimal set
- Enhancement: Update bower packages
- Bug: Fix for if a user has a deny policy removed while app is open and between logouts
- Bug: Fix issue where window doesn't appear at startup.
- Bug: Old login errors now disappear upon successful login
0.1.3
0.1.2
- Feature: Improve boot UI for smoother transitions into app
- Bug: Secret name tied to secret key
- Enhancement: Handle error of creating of secrets at a folder
- Enhancement: Ability to move files in addition to secrets
- Bug: Moving a secret shows an empty parsedName value