1.27.0

New features

Event logs for organizations

With this feature enabled, actions occurring inside an organization will be recorded in a log, viewable by organization admins and owners. Check the official documentation to learn more: https://bitwarden.com/help/event-logs/ (Note that the Public API is not yet implemented, so the events are only viewable in the Web Vault)

To enable this feature, set ORG_EVENTS_ENABLED=true. By default all events will be stored indefinitely, if you want to limit that, you can use the EVENTS_DAYS_RETAIN option. You can also tune the cleanup schedule with EVENT_CLEANUP_SCHEDULE.

Group support (beta)

Enables the creation and use of groups inside an organization. At the moment this is in beta because there are some known issues (#2989). Still, the more this feature is tested, the faster we will be able to stabilize it.

To enable this feature, set ORG_GROUPS_ENABLED=true, make sure to make proper backups of your instance before hand.

What's Changed

• Group support | applied .diff by @MFijak in #2846
• Add Organizational event logging feature by @BlackDex in #2868
• Updated web vault to 2022.12.0 by @dani-garcia
• Update diesel to 2.0.2 by @dani-garcia in #2724
• Limit Cipher Note encrypted string size by @BlackDex in #2945
• fix invitations of new users when mail is disabled by @stefan0xC in #2773
• attach images in email by @stefan0xC in #2784
• allow registration without invite link by @stefan0xC in #2799
• Fix master password hint update not working. by @BlackDex in #2834
• Sync global_domains.json by @jjlin in #2840
• verify email on registration by invite by @stefan0xC in #2804
• Take ROCKET_ADDRESS into account in the Docker healthcheck by @jjlin in #2844
• Update github workflows by @BlackDex in #2852
• feat: Bump web-vault to v2022.10.1 by @GeekCornerGH in #2859
• Update Rust version, deps and workflow by @BlackDex in #2888
• Add /devices/knowndevice endpoint by @BlackDex in #2893
• fix: removed a double space by @GeekCornerGH in #2894
• Support Org Export for v2022.11 clients by @BlackDex in #2899
• Use constant size generic parameter for random bytes generation by @samueltardieu in #2910
• Update config comment to reflect rfc8314. by @skid9000 in #2911
• Set "Bypass admin page security" as read-only by @BlackDex in #2918
• Fully remove DuckDuckGo email service. by @BlackDex in #2919
• Added missing register endpoint to identity by @BlackDex in #2920
• Prevent DNS leak when icon regex is configured by @BlackDex in #2921
• Update settings description by @karbobc in #2928
• allow managers to set groups of a collection by @stefan0xC in #2933
• Update Vaultwarden Logo's by @BlackDex in #2940
• check if sqlite folder exists by @stefan0xC in #2873
• redirect to admin login page when forward fails by @stefan0xC in #2886
• Cleanups and Fixes for Emergency Access by @BlackDex in #2936
• Update dependencies for Rust and Admin interface. by @BlackDex in #2941
• Fix admin repost warning. by @BlackDex in #2953
• Add dev-only query logging support by @BlackDex in #2954
• Fix managers and groups link by @BlackDex in #2947
• use a custom 404 page by @stefan0xC in #2948
• Increase privacy of masked config by @BlackDex in #2963
• Improve comments by @tessus in #2969
• use black favicon for /admin by @tessus in #2970
• Remove ctrlc crate and some updates by @BlackDex in #2971
• Fix org export (again) by @BlackDex in #2973
• Revert collection queries back to left_join by @BlackDex in #2976
• Fix recover-2fa not working. by @BlackDex in #2994
• Disable groups by default and Some optimizations by @BlackDex in #2995
• Fix a panic during Yubikey register/login by @BlackDex in #3006

New Contributors

• @MFijak made their first contribution in #2846
• @GeekCornerGH made their first contribution in #2859
• @samueltardieu made their first contribution in #2910
• @skid9000 made their first contribution in #2911
• @karbobc made their first contribution in #2928
• @tessus made their first contribution in #2969

Full Changelog: 1.26.0...1.27.0