passbolt
diff --git a/‎CHANGELOG.md
+54 b/‎CHANGELOG.md
+54
diff --git a/‎RELEASE_NOTES.md
+33-19 b/‎RELEASE_NOTES.md
+33-19
diff --git a/‎composer.json
+1-1 b/‎composer.json
+1-1
diff --git a/‎composer.lock
+7-7 b/‎composer.lock
+7-7
diff --git a/‎config/version.php
+2-2 b/‎config/version.php
+2-2
diff --git a/‎package-lock.json
+7-7 b/‎package-lock.json
+7-7
diff --git a/‎package.json
+1-1 b/‎package.json
+1-1
diff --git a/‎plugins/PassboltCe/EmailDigest/tests/Factory/EmailQueueFactory.php
+1-1 b/‎plugins/PassboltCe/EmailDigest/tests/Factory/EmailQueueFactory.php
+1-1
diff --git a/‎plugins/PassboltCe/EmailNotificationSettings/src/Utility/EmailNotificationSettings.php
+20-36 b/‎plugins/PassboltCe/EmailNotificationSettings/src/Utility/EmailNotificationSettings.php
+20-36
@@ -2,6 +2,60 @@
 All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## [4.8.0] - 2024-05-21
+### Added
+- PB-33071 As an administrator I can purge the action logs table with a dedicated command
+- PB-33231 As an administrator I want to know if a custom certificate is in use for SMTP
+- PB-32579 As an administrator I can view email_queue records via passbolt command
+
+### Improved
+- PB-32888 As an admin I should not get a time-out on health checks on air-gapped network
+- PB-32983 Access email settings only when emails are sent
+
+### Fixed
+- PB-33451 Fix 500 error on authentication when nonce is not a string
+- PB-33073 As a user logging in, invalid login operation should not be logged as success in the audit logs
+- PB-33234 The application should not throw an error if the JWT public key is not parsable
+
+### Maintenance
+- PB-30314 Bump passbolt/passbolt-test-data to v4.8
+
+## [4.8.0-rc.1] - 2024-05-17
+### Added
+- PB-33071 As an administrator I can purge the action logs table with a dedicated command
+- PB-33231 As an administrator I want to know if a custom certificate is in use for SMTP
+- PB-32579 As an administrator I can view email_queue records via passbolt command
+
+### Improved
+- PB-32888 As an admin I should not get a time-out on health checks on air-gapped network
+- PB-32983 Access email settings only when emails are sent
+
+### Fixed
+- PB-33451 Fix 500 error on authentication when nonce is not a string
+- PB-33073 As a user logging in, invalid login operation should not be logged as success in the audit logs
+- PB-33234 The application should not throw an error if the JWT public key is not parsable
+
+### Maintenance
+- PB-30314 Bump passbolt/passbolt-test-data to v4.8
+
+## [4.8.0-test.1] - 2024-05-16
+### Added
+- PB-33071 As an administrator I can purge the action logs table with a dedicated command
+- PB-33231 As an administrator I want to know if a custom certificate is in use for SMTP
+- PB-32579 As an administrator I can view email_queue records via passbolt command
+
+### Improved
+- PB-32888 As an admin I should not get a time-out on health checks on air-gapped network
+- PB-32983 Access email settings only when emails are sent
+
+### Fixed
+- PB-33451 Fix 500 error on authentication when nonce is not a string
+- PB-33073 As a user logging in, invalid login operation should not be logged as success in the audit logs
+- PB-33234 The application should not throw an error if the JWT public key is not parsable
+
+### Maintenance
+- PB-30314 Bump passbolt/passbolt-test-data to v4.8
+
 ## [4.7.0] - 2024-04-30
 ### Added
 - PB-30330 Add HTTP HEAD method support to /healthcheck/status.json to support more uptime monitoring tools (GITHUB #507)
 
@@ -1,28 +1,42 @@
-Release song: https://youtu.be/3L4YrGaR8E4
+Release song: https://youtu.be/hbe3CQamF8k
 
-Passbolt Community Edition v4.7 is a maintenance release that resolves multiple issues identified by the community. Furthermore, this release supports the commitment to improving customization options and integration features, making it easier for organizations to tailor the system to their specific needs.
+Passbolt v4.8.0 is a maintenance release focusing on the migration of the browser extension to the latest MV3
+architecture and adding tools for administrators to help them manage their instance.
 
-A key enhancement in this release is the ability to use custom SSL certificates for SMTP server connections. This long-awaited feature is particularly beneficial for organizations operating in air-gapped environments or those using their own root CAs, enabling passbolt to more securely integrate with internal tools.
+This release marks the introduction of the first version of the MV3 extension for Chrome. The transition to MV3 has been
+in progress since last year, with changes rolled out progressively until now. The base code between MV2 and MV3 is
+nearly identical, and both extensions will continue to be maintained in parallel. A detailed blog post explaining our
+migration process will be coming soon.
 
-## [4.7.0] - 2024-04-30
+A new feature allowing administrators to purge audit logs from the command line was added. This will help reclaim database
+space for logs that are no longer relevant, improving the performance of long-running instances while keeping necessary
+logs for forensic and audit activities.
+
+A new command has also been added to help administrators debug issues with their SMTP server. Email functionality is
+crucial for Passbolt, and diagnosing connection problems is not always straightforward. This new command aims to simplify
+the process when connecting to a new SMTP server as well as understand errors that could occur on existing integration.
+
+As passbolt moves towards supporting more content types this year, significant work has been done to enhance performance
+across the entire stack, from the database to the API and the browser extension. This release includes some of these
+improvements, with more enhancements on the way in the next coming release v4.9.0.
+
+We hope these updates enhance your experience with Passbolt. Your feedback is always valuable to us.
+
+
+## [4.8.0] - 2024-05-21
 ### Added
-- PB-30330 Add HTTP HEAD method support to /healthcheck/status.json to support more uptime monitoring tools (GITHUB #507)
-- PB-26156 As an administrator I can configure SMTP to use TLS with a self-signed cert on my mail server (GITHUB #498)
+- PB-33071 As an administrator I can purge the action logs table with a dedicated command
+- PB-33231 As an administrator I want to know if a custom certificate is in use for SMTP
+- PB-32579 As an administrator I can view email_queue records via passbolt command
 
-### Security
-- PB-30255 As an authenticated user I cannot access to the healthcheck endpoint when debug is on
+### Improved
+- PB-32888 As an admin I should not get a time-out on health checks on air-gapped network
+- PB-32983 Access email settings only when emails are sent
 
 ### Fixed
-- PB-30379 As an authenticating user I should not get a 500 if the gpg_auth is not an array
-- PB-32889 As an administrator I should not get an exception when running core healthcheck and the host cannot be resolved
-- PB-32928 As user I should see the accurate URL in the email footer when passbolt runs on multiple instances
-- PB-32566 As a user setting up my account I should not get an unexpected 500
-- PB-32903 Fix deprecation error on password expiry settings validation
+- PB-33451 Fix 500 error on authentication when nonce is not a string
+- PB-33073 As a user logging in, invalid login operation should not be logged as success in the audit logs
+- PB-33234 The application should not throw an error if the JWT public key is not parsable
 
 ### Maintenance
-- PB-29983 Refactor health check code domain for better maintenance
-- PB-30394 Moves code in ActionLogsModelListener into a dedicated service
-- PB-32881 Disable by default all plugins in integration tests
-- PB-32978 Use dependency proxy to reduce docker pull limit
-- PB-22605 Refactor ShareSearchControllerTest, SecretViewControllerTest and GroupsDeleteControllerTest with fixture factories
-- PB-32594 Add tests for SecretCreateService
+- PB-30314 Bump passbolt/passbolt-test-data to v4.8
@@ -109,7 +109,7 @@
         "phpunit/phpunit": "~9.5.2",
         "cakephp/cakephp-codesniffer": "^4.5",
         "passbolt/passbolt-selenium-api": "^4.5",
-        "passbolt/passbolt-test-data": "^4.4",
+        "passbolt/passbolt-test-data": "^4.8",
         "vierge-noire/cakephp-fixture-factories": "^v2.9.3",
         "cakephp/localized": "4.0.0",
         "vimeo/psalm": "^5.0.0",
 
@@ -1,8 +1,8 @@
 <?php
 return [
     'passbolt' => [
-        'version' => '4.7.0',
-        'name' => 'Bulls On Parade',
+        'version' => '4.8.0',
+        'name' => 'Angel',
     ],
     'php' => [
         'minVersion' => '7.4',
 
@@ -24,7 +24,7 @@
     "jquery": "^3.5.1",
     "lockfile-lint": "^4.12.1",
     "openpgp": "5.2.1",
-    "passbolt-styleguide": "^4.7.0"
+    "passbolt-styleguide": "^4.8.0"
   },
   "scripts": {
     "lint": "npm run lint:lockfile",
 
@@ -55,7 +55,7 @@ protected function setDefaultTemplate(): void
 
             return [
                 'email' => $email,
-                'subject' => $faker->word(),
+                'subject' => $faker->sentence(3),
                 'config' => 'default',
                 'template' => 'test_email',
                 'layout' => 'default',
 
@@ -32,27 +32,13 @@ class EmailNotificationSettings
 {
     public const NAMESPACE = 'emailNotification';
 
-    /**
-     * The settings.
-     *
-     * @var array|null
-     */
-    private static $settings;
+    private static ?array $settings = null;
 
-    /**
-     * @var \Passbolt\EmailNotificationSettings\Utility\NotificationSettingsSource\ConfigEmailNotificationSettingsSource|null
-     */
-    private static $configSettingsSource = null;
+    private static ?ConfigEmailNotificationSettingsSource $configSettingsSource = null;
 
-    /**
-     * @var \Passbolt\EmailNotificationSettings\Utility\NotificationSettingsSource\DbEmailNotificationSettingsSource|null
-     */
-    private static $dbSettingsSource = null;
+    private static ?DbEmailNotificationSettingsSource $dbSettingsSource = null;
 
-    /**
-     * @var \Passbolt\EmailNotificationSettings\Utility\NotificationSettingsSource\DefaultEmailNotificationSettingsSource|null
-     */
-    private static $defaultSettingsSource = null;
+    private static ?DefaultEmailNotificationSettingsSource $defaultSettingsSource = null;
 
     /**
      * Flush the cache version of the settings.
@@ -74,7 +60,7 @@ public static function flushCache()
      * 2. configuration file
      * 3. the defaults in this function
      *
-     * @param string $key (optional) Key to lookup. If not provided, return all the settings.
+     * @param ?string $key (optional) Key to lookup. If not provided, return all the settings.
      * @return mixed
      */
     public static function get(?string $key = null)
@@ -100,21 +86,19 @@ public static function get(?string $key = null)
      *
      * @return array
      */
-    protected static function getSettings()
+    protected static function getSettings(): array
     {
         $settings = static::getSettingsFromConfig();
         $settings['sources'] = [
             'database' => false,
             'file' => static::isDefaultSettingsAreOverridden(),
         ];
 
-        if (static::getDbSettingsSource()->isAvailable()) {
-            try {
-                $dbSettings = static::getSettingsFromDb();
-                $settings['sources']['database'] = true;
-                $settings = array_replace_recursive($settings, $dbSettings);
-            } catch (RecordNotFoundException $exception) {
-            }
+        try {
+            $dbSettings = static::getSettingsFromDb();
+            $settings['sources']['database'] = true;
+            $settings = array_replace_recursive($settings, $dbSettings);
+        } catch (RecordNotFoundException $exception) {
         }
 
         return $settings;
@@ -125,7 +109,7 @@ protected static function getSettings()
      *
      * @return array
      */
-    protected static function getSettingsFromConfig()
+    protected static function getSettingsFromConfig(): array
     {
         return static::sanitizeSettings(static::getConfigSettingsSource()->read());
     }
@@ -151,7 +135,7 @@ protected static function sanitizeSettings(array $settings)
     /**
      * @return \Passbolt\EmailNotificationSettings\Utility\NotificationSettingsSource\ConfigEmailNotificationSettingsSource
      */
-    protected static function getConfigSettingsSource()
+    protected static function getConfigSettingsSource(): ConfigEmailNotificationSettingsSource
     {
         if (!isset(static::$configSettingsSource)) {
             static::$configSettingsSource = new ConfigEmailNotificationSettingsSource();
@@ -167,15 +151,15 @@ protected static function getConfigSettingsSource()
      * @throws \Cake\Datasource\Exception\RecordNotFoundException If a matching DB config doesn't exist
      * @throws \Cake\Http\Exception\InternalErrorException If the DB config is not valid json string
      */
-    protected static function getSettingsFromDb()
+    protected static function getSettingsFromDb(): array
     {
         return static::sanitizeSettings(static::getDbSettingsSource()->read());
     }
 
     /**
      * @return \Passbolt\EmailNotificationSettings\Utility\NotificationSettingsSource\DbEmailNotificationSettingsSource
      */
-    protected static function getDbSettingsSource()
+    protected static function getDbSettingsSource(): DbEmailNotificationSettingsSource
     {
         if (!isset(self::$dbSettingsSource)) {
             self::$dbSettingsSource = new DbEmailNotificationSettingsSource();
@@ -189,15 +173,15 @@ protected static function getDbSettingsSource()
      *
      * @return array
      */
-    protected static function getSettingsFromDefault()
+    protected static function getSettingsFromDefault(): array
     {
         return static::getDefaultSettingsSource()->read();
     }
 
     /**
      * @return \Passbolt\EmailNotificationSettings\Utility\NotificationSettingsSource\DefaultEmailNotificationSettingsSource
      */
-    protected static function getDefaultSettingsSource()
+    protected static function getDefaultSettingsSource(): DefaultEmailNotificationSettingsSource
     {
         if (!isset(static::$defaultSettingsSource)) {
             static::$defaultSettingsSource = DefaultEmailNotificationSettingsSource::fromCakeForm(
@@ -232,7 +216,7 @@ protected static function isDefaultSettingsAreOverridden(): bool
      * @param bool $force Force saving even if the key is invalid/not yet registered (useful for testing purposes)
      * @return void
      */
-    public static function save(array $configs, UserAccessControl $accessControl, bool $force = false)
+    public static function save(array $configs, UserAccessControl $accessControl, bool $force = false): void
     {
         // strip all non notification keys
         if ($force === false) {
@@ -253,7 +237,7 @@ public static function save(array $configs, UserAccessControl $accessControl, bo
      * @param string $key The key to check.
      * @return bool
      */
-    public static function isConfigKeyValid(string $key)
+    public static function isConfigKeyValid(string $key): bool
     {
         return Hash::check(static::getSettingsFromDefault(), static::underscoreToDottedFormat($key));
     }
@@ -264,7 +248,7 @@ public static function isConfigKeyValid(string $key)
      * @param string $key Key to normalize
      * @return string
      */
-    public static function underscoreToDottedFormat(string $key)
+    public static function underscoreToDottedFormat(string $key): string
     {
         return str_replace('_', '.', $key);
     }