passbolt-browser-extension 5.1.0 → 5.2.0-rc.0

package/CHANGELOG.md

@@ -4,6 +4,83 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [Unreleased]
 
+## [5.2.0] - 2025-06-04
+
+### Added
+- PB-42936 Translate the application into Ukrainian
+- PB-42897 Upgrade resource to v5 from information panel
+- PB-42896 PB-42896 Display an “Upgrade Resource to v5” card in the information panel
+- PB-42895 Upgrade v4 password string resources to v5 default
+- PB-42894 Upgrade a single v4 resource to v5
+- PB-42860 Translate the application into Slovenian
+- PB-42796 Add a limit for multiple URIs
+- PB-42788 As a user I can access the resource appearance customization from the create/edit
+- PB-42704 Display missing metadata keys information in the user sidebar
+- PB-42658 Refresh the users local storage after sharing missing metadata keys
+- PB-42598 Retrieve missing_metadata_keys_ids information when retrieving signed-in user details with the getOrFindMe method of the UserModel
+- PB-42590 Write the background color and icon ID into KDBX files
+- PB-42589 Read the background color and icon ID from KDBX files
+- PB-42588 Adapt the ResourceIcon component to handle IconEntity
+- PB-42587 Add the AddResourceAppearance form part for the resource dialog
+- PB-42586 Add the ‘appearance’ metadata field in the resource dialog
+- PB-42585 Add IconEntity as an associated entity in MetadataEntity
+- PB-42584 Create IconEntity to hold custom icon and color information
+- PB-42570 Create a method canSuggestUris using canSuggestUri
+- PB-42543 Allow users to navigate to the additional URIs from the SelectResourceForm
+- PB-42536 Allow user to add additional URIs from the Create and Edit Resource v5 dialogs
+- PB-42534 Display resource additional URIs badge in the filtered resource of the QuickApplication
+- PB-42533 Display resource additional URIs badge in the suggested resource of the QuickApplication
+- PB-42530 Display resource additional URIs in the details of a resource of the QuickApplication
+- PB-42529 Display resource additional URIs badge in the browsed resource of the QuickApplication
+- PB-42528 Display resource additional URIs badge in the resource details sidebar
+- PB-42527 Display resource additional URIs badge in the resources grid
+- PB-42526 Create the ResourceUrisBadge component to handle resource additional URIs badge and the tooltip displaying them
+- PB-42130 Add shareMetadataKeyPrivate event to AppEvents
+- PB-42129 Create ShareMetadataKeyPrivateController and use ShareMetadataKeyPrivateService to perform the action
+- PB-42127 Create ShareMetadataKeyPrivateService and implement shareMissing method
+- PB-42114 Add create or share method to metadata private key api service
+- PB-42368 Update EncryptOne method from EncryptMetadataPrivateKeysService to allow encryption without signature
+- PB-42134 Update DisplayUsersContextualMenu to display a Share metadata keys action if key is missing
+- PB-42133 Update DisplayUserWorkspaceActions to display a Share metadata keys action if key is missing
+- PB-42132 Implement Dialog confirmation when administrator wants to share keys with an user
+- PB-42131 Add share method into metadataKeysServiceWorkerService to perform the UI action
+- PB-42126 Add cloneForSharing method into MetadataPrivateKeyEntity
+- PB-42124 Create ShareMetadataPrivateKeysCollection
+- PB-42110 Update userModel updateLocalStorage method to include missing_metadata_keys_ids option
+- PB-42109 Add missing_metadata_keys_ids property to UserEntity
+- PB-41617 Add comfortable grid
+- PB-39042 Display upgrade resource to v5 card
+
+### Improved
+- PB-42883 Improve performance by skipping the decryption of unchanged metadata.
+- PB-41654 Transform workspaces shifter into a dropdown
+- PB-42184 Increase the share dialog width to accommodate longer strings from translations or user names
+
+### Fixed
+- PB-43008 Fix dragging v5 resources into shared folders should trigger the share strategy on the resource
+- PB-42985 Translate the button manage account in the profile dropdown
+- PB-42789 Fix userAvatar on userInformationPanel with attention required svg
+- PB-42702 Fix contains missing_metadata_keys_ids miss match
+- PB-42606 Fix the Quick App Login form CTA spinner should not be displayed over the text of the button
+- PB-42272 Fix display v5 resource metadata in the grid when filtering by group
+- PB-42077 Update navigation menu icon width
+- PB-41649 Re-align components in the left sidebar
+- PB-41643 Remove TOTP MFA (profile workspace) border around the QR code and card
+- PB-41642 Update Turn off MFA primary button to be red
+
+### Maintenance
+- PB-43012 Change authentication_token parameter to token for get the user key policies endpoint
+- PB-42790 Replace legacy Icon by SVG
+- PB-42572 Update Quickaccess HomePage to use the canSuggestUris
+- PB-42571 Update isSuggestion in resource entity to use canSuggestUris
+- PB-42569 Create and merge canSuggestUri into a service
+- PB-42978 Check object_type is defined and valid before metadata encryption
+
+### Security
+- PB-42700 Upgrade vulnerable library undici and lockfile-lint-api
+- PB-42391 Update Papaparse library
+
+
 ## [5.1.0] - 2025-05-12
 
 ### Added
@@ -2152,8 +2229,9 @@ self registration settings option in the left-side bar
 - AP: User with plugin installed
 - LU: Logged in user
 
-## [4.12.0] - 2024-03-10
-[Unreleased]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.1.0...HEAD
+[Unreleased]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.2.0...HEAD
+[5.2.0]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.1.1...v5.2.0
+[5.1.1]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.1.0...v5.1.1
 [5.1.0]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.0.1...v5.1.0
 [5.0.1]: https://github.com/passbolt/passbolt_browser_extension/compare/v5.0.0...v5.0.1
 [5.0.0]: https://github.com/passbolt/passbolt_browser_extension/compare/v4.12.0...v5.0.0

package/RELEASE_NOTES.md

@@ -1,84 +1,80 @@
-Song: https://www.youtube.com/watch?v=d9WHUTKMD8k
+Song: https://youtu.be/ZA2JknKrCbM?si=H-rta-dE_IVIqm45
 
-The 5.1 release adds support for encrypted resource metadata features as an opt-in feature. Early adopters can turn it on, test real-world workflows and feed back improvements, while more cautious teams, or teams with a lot of custom integrations, can wait until they are ready.
+Passbolt v5.2.0 is now available as a release candidate. This version introduces the long-awaited metadata properties for v5 resources (beta): users can set a custom icon for a resource and associate multiple URIs with it. The release also ships with numerous bug fixes. For full details, please see the changelog.
 
-This is a major milestone for the product, further extending Passbolt’s security model to improve confidentiality for the contextual information surrounding credentials. This means that metadata such as names, login URLs, and similar fields are now also cryptographically protected. As is customary for high-risk security features, this implementation has been audited by security researchers from Cure53 with a public report publication coming soon.
-
-To ensure a smooth and cautious rollout, the feature is released in beta with v5.1 and is scheduled for stable release in v5.2. If you want to know more about how to enable it and start testing, a blog article published shortly, will provide a step-by-step guidance on how to activate the feature and a deeper dive into what’s changed.
-
-Additionally, the password expiry feature is now enabled by default for new installations. This capability is considered a security best practice, helping organizations enforce rotation policies and mitigate risks associated with long-lived shared credentials. For existing instances, administrators can enable this feature manually from the administration workspace. To learn more, check out the blog article: [Passbolt’s New Automation of Shared Passwords Expiry](https://www.passbolt.com/blog/passbolts-new-automation-of-shared-passwords-expiry).
-
-As usual, this release also includes a few bug fixes and performance improvements, like a faster folder tree that handles 5,000+ folders for the ones that are running a tight ship.
-
-As always, thank you to our community for your feedback, contributions, and bug reports. A special thanks to the CakePHP maintainers for the fast post v5 upgrade support!
+As always, we warmly invite the community to test these new features before the production release, and we thank everyone for their valuable feedback and bug reports.
 
 ### Added
-- PB-41340 Add dedicated input to fix autofill on specific website
-- PB-41734 SPKD-1.1 Rename metadata private key getter/setter dataSignedByCurrentUser & ensure constructor pass options to its parent class to ensure validation can be disabled
-- PB-41735 SPKD-1.2 Verify the metadata public key entity fingerprint is equal to the  armored key fingerprint in FindMetadataKeysService findAll
-- PB-41737 SPKD-1.3 Verify metadata private  key data entity fingerprint with armored key fingerprint in DecryptMetadataPrivateKeysService decryptOne
-- PB-41738 SPKD-1.4 Assert metadata keys collection fingerprints public/private integrity in DecryptMetadataPrivateKeysService decryptAllFromMetadataKeysCollection
-- PB-41739 SPKD-1.5 Adapt DecryptMessageService.decrypt to return the raw OpenPGP decryption result, including signatures, without throwing an error when signature verification fails
-- PB-41740 SPKD-1.7 Implement findVerifiedSignatureForGpgKey in src/all/background_page/service/crypto/findSignatures utils to retrieve a signature for a given OpenPGP key
-- PB-41741 SPKD-1.8 Check current user signature when decrypting Metadata Private Key Data
-- PB-41742 SPKD-1.6 Implement ExternalGpgSignatureEntity to carry OpenPGP signature data
-- PB-41743 SPKD-1.9 Implement MetadataTrustedKeyEntity to carry the information relative to a trusted metadata key
-- PB-41744 SPKD-1.10 Implement TrustedMetadataKeyLocalStorage to support the persistence of the trusted metadata key
-- PB-41746 SPKD-2.1 Implement bext ConfirmMetadataKeyContentCodeService to request user to confirm trusted metadata keys changes
-- PB-41747 SPKD-2.2 Implement confirm metadata key event handler and dialog on the web application
-- PB-41748 SPKD-2.3 Implement confirm metadata key event handler and dialog on the quick application
-- PB-41749 SPKD-2.4 Implement GetMetadataTrustedKeyService get to retrieve the trusted metadata key from the local storage
-- PB-41753 SPKD-2.8 Implement VerifyOrTrustMetadataKeyService verifyTrustedOrTrustNewMetadataKey to verify that the current active metadata key is trusted or request the user to trust it
-- PB-41750 SPKD-2.5 Implement MetadataPrivateKeyApiService update to update a trusted metadata key on the API
-- PB-41751 SPKD-2.6 Implement UpdateMetadataKeyPrivateService update function to update a trusted metadata key
-- PB-41752 SPKD-2.7 Implement TrustMetadataKeyService trust to trust a new metadata key
-- PB-41847 SPKD-2.18 Add creator field to metadataKeyEntity test data
-- PB-41916 SPKD-2.19 Flush Metadata Keys Settings storage when a user is signed-out
-- PB-41918 SPKD-2.20 Adapt EncryptMessageService.encrypt so that it can sign a message with a specified date
-- PB-41919 SPKD-2.21 Adapt EncryptMetadataPrivateKeysService.encryptOne so that it can sign a message with a specified date
-- PB-41958 SPKD-2.10 Verify and trust metadata key prior to encrypt metadata
-- PB-41961 SPKD-2.21 Add in diagram TrustMetadataKeyService
-- PB-41962 SPKD-2.22 Add unit test and in the diagram for VerifyOrTrustMetadataKeyService
+- PB-42936 Translate the application into Ukrainian
+- PB-42897 Upgrade resource to v5 from information panel
+- PB-42896 PB-42896 Display an “Upgrade Resource to v5” card in the information panel
+- PB-42895 Upgrade v4 password string resources to v5 default
+- PB-42894 Upgrade a single v4 resource to v5
+- PB-42860 Translate the application into Slovenian
+- PB-42796 Add a limit for multiple URIs
+- PB-42788 As a user I can access the resource appearance customization from the create/edit
+- PB-42704 Display missing metadata keys information in the user sidebar
+- PB-42658 Refresh the users local storage after sharing missing metadata keys
+- PB-42598 Retrieve missing_metadata_keys_ids information when retrieving signed-in user details with the getOrFindMe method of the UserModel
+- PB-42590 Write the background color and icon ID into KDBX files
+- PB-42589 Read the background color and icon ID from KDBX files
+- PB-42588 Adapt the ResourceIcon component to handle IconEntity
+- PB-42587 Add the AddResourceAppearance form part for the resource dialog
+- PB-42586 Add the ‘appearance’ metadata field in the resource dialog
+- PB-42585 Add IconEntity as an associated entity in MetadataEntity
+- PB-42584 Create IconEntity to hold custom icon and color information
+- PB-42570 Create a method canSuggestUris using canSuggestUri
+- PB-42543 Allow users to navigate to the additional URIs from the SelectResourceForm
+- PB-42536 Allow user to add additional URIs from the Create and Edit Resource v5 dialogs
+- PB-42534 Display resource additional URIs badge in the filtered resource of the QuickApplication
+- PB-42533 Display resource additional URIs badge in the suggested resource of the QuickApplication
+- PB-42530 Display resource additional URIs in the details of a resource of the QuickApplication
+- PB-42529 Display resource additional URIs badge in the browsed resource of the QuickApplication
+- PB-42528 Display resource additional URIs badge in the resource details sidebar
+- PB-42527 Display resource additional URIs badge in the resources grid
+- PB-42526 Create the ResourceUrisBadge component to handle resource additional URIs badge and the tooltip displaying them
+- PB-42130 Add shareMetadataKeyPrivate event to AppEvents
+- PB-42129 Create ShareMetadataKeyPrivateController and use ShareMetadataKeyPrivateService to perform the action
+- PB-42127 Create ShareMetadataKeyPrivateService and implement shareMissing method
+- PB-42114 Add create or share method to metadata private key api service
+- PB-42368 Update EncryptOne method from EncryptMetadataPrivateKeysService to allow encryption without signature
+- PB-42134 Update DisplayUsersContextualMenu to display a Share metadata keys action if key is missing
+- PB-42133 Update DisplayUserWorkspaceActions to display a Share metadata keys action if key is missing
+- PB-42132 Implement Dialog confirmation when administrator wants to share keys with an user
+- PB-42131 Add share method into metadataKeysServiceWorkerService to perform the UI action
+- PB-42126 Add cloneForSharing method into MetadataPrivateKeyEntity
+- PB-42124 Create ShareMetadataPrivateKeysCollection
+- PB-42110 Update userModel updateLocalStorage method to include missing_metadata_keys_ids option
+- PB-42109 Add missing_metadata_keys_ids property to UserEntity
+- PB-41617 Add comfortable grid
+- PB-39042 Display upgrade resource to v5 card
+
+### Improved
+- PB-42883 Improve performance by skipping the decryption of unchanged metadata.
+- PB-41654 Transform workspaces shifter into a dropdown
+- PB-42184 Increase the share dialog width to accommodate longer strings from translations or user names
 
 ### Fixed
-- PB-35383 refresh folders list after delete parent folder and keep items inside
-- PB-39607 metadata migration should encrypt metadata with user's key when encrypting a personal resource
-- PB-40181 The session keys cache items are missing modified field
-- PB-41296 on a fresh install + first login after setup (firefox + debian) going to the user workspace crashes as roles are not defined
-- PB-41304 import password errors (UAT required & fix)
-- PB-41305 clicking on folder parent in location of a resource in the right sidebar just close the panel
-- PB-41407 account recovery in user profile can crash when clicking on review
-- PB-41638 Hide administration workspace shifter on desktop app
-- PB-41716 Permalink when paste in url and local storage is not loaded yet
-- PB-41753 safer key public distribution confirmation in quickaccess
-- PB-41776 password input with show icon can display a broken UI
-- PB-41841 user workspace displays a blank screen when accessing a user's URL directly from the browser
-- PB-41846 Other type resource dialog TOTP does not open a TOTP but a password + totp
-- PB-42030 'where to find my account kit' does no open the browser for help
-- PB-42033 design of security token in input field could be broken with some characters
-- PB-42046 set empty translations with their default string
-- PB-42105 import of resources process always uses shared metadata key instead of personal key
-- PB-42106 throw an error while decrypting resource metadata if the decrypted metadata object type is not valid
-- PB-41378 UI minor bug: multiple resource select, right sidebar cropped
-- PB-41435 Display the folder context menu above the “More” button
-- PB-41551 Show a disabled style when dragging an item over an invalid drop target
-- PB-41550 Refresh the folder tree after the folder‑hierarchy cache updates (order issue)
-- PB-41627 UI bug: Note formatting in the right sidebar
-- PB-41759 Browser extension should enforce object_type on metadata of resource creation / edition
+- PB-43008 Fix dragging v5 resources into shared folders should trigger the share strategy on the resource
+- PB-42985 Translate the button manage account in the profile dropdown
+- PB-42789 Fix userAvatar on userInformationPanel with attention required svg
+- PB-42702 Fix contains missing_metadata_keys_ids miss match
+- PB-42606 Fix the Quick App Login form CTA spinner should not be displayed over the text of the button
+- PB-42272 Fix display v5 resource metadata in the grid when filtering by group
+- PB-42077 Update navigation menu icon width
+- PB-41649 Re-align components in the left sidebar
+- PB-41643 Remove TOTP MFA (profile workspace) border around the QR code and card
+- PB-41642 Update Turn off MFA primary button to be red
 
 ### Maintenance
-- PB-38199 Update administration page Role-Based Access Control save behavior
-- PB-41346 Remove mfa settings screens from API
-- PB-41366 ECC-1.1 Update browser extension outdated OpenPGP.js to version 6
-- PB-41384 Upgrade vulnerable lib on bext 'image-size'
-- PB-41385 2.1 Display react list for folder tree
-- PB-41386 2.2 Folders updated should be refreshed in the folder tree
-- PB-41387 2.3 Navigate to a folder form route should scroll the folder tree to see the selected folder
-- PB-41388 2.4 Update the padding according to the depth of the folder
-- PB-41414 WP4-14.2 Migrate import account kit screen
-- PB-41646 UI adjustment: All tables should have a 0.8rem gap
-- PB-41648 UI adjustment: Name column size in grid should be large by default
-- PB-41647 UI adjustment: All dialog & setting primary should have a regular font weight
-- PB-41653 UI adjustment: Grid select column, padding left & right 1.6rem
-- PB-41709 Add activity diagram to verify metadata keys
-- PB-41720 Add licence on SVG in the folder svg on the styleguide
+- PB-43012 Change authentication_token parameter to token for get the user key policies endpoint
+- PB-42790 Replace legacy Icon by SVG
+- PB-42572 Update Quickaccess HomePage to use the canSuggestUris
+- PB-42571 Update isSuggestion in resource entity to use canSuggestUris
+- PB-42569 Create and merge canSuggestUri into a service
+- PB-42978 Check object_type is defined and valid before metadata encryption
+
+### Security
+- PB-42700 Upgrade vulnerable library undici and lockfile-lint-api
+- PB-42391 Update Papaparse library
+

package/crowdin.yml

@@ -17,5 +17,7 @@ export_languages:
   - pt-BR
   - ro
   - ru
+  - sl
   - sv
+  - uk
 commit_message: '[skip-ci]'

package/doc/browser-extension-class-diagram.md

@@ -210,6 +210,11 @@ classDiagram
             +exec() Promise~void~
         }
 
+        class ShareMetadataKeyPrivateController {
+            event "passbolt.metadata.share-missing-metadata-private-keys-with-user"
+            +exec(uuid userId) Promise~void~
+        }
+
     %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
     %% Metadata services
     %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -288,6 +293,10 @@ classDiagram
             +getOrFindAll() Promise~MetadataKeysCollection~
         }
 
+        class ShareMetadataKeyPrivateService {
+            +shareMissing(uuid userId, string passphrase) Promise~void~
+        }
+
     %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
     %% Metadata Settings services
     %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -323,6 +332,7 @@ classDiagram
 
         class MetadataPrivateKeyApiService {
             +update(MetadataPrivateKeyEntity metadataPrivateKey) Promise~string~
+            +create(ShareMetadataPrivateKeysCollection metadataPrivateKeysCollection) Promise~void~
         }
 
         class MetadataKeysSettingsLocalStorage {
@@ -529,7 +539,7 @@ classDiagram
             -string props.expires
             -string props.created
             -string props.algorithm
-            -number props.length
+            -integer props.length
             -string props.curve
             -boolean props.private
             -boolean props.revoked
@@ -541,7 +551,7 @@ classDiagram
             +get isValid() boolean
             +get created() string
             +get algorithm() string
-            +get length() number
+            +get length() integer
             +get curve() string
             +get revoked() boolean
             +get private() boolean
@@ -562,28 +572,6 @@ classDiagram
             +get created() string
         }
 
-        class GpgkeyEntity {
-            -uuid props.id
-            -uuid props.user_id
-            -string props.fingerprint
-            -string props.armored_key
-            -boolean props.deleted
-            -string props.type
-            -string props.uid
-            -integer props.bits
-            -string props.key_created
-            -string props.expires
-            -string props.created
-            -string props.modified
-            +get id() string
-            +get userId() string
-            +get armoredKey() string
-            +get fingerprint() boolean
-            +get created() string
-            +get modified() string
-            +get isDeleted() boolean
-        }
-
         class GroupsUsersCollection {
             +getById(string id) GroupUserEntity
             +getGroupUserByUserId(string userId) GroupUserEntity
@@ -665,6 +653,12 @@ classDiagram
             +hasEncryptedPrivateKeys() boolean
         }
 
+        class ShareMetadataPrivateKeysCollection {
+            +validateBuildRules(item, options): void
+            +hasDecryptedPrivateKeys(): boolean
+            +hasEncryptedPrivateKeys(): boolean
+        }
+
         class MetadataTrustedKeyEntity {
             -string props.fingerprint
             -string props.signed
@@ -751,7 +745,7 @@ classDiagram
             -string props.created_by
             -string props.modified
             -string props.modified_by
-            -MetadataEntity _metadata
+            -ResourceMetadataEntity _metadata
             -FavoriteEntity _favorite
             -PermissionEntity _permission
             -PermissionsCollection _permissions
@@ -760,8 +754,8 @@ classDiagram
             -TagsCollection _tags
             -UserEntity _creator
             -UserEntity _modifier
-            +get metadata() string|MetadataEntity
-            +set metadata(string|MetadataEntity metadata)
+            +get metadata() string|ResourceMetadataEntity
+            +set metadata(string|ResourceMetadataEntity metadata)
             +isMetadataDecrypted() boolean
             +isMetadataKeyTypeUserKey() boolean
         }
@@ -867,6 +861,7 @@ classDiagram
             -string props.last_logged_in
             -boolean props.is_mfa_enabled
             -string props.locale
+            -array~uuid~ missing_metadata_key_ids
             -RoleEntity _role
             -ProfileEntity _profile
             -GpgkeyEntity _gpgkey
@@ -888,12 +883,44 @@ classDiagram
             +get groupsUsers() GroupsUsersCollection
             +get accountRecoveryUserSetting() AccountRecoveryUserSettingEntity
             +get pendingAccountRecoveryUserRequest() AccountRecoveryRequestEntity
+            +get missingMetadataKeysIds() array~uuid~
             +set locale(string locale)
         }
 
         class UsersCollection {
         }
 
+        class ResourceMetadataEntity {
+
+            -string props.object_type
+            -string props.resource_type_id
+            -string props.name
+            -string props.username
+            -array props.uris
+            -string props.description
+            -IconEntity _icon
+
+            +get objectType() string|null
+            +get name() string
+            +get username() string
+            +get description() string|null
+            +get resourceTypeId() string
+            +get uris() Array;
+            +get icon() IconEntity|null
+            +get METADATA_OBJECT_TYPE()$ string
+            +get URI_MAX_LENGTH()$ number
+        }
+
+        class IconEntity {
+            -string props.type
+            -intger props.value
+            -string props.background_color
+
+            +get type string|null
+            +get value integer|null
+            +get backgroundColor string|null
+        }
+
         class MigrateMetadataEntity {
             -boolean migrate_resources_to_v5
             -boolean migrate_folders_to_v5
@@ -931,6 +958,99 @@ classDiagram
         }
     }
 
+    namespace GpgKeyNs {
+    %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+    %% GpgKey controllers
+    %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+        class GenerateSetupKeyPairController {
+            +exec(object generateGpgKeyDto) Promise
+        }
+
+        class AccountRecoveryGenerateOrganizationKeyController {
+            +exec(generateGpgKeyPairOptionsDto object) Promise~ExternalGpgKeyPairEntity~
+        }
+
+    %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+    %% GpgKey services
+    %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+        class FindUserKeyPoliciesSettingsService {
+            +findSettingsAsGuest(userId string, authenticationToken string) Promise~UserKeyPoliciesSettingsEntity~
+        }
+
+    %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+    %% GpgKey models
+    %% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+        class UserKeyPoliciesSettingsApiService {
+            +findSettingsAsGuest(userId string, authenticationToken string) Promise~object~
+        }
+
+        class UserKeyPoliciesSettingsEntity {
+            -string props.preferred_key_type
+            -string props.source
+
+            +get preferredKeyType() string
+            +get source() string|null
+
+            +createFromDefault(data: object)$ UserKeyPoliciesSettingsEntity
+        }
+
+        class GenerateGpgKeyPairOptionsEntity {
+            -string props.preferred_key_type
+            -string props.source
+            -string props.name
+            -string props.email
+            -string props.passphrase
+            -string props.type
+            -integer props.keySize
+            -string props.curve
+            -integer props.date
+
+            +toGenerateOpenpgpKeyDto() object
+            +get userId() string
+            +get name() string
+            +get email() string
+            +get type() string
+            +get passphrase() string
+            +get curve() string|null
+            +get rsaBits() integer|null
+            +get date() Date
+            +createForUserKeyGeneration(apiGpgKeyType string, generateGpgKeyPairDto object)$ GenerateGpgKeyPairOptionsEntity
+            +createForOrkKeyGeneration(generateGpgKeyPairDto object)$ GenerateGpgKeyPairOptionsEntity
+            +get ENTITY_NAME() string
+            +get DEFAULT_RSA_KEY_SIZE() integer
+            +get DEFAULT_KEY_TYPE() string
+            +get DEFAULT_ECC_KEY_CURVE() string
+            +get KEY_TYPE_RSA() string
+            +get KEY_TYPE_ECC() string
+            +get KEY_CURVE_ED25519() string
+        }
+
+        class GpgkeyEntity {
+            -uuid props.id
+            -uuid props.user_id
+            -string props.fingerprint
+            -string props.armored_key
+            -boolean props.deleted
+            -string props.type
+            -string props.uid
+            -integer props.bits
+            -string props.key_created
+            -string props.expires
+            -string props.created
+            -string props.modified
+            +get id() string
+            +get userId() string
+            +get armoredKey() string
+            +get fingerprint() boolean
+            +get created() string
+            +get modified() string
+            +get isDeleted() boolean
+        }
+    }
+
 %% Resource controllers relationships
     CreateResourceController*--CreateResourceService
 %%    CreateResourceController*--GetPassphraseService
@@ -982,12 +1102,15 @@ classDiagram
     GetOrFindMetadataTypesSettingsController*--GetOrFindMetadataSettingsService
     SaveMetadataKeysSettingsController*--SaveMetadataSettingsService
     SaveMetadataTypesSettingsController*--SaveMetadataSettingsService
+    ShareMetadataKeyPrivateController*--GetPassphraseService
+    ShareMetadataKeyPrivateController*--VerifyOrTrustMetadataKeyService
     style CreateMetadataKeyController fill:#D2E0FB
     style FindAllNonDeletedMetadataKeysController fill:#D2E0FB
     style GenerateMetadataPrivateKeyController fill:#D2E0FB
     style GetOrFindMetadataTypesSettingsController fill:#D2E0FB
     style SaveMetadataKeysSettingsController fill:#D2E0FB
     style SaveMetadataTypesSettingsController fill:#D2E0FB
+	ShareMetadataKeyPrivateController*--ShareMetadataKeyPrivateService
 %% Metadata services relationships.
     CreateMetadataKeyService*--EncryptMetadataPrivateKeysService
     CreateMetadataKeyService*--FindUsersService
@@ -997,6 +1120,9 @@ classDiagram
     MigrateMetadataResourcesService*--MigrateMetadataResourcesApiService
     MigrateMetadataResourcesService*--EncryptMetadataService
     MigrateMetadataResourcesService*--ResourceTypeModel
+    ShareMetadataKeyPrivateService*--MetadataPrivateKeyApiService
+    ShareMetadataKeyPrivateService*--GetOrFindMetadataKeysService
+    ShareMetadataKeyPrivateService*--EncryptMetadataPrivateKeysService
 %%    DecryptMetadataPrivateKeysService*--PassphraseStorageService
     DecryptMetadataService*--GetOrFindMetadataKeysService
     DecryptMetadataService*--GetOrFindSessionKeysService
@@ -1095,4 +1221,13 @@ classDiagram
     ShareResourceService*--ShareService
 %% Share models relationships.
     style ShareService fill:#DEE5D4
+
+%% GpgKey controllers relationships
+    GenerateSetupKeyPairController*--FindUserKeyPoliciesSettingsService
+    GenerateSetupKeyPairController*--GenerateGpgKeyPairService
+    GenerateSetupKeyPairController*--GenerateGpgKeyPairOptionsEntity
+    AccountRecoveryGenerateOrganizationKeyController*--GenerateGpgKeyPairService
+    AccountRecoveryGenerateOrganizationKeyController*--GenerateGpgKeyPairOptionsEntity
+%% GpgKey services relationships
+    FindUserKeyPoliciesSettingsService*--UserKeyPoliciesSettingsApiService
 ```

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "passbolt-browser-extension",
-  "version": "5.1.0",
+  "version": "5.2.0-rc.0",
   "license": "AGPL-3.0",
   "copyright": "Copyright 2025 Passbolt SA",
   "description": "Passbolt web extension for the open source password manager for teams",
@@ -20,9 +20,9 @@
     "jssha": "~3.3.1",
     "kdbxweb": "2.1.1",
     "locutus": "~2.0.9",
-    "openpgp": "6.1",
-    "papaparse": "^5.2.0",
-    "passbolt-styleguide": "^5.1.2",
+    "openpgp": "^6.1.1",
+    "papaparse": "^5.5.2",
+    "passbolt-styleguide": "^5.2.1",
     "react": "17.0.2",
     "react-dom": "17.0.2",
     "secrets-passbolt": "github:passbolt/secrets.js#v2.0.1",
@@ -62,7 +62,7 @@
     "jest-fetch-mock": "^3.0.3",
     "jest-junit": "^16.0.0",
     "jest-webextension-mock": "^3.8.9",
-    "lockfile-lint": "^4.14.0",
+    "lockfile-lint": "^4.14.1",
     "text-encoding-utf-8": "^1.0.2",
     "uuid": "^8.3.2",
     "web-ext": "^8.0.0",
@@ -70,7 +70,12 @@
     "webpack-cli": "^5.1.4"
   },
   "overrides": {
-    "image-size": "^2.0.2"
+    "image-size": "^2.0.2",
+    "i18next-parser": {
+      "cheerio": {
+        "undici": "6.21.2"
+      }
+    }
   },
   "scripts": {
     "build": "npx grunt build",

package/src/all/_locales/sl/messages.json

@@ -0,0 +1,10 @@
+{
+  "appName": {
+    "message": "Passbolt - upravljalnik gesel z odprto kodo",
+    "description": "The application name of the extension, displayed in the web store. 45 characters max."
+  },
+  "appDescription": {
+    "message": "Razširitev Passbolt za upravljalnik gesel z odprto kodo za ekipe.",
+    "description": "The description of the extension, displayed in the web store. 85 characters max."
+  }
+}

package/src/all/_locales/uk/messages.json

@@ -0,0 +1,10 @@
+{
+  "appName": {
+    "message": "Passbolt — менеджер паролів з відкритим кодом",
+    "description": "The application name of the extension, displayed in the web store. 45 characters max."
+  },
+  "appDescription": {
+    "message": "Розширення Passbolt, менеджера паролів з відкритим кодом для команд.",
+    "description": "The description of the extension, displayed in the web store. 85 characters max."
+  }
+}