Release #1741
Merged
Release #1741
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Allow the admin UID to be set in the rule. Both auto added rules and prompted item will have this admin automatically assigned to the record.
- Fix audit_event_type filter: use conditional inclusion instead of None - Fix order parameter: use 'ascending'/'descending' instead of 'asc'/'desc' - Fix timestamp parsing: use from_ts() for numeric API timestamps - Fix --no-cache: move DB deletion to end of command execution - Add module-level SQLite connection cache to prevent Windows file locks - Filter out empty record_uid values to prevent NOT NULL constraint errors 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Use protobuf to to configure resouces instead of GraphSync.
During the login flow, the API can respond with ACCOUNT_RECOVERY status, where the Master Password must be reset during the flow. Currently, this can only be done with manual CLI input. This commit adds support for a `new_password_if_reset_required` parameter in the `LoginV3Flow.login` method, which will automatically set the new Master Password that this string if the API returns the ACCOUNT_RECOVERY response. Replication steps: - Create an active user with `create-user` command - Attempt to log into this user's vault using the keepercommander SDK. ``` user_params = KeeperParams() user_params.user = 'user@email.com' user_params.password = 'password' api.login(user_params) ``` An unskippable prompt to reset the password appears, which can only be avoided by modifying the native login flow.
Current error message is an opaque unexpected error. Updated it to be a CommandError which clarifies what argument is missing/invalid
* Add SuperShell - full-screen Matrix-style TUI for vault navigation
Dependencies:
- Adds textual>=0.82.0 for TUI framework
- Gracefully skips registration if textual not installed
Implements a new 'supershell' command that provides an interactive terminal UI:
- Full-screen split view: folders on left (50%), record details on right (50%)
- Vim-style keyboard navigation (j/k/h/l, CTRL+d/u/f/b for paging)
- Live search with / key - filters as you type with smart partial matching
- Color-coded display: cyan folders, blue shared folders, yellow records
- View toggle between detail and JSON format (t key)
- Quick copy operations: password (c), username (u), URL (w), UID (i), record (y)
- Auto-expand folders when search results < 100
- Handles all Keeper record types including PAM resources
- Pre-login authentication flow with SSO/2FA support
SuperShell enhancements:
- Add hover state and click-to-copy for detail panel values
- Password copy now uses ClipboardCommand (generates audit event)
- Mask passwords in JSON view with ************
- Copy record (y) includes audit event when password present
- Disable debug mode while SuperShell is running
- Fix escape key not closing help modal
- Add Title: label to record detail view
- Fix Type field showing empty (was hardcoded to '')
- Add Owner indicator to User Permissions section
- Add indentation to permissions sections for readability
- Truncate Share Admins to first 10 with count of remaining
- Add paste support (Cmd+V/Ctrl+V) in search field
- Add Record UID and Folder UID to searchable fields
- Click on search bar to activate search mode
- Add Ctrl+Y/Ctrl+E for vim-style viewport scrolling
- Restore JSON view hover+click with syntax highlighting
- Show shared folder indicator (👥) after folder names
- Add blank line separators between users in User Permissions
- Display linked records (addressRef) under parent record
- Show file attachments as bullets instead of numbers
- Hide tree expand/collapse icons for cleaner record alignment
- Remove dead code (_render_json_clickable method)
- Fix duplicate Email Configuration Commands in command categories
- SuperShell: consolidated sync, startup animation, TOTP countdown
- Consolidated download & refresh into single d command (removed r)
- Added animated spinner during startup sequence (login, sync, TUI init)
- Performance: cached record output, batch widget mounting
- Fixed Notes field to display as proper section with content
- Added live TOTP countdown that auto-refreshes every second
- TOTP section now displays after URL, before Notes
- Removed non-functional :N (goto line) from help menu
- Extract TOTP URL during vault loading (v2 and v3 records)
- Add user/device info to SuperShell header with click-to-expand
- Header now shows: username | datacenter | Stay Logged In | Timeout
- Click username/datacenter to view full whoami info
- Click device status to view full this-device info
- Record colors dimmed to distinguish from folder names
- Username uses contrasting color (blue) for better visibility
- escape user content, UI polish, shell loop integration
- Add rich_escape() to all user-generated content (titles, field values,
folder names) to prevent Rich markup injection
- Update help screen: remove close button, add footer with dismiss hint
- Change quit binding from 'q' to Ctrl+q, add Ctrl+e/y for line scroll
- Add '!' command to exit to Keeper shell with return capability
- Add skip_init parameter to cli.loop() for clean supershell transitions
- Strip type prefixes from custom field labels (text:, url:, etc.)
- Add record_type to JSON output in record.py
- Remove startup spinner, improve device status display
- Add blank line spacing around TOTP display
- Clear clickable fields when showing user/device info panels
- Add 'ss' alias for supershell command
- Improve CLI help: 'keeper -h' shows brief help, 'keeper <cmd> -h' shows command help
- Add server validation: --server accepts region codes (US, EU, GOV, etc.) or hostnames
- Display U.S. Government warning for GOV servers (shell/supershell only)
- Add JSON toggle ('t' key) for folders in SuperShell
- Fix Tab cycling order: Tree → Detail → Search (counterclockwise)
- Don't collapse tree when entering search field until user types
- Escape Rich markup characters in search input to prevent crashes
- Fix pluralization across codebase (use proper singular/plural forms)
- Display folders with no records. Improve visibility of account information
- Fixed bugs in setting rotation configuration from Commander where the rotation type was being overwritten
- Add rotation info display to SuperShell for pamUser records
- Display rotation section (Status, Profile, Configuration, Schedule,
Last Rotated, Last Status) in record detail view before permissions
- Fix RecordRotationStatus enum mapping: 0=Not Rotated, 1=In Progress,
2=Success, 3=Failure (was incorrectly mapped)
- Remove direct API call (vault/get_applications_summary) from SuperShell
init - identify apps by record_type instead
- Fix masked secret fields not copying (use pyperclip instead of
ClipboardCommand which only works for Password field)
- Change click handlers to on_mouse_down so clicks copy on first click
without requiring focus change
- Simplify shortcuts bar: t=Toggle, p=Password, u=Username, c=Copy All,
m=Mask/Unmask
- Update key bindings: p=Password, c=Copy All, P=Preferences
- Update all help text to reflect new shortcuts
- Redesign PreferencesScreen to match HelpScreen style (no blue button,
cleaner text-based UI, escape/q to close)
- Fix "!" exit to shell when running "keeper supershell" directly
(check was looking for wrong message string)
- Widen help screen (90 chars) with side-by-side columns
- Left column: Navigation, Focus Cycling, General
- Right column: Copy to Clipboard, Actions
- Condense text for better fit on smaller screens
- Fix "General" section formatting (was ugly single line)
* initial POC implementation * Failed to get enterprise node name * whoami command returns incorrect status for MC Business * Add KEPM addon definition for MSPs * Fix share-record command raising error when email sent * Decreased log verbosity and enhanced esc sequence handling * updated requirements with keeper_pam_webrtc_rs>=1.2.1 * Improved local terminal handling and reduced log verbosity * merged with upstream release branch and resolved conflicts * improved logging, decreased verbosity imporved detecting escape sequences --------- Co-authored-by: Sergey Kolupaev <skolupaev@keepersecurity.com> Co-authored-by: Sergey Kolupaev <sergey@keepersecurity.com> Co-authored-by: amangalampalli-ks <amangalampalli@keepersecurity.com>
Updated the README to enhance clarity and add installation instructions for various platforms.
Login & Authentication: - Add --new-login flag to bypass persistent login - Fix 'keeper login <email>' to properly pass email from terminal - Change login message to "Logging in to Keeper as <email>" - Show simpler success message for terminal login (batch mode) - Auto-register device on first login - Fix "keeper logout" command to authenticate without syncing (prevents hang) - Preserve command queue in logout to prevent freeze on exit Device Approval UI: - Redesign with cleaner numbered menu (1=Email, 2=Push, 3=2FA) - Support 'c <code>' inline code entry - Improve feedback messages with colors Help System: - Global column alignment when terminal is wide enough - Remove trailing periods from command descriptions - Add 'help basics' command with essential commands guide - Hide legacy commands from terminal help output - Add 'help basics' hint in shell footer SuperShell Header: - Cleaner format: email | region | Stay Logged In | Logout timer - Responsive design - drops sections when window narrows - Split into two clickable areas (user info / device settings) - Match header colors to theme Other Improvements: - Only show sync animation in interactive mode (not batch) - Clean up server command with proper region validation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
- Display passkey fields nicely in record view showing Created date,
Username, and Relying Party instead of raw JSON
- Fix passkey display alignment in both record.py and recordv3.py
- Add ability to copy entire JSON objects/arrays in SuperShell by
clicking on opening braces/brackets (e.g., clicking "fields": [
copies the entire fields array)
- Make root { in JSON view copyable to copy entire record
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.