Update vaultwarden/server Docker tag to v1.35.0 #2946

renovate-bot · 2025-12-28T21:56:57Z

renovate-bot commented

2025-12-28 21:56:57 +00:00

This PR contains the following updates:

Package	Update	Change
vaultwarden/server	minor	`1.34.3` → `1.35.0`

Release Notes

dani-garcia/vaultwarden (vaultwarden/server)

`v1.35.0`

Compare Source

Notable changes

Implemented support for SSO with OpenID Connect, https://github.com/dani-garcia/vaultwarden/wiki/Enabling-SSO-support-using-OpenId-Connect
Updated web vault to 2025.12.0
Added support for future mobile apps with versions 2026.1.0+
This is the first vaultwarden release using immutable releases and release attestation!

What's Changed

Fix multi delete slowdown by @BlackDex in #6144
Perform same checks when setting kdf by @Timshel in #6141
SSO using OpenID Connect by @Timshel in #3899
Delete SSO.md by @dani-garcia in #6152
Update webauthn-rs to 0.5.x by @zUnixorn in #5934
a little cleanup after SSO merge by @stefan0xC in #6153
Fix link to point to the wiki by @Timshel in #6157
Fix Email 2FA for mobile apps by @dfunkt in #6156
Update Rust to 1.89.0 by @dfunkt in #6150
Fix several more multi select push issues by @BlackDex in #6151
Fix minor typo by @ncguk in #6165
Update crates, fixes some yanked crates by @BlackDex in #6167
Fix WebauthN issue with Software Keys by @BlackDex in #6168
Fix Playwright test conf and update deps by @Timshel in #6176
Misc updates by @BlackDex in #6185
fix typo in description of helo_name by @Flottegurke in #6194
Fix Playwright by @Timshel in #6206
Switch to GHA's concurrency control by @dfunkt in #6164
Make database connection pool dynamic by @Samoth69 in #6166
Re-add if check to release workflow by @dfunkt in #6227
Fix Webauthn/Passkey 2FA migration/validation issues by @BlackDex in #6190
refactor(config): update template, add validation by @tessus in #6229
Show SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION in admin by @Timshel in #6235
Update crates, gha and web-vault by @BlackDex in #6234
Fix panic around sso_master_password_policy by @Timshel in #6233
make webauthn more optional by @stefan0xC in #6160
Fix 2fa recovery endpoint by @BlackDex in #6240
update trivy-action to v0.33.0 by @stefan0xC in #6248
update web vault to v2025.9.1 and allow new policy by @stefan0xC in #6340
prevent changing collections when hide_passwords is true by @stefan0xC in #6278
Fix sso_user dropped on User::save by @Timshel in #6262
Change OIDC dummy identifier by @Timshel in #6263
add new billing warnings endpoint by @stefan0xC in #6369
Add auth_request pending endpoint by @Timshel in #6368
Fix Org identifier by @Timshel in #6364
add mail address change warning for invited accounts by @stefan0xC in #6377
add missing media-src directive by @stefan0xC in #6381
add seat limit for the invite dialog by @stefan0xC in #6371
[Playwright] Improvements around node by @Timshel in #6321
Use Diesels MultiConnections Derive by @BlackDex in #6279
Improve protected actions by @dani-garcia in #6411
Fix issue with key-rotation and emergency-access by @BlackDex in #6421
Optimizations and build speedup by @BlackDex in #6339
Use an older version of mariadb to prevent a panic by @BlackDex in #6453
Playwright against abitrary web-vault by @Timshel in #6380
Fix KDF Change with new web-vault by @BlackDex in #6458
Fix: admin theme emoji alignment by @joepduin in #6459
remove invalid emergency access dummy value by @stefan0xC in #6463
Add pm-25373-windows-biometrics-v2 feature flag by @Ephemera42 in #6468
Switch to multiple runners per arch by @dfunkt in #6472
Fix icon redirect caching by @BlackDex in #6487
Fix around singleorg policy by @Timshel in #6247
fix email as 2fa provider by @stefan0xC in #6473
Update crates and Rust version by @BlackDex in #6485
Add option to prefer IPv6 resolving by @BlackDex in #6494
Some small admin js/css updates by @BlackDex in #6501
Update crates and workflows and some fixes by @BlackDex in #6508
Fixed a typo in the default TTL value by @k725 in #6528
Iterate over tags on release by @Timshel in #6518
Org.put_policy type not in body anymore by @Timshel in #6514
Android want response property in camelCase by @Timshel in #6513
Fix admin invite with SSO by @Timshel in #6498
Improve sso auth flow by @Timshel in #6205
fix email as 2fa for sso by @stefan0xC in #6495
Fix release workflow by @BlackDex in #6532
Further fixes for the release workflow by @dfunkt in #6533
add empty /api/tasks endpoint by @stefan0xC in #6557
Revert to gzip compression by @dfunkt in #6566
support UriMatchDefaults policy by @stefan0xC in #6570
Add new accountKeys and masterPasswordUnlock fields by @dani-garcia in #6572
Update crates and Rust by @BlackDex in #6551
Add UserDecryption on /sync too by @dani-garcia in #6574
Update web-vault to v2025.12.0 by @BlackDex in #6577
Fix posting cipher with readonly collections by @BlackDex in #6578
Update crates by @BlackDex in #6585
Simplify binary extraction by @dfunkt in #6554
Remove unnecessary output sharing between jobs by @dfunkt in #6555
Add wrapped named variants to UserDecryptionOptions by @dani-garcia in #6598

New Contributors

@zUnixorn made their first contribution in #5934
@ncguk made their first contribution in #6165
@Flottegurke made their first contribution in #6194
@Samoth69 made their first contribution in #6166
@joepduin made their first contribution in #6459
@k725 made their first contribution in #6528

Full Changelog: https://github.com/dani-garcia/vaultwarden/compare/1.34.3...1.35.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [vaultwarden/server](https://github.com/dani-garcia/vaultwarden) | minor | `1.34.3` → `1.35.0` | --- ### Release Notes <details> <summary>dani-garcia/vaultwarden (vaultwarden/server)</summary> ### [`v1.35.0`](https://github.com/dani-garcia/vaultwarden/releases/tag/1.35.0) [Compare Source](https://github.com/dani-garcia/vaultwarden/compare/1.34.3...1.35.0) #### Notable changes - Implemented support for SSO with OpenID Connect, <https://github.com/dani-garcia/vaultwarden/wiki/Enabling-SSO-support-using-OpenId-Connect> - Updated web vault to 2025.12.0 - Added support for future mobile apps with versions 2026.1.0+ - This is the first vaultwarden release using [immutable releases](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/immutable-releases) and release attestation! #### What's Changed - Fix multi delete slowdown by [@BlackDex](https://github.com/BlackDex) in [#6144](https://github.com/dani-garcia/vaultwarden/pull/6144) - Perform same checks when setting kdf by [@Timshel](https://github.com/Timshel) in [#6141](https://github.com/dani-garcia/vaultwarden/pull/6141) - SSO using OpenID Connect by [@Timshel](https://github.com/Timshel) in [#3899](https://github.com/dani-garcia/vaultwarden/pull/3899) - Delete SSO.md by [@dani-garcia](https://github.com/dani-garcia) in [#6152](https://github.com/dani-garcia/vaultwarden/pull/6152) - Update webauthn-rs to 0.5.x by [@zUnixorn](https://github.com/zUnixorn) in [#5934](https://github.com/dani-garcia/vaultwarden/pull/5934) - a little cleanup after SSO merge by [@stefan0xC](https://github.com/stefan0xC) in [#6153](https://github.com/dani-garcia/vaultwarden/pull/6153) - Fix link to point to the wiki by [@Timshel](https://github.com/Timshel) in [#6157](https://github.com/dani-garcia/vaultwarden/pull/6157) - Fix Email 2FA for mobile apps by [@dfunkt](https://github.com/dfunkt) in [#6156](https://github.com/dani-garcia/vaultwarden/pull/6156) - Update Rust to 1.89.0 by [@dfunkt](https://github.com/dfunkt) in [#6150](https://github.com/dani-garcia/vaultwarden/pull/6150) - Fix several more multi select push issues by [@BlackDex](https://github.com/BlackDex) in [#6151](https://github.com/dani-garcia/vaultwarden/pull/6151) - Fix minor typo by [@ncguk](https://github.com/ncguk) in [#6165](https://github.com/dani-garcia/vaultwarden/pull/6165) - Update crates, fixes some yanked crates by [@BlackDex](https://github.com/BlackDex) in [#6167](https://github.com/dani-garcia/vaultwarden/pull/6167) - Fix WebauthN issue with Software Keys by [@BlackDex](https://github.com/BlackDex) in [#6168](https://github.com/dani-garcia/vaultwarden/pull/6168) - Fix Playwright test conf and update deps by [@Timshel](https://github.com/Timshel) in [#6176](https://github.com/dani-garcia/vaultwarden/pull/6176) - Misc updates by [@BlackDex](https://github.com/BlackDex) in [#6185](https://github.com/dani-garcia/vaultwarden/pull/6185) - fix typo in description of helo\_name by [@Flottegurke](https://github.com/Flottegurke) in [#6194](https://github.com/dani-garcia/vaultwarden/pull/6194) - Fix Playwright by [@Timshel](https://github.com/Timshel) in [#6206](https://github.com/dani-garcia/vaultwarden/pull/6206) - Switch to GHA's concurrency control by [@dfunkt](https://github.com/dfunkt) in [#6164](https://github.com/dani-garcia/vaultwarden/pull/6164) - Make database connection pool dynamic by [@Samoth69](https://github.com/Samoth69) in [#6166](https://github.com/dani-garcia/vaultwarden/pull/6166) - Re-add `if` check to release workflow by [@dfunkt](https://github.com/dfunkt) in [#6227](https://github.com/dani-garcia/vaultwarden/pull/6227) - Fix Webauthn/Passkey 2FA migration/validation issues by [@BlackDex](https://github.com/BlackDex) in [#6190](https://github.com/dani-garcia/vaultwarden/pull/6190) - refactor(config): update template, add validation by [@tessus](https://github.com/tessus) in [#6229](https://github.com/dani-garcia/vaultwarden/pull/6229) - Show SSO\_ALLOW\_UNKNOWN\_EMAIL\_VERIFICATION in admin by [@Timshel](https://github.com/Timshel) in [#6235](https://github.com/dani-garcia/vaultwarden/pull/6235) - Update crates, gha and web-vault by [@BlackDex](https://github.com/BlackDex) in [#6234](https://github.com/dani-garcia/vaultwarden/pull/6234) - Fix panic around sso\_master\_password\_policy by [@Timshel](https://github.com/Timshel) in [#6233](https://github.com/dani-garcia/vaultwarden/pull/6233) - make webauthn more optional by [@stefan0xC](https://github.com/stefan0xC) in [#6160](https://github.com/dani-garcia/vaultwarden/pull/6160) - Fix 2fa recovery endpoint by [@BlackDex](https://github.com/BlackDex) in [#6240](https://github.com/dani-garcia/vaultwarden/pull/6240) - update trivy-action to v0.33.0 by [@stefan0xC](https://github.com/stefan0xC) in [#6248](https://github.com/dani-garcia/vaultwarden/pull/6248) - update web vault to v2025.9.1 and allow new policy by [@stefan0xC](https://github.com/stefan0xC) in [#6340](https://github.com/dani-garcia/vaultwarden/pull/6340) - prevent changing collections when hide\_passwords is true by [@stefan0xC](https://github.com/stefan0xC) in [#6278](https://github.com/dani-garcia/vaultwarden/pull/6278) - Fix `sso_user` dropped on `User::save` by [@Timshel](https://github.com/Timshel) in [#6262](https://github.com/dani-garcia/vaultwarden/pull/6262) - Change OIDC dummy identifier by [@Timshel](https://github.com/Timshel) in [#6263](https://github.com/dani-garcia/vaultwarden/pull/6263) - add new billing warnings endpoint by [@stefan0xC](https://github.com/stefan0xC) in [#6369](https://github.com/dani-garcia/vaultwarden/pull/6369) - Add auth\_request pending endpoint by [@Timshel](https://github.com/Timshel) in [#6368](https://github.com/dani-garcia/vaultwarden/pull/6368) - Fix Org identifier by [@Timshel](https://github.com/Timshel) in [#6364](https://github.com/dani-garcia/vaultwarden/pull/6364) - add mail address change warning for invited accounts by [@stefan0xC](https://github.com/stefan0xC) in [#6377](https://github.com/dani-garcia/vaultwarden/pull/6377) - add missing media-src directive by [@stefan0xC](https://github.com/stefan0xC) in [#6381](https://github.com/dani-garcia/vaultwarden/pull/6381) - add seat limit for the invite dialog by [@stefan0xC](https://github.com/stefan0xC) in [#6371](https://github.com/dani-garcia/vaultwarden/pull/6371) - \[Playwright] Improvements around node by [@Timshel](https://github.com/Timshel) in [#6321](https://github.com/dani-garcia/vaultwarden/pull/6321) - Use Diesels MultiConnections Derive by [@BlackDex](https://github.com/BlackDex) in [#6279](https://github.com/dani-garcia/vaultwarden/pull/6279) - Improve protected actions by [@dani-garcia](https://github.com/dani-garcia) in [#6411](https://github.com/dani-garcia/vaultwarden/pull/6411) - Fix issue with key-rotation and emergency-access by [@BlackDex](https://github.com/BlackDex) in [#6421](https://github.com/dani-garcia/vaultwarden/pull/6421) - Optimizations and build speedup by [@BlackDex](https://github.com/BlackDex) in [#6339](https://github.com/dani-garcia/vaultwarden/pull/6339) - Use an older version of mariadb to prevent a panic by [@BlackDex](https://github.com/BlackDex) in [#6453](https://github.com/dani-garcia/vaultwarden/pull/6453) - Playwright against abitrary web-vault by [@Timshel](https://github.com/Timshel) in [#6380](https://github.com/dani-garcia/vaultwarden/pull/6380) - Fix KDF Change with new web-vault by [@BlackDex](https://github.com/BlackDex) in [#6458](https://github.com/dani-garcia/vaultwarden/pull/6458) - Fix: admin theme emoji alignment by [@joepduin](https://github.com/joepduin) in [#6459](https://github.com/dani-garcia/vaultwarden/pull/6459) - remove invalid emergency access dummy value by [@stefan0xC](https://github.com/stefan0xC) in [#6463](https://github.com/dani-garcia/vaultwarden/pull/6463) - Add `pm-25373-windows-biometrics-v2` feature flag by [@Ephemera42](https://github.com/Ephemera42) in [#6468](https://github.com/dani-garcia/vaultwarden/pull/6468) - Switch to multiple runners per arch by [@dfunkt](https://github.com/dfunkt) in [#6472](https://github.com/dani-garcia/vaultwarden/pull/6472) - Fix icon redirect caching by [@BlackDex](https://github.com/BlackDex) in [#6487](https://github.com/dani-garcia/vaultwarden/pull/6487) - Fix around singleorg policy by [@Timshel](https://github.com/Timshel) in [#6247](https://github.com/dani-garcia/vaultwarden/pull/6247) - fix email as 2fa provider by [@stefan0xC](https://github.com/stefan0xC) in [#6473](https://github.com/dani-garcia/vaultwarden/pull/6473) - Update crates and Rust version by [@BlackDex](https://github.com/BlackDex) in [#6485](https://github.com/dani-garcia/vaultwarden/pull/6485) - Add option to prefer IPv6 resolving by [@BlackDex](https://github.com/BlackDex) in [#6494](https://github.com/dani-garcia/vaultwarden/pull/6494) - Some small admin js/css updates by [@BlackDex](https://github.com/BlackDex) in [#6501](https://github.com/dani-garcia/vaultwarden/pull/6501) - Update crates and workflows and some fixes by [@BlackDex](https://github.com/BlackDex) in [#6508](https://github.com/dani-garcia/vaultwarden/pull/6508) - Fixed a typo in the default TTL value by [@k725](https://github.com/k725) in [#6528](https://github.com/dani-garcia/vaultwarden/pull/6528) - Iterate over tags on release by [@Timshel](https://github.com/Timshel) in [#6518](https://github.com/dani-garcia/vaultwarden/pull/6518) - Org.put\_policy type not in body anymore by [@Timshel](https://github.com/Timshel) in [#6514](https://github.com/dani-garcia/vaultwarden/pull/6514) - Android want response property in camelCase by [@Timshel](https://github.com/Timshel) in [#6513](https://github.com/dani-garcia/vaultwarden/pull/6513) - Fix admin invite with SSO by [@Timshel](https://github.com/Timshel) in [#6498](https://github.com/dani-garcia/vaultwarden/pull/6498) - Improve sso auth flow by [@Timshel](https://github.com/Timshel) in [#6205](https://github.com/dani-garcia/vaultwarden/pull/6205) - fix email as 2fa for sso by [@stefan0xC](https://github.com/stefan0xC) in [#6495](https://github.com/dani-garcia/vaultwarden/pull/6495) - Fix release workflow by [@BlackDex](https://github.com/BlackDex) in [#6532](https://github.com/dani-garcia/vaultwarden/pull/6532) - Further fixes for the release workflow by [@dfunkt](https://github.com/dfunkt) in [#6533](https://github.com/dani-garcia/vaultwarden/pull/6533) - add empty /api/tasks endpoint by [@stefan0xC](https://github.com/stefan0xC) in [#6557](https://github.com/dani-garcia/vaultwarden/pull/6557) - Revert to gzip compression by [@dfunkt](https://github.com/dfunkt) in [#6566](https://github.com/dani-garcia/vaultwarden/pull/6566) - support UriMatchDefaults policy by [@stefan0xC](https://github.com/stefan0xC) in [#6570](https://github.com/dani-garcia/vaultwarden/pull/6570) - Add new accountKeys and masterPasswordUnlock fields by [@dani-garcia](https://github.com/dani-garcia) in [#6572](https://github.com/dani-garcia/vaultwarden/pull/6572) - Update crates and Rust by [@BlackDex](https://github.com/BlackDex) in [#6551](https://github.com/dani-garcia/vaultwarden/pull/6551) - Add UserDecryption on /sync too by [@dani-garcia](https://github.com/dani-garcia) in [#6574](https://github.com/dani-garcia/vaultwarden/pull/6574) - Update web-vault to v2025.12.0 by [@BlackDex](https://github.com/BlackDex) in [#6577](https://github.com/dani-garcia/vaultwarden/pull/6577) - Fix posting cipher with readonly collections by [@BlackDex](https://github.com/BlackDex) in [#6578](https://github.com/dani-garcia/vaultwarden/pull/6578) - Update crates by [@BlackDex](https://github.com/BlackDex) in [#6585](https://github.com/dani-garcia/vaultwarden/pull/6585) - Simplify binary extraction by [@dfunkt](https://github.com/dfunkt) in [#6554](https://github.com/dani-garcia/vaultwarden/pull/6554) - Remove unnecessary output sharing between jobs by [@dfunkt](https://github.com/dfunkt) in [#6555](https://github.com/dani-garcia/vaultwarden/pull/6555) - Add wrapped named variants to UserDecryptionOptions by [@dani-garcia](https://github.com/dani-garcia) in [#6598](https://github.com/dani-garcia/vaultwarden/pull/6598) #### New Contributors - [@zUnixorn](https://github.com/zUnixorn) made their first contribution in [#5934](https://github.com/dani-garcia/vaultwarden/pull/5934) - [@ncguk](https://github.com/ncguk) made their first contribution in [#6165](https://github.com/dani-garcia/vaultwarden/pull/6165) - [@Flottegurke](https://github.com/Flottegurke) made their first contribution in [#6194](https://github.com/dani-garcia/vaultwarden/pull/6194) - [@Samoth69](https://github.com/Samoth69) made their first contribution in [#6166](https://github.com/dani-garcia/vaultwarden/pull/6166) - [@joepduin](https://github.com/joepduin) made their first contribution in [#6459](https://github.com/dani-garcia/vaultwarden/pull/6459) - [@k725](https://github.com/k725) made their first contribution in [#6528](https://github.com/dani-garcia/vaultwarden/pull/6528) **Full Changelog**: <https://github.com/dani-garcia/vaultwarden/compare/1.34.3...1.35.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

renovate-bot added the image label 2025-12-28 21:56:57 +00:00

renovate-bot added 1 commit 2025-12-28 21:56:58 +00:00

Update vaultwarden/server Docker tag to v1.35.0

renovate/stability-days Updates have not met minimum release age requirement

Details

lint-test-helm / lint-helm (pull_request) Successful in 21s

Details

3b0776e1dd

renovate-bot force-pushed renovate/vaultwarden-server-1.x from 3b0776e1dd to b6d6d368ae

2025-12-29 03:52:47 +00:00

Compare

renovate-bot force-pushed renovate/vaultwarden-server-1.x from b6d6d368ae to b6b961733f

2025-12-29 03:55:56 +00:00

Compare

renovate-bot force-pushed renovate/vaultwarden-server-1.x from b6b961733f to 8717181c42

2025-12-29 13:03:31 +00:00

Compare

renovate-bot force-pushed renovate/vaultwarden-server-1.x from 8717181c42 to f46501d565

2025-12-29 15:03:36 +00:00

Compare

renovate-bot force-pushed renovate/vaultwarden-server-1.x from f46501d565 to e7a95cdf34

2025-12-29 21:11:19 +00:00

Compare

renovate-bot force-pushed renovate/vaultwarden-server-1.x from e7a95cdf34 to e3ac525f6d

2025-12-29 22:12:02 +00:00

Compare

renovate-bot force-pushed renovate/vaultwarden-server-1.x from e3ac525f6d to 09f99a4f5c

2025-12-29 22:58:46 +00:00

Compare

alexlebens merged commit 867b6bcb77 into main

2025-12-29 23:08:36 +00:00

alexlebens referenced this issue from a commit

2025-12-29 23:08:37 +00:00

Update vaultwarden/server Docker tag to v1.35.0 (#2946)

alexlebens deleted branch renovate/vaultwarden-server-1.x

2025-12-29 23:08:40 +00:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: alexlebens/infrastructure#2946