<component type="desktop-application">
<id>com.github.paolostivanin.OTPClient.desktop</id>
<name>OTPClient</name>
<summary>Application for managing TOTP/HOTP tokens with built-in encryption</summary>
<project_license>GPL-3.0+</project_license>
<description>
<p>OTPClient is a secure and easy-to-use desktop client for TOTP and HOTP one-time passwords, built with GTK4 and libadwaita. Features:</p>
<ul>
<li>multiple databases with sidebar management and cross-database search</li>
<li>token grouping with quick filtering</li>
<li>desktop search provider for GNOME Shell and KDE KRunner (opt-in trigger keyword)</li>
<li>command-line companion (otpclient-cli) with scriptable table/JSON/CSV output</li>
<li>support for TOTP, HOTP, and Steam codes</li>
<li>configurable digits (4 to 10), period (10 to 120 seconds), and algorithm (SHA1, SHA256, SHA512)</li>
<li>import and export of encrypted/plain Aegis backups</li>
<li>import and export of encrypted/plain Authenticator Pro and 2FAS backups</li>
<li>import and export of plain FreeOTP+ backups (key URI format)</li>
<li>import of Google Authenticator migration QR codes (file, screen, webcam, clipboard)</li>
<li>integration with the OS secret service provider via libsecret (opt-in)</li>
<li>local database encrypted with AES-256-GCM and Argon2id key derivation; plaintext lives only in libgcrypt secure memory while unlocked</li>
</ul>
</description>
<developer>
<name>Paolo Stivanin</name>
</developer>
<developer_name>Paolo Stivanin</developer_name>
<pkgname>OTPClient</pkgname>
<launchable type="desktop-id">com.github.paolostivanin.OTPClient.desktop</launchable>
<icon type="cached" width="48" height="48">OTPClient_com.github.paolostivanin.OTPClient.png</icon>
<icon type="cached" width="64" height="64">OTPClient_com.github.paolostivanin.OTPClient.png</icon>
<icon type="cached" width="128" height="128">OTPClient_com.github.paolostivanin.OTPClient.png</icon>
<icon type="remote" width="128" height="128">com/github/paolostivanin.OTPClient.desktop/d857de65a1d3aa1e3895c16fa66a4be4/icons/128x128/OTPClient_com.github.paolostivanin.OTPClient.png</icon>
<icon type="stock">com.github.paolostivanin.OTPClient</icon>
<url type="homepage">https://github.com/paolostivanin/OTPClient</url>
<url type="bugtracker">https://github.com/paolostivanin/OTPClient/issues</url>
<categories>
<category>System</category>
<category>Security</category>
</categories>
<provides>
<binary>otpclient</binary>
</provides>
<screenshots>
<screenshot type="default">
<caption>Empty main window</caption>
<image type="source" width="501" height="590">com/github/paolostivanin.OTPClient.desktop/d857de65a1d3aa1e3895c16fa66a4be4/screenshots/image-1_orig.png</image>
<image type="thumbnail" width="224" height="263">com/github/paolostivanin.OTPClient.desktop/d857de65a1d3aa1e3895c16fa66a4be4/screenshots/[email protected]</image>
</screenshot>
<screenshot>
<caption>Add menu</caption>
<image type="source" width="501" height="590">com/github/paolostivanin.OTPClient.desktop/d857de65a1d3aa1e3895c16fa66a4be4/screenshots/image-2_orig.png</image>
<image type="thumbnail" width="224" height="263">com/github/paolostivanin.OTPClient.desktop/d857de65a1d3aa1e3895c16fa66a4be4/screenshots/[email protected]</image>
</screenshot>
<screenshot>
<caption>General menu</caption>
<image type="source" width="501" height="590">com/github/paolostivanin.OTPClient.desktop/d857de65a1d3aa1e3895c16fa66a4be4/screenshots/image-3_orig.png</image>
<image type="thumbnail" width="224" height="263">com/github/paolostivanin.OTPClient.desktop/d857de65a1d3aa1e3895c16fa66a4be4/screenshots/[email protected]</image>
</screenshot>
<screenshot>
<caption>Settings menu</caption>
<image type="source" width="352" height="405">com/github/paolostivanin.OTPClient.desktop/d857de65a1d3aa1e3895c16fa66a4be4/screenshots/image-4_orig.png</image>
<image type="thumbnail" width="224" height="257">com/github/paolostivanin.OTPClient.desktop/d857de65a1d3aa1e3895c16fa66a4be4/screenshots/[email protected]</image>
</screenshot>
</screenshots>
<keywords>
<keyword>otp</keyword>
<keyword>totp</keyword>
<keyword>hotp</keyword>
<keyword>2fa</keyword>
<keyword>2factor</keyword>
<keyword>2fa-client</keyword>
<keyword>2step</keyword>
<keyword>twostep</keyword>
</keywords>
<releases>
<release type="stable" version="5.0.3" timestamp="1778803200">
<description>
<p>Small bug-fix release in the 5.0.x line. Fixes a startup crash on systems where the XDG portal cannot auto-report a color scheme (typically XFCE) and the user has the dark-theme GSetting enabled. The dark-theme preference was being applied before AdwApplication's startup chain ran, so adw_style_manager_get_default() reached into an uninitialized GDK display and aborted.</p>
<ul>
<li>FIX: startup crash "gdk_display_manager_get() was called before gtk_init()" when use-dark-theme is enabled on environments without a portal-reported color scheme (#440)</li>
</ul>
</description>
</release>
<release type="stable" version="5.0.2" timestamp="1778716800">
<description>
<p>Restores the "Scan QR from Clipboard" workflow that existed in 4.5.0 and was dropped in the GTK4 rewrite. Reads an image directly from the clipboard via the GTK4 clipboard API and feeds it into the existing zbar pipeline, sidestepping the file-roundtrip needed for browser-copied or screenshot-captured QR codes.</p>
<ul>
<li>NEW: Add → Scan QR from Clipboard (#438)</li>
<li>FIX: scanning a QR that does not encode an otpauth:// URI now surfaces a toast instead of silently doing nothing (applies to file and webcam scans too)</li>
</ul>
</description>
</release>
<release type="stable" version="5.0.1" timestamp="1778544000">
<description>
<p>Bug-fix release for 5.0.0. Importing a QR code into a database that already contained tokens left the previously-imported entries duplicated in the array; the duplicates also caused delete and group actions to appear to target the wrong row. Existing 5.0.0 databases that were corrupted by repeated QR imports can be cleaned up by removing the duplicate entries.</p>
<ul>
<li>FIX: QR import no longer duplicates pre-existing tokens (#435)</li>
<li>FIX: Set Group / Remove from Group / New Group act on the right token when a group filter or column sort is active (#437)</li>
<li>FIX: token actions (delete, edit, show QR, move to database) act on the right token when a filter or column sort is active</li>
<li>FIX: clicking a database in the sidebar now actually loads it (#436)</li>
<li>NEW: sidebar marks the default database (loaded on startup) with a star and the currently open one in bold</li>
<li>NEW: creating or opening additional databases no longer changes which one loads on startup — only right-click "Set as Primary" does, and that choice now persists across restarts</li>
</ul>
</description>
</release>
<release type="stable" version="5.0.0" timestamp="1778198400">
<description>
<p>OTPClient 5.0.0 — first stable release of the GTK4 / libadwaita rewrite, with multi-database support, token grouping, an opt-in trigger keyword for the desktop search provider, and a sweeping crypto and import-path hardening pass. Existing v2 databases unlock and migrate automatically.</p>
<ul>
<li>NEW: complete GUI rewrite on GTK4 + libadwaita</li>
<li>NEW: persistent multi-database support with sidebar and right-click "Move to…" between databases</li>
<li>NEW: token grouping with header-bar dropdown and "group:" / "#" search prefix; groups round-trip through Aegis / AuthPro / 2FAS</li>
<li>NEW: cross-database search with auto-select-and-copy on a single result</li>
<li>NEW: hidden-by-default OTPs with click-to-reveal and auto-hide</li>
<li>NEW: async unlock with KDF spinner</li>
<li>NEW: search-provider trigger keyword (default "otp"); KRunner subtitle no longer leaks live codes; activation copies the OTP</li>
<li>NEW: Settings → Backup is the unified entry point for native (encrypted) backup and restore; format-specific export becomes migration-only with a plaintext warning</li>
<li>NEW: settings import/export, Welcome and What's New dialogs, KDF presets, paste-to-fill otpauth:// URI, backup-age banner, lock-time clipboard wipe</li>
<li>NEW: scriptable CLI output (--output=table|json|csv), translated CLI strings, --list-databases, HOTP counter in CSV, bash/zsh/fish completions</li>
<li>NEW: native StatusNotifierItem tray (libayatana-appindicator dependency removed)</li>
<li>SECURITY: Argon2id header validation refuses out-of-bounds parameters on unlock</li>
<li>SECURITY: KDF byte-length fix — gcry_kdf_* was passed character count instead of byte count, weakening keys for non-ASCII passwords; transparent retry plus opportunistic re-encryption on the next write</li>
<li>SECURITY: O_NOFOLLOW + fstat S_ISREG on every importer and database read site, closing the symlink-swap TOCTOU window</li>
<li>SECURITY: 0600 mode on backup files; PR_SET_DUMPABLE=0 + RLIMIT_CORE=0 to suppress core dumps</li>
<li>SECURITY: AEAD validation tightened across decrypt paths; 2FAS no longer accepts plaintext on tag mismatch</li>
<li>SECURITY: search provider refuses every D-Bus method when the keyword is empty (closes arbitrary local enumeration of accounts)</li>
<li>SECURITY: otpauth:// URI capped at 4 KB, HOTP counter capped at 2^48, PNG QR capped at 4096×4096, settings import capped at 1 MiB</li>
<li>SECURITY: signal-safe clipboard wipe on SIGINT/SIGTERM/SIGHUP; CLI --password-file refuses group/world-readable files; secret service disabled by default</li>
<li>SECURITY: HOTP counter increment is transactional (rolled back if save fails)</li>
<li>FIX: NULL-deref crashes across Aegis, AuthPro, 2FAS, FreeOTP+, and otpauth importers on malformed input</li>
<li>FIX: use-after-free in async secret lookup; double-free of filter_model in window dispose; DBus assertion on exit</li>
<li>FIX: notification spam during store rebuilds and search-bar close</li>
<li>FIX: window size and group dropdown restored across sessions; schema and icon cache updated on install</li>
<li>PERF: KDF-derived key cache, lazy cross-DB OTP, deferred HOTP writes, pre-folded labels in search provider</li>
<li>BREAKING: GTK 4.18+ and libadwaita 1.5+ required; configuration migrated to GSettings (GKeyFile not migrated automatically)</li>
</ul>
</description>
</release>
</releases>
<content_rating type="oars-1.0">
<content_attribute id="violence-cartoon">none</content_attribute>
<content_attribute id="violence-fantasy">none</content_attribute>
<content_attribute id="violence-realistic">none</content_attribute>
<content_attribute id="violence-bloodshed">none</content_attribute>
<content_attribute id="violence-sexual">none</content_attribute>
<content_attribute id="drugs-alcohol">none</content_attribute>
<content_attribute id="drugs-narcotics">none</content_attribute>
<content_attribute id="drugs-tobacco">none</content_attribute>
<content_attribute id="sex-nudity">none</content_attribute>
<content_attribute id="sex-themes">none</content_attribute>
<content_attribute id="language-profanity">none</content_attribute>
<content_attribute id="language-humor">none</content_attribute>
<content_attribute id="language-discrimination">none</content_attribute>
<content_attribute id="social-chat">none</content_attribute>
<content_attribute id="social-info">none</content_attribute>
<content_attribute id="social-audio">none</content_attribute>
<content_attribute id="social-location">none</content_attribute>
<content_attribute id="social-contacts">none</content_attribute>
<content_attribute id="money-purchasing">none</content_attribute>
<content_attribute id="money-gambling">none</content_attribute>
</content_rating>
</component>
