Release 2.6.6

Fixed

- Fix focusing search when pressing hotkey [#6603]
- Trim whitespace from TOTP key input prior to processing [#6604]
- Fix building on macOS [#6598]
- Resolve compiler warnings for unused return values [#6607]

.gitattributes

@@ -11,3 +11,6 @@ AppImage-Recipe.sh export-ignore
 # github-linguist language hints
 *.h linguist-language=C++
 *.cpp linguist-language=C++
+
+# binary files
+*.ai binary

CHANGELOG.md

@@ -1,17 +1,260 @@
 # Changelog
 
-## 2.6.0 (unreleased)
+## 2.6.6 (2021-06-11)
+
+### Fixed
+
+- Fix focusing search when pressing hotkey [#6603]
+- Trim whitespace from TOTP key input prior to processing [#6604]
+- Fix building on macOS [#6598]
+- Resolve compiler warnings for unused return values [#6607]
+
+## 2.6.5 (2021-06-07)
 
 ### Added
-- Added CLI db-info command [#4231]
-- Switch application icons to Material Design [#4066]
-- Health Check report [#551]
-- HIBP report: Check passwords against the HIBP online service [#1083]
+
+- Show search bar when toolbar is hidden or in overflow [#6279]
+- Show countdown for clipboard clearing in status bar [#6333]
+- Command line option to lock all open databases [#6511]
+- Allow CSV import of bare TOTP secrets [#6211]
+- Retain file creation time when saving database [#6576]
+- Set permissions of saved attachments to be private to the current user [#6363]
+- OPVault: Use Text instead of Name for attribute names [#6334]
 
 ### Changed
-- Renamed CLI create command to db-create [#4231]
-- Added --set-password option for CLI db-create command
-- Added --set-key-file option for CLI db-create command (replacing --key-file option)
+
+- Reports: Allow resizing of reports columns [#6435]
+- Reports: Toggle showing expired entries [#6534]
+- Save Always on Top setting [#6236]
+- Password generator can exclude additional lookalike characters (6/G, 8/B) [#6196]
+
+### Fixed
+
+- Allow setting MSI properties in unattended install [#6196]
+- Update MainWindow minimum size to enable smaller verticle space [#6196]
+- Use application font size when setting default or monospace fonts [#6332]
+- Fix notes not clearing in entry preview panel in some cases [#6481]
+- macOS: Correct window activation when restoring from tray [#6575]
+- macOS: Better handling of minimize after unlock when using browser integration [#6338]
+- Linux: Start after the system tray is available on LXQt [#6216]
+- Linux: Allow selection of modal dialogs on X11 in Auto-Type [#6204]
+- KeeShare: prevent crash when file extension is missing [#6174]
+
+## 2.6.4 (2021-01-31)
+
+### Added
+
+- Automatically adapt to light/dark system theme changes (Windows/macOS only) [#6034]
+
+### Changed
+
+- Show window title as tooltip on system tray [#5948]
+- Compress Snap release as LZO for faster initial startup [#5877]
+- Password generator: Set maximum selectable password length to 999 [#5937]
+
+### Fixed
+
+- Fix crash on app close when using SSH agent [#5935]
+- Fix KDF selection showing wrong item when using Argon2id [#5923]
+- Automatically close About dialog on database lock if it is still open [#5947]
+- Linux: Fix automatic launch at system startup with AppImages [#5901]
+- Linux: Fix click-to-move on empty area activating when using menus [#5971]
+- Linux: Try multiple times to show tray icon if tray is not ready yet [#5948]
+- macOS: Fix KeePassXC blocking clean shutdown [#6002]
+
+## 2.6.3 (2021-01-12)
+
+### Added
+
+- Support Argon2id KDF [#5778]
+- Support XMLv2 key files [#5798]
+
+### Changed
+
+- Improve CSV Import/Export, include time fields and TOTP [#5346]
+- Support empty area dragging of the application window [#5860]
+- Display default Auto-Type sequence in preview pane [#5654]
+- Remove strict length limit on generated passwords [#5748]
+- Hide key file path by default when unlocking database [#5779]
+- Document browser extension use with Edge in managed mode [#5692]
+- Windows: Prevent clipboard history and cloud sync [#5853]
+- macOS: Update the application icon to Big Sur styling [#5851]
+
+### Fixed
+
+- Re-select previously selected entry on database unlock [#5559]
+- Properly save special character choice in password generator [#5610]
+- Fix crash in browser integration with multiple similar entries [#5653]
+- Remove offset on username field in classic theme [#5788]
+- Ensure entry history is copied when drag/dropping entries and groups [#5817]
+- Close modal dialogs when database is locked [#5820]
+- Prevent crash when KeeShare modifies an entry that is currently being edited [#5827]
+- Improve preview of entry attributes [#5834]
+- Always activate/focus database open dialog preventing mistype [#5878]
+- Reports: fix calculation of average password length [#5862]
+- Linux: Delay startup on login to correct tray icon issues [#5724]
+
+## 2.6.2 (2020-10-21)
+
+### Added
+
+- Add option to keep window always on top to view menu [#5542]
+- Move show/hide usernames and passwords to view menu [#5542]
+- Add command line options and environment variables for changing the config locations [#5452]
+- Include TOTP settings in CSV import/export and add support for ISO datetimes [#5346]
+
+### Changed
+
+- Mask sensitive information in command execution confirmation prompt [#5542]
+- SSH Agent: Avoid shortcut conflict on macOS by changing "Add key" to Ctrl+H on all platforms [#5484]
+
+### Fixed
+
+- Prevent data loss with drag and drop between databases [#5536]
+- Fix crash when toggling Capslock rapidly [#5545]
+- Don't mark URL references as invalid URL [#5380]
+- Reset entry preview after search [#5483]
+- Set Qt::Dialog flag on database open dialog [#5356]
+- Fix sorting of database report columns [#5426]
+- Fix IfDevice matching logic [#5344]
+- Fix layout issues and a stray scrollbar appearing on top of the entry edit screen [#5424]
+- Fix tabbing into the notes field [#5424]
+- Fix password generator ignoring settings on load [#5340]
+- Restore natural entry sort order on application load [#5438]
+- Fix paperclip and TOTP columns not saving state [#5327]
+- Enforce fixed password font in entry preview [#5454]
+- Add scrollbar when new database wizard exceeds screen size [#5560]
+- Do not mark database as modified when viewing Auto-Type associations [#5542]
+- CLI: Fix two heap-use-after-free crashes [#5368,#5470]
+- Browser: Fix key exchange not working with multiple simultaneous users on Windows [#5485]
+- Browser: Fix entry retrieval when "only best matching" is enabled [#5316]
+- Browser: Ignore recycle bin on KeePassHTTP migration [#5481]
+- KeeShare: Fix import crash [#5542]
+- macOS: Fix toolbar theming and breadcrumb display issues [#5482]
+- macOS: Fix file dialog randomly closing [#5479]
+- macOS: Fix being unable to select OPVault files for import [#5341]
+
+## 2.6.1 (2020-08-19)
+
+### Added
+
+- Add menu entries for auto-typing only username or only password [#4891]
+- Browser: Add command for retrieving current TOTP [#5278]
+- Improve man pages [#5010]
+- Linux: Support Xfce screen lock signals [#4971]
+- Linux: Add OARS metadata to AppStream markup [#5031]
+- SSH Agent: Substitute tilde with %USERPROFILE% on Windows [#5116]
+
+### Changed
+
+- Improve password generator UI and UX [#5129]
+- Do not prompt to restart if switching the theme back and forth [#5084]
+- Change actions for F1, F2, and F3 keys [#5082]
+- Skip referenced passwords in health check report [#5056]
+- Check system-wide Qt translations directory for downstream translations packaging [#5064]
+- macOS: Change password visibility toggle shortcut to Ctrl+H to avoid conflict with system shortcut [#5114]
+- Browser: Only display domain name in browser access confirm dialog to avoid overly wide window sizes [#5214]
+
+### Fixed
+
+- Fix clipboard not being cleared when database is locked while timeout is still active [#5184]
+- Fix list of previous databases not being cleared in some cases [#5123]
+- Fix saving of non-data changes on database lock [#5210]
+- Fix search results banner theming [#5197]
+- Don't enforce theme palette in Classic theme mode and add hover effect for buttons [#5122,#5267]
+- Fix label clipping in settings on high-DPI screens [#5227]
+- Fix excessive memory usage by icons on systems with high-DPI screens [#5266]
+- Fix crash if number of TOTP digits exceeds ten [#5106]
+- Fix slot detection when first YubiKey is configured on the second slot [#5004]
+- Prevent crash if focus widget gets deleted during saving [#5005]
+- Always show buttons for opening or saving attachments [#4956]
+- Update link to Auto-Type help [#5228]
+- Fix build errors with Ninja [#5121]
+- CLI: Fix db-info command wrongly labelled as db-show in usage listing [#5140]
+- Windows: Use Classic theme by default if high-contrast mode is on [#5191]
+- Linux: Add workaround for qt5ct bug, causing icons not to show up [#5011]
+- Linux: Correct high-DPI display by not allowing fractional scaling [#5185]
+- Browser: Consider subdomain and path when requesting only "best-matching credentials" [#4832]
+- SSH Agent: Always forget all keys on lock [#5115]
+
+## 2.6.0 (2020-07-06)
+
+### Added
+
+- Custom Light and Dark themes [#4110, #4769, #4791, #4892, #4915]
+- Compact mode to use classic Group and Entry line height [#4910]
+- New monochrome tray icons [#4796, #4803]
+- View menu to quickly switch themes, compact mode, and toggle UI elements [#4910]
+- Search for groups and scope search to matched groups [#4705]
+- Save Database Backup feature [#4550]
+- Sort entries by "natural order" and move lines up/down [#4357]
+- Option to launch KeePassXC on system startup/login [#4675]
+- Caps Lock warning on password input fields [#3646]
+- Add "Size" column to entry view [#4588]
+- Browser-like tab experience using Ctrl+[Num] (Alt+[Num] on Linux) [#4063, #4305]
+- Password Generator: Define additional characters to choose from [#3876]
+- Reports: Database password health check (offline) [#3993]
+- Reports: HIBP online service to check for breached passwords [#4438]
+- Auto-Type: DateTime placeholders [#4409]
+- Browser: Show group name in results sent to browser extension [#4111]
+- Browser: Ability to define a custom browser location (macOS and Linux only) [#4148]
+- Browser: Ability to change root group UUID and inline edit connection ID [#4315, #4591]
+- CLI: `db-info` command [#4231]
+- CLI: Use wl-clipboard if xclip is not available (Linux) [#4323]
+- CLI: Incorporate xclip into snap builds [#4697]
+- SSH Agent: Key file path env substitution, SSH_AUTH_SOCK override, and connection test [#3769, #3801, #4545]
+- SSH Agent: Context menu actions to add/remove keys [#4290]
+
+### Changed
+
+- Complete replacement of default database icons [#4699]
+- Complete replacement of application icons [#4066, #4161, #4203, #4411]
+- Complete rewrite of documentation and manpages using Asciidoctor [#4937]
+- Complete refactor of config files; separate between local and roaming [#4665]
+- Complete refactor of browser integration and proxy code [#4680]
+- Complete refactor of hardware key integration (YubiKey and OnlyKey) [#4584, #4843]
+- Significantly improve performance when saving and opening databases [#4309, #4833]
+- Remove read-only detection for database files [#4508]
+- Overhaul of password fields and password generator [#4367]
+- Replace instances of "Master Key" with "Database Credentials" [#4929]
+- Change settings checkboxes to positive phrasing for consistency [#4715]
+- Improve UX of using entry actions (focus fix) [#3893]
+- Set expiration time to Now when enabling entry expiration [#4406]
+- Always show "New Entry" in context menu [#4617]
+- Issue warning before adding large attachments [#4651]
+- Improve importing OPVault [#4630]
+- Improve AutoOpen capability [#3901, #4752]
+- Check for updates every 7 days even while still running [#4752]
+- Improve Windows installer UI/UX [#4675]
+- Improve config file handling of portable distribution [#4131, #4752]
+- macOS: Hide dock icon when application is hidden to tray [#4782]
+- Browser: Use unlock dialog to improve UX of opening a locked database [#3698]
+- Browser: Improve database and entry settings experience [#4392, #4591]
+- Browser: Improve confirm access dialog [#2143, #4660]
+- KeeShare: Improve monitoring file changes of shares [#4720]
+- CLI: Rename `create` command to `db-create` [#4231]
+- CLI: Cleanup `db-create` options (`--set-key-file` and `--set-password`) [#4313]
+- CLI: Use stderr for help text and password prompts [#4086, #4623]
+- FdoSecrets: Display existing secret service process [#4128]
+
+### Fixed
+
+- Fix changing focus around the main window using tab key [#4641]
+- Fix search field clearing while still using the application [#4368]
+- Improve search help widget displaying on macOS and Linux [#4236]
+- Return keyboard focus after editing an entry [#4287]
+- Reset database path after failed "Save As" [#4526]
+- Make builds reproducible [#4411]
+- Improve handling of ccache when building [#4104, #4335]
+- Windows: Use correct UI font and size [#4769]
+- macOS: Properly re-hide application window after browser integration and Auto-Type usage [#4909]
+- Linux: Fix version number not embedded in AppImage [#4842]
+- Auto-Type: Fix crash when performing on new entry [#4132]
+- Browser: Send legacy HTTP settings to recycle bin [#4589]
+- Browser: Fix merging browser keys [#4685]
+- CLI: Fix encoding when exporting database [#3921]
+- SSH Agent: Improve reliability and underlying code [#3833, #4256, #4549, #4595]
+- FdoSecrets: Fix crash when editing settings before service is enabled [#4332]
 
 ## 2.5.4 (2020-04-09)
 

CMakeLists.txt

@@ -14,7 +14,7 @@
 #  You should have received a copy of the GNU General Public License
 #  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-cmake_minimum_required(VERSION 3.1.0)
+cmake_minimum_required(VERSION 3.3.0)
 
 project(KeePassXC)
 
@@ -58,6 +58,7 @@ endif()
 if(APPLE)
     option(WITH_XC_TOUCHID "Include TouchID support for macOS." OFF)
 endif()
+option(WITH_XC_DOCS "Enable building of documentation" ON)
 
 if(WITH_CCACHE)
     # Use the Compiler Cache (ccache) program
@@ -71,7 +72,7 @@ if(WITH_CCACHE)
 endif()
 
 if(WITH_XC_ALL)
-    # Enable all options (except update check)
+    # Enable all options (except update check and docs)
     set(WITH_XC_AUTOTYPE ON)
     set(WITH_XC_NETWORKING ON)
     set(WITH_XC_BROWSER ON)
@@ -100,7 +101,7 @@ endif()
 
 set(KEEPASSXC_VERSION_MAJOR "2")
 set(KEEPASSXC_VERSION_MINOR "6")
-set(KEEPASSXC_VERSION_PATCH "0")
+set(KEEPASSXC_VERSION_PATCH "6")
 set(KEEPASSXC_VERSION "${KEEPASSXC_VERSION_MAJOR}.${KEEPASSXC_VERSION_MINOR}.${KEEPASSXC_VERSION_PATCH}")
 set(OVERRIDE_VERSION "" CACHE STRING "Override the KeePassXC Version for Snapshot builds")
 
@@ -225,10 +226,22 @@ macro(check_add_gcc_compiler_cflag FLAG FLAGNAME)
     endif()
 endmacro(check_add_gcc_compiler_cflag)
 
+# This is the "front-end" for the above macros
+# Optionally takes additional parameter(s) with language to check (currently "C" or "CXX")
 macro(check_add_gcc_compiler_flag FLAG)
     string(REGEX REPLACE "[-=]" "_" FLAGNAME "${FLAG}")
-    check_add_gcc_compiler_cxxflag("${FLAG}" "${FLAGNAME}")
-    check_add_gcc_compiler_cflag("${FLAG}" "${FLAGNAME}")
+    set(check_lang_spec ${ARGN})
+    list(LENGTH check_lang_spec num_extra_args)
+    set(langs C CXX)
+    if(num_extra_args GREATER 0)
+        set(langs "${check_lang_spec}")
+    endif()
+    if("C" IN_LIST langs)
+        check_add_gcc_compiler_cflag("${FLAG}" "${FLAGNAME}")
+    endif()
+    if("CXX" IN_LIST langs)
+        check_add_gcc_compiler_cxxflag("${FLAG}" "${FLAGNAME}")
+    endif()
 endmacro(check_add_gcc_compiler_flag)
 
 add_definitions(-DQT_NO_EXCEPTIONS -DQT_STRICT_ITERATORS -DQT_NO_CAST_TO_ASCII)
@@ -281,7 +294,7 @@ if(CMAKE_BUILD_TYPE_LOWER MATCHES "(release|relwithdebinfo|minsizerel)")
 endif()
 
 check_add_gcc_compiler_flag("-Werror=format-security")
-check_add_gcc_compiler_flag("-Werror=implicit-function-declaration")
+check_add_gcc_compiler_flag("-Werror=implicit-function-declaration" C)
 check_add_gcc_compiler_flag("-Wcast-align")
 
 if(WITH_COVERAGE AND CMAKE_COMPILER_IS_CLANGXX)
@@ -305,7 +318,7 @@ endif()
 add_gcc_compiler_cflags("-std=c99")
 add_gcc_compiler_cxxflags("-std=c++11")
 
-check_add_gcc_compiler_flag("-fsized-deallocation")
+check_add_gcc_compiler_flag("-fsized-deallocation" CXX)
 
 if(APPLE AND CMAKE_COMPILER_IS_CLANGXX)
     add_gcc_compiler_cxxflags("-stdlib=libc++")
@@ -489,6 +502,10 @@ if(WITH_TESTS)
     add_subdirectory(tests)
 endif(WITH_TESTS)
 
+if(WITH_XC_DOCS)
+    add_subdirectory(docs)
+endif()
+
 if(PRINT_SUMMARY)
     # This will print ENABLED, REQUIRED and DISABLED
     feature_summary(WHAT ALL)

COPYING

@@ -140,7 +140,9 @@ Files: share/icons/badges/2_Expired.svg
 Copyright: 2020 KeePassXC Team <team@keepassxc.org>
 License: MIT
 
-Files: share/icons/application/scalable/actions/document-close.svg
+Files: share/icons/application/scalable/actions/chevron-double-down.svg
+       share/icons/application/scalable/actions/chevron-double-right.svg
+       share/icons/application/scalable/actions/document-close.svg
        share/icons/application/scalable/actions/document-edit.svg
        share/icons/application/scalable/actions/document-export.svg
        share/icons/application/scalable/actions/document-import.svg

INSTALL.md

@@ -4,8 +4,7 @@ Build and Install KeePassXC
 This document will guide you through the steps to build and install KeePassXC from source.
 For more information, see also the [_Building KeePassXC_](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC) page on the wiki.
 
-The [KeePassXC QuickStart](./docs/QUICKSTART.md) gets you started using KeePassXC on your
-Windows, Mac, or Linux computer using the pre-built binaries.
+The [QuickStart Guide](https://keepassxc.org/docs/KeePassXC_GettingStarted.html) gets you started using KeePassXC on your Windows, macOS, or Linux computer using pre-compiled binaries from the [downloads page](https://keepassxc.org/download).
 
 Build Dependencies
 ==================
@@ -15,6 +14,7 @@ The following tools must exist within your PATH:
 * make
 * cmake (>= 2.8.12)
 * g++ (>= 4.7) or clang++ (>= 3.0)
+* asciidoctor (on Linux/MacOS)
 
 The following libraries are required:
 

README.md

@@ -3,56 +3,52 @@
 [![codecov](https://codecov.io/gh/keepassxreboot/keepassxc/branch/develop/graph/badge.svg)](https://codecov.io/gh/keepassxreboot/keepassxc)
 [![GitHub release](https://img.shields.io/github/release/keepassxreboot/keepassxc)](https://github.com/keepassxreboot/keepassxc/releases/)
 
-[KeePassXC](https://keepassxc.org) is a cross-platform community fork of
-[KeePassX](https://www.keepassx.org/).
-Our goal is to extend and improve it with new features and bugfixes
-to provide a feature-rich, fully cross-platform and modern
-open-source password manager.
+[KeePassXC](https://keepassxc.org) is a modern, secure, and open-source password manager that stores and manages your most sensitive information. You can run KeePassXC on Windows, macOS, and Linux systems. KeePassXC is for people with extremely high demands of secure personal data management. It saves many different types of information, such as usernames, passwords, URLs, attachments, and notes in an offline, encrypted file that can be stored in any location, including private and public cloud solutions. For easy identification and management, user-defined titles and icons can be specified for entries. In addition, entries are sorted in customizable groups. An integrated search function allows you to use advanced patterns to easily find any entry in your database. A customizable, fast, and easy-to-use password generator utility allows you to create passwords with any combination of characters or easy to remember passphrases.
 
-## Installation
-The [KeePassXC QuickStart](./docs/QUICKSTART.md) gets you started using
-KeePassXC on your Windows, Mac, or Linux computer using pre-compiled binaries
-from the [downloads page](https://keepassxc.org/download).
+## Quick Start
+The [QuickStart Guide](https://keepassxc.org/docs/KeePassXC_GettingStarted.html) gets you started using KeePassXC on your Windows, macOS, or Linux computer using pre-compiled binaries from the [downloads page](https://keepassxc.org/download). Additionally, individual Linux distributions may ship their own versions, so please check your distribution's package list to see if KeePassXC is available. Detailed documentation is available in the [User Guide](https://keepassxc.org/docs/KeePassXC_UserGuide.html).
 
-Additionally, individual Linux distributions may ship their own versions,
-so please check out your distribution's package list to see if KeePassXC is available.
+## Features List
+KeePassXC has numerous features for novice and power users alike. Our goal is to create an application that can be used by anyone while still offering advanced features to those that need them.
 
-## Additional features compared to KeePassX
-- Auto-Type on all three major platforms (Linux, Windows, macOS)
-- Twofish encryption
-- YubiKey challenge-response support
-- TOTP generation
-- CSV import
-- A [Command Line Interface (keepassxc-cli)](./share/docs/man/keepassxc-cli.1)
-- DEP and ASLR hardening
-- Stand-alone password and passphrase generator
-- Password strength meter
-- Using website favicons as entry icons
-- Merging of databases
-- Automatic reload when the database changed on disk
-- Browser integration with KeePassXC-Browser using [native messaging](https://developer.chrome.com/extensions/nativeMessaging) for [Mozilla Firefox](https://addons.mozilla.org/en-US/firefox/addon/keepassxc-browser/) and [Google Chrome, Chromium, Vivaldi, or Brave](https://chrome.google.com/webstore/detail/keepassxc-browser/oboonakemofpalcgghocfoadofidjkkk) and [Microsoft Edge](https://microsoftedge.microsoft.com/addons/detail/pdffhmdngciaglkoonimfcmckehcpafo)
-- Synchronize passwords using KeeShare. See [Using Sharing](./docs/QUICKSTART.md#using-sharing) for more details.
-- Many bug fixes
+### Basic
+* Create, open, and save databases in the KDBX format (KeePass compatible to KDBX4 and KDBX3)
+* Store sensitive information in entries that are organized by groups
+* Search for entries
+* Password generator
+* Auto-Type passwords into applications
+* Browser integration with Google Chrome, Mozilla Firefox, Microsoft Edge, Chromium, Vivaldi, Brave, and Tor-Browser
+* Entry icon download
+* Import databases from CSV, 1Password, and KeePass1 formats
 
-For a full list of features and changes, read the [CHANGELOG](CHANGELOG.md) document.
-For a full list of keyboard shortcuts, see [KEYBINDS](./docs/KEYBINDS.md)
+### Advanced
+* Database reports (password health, HIBP, and statistics)
+* Database export to CSV and HTML formats
+* TOTP storage and generation
+* Field references between entries
+* File attachments and custom attributes
+* Entry history and data restoration
+* YubiKey/OnlyKey challenge-response support
+* Command line interface (keepassxc-cli)
+* Auto-Open databases
+* KeeShare shared databases (import, export, and synchronize)
+* SSH Agent
+* FreeDesktop.org Secret Service (replace Gnome keyring, etc.)
+* Additional encryption choices: Twofish and ChaCha20
+
+For a full list of changes, read the [CHANGELOG](CHANGELOG.md) document. \
+For a full list of keyboard shortcuts, see [KeyboardShortcuts.adoc](./docs/topics/KeyboardShortcuts.adoc)
 
 ## Building KeePassXC
 
-Detailed instructions are available in the [Build and Install](./INSTALL.md)
-page or on the [Wiki page](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC).
+Detailed instructions are available in the [Build and Install](./INSTALL.md) page and in the [Wiki](https://github.com/keepassxreboot/keepassxc/wiki/Building-KeePassXC).
 
 ## Contributing
 
-We are always looking for suggestions how to improve our application.
-If you find any bugs or have an idea for a new feature, please let us know by
-opening a report in our [issue tracker](https://github.com/keepassxreboot/keepassxc/issues)
-on GitHub or join us on IRC on freenode channels #keepassxc or #keepassxc-dev.
+We are always looking for suggestions on how to improve KeePassXC. If you find any bugs or have an idea for a new feature, please let us know by opening a report in the [issue tracker](https://github.com/keepassxreboot/keepassxc/issues) on GitHub or join us on IRC in [freenode](https://webchat.freenode.net/) channels #keepassxc and #keepassxc-dev.
 
-You can of course also directly contribute your own code. We are happy to accept your pull requests.
-
-Please read the [CONTRIBUTING document](.github/CONTRIBUTING.md) for further information.
+You may directly contribute your own code by submitting a pull request. Please read the [CONTRIBUTING](.github/CONTRIBUTING.md) document for further information.
 
 ## License
 
-GPL-2 or GPL-3
+KeePassXC code is licensed under GPL-2 or GPL-3. Additional licensing for third-party files is detailed in [COPYING](./COPYING).

cmake/FindQuaZip.cmake

@@ -1,24 +1,33 @@
 # QUAZIP_FOUND                   - QuaZip library was found
-# QUAZIP_INCLUDE_DIR             - Path to QuaZip include dir
-# QUAZIP_INCLUDE_DIRS            - Path to QuaZip and zlib include dir (combined from QUAZIP_INCLUDE_DIR + ZLIB_INCLUDE_DIR)
+# QUAZIP_INCLUDE_DIRS            - Path to QuaZip include dir
 # QUAZIP_LIBRARIES               - List of QuaZip libraries
-# QUAZIP_ZLIB_INCLUDE_DIR        - The include dir of zlib headers
 
 if(MINGW)
     find_library(QUAZIP_LIBRARIES libquazip5)
-    find_path(QUAZIP_INCLUDE_DIR quazip.h PATH_SUFFIXES quazip5)
-    find_path(QUAZIP_ZLIB_INCLUDE_DIR zlib.h)
+    find_path(QUAZIP_INCLUDE_DIRS quazip.h PATH_SUFFIXES quazip5)
+elseif(APPLE)
+    find_library(QUAZIP_LIBRARIES quazip1-qt5)
+    find_path(QUAZIP_INCLUDE_DIRS quazip.h PATH_SUFFIXES quazip)
 else()
-    find_library(QUAZIP_LIBRARIES
-        NAMES quazip5 quazip
-	PATHS /usr/lib /usr/lib64 /usr/local/lib
-    )
-    find_path(QUAZIP_INCLUDE_DIR quazip.h
-	PATHS /usr/include /usr/local/include
-        PATH_SUFFIXES quazip5 quazip
-    )
-    find_path(QUAZIP_ZLIB_INCLUDE_DIR zlib.h PATHS /usr/include /usr/local/include)
+    # Try pkgconfig first
+    find_package(PkgConfig QUIET)
+    if (PKG_CONFIG_FOUND)
+        pkg_check_modules(QUAZIP QUIET quazip1-qt5)
+    endif()
+    if(NOT QUAZIP_FOUND)
+        # Try to find QuaZip version 0.x
+        find_library(QUAZIP_LIBRARIES
+            NAMES quazip5 quazip
+            PATHS /usr/lib /usr/lib64 /usr/local/lib
+        )
+        find_path(QUAZIP_INCLUDE_DIRS quazip.h
+            PATHS /usr/include /usr/local/include
+            PATH_SUFFIXES quazip5 quazip
+        )
+    endif()
 endif()
+
+mark_as_advanced(QUAZIP_LIBRARIES QUAZIP_INCLUDE_DIRS)
+
 include(FindPackageHandleStandardArgs)
-set(QUAZIP_INCLUDE_DIRS ${QUAZIP_INCLUDE_DIR} ${QUAZIP_ZLIB_INCLUDE_DIR})
-find_package_handle_standard_args(QUAZIP DEFAULT_MSG QUAZIP_LIBRARIES QUAZIP_INCLUDE_DIR QUAZIP_ZLIB_INCLUDE_DIR QUAZIP_INCLUDE_DIRS)
+find_package_handle_standard_args(QuaZip DEFAULT_MSG QUAZIP_LIBRARIES QUAZIP_INCLUDE_DIRS)

docs/CMakeLists.txt

@@ -0,0 +1,67 @@
+#  Copyright (C) 2020 KeePassXC Team <team@keepassxc.org>
+#
+#  This program is free software: you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation, either version 2 or (at your option)
+#  version 3 of the License.
+#
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+find_program(ASCIIDOCTOR_EXE asciidoctor)
+if(NOT ASCIIDOCTOR_EXE)
+    message(FATAL_ERROR "asciidoctor is required to build documentation")
+else()
+    message(STATUS "Using asciidoctor: ${ASCIIDOCTOR_EXE}")
+endif()
+
+set(DOC_DIR ${CMAKE_CURRENT_SOURCE_DIR})
+set(OUT_DIR ${CMAKE_CURRENT_BINARY_DIR})
+
+# Build html documentation on all platforms
+file(GLOB html_depends ${DOC_DIR}/topics/* ${DOC_DIR}/styles/* ${DOC_DIR}/images/*)
+add_custom_command(OUTPUT KeePassXC_GettingStarted.html
+    COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -o KeePassXC_GettingStarted.html ${DOC_DIR}/GettingStarted.adoc
+    DEPENDS ${html_depends} ${DOC_DIR}/GettingStarted.adoc
+    VERBATIM)
+add_custom_command(OUTPUT KeePassXC_UserGuide.html
+    COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -o KeePassXC_UserGuide.html ${DOC_DIR}/UserGuide.adoc
+    DEPENDS ${html_depends} ${DOC_DIR}/UserGuide.adoc
+    WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+    VERBATIM)
+file(GLOB styles_depends ${DOC_DIR}/styles/*)
+add_custom_command(OUTPUT KeePassXC_KeyboardShortcuts.html
+    COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -o KeePassXC_KeyboardShortcuts.html ${DOC_DIR}/topics/KeyboardShortcuts.adoc
+    DEPENDS ${DOC_DIR}/topics/KeyboardShortcuts.adoc ${styles_depends}
+    VERBATIM)
+
+add_custom_target(docs ALL DEPENDS KeePassXC_GettingStarted.html KeePassXC_UserGuide.html KeePassXC_KeyboardShortcuts.html)
+
+install(FILES
+    ${OUT_DIR}/KeePassXC_GettingStarted.html
+    ${OUT_DIR}/KeePassXC_UserGuide.html
+    ${OUT_DIR}/KeePassXC_KeyboardShortcuts.html
+    DESTINATION ${DATA_INSTALL_DIR}/docs)
+
+# Build Man Pages on Linux and macOS
+if(APPLE OR UNIX)
+    add_custom_command(OUTPUT keepassxc.1
+        COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -b manpage ${DOC_DIR}/man/keepassxc.1.adoc
+        DEPENDS ${DOC_DIR}/man/keepassxc.1.adoc
+        VERBATIM)
+    add_custom_command(OUTPUT keepassxc-cli.1
+        COMMAND ${ASCIIDOCTOR_EXE} -D ${OUT_DIR} -b manpage ${DOC_DIR}/man/keepassxc-cli.1.adoc
+        DEPENDS ${DOC_DIR}/man/keepassxc-cli.1.adoc
+        VERBATIM)
+    add_custom_target(manpages ALL DEPENDS keepassxc.1 keepassxc-cli.1)
+
+    install(FILES 
+        ${OUT_DIR}/keepassxc.1
+        ${OUT_DIR}/keepassxc-cli.1
+        DESTINATION ${CMAKE_INSTALL_MANDIR}/man1/)
+endif()

docs/GettingStarted.adoc

@@ -0,0 +1,34 @@
+= KeePassXC: Getting Started Guide
+KeePassXC Team <team@keepassxc.org>
+v2.6.0
+:data-uri:
+:linkcss!:
+:homepage: https://keepassxc.org
+:icons: font
+:imagesdir: images
+:stylesheet: styles/dark.css
+:toc: left
+ifdef::backend-pdf[]
+:title-page:
+:title-logo-image: {imagesdir}/kpxc_logo.png
+:pdf-theme: styles/pdf_theme.yml
+:compress:
+endif::[]
+
+include::topics/Disclaimers.adoc[]
+
+<<<
+
+// Include various topics, excluding advanced sections
+
+include::topics/Welcome.adoc[tags=*;!advanced]
+
+include::topics/DownloadInstall.adoc[tags=*;!advanced]
+
+include::topics/UserInterface.adoc[tags=*;!advanced]
+
+include::topics/PasswordGenerator.adoc[tags=*;!advanced]
+
+include::topics/DatabaseOperations.adoc[tags=*;!advanced]
+
+include::topics/BrowserPlugin.adoc[tags=*;!advanced]

docs/KEYBINDS.md

@@ -1,33 +0,0 @@
-# List of Keyboard Shortcuts for KeePassXC
-
-Actions                      | Keyboard Shortcuts
------------------------------|----------------------------
-New Database                 | Ctrl + Shift + N
-Open Database                | Ctrl + O
-Save Database                | Ctrl + S
-Save Database As             | Ctrl + Shift + S
-Close Database               | Ctrl + W
-Lock Databases               | Ctrl + L
-Quit                         | Ctrl + Q
-New Entry                    | Ctrl + N
-Edit Entry                   | Ctrl + E
-Delete Entry                 | Ctrl + D
-Clone Entry                  | Ctrl + K
-Show TOTP                    | Ctrl + Shift + T
-Copy TOTP                    | Ctrl + T
-Copy Username                | Ctrl + B
-Copy Password                | Ctrl + C
-Trigger AutoType             | Ctrl + Shift - V
-Open URL                     | Ctrl + Shift - U
-Copy URL                     | Ctrl + U
-Add key to SSH Agent         | Ctrl + H
-Remove key from SSH Agent    | Ctrl + Shift + H
-Show Minimized               | Ctrl + M
-Hide Window                  | Ctrl + Shift - M
-Select Next Database Tab     | Ctrl + Tab *OR* Ctrl + PGDN
-Select Previous Database Tab | Ctrl + Shift + Tab *OR* Ctrl + PGUP
-Toggle Passwords Hidden      | Ctrl + Shift + C
-Toggle Usernames Hidden      | Ctrl + Shift + B
-Focus Search                 | Ctrl + F
-Clear Search                 | ESC
-Show Keyboard Shortcuts      | Ctrl + /

docs/QUICKSTART.md

@@ -1,137 +0,0 @@
-# Quick Start for KeePassXC
-
-This procedure gets KeePassXC running on your computer with browser integration, using the pre-built binaries available for [download](https://keepassxc.org/download) from [KeePassXC site](https://keepassxc.org).
-
-**TL;DR** KeePassXC saves your passwords securely.
-When you double-click a URL in KeePassXC, it launches your default browser to that URL.
-With browser integration configured, KeePassXC automatically enters username/password credentials into web page fields.
-
-## Installing and Starting KeePassXC
-
-1. [Download the native installer](https://keepassxc.org/download) and install KeePassXC for your  Windows, macOS, or Linux computer in the usual way for your platform.
-1. Open the KeePassXC application.
-1. Create a new database and give it a master key that's used to unlock the database file. 
-This database holds entries (usernames, passwords, account numbers, notes) for all your websites, programs, etc.
-1. Create a few entries - enter the username, password, URL, and optionally notes about the entry.
-1. KeePassXC securely stores those entries in the database.
-
-## Setting up Browser Integration with KeePassXC
-
-1. *Within KeePassXC*, go to **Tools → Settings** (on macOS, go to **KeePassXC → Preferences**).
-1. In **Browser Integration**, check **Enable KeePassXC browser integration**.
-1. Right below that, click the checkbox for the browser(s) you use. 
-Leave the other options at their defaults.
-1. *In your default web browser,* install the KeePassXC Browser extension/add-on. Instructions for [Firefox or Tor Browser](https://addons.mozilla.org/firefox/addon/keepassxc-browser/) or [Chrome or Chromium](https://chrome.google.com/webstore/detail/keepassxc-browser/oboonakemofpalcgghocfoadofidjkkk).
-1. Click the KeePassXC icon in the upper-right corner. You'll see the dialog below.
-1. Click the blue Connect button to make the browser extension connect to the KeePassXC application.
-
-&nbsp;<img src="./KeePassHTTP/KeePassXC-Connect.png" height="200" alt="KeePassXC Connect Dialog">
-
-7. *Switch back to KeePassXC.* You'll see a dialog (below) indicating that a request to connect has arrived.
-7. Give the connection a name (perhaps *Keepass-Browsername*, any unique name will suffice) and click OK to accept it.
-7. This one-time operation connects KeePassXC and your browser.
-
-<img src="./KeePassHTTP/KeePassXC-Accept-Button.png" height="200" alt="KeePassXC Accept Connection Dialog">
-
-## Using Browser Integration
-
-1. *Within KeePassXC,* double-click the URL of an entry, or select it and type Ctrl+U (Cmd+U on macOS).
-1. Your browser opens to that URL.
-1. If there are username/password fields on that page, you will see the dialog below. 
-Click *Allow* to confirm that KeePassXC may access the credentials to auto-fill the fields.
-1. Check *Remember this decision* to allow this each time you visit the page.
-
-<img src="./KeePassHTTP/KeePassXC-Confirm.png" height="200" alt="KeePassCX Confirm Access Dialog">
-
-## Using Sharing
-
-Sharing allows you to share a subset of your credentials with others and vice versa.
-
-### Enable Sharing
-
-To use sharing, you need to enable it for the application.
-
-1. Go to Tools &rarr; Settings.
-1. Select the category KeeShare.
-1. Check _Allow import_ if you want to import shared credentials.
-1. Check _Allow export_ if you want to share credentials.
-
-To make sure that your data is valid when imported by another client, please _generate_ (or _import_) a public/private key pair and enter your _signer_ name. This way your client may verify that the imported data is valid. When Importing, you'll see the known sources with names and fingerprint in the list at the bottom. This is the place to _trust_ or _untrust_ signers. It is only possible to trust someone on application level.
-
-<img src="./KeeShare/AppSettings.png" height="600" width="800" alt="KeeShare Application Settings">
-
-### Sharing Credentials
-
-If you checked _Allow export_ in the Sharing settings you now are good to go to share some passwords with others. Sharing always is defined on a group. If you enable sharing on a group, every entry under this group or its children is shared. If you enable sharing on the root node, **every password** inside your database gets shared!
-
-1. Open the edit sheet on a group you want to share.
-1. Select the sharing section.
-1. Choose _Export to path_ as the sharing method.
-1. Choose a path to store the shared credentials to.
-1. Generate a password for this share container.
-
-The export file will not be generated automatically. Instead, each time the database is saved, the file gets written (so please deactivate the autosafe feature). If an old file is present, the old file will be overwritten! The file should be written to a location that is accessible by others. An easy setup is a network share or storing the file inside the cloud.
-
-<img src="./KeeShare/GroupSettings_Export.png" height="600" width="800" alt="KeeShare Group Sharing Settings">
-
-### Using Shared Credentials
-
-Checking _Allow import_ in the Sharing settings of the database enables you to receive credentials from others. KeePass will watch sharing sources and import any changes immediately into your database using the synchronization feature.
-
-1. Create a group for import.
-1. Open the edit sheet on that group.
-1. Select the sharing section.
-1. Choose _Import from path_ as the sharing method.
-1. Choose a share container that is shared with you.
-1. Enter the password for the shared container.
-
-KeeShare observes the container for changes and merges them into your database when necessary. Importing merges in time order, so older data is moved to the history, which should have a sufficient size to prevent loss of needed data.
-
-Please note, that the import currently is not restricted to the configured group. Every entry which was imported and moved outside the import group will be updated regardless of it's location!
-
-<img src="./KeeShare/GroupSettings_Import.png" height="600" width="800" alt="KeeShare Group Import Settings">
-
-### Using Synchronized Credentials
-
-Instead of using different groups for sharing and importing you can use a single group that acts as both. This way you can synchronize a number of credentials easily across many users without a lot of hassle.
-
-1. Open the edit sheet on a group you want to synchronize.
-1. Select the sharing section.
-1. Choose _Synchronize with path_ as the sharing method.
-1. Choose a database that you want to use a synchronization file.
-1. Enter the password for the database.
-
-<img src="./KeeShare/GroupSettings_Sync.png" height="600" width="800" alt="KeeShare Group Synchronization Settings">
-
-### Disable Sharing for Credentials
-
-In case you don't want to share (import or export) some credentials, it is possible to you can 
-* use the application settings and uncheck the options or 
-* instead of selecting _Import from path_, _Export to path_ or _Synchronize with path_ you'll select _Inactive_ while leaving the path and the password untouched.
-
-### Sharing overview
-
-There is a simple overview of shared groups to keep track of your data.
-
-1. Open the Database Settings.
-1. Select the KeeShare category.
-
-<img src="./KeeShare/DatabaseSettings.png" height="600" width="800" alt="KeeShare Group Sharing Ovewview">
-
-## Technical Details and Limitations of Sharing
-
-Sharing relies on the combination of file exports and imports as well as the synchronization mechanism provided by KeePassXC. Since the merge algorithm uses the history of entries to prevent data loss, this history must be enabled and have a sufficient size. Furthermore, the merge algorithm is location independent, therefore it does not matter if entries are moved outside of an import group. These entries will be updated none the less. Moving entries outside of export groups will prevent a further export of the entry, but it will not ensure that the already shared data will be removed from any client.
-
-KeeShare uses a custom certification mechanism to ensure that the source of the data is the expected one. This ensures that the data was exported by the signer but it is not possible to detect if someone replaced the data with an older version from a valid signer. To prevent this, the container could be placed at a location which is only writeable for valid signers.
-
-## Using Auto Open
-
-The Auto Open feature automatically loads and unlocks additional databases when you unlock your main database.
-In order to use this functionality, do the following:
-
-1. Create a group called **AutoOpen** at the root of your main database.
-1. In this group, create a new entry for each database that should be opened automatically:
-    * Put the *password of the database* in the **Password** field
-    * Put the *path to the database's file* in the **URL** field* (it can be formatted either as **file://**, a **/path/to/the/file** form, or a relative file path.)
-    * If the extra database requires a keyfile to be unlocked, put the *path to the keyfile* in the **Username** field. The path options are the same as for the database's file in the URL field.
-1. The next time you unlock your database these databases will be opened and unlocked automatically.

docs/UserGuide.adoc

@@ -0,0 +1,37 @@
+= KeePassXC: User Guide
+KeePassXC Team <team@keepassxc.org>
+v2.6.0
+:data-uri:
+:homepage: https://keepassxc.org
+:icons: font
+:imagesdir: images
+:stylesheet: styles/dark.css
+:toc: left
+ifdef::backend-pdf[]
+:title-page:
+:title-logo-image: {imagesdir}/kpxc_logo.png
+:pdf-theme: styles/pdf_theme.yml
+:compress:
+endif::[]
+
+include::topics/Disclaimers.adoc[]
+
+<<<
+
+// Include feature topics and advanced sections
+
+include::topics/UserInterface.adoc[tags=*]
+
+include::topics/DatabaseOperations.adoc[tags=*]
+
+include::topics/ImportExport.adoc[tags=*]
+
+include::topics/PasswordGenerator.adoc[tags=*]
+
+include::topics/BrowserPlugin.adoc[tags=*]
+
+include::topics/AutoType.adoc[tags=*]
+
+include::topics/KeeShare.adoc[tags=*]
+
+include::topics/SSHAgent.adoc[tags=*]

docs/man/keepassxc-cli.1.adoc

@@ -0,0 +1,302 @@
+//  Copyright (C) 2017 Manolis Agkopian <m.agkopian@gmail.com>
+//  Copyright (C) 2020 KeePassXC Team <team@keepassxc.org>
+//
+//  This program is free software: you can redistribute it and/or modify
+//  it under the terms of the GNU General Public License as published by
+//  the Free Software Foundation, either version 2 or (at your option)
+//  version 3 of the License.
+//
+//  This program is distributed in the hope that it will be useful,
+//  but WITHOUT ANY WARRANTY; without even the implied warranty of
+//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//  GNU General Public License for more details.
+//
+//  You should have received a copy of the GNU General Public License
+//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+= keepassxc-cli(1)
+:docdate: 2020-07-10
+:doctype: manpage
+:revnumber: 2.6.0
+:mansource: KeePassXC {revnumber}
+:manmanual: General Commands Manual
+
+== NAME
+keepassxc-cli - command line interface for the KeePassXC password manager
+
+== SYNOPSIS
+*keepassxc-cli* _command_ [_options_]
+
+== DESCRIPTION
+*keepassxc-cli* is the command line interface for the *KeePassXC* password manager.
+It provides the ability to query and modify the entries of a KeePass database, directly from the command line.
+
+== COMMANDS
+*add* [_options_] <__database__> <__entry__>::
+  Adds a new entry to a database.
+  A password can be generated (*-g* option), or a prompt can be displayed to input the password (*-p* option).
+  The same password generation options as documented for the generate command can be used when the *-g* option is set.
+
+*analyze* [_options_] <__database__>::
+  Analyzes passwords in a database for weaknesses.
+
+*clip* [_options_] <__database__> <__entry__> [_timeout_]::
+  Copies an attribute or the current TOTP (if the *-t* option is specified) of a database entry to the clipboard.
+  If no attribute name is specified using the *-a* option, the password is copied.
+  If multiple entries with the same name exist in different groups, only the attribute for the first one is copied.
+  For copying the attribute of an entry in a specific group, the group path to the entry should be specified as well, instead of just the name.
+  Optionally, a timeout in seconds can be specified to automatically clear the clipboard.
+
+*close*::
+  In interactive mode, closes the currently opened database (see *open*).
+
+*db-create* [_options_] <__database__>::
+  Creates a new database with a password and/or a key file.
+  The key file will be created if the file that is referred to does not exist.
+  If both the key file and password are empty, no database will be created.
+
+*db-info* [_options_] <__database__>::
+  Show a database's information.
+
+*diceware* [_options_]::
+  Generates a random diceware passphrase.
+
+*edit* [_options_] <__database__> <__entry__>::
+  Edits a database entry.
+  A password can be generated (*-g* option), or a prompt can be displayed to input the password (*-p* option).
+  The same password generation options as documented for the generate command can be used when the *-g* option is set.
+
+*estimate* [_options_] [_password_]::
+  Estimates the entropy of a password.
+  The password to estimate can be provided as a positional argument, or using the standard input.
+
+*exit*::
+  Exits interactive mode.
+  Synonymous with *quit*.
+
+*export* [_options_] <__database__>::
+  Exports the content of a database to standard output in the specified format (defaults to XML).
+
+*generate* [_options_]::
+  Generates a random password.
+
+*help* [_command_]::
+  Displays a list of available commands, or detailed information about the specified command.
+
+*import* [_options_] <__xml__> <__database__>::
+  Imports the contents of an XML database to the target database.
+
+*locate* [_options_] <__database__> <__term__>::
+  Locates all the entries that match a specific search term in a database.
+
+*ls* [_options_] <__database__> [_group_]::
+  Lists the contents of a group in a database.
+  If no group is specified, it will default to the root group.
+
+*merge* [_options_] <__database1__> <__database2__>::
+  Merges two databases together.
+  The first database file is going to be replaced by the result of the merge, for that reason it is advisable to keep a backup of the two database files before attempting a merge.
+  In the case that both databases make use of the same credentials, the *--same-credentials* or *-s* option can be used.
+
+*mkdir* [_options_] <__database__> <__group__>::
+  Adds a new group to a database.
+
+*mv* [_options_] <__database__> <__entry__> <__group__>::
+  Moves an entry to a new group.
+
+*open* [_options_] <__database__>::
+  Opens the given database in a shell-style interactive mode.
+  This is useful for performing multiple operations on a single database (e.g. *ls* followed by *show*).
+
+*quit*::
+  Exits interactive mode.
+  Synonymous with *exit*.
+
+*rm* [_options_] <__database__> <__entry__>::
+  Removes an entry from a database.
+  If the database has a recycle bin, the entry will be moved there.
+  If the entry is already in the recycle bin, it will be removed permanently.
+
+*rmdir* [_options_] <__database__> <__group__>::
+  Removes a group from a database.
+  If the database has a recycle bin, the group will be moved there.
+  If the group is already in the recycle bin, it will be removed permanently.
+
+*show* [_options_] <__database__> <__entry__>::
+  Shows the title, username, password, URL and notes of a database entry.
+  Can also show the current TOTP.
+  Regarding the occurrence of multiple entries with the same name in different groups, everything stated in the *clip* command section also applies here.
+
+== OPTIONS
+=== General options
+*--debug-info*::
+  Displays debugging information.
+
+*-k*, *--key-file* <__path__>::
+  Specifies a path to a key file for unlocking the database.
+  In a merge operation this option, is used to specify the key file path for the first database.
+
+*--no-password*::
+  Deactivates the password key for the database.
+
+*-y*, *--yubikey* <__slot__>::
+  Specifies a yubikey slot for unlocking the database.
+  In a merge operation this option is used to specify the YubiKey slot for the first database.
+
+*-q*, *--quiet* <__path__>::
+  Silences password prompt and other secondary outputs.
+
+*-h*, *--help*::
+  Displays help information.
+
+*-v*, *--version*::
+  Displays the program version.
+
+=== Merge options
+*-d*, *--dry-run* <__path__>::
+  Prints the changes detected by the merge operation without making any changes to the database.
+
+*--key-file-from* <__path__>::
+  Sets the path of the key file for the second database.
+
+*--no-password-from*::
+  Deactivates password key for the database to merge from.
+
+*--yubikey-from* <__slot__>::
+  YubiKey slot for the second database.
+
+*-s*, *--same-credentials*::
+  Uses the same credentials for unlocking both databases.
+
+=== Add and edit options
+The same password generation options as documented for the generate command can be used with those 2 commands when the *-g* option is set.
+
+*-u*, *--username* <__username__>::
+  Specifies the username of the entry.
+
+*--url* <__url__>::
+  Specifies the URL of the entry.
+
+*-p*, *--password-prompt*::
+  Uses a password prompt for the entry's password.
+
+*-g*, *--generate*::
+  Generates a new password for the entry.
+
+=== Edit options
+*-t*, *--title* <__title__>::
+  Specifies the title of the entry.
+
+=== Estimate options
+*-a*, *--advanced*::
+  Performs advanced analysis on the password.
+
+=== Analyze options
+*-H*, *--hibp* <__filename__>::
+  Checks if any passwords have been publicly leaked, by comparing against the given list of password SHA-1 hashes, which must be in "Have I Been Pwned" format.
+  Such files are available from https://haveibeenpwned.com/Passwords;
+  note that they are large, and so this operation typically takes some time (minutes up to an hour or so).
+
+=== Clip options
+*-a*, *--attribute*::
+  Copies the specified attribute to the clipboard.
+  If no attribute is specified, the password attribute is the default.
+  For example, "*-a* *username*" would copy the username to the clipboard.
+  [Default: password]
+
+*-t*, *--totp*::
+  Copies the current TOTP instead of the specified attribute to the clipboard.
+  Will report an error if no TOTP is configured for the entry.
+
+=== Create options
+*-k*, *--set-key-file* <__path__>::
+  Set the key file for the database.
+
+*-p*, *--set-password*::
+  Set a password for the database.
+
+*-t*, *--decryption-time* <__time__>::
+  Target decryption time in MS for the database.
+
+=== Show options
+*-a*, *--attributes* <__attribute__>...::
+  Shows the named attributes.
+  This option can be specified more than once, with each attribute shown one-per-line in the given order.
+  If no attributes are specified and *-t* is not specified, a summary of the default attributes is given.
+  Protected attributes will be displayed in clear text if specified explicitly by this option.
+
+*-s*, *--show-protected*::
+  Shows the protected attributes in clear text.
+
+*-t*, *--totp*::
+  Also shows the current TOTP, reporting an error if no TOTP is configured for the entry.
+
+=== Diceware options
+*-W*, *--words* <__count__>::
+  Sets the desired number of words for the generated passphrase.
+  [Default: 7]
+
+*-w*, *--word-list* <__path__>::
+  Sets the Path of the wordlist for the diceware generator.
+  The wordlist must have > 1000 words, otherwise the program will fail.
+  If the wordlist has < 4000 words a warning will be printed to STDERR.
+
+=== Export options
+*-f*, *--format*::
+  Format to use when exporting.
+  Available choices are xml or csv.
+  Defaults to xml.
+
+=== List options
+*-R*, *--recursive*::
+  Recursively lists the elements of the group.
+
+*-f*, *--flatten*::
+  Flattens the output to single lines.
+  When this option is enabled, subgroups and subentries will be displayed with a relative group path instead of indentation.
+
+=== Generate options
+*-L*, *--length* <__length__>::
+  Sets the desired length for the generated password.
+  [Default: 16]
+
+*-l*, *--lower*::
+  Uses lowercase characters for the generated password.
+  [Default: Enabled]
+
+*-U*, *--upper*::
+  Uses uppercase characters for the generated password.
+  [Default: Enabled]
+
+*-n*, *--numeric*::
+  Uses numbers characters for the generated password.
+  [Default: Enabled]
+
+*-s*, *--special*::
+  Uses special characters for the generated password.
+  [Default: Disabled]
+
+*-e*, *--extended*::
+  Uses extended ASCII characters for the generated password.
+  [Default: Disabled]
+
+*-x*, *--exclude* <__chars__>::
+  Comma-separated list of characters to exclude from the generated password.
+  None is excluded by default.
+
+*--exclude-similar*::
+  Exclude similar looking characters.
+  [Default: Disabled]
+
+*--every-group*::
+  Include characters from every selected group.
+  [Default: Disabled]
+
+include::section-notes.adoc[]
+
+== AUTHOR
+This manual page was originally written by Manolis Agkopian <m.agkopian@gmail.com>.
+
+include::section-reporting-bugs.adoc[]
+
+include::section-copyright.adoc[]

docs/man/keepassxc.1.adoc

@@ -0,0 +1,65 @@
+//  Copyright (C) 2019 Janek Bevendorff <janek@jbev.net>
+//  Copyright (C) 2020 KeePassXC Team <team@keepassxc.org>
+//
+//  This program is free software: you can redistribute it and/or modify
+//  it under the terms of the GNU General Public License as published by
+//  the Free Software Foundation, either version 2 or (at your option)
+//  version 3 of the License.
+//
+//  This program is distributed in the hope that it will be useful,
+//  but WITHOUT ANY WARRANTY; without even the implied warranty of
+//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//  GNU General Public License for more details.
+//
+//  You should have received a copy of the GNU General Public License
+//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+= keepassxc(1)
+:docdate: 2020-07-10
+:doctype: manpage
+:revnumber: 2.6.0
+:mansource: KeePassXC {revnumber}
+:manmanual: General Commands Manual
+
+== NAME
+keepassxc - a modern open-source password manager
+
+== SYNOPSIS
+*keepassxc* [_options_] [_filename(s)_]
+
+== DESCRIPTION
+*KeePassXC* is a free/open-source password manager or safe which helps you to manage your passwords in a secure way.
+The complete database is always encrypted with the industry-standard AES (alias Rijndael) encryption algorithm using a 256 bit key.
+KeePassXC uses a database format that is compatible with KeePass Password Safe.
+Your wallet works offline and requires no Internet connection.
+
+== OPTIONS
+*-h*, *--help*::
+  Displays this help.
+
+*-v*, *--version*::
+  Displays version information.
+
+*--config* <__config__>::
+  Path to a custom config file.
+
+*--keyfile* <__keyfile__>::
+  Key file of the database.
+
+*--pw-stdin*::
+  Read password of the database from stdin.
+
+*--pw*, *--parent-window* <__handle__>::
+  Parent window handle.
+
+*--debug-info*::
+  Displays debugging information.
+
+include::section-notes.adoc[]
+
+== AUTHOR
+This manual page was originally written by Janek Bevendorff <janek@jbev.net>.
+
+include::section-reporting-bugs.adoc[]
+
+include::section-copyright.adoc[]

docs/man/section-copyright.adoc

@@ -0,0 +1,19 @@
+//  Copyright (C) 2020 KeePassXC Team <team@keepassxc.org>
+//
+//  This program is free software: you can redistribute it and/or modify
+//  it under the terms of the GNU General Public License as published by
+//  the Free Software Foundation, either version 2 or (at your option)
+//  version 3 of the License.
+//
+//  This program is distributed in the hope that it will be useful,
+//  but WITHOUT ANY WARRANTY; without even the implied warranty of
+//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//  GNU General Public License for more details.
+//
+//  You should have received a copy of the GNU General Public License
+//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+== COPYRIGHT
+Copyright \(C) 2016-2020 KeePassXC Team <team@keepassxc.org>
+
+*KeePassXC* code is licensed under GPL-2 or GPL-3.

docs/man/section-notes.adoc

@@ -0,0 +1,27 @@
+//  Copyright (C) 2020 KeePassXC Team <team@keepassxc.org>
+//
+//  This program is free software: you can redistribute it and/or modify
+//  it under the terms of the GNU General Public License as published by
+//  the Free Software Foundation, either version 2 or (at your option)
+//  version 3 of the License.
+//
+//  This program is distributed in the hope that it will be useful,
+//  but WITHOUT ANY WARRANTY; without even the implied warranty of
+//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//  GNU General Public License for more details.
+//
+//  You should have received a copy of the GNU General Public License
+//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+== NOTES
+*Project homepage*::
+  https://keepassxc.org
+
+*QuickStart Guide*::
+  https://keepassxc.org/docs/KeePassXC_GettingStarted.html
+
+*User Guide*::
+  https://keepassxc.org/docs/KeePassXC_UserGuide.html
+
+*Git repository*::
+  https://github.com/keepassxreboot/keepassxc.git

docs/man/section-reporting-bugs.adoc

@@ -0,0 +1,17 @@
+//  Copyright (C) 2020 KeePassXC Team <team@keepassxc.org>
+//
+//  This program is free software: you can redistribute it and/or modify
+//  it under the terms of the GNU General Public License as published by
+//  the Free Software Foundation, either version 2 or (at your option)
+//  version 3 of the License.
+//
+//  This program is distributed in the hope that it will be useful,
+//  but WITHOUT ANY WARRANTY; without even the implied warranty of
+//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//  GNU General Public License for more details.
+//
+//  You should have received a copy of the GNU General Public License
+//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+== REPORTING BUGS
+Bugs and feature requests can be reported on GitHub at https://github.com/keepassxreboot/keepassxc/issues.

docs/styles/dark.css

@@ -0,0 +1,536 @@
+@import url(https://fonts.googleapis.com/css?family=Noto+Sans);
+
+/* Asciidoctor default stylesheet | MIT License | http://asciidoctor.org */
+/* Uncomment @import statement below to use as custom stylesheet */
+/*@import "https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic%7CNoto+Serif:400,400italic,700,700italic%7CDroid+Sans+Mono:400,700";*/
+article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display:block}
+audio,canvas,video{display:inline-block}
+audio:not([controls]){display:none;height:0}
+script{display:none!important}
+html{font-family:sans-serif;-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}
+a{background:transparent}
+a:focus{outline:thin dotted}
+a:active,a:hover{outline:0}
+h1{font-size:2em;margin:.67em 0}
+abbr[title]{border-bottom:1px dotted}
+b,strong{font-weight:bold}
+dfn{font-style:italic}
+hr{-moz-box-sizing:content-box;box-sizing:content-box;height:0}
+mark{background:#ff0;color:#000}
+code,kbd,pre,samp{font-family:monospace;font-size:1em}
+pre{white-space:pre-wrap}
+q{quotes:"\201C" "\201D" "\2018" "\2019"}
+small{font-size:80%}
+sub,sup{font-size:75%;line-height:0;position:relative;vertical-align:baseline}
+sup{top:-.5em}
+sub{bottom:-.25em}
+img{border:0}
+svg:not(:root){overflow:hidden}
+figure{margin:0}
+fieldset{border:1px solid silver;margin:0 2px;padding:.35em .625em .75em}
+legend{border:0;padding:0}
+button,input,select,textarea{font-family:inherit;font-size:100%;margin:0}
+button,input{line-height:normal}
+button,select{text-transform:none}
+button,html input[type="button"],input[type="reset"],input[type="submit"]{-webkit-appearance:button;cursor:pointer}
+button[disabled],html input[disabled]{cursor:default}
+input[type="checkbox"],input[type="radio"]{box-sizing:border-box;padding:0}
+button::-moz-focus-inner,input::-moz-focus-inner{border:0;padding:0}
+textarea{overflow:auto;vertical-align:top}
+table{border-collapse:collapse;border-spacing:0}
+*,*::before,*::after{-moz-box-sizing:border-box;-webkit-box-sizing:border-box;box-sizing:border-box}
+html,body{font-size:100%}
+body{background:#fff;color:rgba(0,0,0,.8);padding:0;margin:0;font-family:"Noto Serif","DejaVu Serif",serif;font-weight:400;font-style:normal;line-height:1;position:relative;cursor:auto;tab-size:4;-moz-osx-font-smoothing:grayscale;-webkit-font-smoothing:antialiased}
+a:hover{cursor:pointer}
+img,object,embed{max-width:100%;height:auto}
+object,embed{height:100%}
+img{-ms-interpolation-mode:bicubic}
+.left{float:left!important}
+.right{float:right!important}
+.text-left{text-align:left!important}
+.text-right{text-align:right!important}
+.text-center{text-align:center!important}
+.text-justify{text-align:justify!important}
+.hide{display:none}
+img,object,svg{display:inline-block;vertical-align:middle}
+textarea{height:auto;min-height:50px}
+select{width:100%}
+.center{margin-left:auto;margin-right:auto}
+.stretch{width:100%}
+.subheader,.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{line-height:1.45;color:#7a2518;font-weight:400;margin-top:0;margin-bottom:.25em}
+div,dl,dt,dd,ul,ol,li,h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6,pre,form,p,blockquote,th,td{margin:0;padding:0;direction:ltr}
+a{color:#2156a5;text-decoration:underline;line-height:inherit}
+a:hover,a:focus{color:#1d4b8f}
+a img{border:none}
+p{font-family:inherit;font-weight:400;font-size:1em;line-height:1.6;margin-bottom:1.25em;text-rendering:optimizeLegibility}
+p aside{font-size:.875em;line-height:1.35;font-style:italic}
+h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{font-family:"Open Sans","DejaVu Sans",sans-serif;font-weight:300;font-style:normal;color:#ba3925;text-rendering:optimizeLegibility;margin-top:1em;margin-bottom:.5em;line-height:1.0125em}
+h1 small,h2 small,h3 small,#toctitle small,.sidebarblock>.content>.title small,h4 small,h5 small,h6 small{font-size:60%;color:#e99b8f;line-height:0}
+h1{font-size:2.125em}
+h2{font-size:1.6875em}
+h3,#toctitle,.sidebarblock>.content>.title{font-size:1.375em}
+h4,h5{font-size:1.125em}
+h6{font-size:1em}
+hr{border:solid #ddddd8;border-width:1px 0 0;clear:both;margin:1.25em 0 1.1875em;height:0}
+em,i{font-style:italic;line-height:inherit}
+strong,b{font-weight:bold;line-height:inherit}
+small{font-size:60%;line-height:inherit}
+code{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;color:rgba(0,0,0,.9)}
+ul,ol,dl{font-size:1em;line-height:1.6;margin-bottom:1.25em;list-style-position:outside;font-family:inherit}
+ul,ol{margin-left:1.5em}
+ul li ul,ul li ol{margin-left:1.25em;margin-bottom:0;font-size:1em}
+ul.square li ul,ul.circle li ul,ul.disc li ul{list-style:inherit}
+ul.square{list-style-type:square}
+ul.circle{list-style-type:circle}
+ul.disc{list-style-type:disc}
+ol li ul,ol li ol{margin-left:1.25em;margin-bottom:0}
+dl dt{margin-bottom:.3125em;font-weight:bold}
+dl dd{margin-bottom:1.25em}
+abbr,acronym{text-transform:uppercase;font-size:90%;color:rgba(0,0,0,.8);border-bottom:1px dotted #ddd;cursor:help}
+abbr{text-transform:none}
+blockquote{margin:0 0 1.25em;padding:.5625em 1.25em 0 1.1875em;border-left:1px solid #ddd}
+blockquote cite{display:block;font-size:.9375em;color:rgba(0,0,0,.6)}
+blockquote cite::before{content:"\2014 \0020"}
+blockquote cite a,blockquote cite a:visited{color:rgba(0,0,0,.6)}
+blockquote,blockquote p{line-height:1.6;color:rgba(0,0,0,.85)}
+@media screen and (min-width:768px){h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2}
+h1{font-size:2.75em}
+h2{font-size:2.3125em}
+h3,#toctitle,.sidebarblock>.content>.title{font-size:1.6875em}
+h4{font-size:1.4375em}}
+table{background:#fff;margin-bottom:1.25em;border:solid 1px #dedede}
+table thead,table tfoot{background:#f7f8f7}
+table thead tr th,table thead tr td,table tfoot tr th,table tfoot tr td{padding:.5em .625em .625em;font-size:inherit;color:rgba(0,0,0,.8);text-align:left}
+table tr th,table tr td{padding:.5625em .625em;font-size:inherit;color:rgba(0,0,0,.8)}
+table tr.even,table tr.alt,table tr:nth-of-type(even){background:#f8f8f7}
+table thead tr th,table tfoot tr th,table tbody tr td,table tr td,table tfoot tr td{display:table-cell;line-height:1.6}
+h1,h2,h3,#toctitle,.sidebarblock>.content>.title,h4,h5,h6{line-height:1.2;word-spacing:-.05em}
+h1 strong,h2 strong,h3 strong,#toctitle strong,.sidebarblock>.content>.title strong,h4 strong,h5 strong,h6 strong{font-weight:400}
+.clearfix::before,.clearfix::after,.float-group::before,.float-group::after{content:" ";display:table}
+.clearfix::after,.float-group::after{clear:both}
+*:not(pre)>code{font-size:.9375em;font-style:normal!important;letter-spacing:0;padding:.1em .5ex;word-spacing:-.15em;background-color:#f7f7f8;-webkit-border-radius:4px;border-radius:4px;line-height:1.45;text-rendering:optimizeSpeed;word-wrap:break-word}
+*:not(pre)>code.nobreak{word-wrap:normal}
+*:not(pre)>code.nowrap{white-space:nowrap}
+pre,pre>code{line-height:1.45;color:rgba(0,0,0,.9);font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;font-weight:400;text-rendering:optimizeSpeed}
+em em{font-style:normal}
+strong strong{font-weight:400}
+.keyseq{color:rgba(51,51,51,.8)}
+kbd{font-family:"Droid Sans Mono","DejaVu Sans Mono",monospace;display:inline-block;color:rgba(0,0,0,.8);font-size:.65em;line-height:1.45;background-color:#f7f7f7;border:1px solid #ccc;-webkit-border-radius:3px;border-radius:3px;-webkit-box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em white inset;box-shadow:0 1px 0 rgba(0,0,0,.2),0 0 0 .1em #fff inset;margin:0 .15em;padding:.2em .5em;vertical-align:middle;position:relative;top:-.1em;white-space:nowrap}
+.keyseq kbd:first-child{margin-left:0}
+.keyseq kbd:last-child{margin-right:0}
+.menuseq,.menuref{color:#000}
+.menuseq b:not(.caret),.menuref{font-weight:inherit}
+.menuseq{word-spacing:-.02em}
+.menuseq b.caret{font-size:1.25em;line-height:.8}
+.menuseq i.caret{font-weight:bold;text-align:center;width:.45em}
+b.button::before,b.button::after{position:relative;top:-1px;font-weight:400}
+b.button::before{content:"[";padding:0 3px 0 2px}
+b.button::after{content:"]";padding:0 2px 0 3px}
+p a>code:hover{color:rgba(0,0,0,.9)}
+#header,#content,#footnotes,#footer{width:100%;margin-left:auto;margin-right:auto;margin-top:0;margin-bottom:0;max-width:62.5em;*zoom:1;position:relative;padding-left:.9375em;padding-right:.9375em}
+#header::before,#header::after,#content::before,#content::after,#footnotes::before,#footnotes::after,#footer::before,#footer::after{content:" ";display:table}
+#header::after,#content::after,#footnotes::after,#footer::after{clear:both}
+#content{margin-top:1.25em}
+#content::before{content:none}
+#header>h1:first-child{color:rgba(0,0,0,.85);margin-top:2.25rem;margin-bottom:0}
+#header>h1:first-child+#toc{margin-top:8px;border-top:1px solid #ddddd8}
+#header>h1:only-child,body.toc2 #header>h1:nth-last-child(2){border-bottom:1px solid #ddddd8;padding-bottom:8px}
+#header .details{border-bottom:1px solid #ddddd8;line-height:1.45;padding-top:.25em;padding-bottom:.25em;padding-left:.25em;color:rgba(0,0,0,.6);display:-ms-flexbox;display:-webkit-flex;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap}
+#header .details span:first-child{margin-left:-.125em}
+#header .details span.email a{color:rgba(0,0,0,.85)}
+#header .details br{display:none}
+#header .details br+span::before{content:"\00a0\2013\00a0"}
+#header .details br+span.author::before{content:"\00a0\22c5\00a0";color:rgba(0,0,0,.85)}
+#header .details br+span#revremark::before{content:"\00a0|\00a0"}
+#header #revnumber{text-transform:capitalize}
+#header #revnumber::after{content:"\00a0"}
+#content>h1:first-child:not([class]){color:rgba(0,0,0,.85);border-bottom:1px solid #ddddd8;padding-bottom:8px;margin-top:0;padding-top:1rem;margin-bottom:1.25rem}
+#toc{border-bottom:1px solid #efefed;padding-bottom:.5em}
+#toc>ul{margin-left:.125em}
+#toc ul.sectlevel0>li>a{font-style:italic}
+#toc ul.sectlevel0 ul.sectlevel1{margin:.5em 0}
+#toc ul{font-family:"Open Sans","DejaVu Sans",sans-serif;list-style-type:none}
+#toc li{line-height:1.3334;margin-top:.3334em}
+#toc a{text-decoration:none}
+#toc a:active{text-decoration:underline}
+#toctitle{color:#7a2518;font-size:1.2em}
+@media screen and (min-width:768px){#toctitle{font-size:1.375em}
+body.toc2{padding-left:15em;padding-right:0}
+#toc.toc2{margin-top:0!important;background-color:#f8f8f7;position:fixed;width:15em;left:0;top:0;border-right:1px solid #efefed;border-top-width:0!important;border-bottom-width:0!important;z-index:1000;padding:1.25em 1em;height:100%;overflow:auto}
+#toc.toc2 #toctitle{margin-top:0;margin-bottom:.8rem;font-size:1.2em}
+#toc.toc2>ul{font-size:.9em;margin-bottom:0}
+#toc.toc2 ul ul{margin-left:0;padding-left:1em}
+#toc.toc2 ul.sectlevel0 ul.sectlevel1{padding-left:0;margin-top:.5em;margin-bottom:.5em}
+body.toc2.toc-right{padding-left:0;padding-right:15em}
+body.toc2.toc-right #toc.toc2{border-right-width:0;border-left:1px solid #efefed;left:auto;right:0}}
+@media screen and (min-width:1280px){body.toc2{padding-left:20em;padding-right:0}
+#toc.toc2{width:20em}
+#toc.toc2 #toctitle{font-size:1.375em}
+#toc.toc2>ul{font-size:.95em}
+#toc.toc2 ul ul{padding-left:1.25em}
+body.toc2.toc-right{padding-left:0;padding-right:20em}}
+#content #toc{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
+#content #toc>:first-child{margin-top:0}
+#content #toc>:last-child{margin-bottom:0}
+#footer{max-width:100%;background-color:rgba(0,0,0,.8);padding:1.25em}
+#footer-text{color:rgba(255,255,255,.8);line-height:1.44}
+#content{margin-bottom:.625em}
+.sect1{padding-bottom:.625em}
+@media screen and (min-width:768px){#content{margin-bottom:1.25em}
+.sect1{padding-bottom:1.25em}}
+.sect1:last-child{padding-bottom:0}
+.sect1+.sect1{border-top:1px solid #efefed}
+#content h1>a.anchor,h2>a.anchor,h3>a.anchor,#toctitle>a.anchor,.sidebarblock>.content>.title>a.anchor,h4>a.anchor,h5>a.anchor,h6>a.anchor{position:absolute;z-index:1001;width:1.5ex;margin-left:-1.5ex;display:block;text-decoration:none!important;visibility:hidden;text-align:center;font-weight:400}
+#content h1>a.anchor::before,h2>a.anchor::before,h3>a.anchor::before,#toctitle>a.anchor::before,.sidebarblock>.content>.title>a.anchor::before,h4>a.anchor::before,h5>a.anchor::before,h6>a.anchor::before{content:"\00A7";font-size:.85em;display:block;padding-top:.1em}
+#content h1:hover>a.anchor,#content h1>a.anchor:hover,h2:hover>a.anchor,h2>a.anchor:hover,h3:hover>a.anchor,#toctitle:hover>a.anchor,.sidebarblock>.content>.title:hover>a.anchor,h3>a.anchor:hover,#toctitle>a.anchor:hover,.sidebarblock>.content>.title>a.anchor:hover,h4:hover>a.anchor,h4>a.anchor:hover,h5:hover>a.anchor,h5>a.anchor:hover,h6:hover>a.anchor,h6>a.anchor:hover{visibility:visible}
+#content h1>a.link,h2>a.link,h3>a.link,#toctitle>a.link,.sidebarblock>.content>.title>a.link,h4>a.link,h5>a.link,h6>a.link{color:#ba3925;text-decoration:none}
+#content h1>a.link:hover,h2>a.link:hover,h3>a.link:hover,#toctitle>a.link:hover,.sidebarblock>.content>.title>a.link:hover,h4>a.link:hover,h5>a.link:hover,h6>a.link:hover{color:#a53221}
+.audioblock,.imageblock,.literalblock,.listingblock,.stemblock,.videoblock{margin-bottom:1.25em}
+.admonitionblock td.content>.title,.audioblock>.title,.exampleblock>.title,.imageblock>.title,.listingblock>.title,.literalblock>.title,.stemblock>.title,.openblock>.title,.paragraph>.title,.quoteblock>.title,table.tableblock>.title,.verseblock>.title,.videoblock>.title,.dlist>.title,.olist>.title,.ulist>.title,.qlist>.title,.hdlist>.title{text-rendering:optimizeLegibility;text-align:left;font-family:"Noto Serif","DejaVu Serif",serif;font-size:1rem;font-style:italic}
+table.tableblock.fit-content>caption.title{white-space:nowrap;width:0}
+.paragraph.lead>p,#preamble>.sectionbody>[class="paragraph"]:first-of-type p{font-size:1.21875em;line-height:1.6;color:rgba(0,0,0,.85)}
+table.tableblock #preamble>.sectionbody>[class="paragraph"]:first-of-type p{font-size:inherit}
+.admonitionblock>table{border-collapse:separate;border:0;background:none;width:100%}
+.admonitionblock>table td.icon{text-align:center;width:80px}
+.admonitionblock>table td.icon img{max-width:none}
+.admonitionblock>table td.icon .title{font-weight:bold;font-family:"Open Sans","DejaVu Sans",sans-serif;text-transform:uppercase}
+.admonitionblock>table td.content{padding-left:1.125em;padding-right:1.25em;border-left:1px solid #ddddd8;color:rgba(0,0,0,.6)}
+.admonitionblock>table td.content>:last-child>:last-child{margin-bottom:0}
+.exampleblock>.content{border-style:solid;border-width:1px;border-color:#e6e6e6;margin-bottom:1.25em;padding:1.25em;background:#fff;-webkit-border-radius:4px;border-radius:4px}
+.exampleblock>.content>:first-child{margin-top:0}
+.exampleblock>.content>:last-child{margin-bottom:0}
+.sidebarblock{border-style:solid;border-width:1px;border-color:#e0e0dc;margin-bottom:1.25em;padding:1.25em;background:#f8f8f7;-webkit-border-radius:4px;border-radius:4px}
+.sidebarblock>:first-child{margin-top:0}
+.sidebarblock>:last-child{margin-bottom:0}
+.sidebarblock>.content>.title{color:#7a2518;margin-top:0;text-align:center}
+.exampleblock>.content>:last-child>:last-child,.exampleblock>.content .olist>ol>li:last-child>:last-child,.exampleblock>.content .ulist>ul>li:last-child>:last-child,.exampleblock>.content .qlist>ol>li:last-child>:last-child,.sidebarblock>.content>:last-child>:last-child,.sidebarblock>.content .olist>ol>li:last-child>:last-child,.sidebarblock>.content .ulist>ul>li:last-child>:last-child,.sidebarblock>.content .qlist>ol>li:last-child>:last-child{margin-bottom:0}
+.literalblock pre,.listingblock pre:not(.highlight),.listingblock pre[class="highlight"],.listingblock pre[class^="highlight "],.listingblock pre.CodeRay,.listingblock pre.prettyprint{background:#f7f7f8}
+.sidebarblock .literalblock pre,.sidebarblock .listingblock pre:not(.highlight),.sidebarblock .listingblock pre[class="highlight"],.sidebarblock .listingblock pre[class^="highlight "],.sidebarblock .listingblock pre.CodeRay,.sidebarblock .listingblock pre.prettyprint{background:#f2f1f1}
+.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{-webkit-border-radius:4px;border-radius:4px;word-wrap:break-word;padding:1em;font-size:.8125em}
+.literalblock pre.nowrap,.literalblock pre[class].nowrap,.listingblock pre.nowrap,.listingblock pre[class].nowrap{overflow-x:auto;white-space:pre;word-wrap:normal}
+@media screen and (min-width:768px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:.90625em}}
+@media screen and (min-width:1280px){.literalblock pre,.literalblock pre[class],.listingblock pre,.listingblock pre[class]{font-size:1em}}
+.literalblock.output pre{color:#f7f7f8;background-color:rgba(0,0,0,.9)}
+.listingblock pre.highlightjs{padding:0}
+.listingblock pre.highlightjs>code{padding:1em;-webkit-border-radius:4px;border-radius:4px}
+.listingblock pre.prettyprint{border-width:0}
+.listingblock>.content{position:relative}
+.listingblock code[data-lang]::before{display:none;content:attr(data-lang);position:absolute;font-size:.75em;top:.425rem;right:.5rem;line-height:1;text-transform:uppercase;color:#999}
+.listingblock:hover code[data-lang]::before{display:block}
+.listingblock.terminal pre .command::before{content:attr(data-prompt);padding-right:.5em;color:#999}
+.listingblock.terminal pre .command:not([data-prompt])::before{content:"$"}
+table.pyhltable{border-collapse:separate;border:0;margin-bottom:0;background:none}
+table.pyhltable td{vertical-align:top;padding-top:0;padding-bottom:0;line-height:1.45}
+table.pyhltable td.code{padding-left:.75em;padding-right:0}
+pre.pygments .lineno,table.pyhltable td:not(.code){color:#999;padding-left:0;padding-right:.5em;border-right:1px solid #ddddd8}
+pre.pygments .lineno{display:inline-block;margin-right:.25em}
+table.pyhltable .linenodiv{background:none!important;padding-right:0!important}
+.quoteblock{margin:0 1em 1.25em 1.5em;display:table}
+.quoteblock>.title{margin-left:-1.5em;margin-bottom:.75em}
+.quoteblock blockquote,.quoteblock blockquote p{color:rgba(0,0,0,.85);font-size:1.15rem;line-height:1.75;word-spacing:.1em;letter-spacing:0;font-style:italic;text-align:justify}
+.quoteblock blockquote{margin:0;padding:0;border:0}
+.quoteblock blockquote::before{content:"\201c";float:left;font-size:2.75em;font-weight:bold;line-height:.6em;margin-left:-.6em;color:#7a2518;text-shadow:0 1px 2px rgba(0,0,0,.1)}
+.quoteblock blockquote>.paragraph:last-child p{margin-bottom:0}
+.quoteblock .attribution{margin-top:.5em;margin-right:.5ex;text-align:right}
+.quoteblock .quoteblock{margin-left:0;margin-right:0;padding:.5em 0;border-left:3px solid rgba(0,0,0,.6)}
+.quoteblock .quoteblock blockquote{padding:0 0 0 .75em}
+.quoteblock .quoteblock blockquote::before{display:none}
+.verseblock{margin:0 1em 1.25em}
+.verseblock pre{font-family:"Open Sans","DejaVu Sans",sans;font-size:1.15rem;color:rgba(0,0,0,.85);font-weight:300;text-rendering:optimizeLegibility}
+.verseblock pre strong{font-weight:400}
+.verseblock .attribution{margin-top:1.25rem;margin-left:.5ex}
+.quoteblock .attribution,.verseblock .attribution{font-size:.9375em;line-height:1.45;font-style:italic}
+.quoteblock .attribution br,.verseblock .attribution br{display:none}
+.quoteblock .attribution cite,.verseblock .attribution cite{display:block;letter-spacing:-.025em;color:rgba(0,0,0,.6)}
+.quoteblock.abstract{margin:0 1em 1.25em;display:block}
+.quoteblock.abstract>.title{margin:0 0 .375em;font-size:1.15em;text-align:center}
+.quoteblock.abstract blockquote,.quoteblock.abstract blockquote p{word-spacing:0;line-height:1.6}
+.quoteblock.abstract blockquote::before,.quoteblock.abstract p::before{display:none}
+table.tableblock{max-width:100%;border-collapse:separate}
+p.tableblock:last-child{margin-bottom:0}
+td.tableblock>.content{margin-bottom:-1.25em}
+table.tableblock,th.tableblock,td.tableblock{border:0 solid #dedede}
+table.grid-all>thead>tr>.tableblock,table.grid-all>tbody>tr>.tableblock{border-width:0 1px 1px 0}
+table.grid-all>tfoot>tr>.tableblock{border-width:1px 1px 0 0}
+table.grid-cols>*>tr>.tableblock{border-width:0 1px 0 0}
+table.grid-rows>thead>tr>.tableblock,table.grid-rows>tbody>tr>.tableblock{border-width:0 0 1px}
+table.grid-rows>tfoot>tr>.tableblock{border-width:1px 0 0}
+table.grid-all>*>tr>.tableblock:last-child,table.grid-cols>*>tr>.tableblock:last-child{border-right-width:0}
+table.grid-all>tbody>tr:last-child>.tableblock,table.grid-all>thead:last-child>tr>.tableblock,table.grid-rows>tbody>tr:last-child>.tableblock,table.grid-rows>thead:last-child>tr>.tableblock{border-bottom-width:0}
+table.frame-all{border-width:1px}
+table.frame-sides{border-width:0 1px}
+table.frame-topbot,table.frame-ends{border-width:1px 0}
+table.stripes-all tr,table.stripes-odd tr:nth-of-type(odd){background:#f8f8f7}
+table.stripes-none tr,table.stripes-odd tr:nth-of-type(even){background:none}
+th.halign-left,td.halign-left{text-align:left}
+th.halign-right,td.halign-right{text-align:right}
+th.halign-center,td.halign-center{text-align:center}
+th.valign-top,td.valign-top{vertical-align:top}
+th.valign-bottom,td.valign-bottom{vertical-align:bottom}
+th.valign-middle,td.valign-middle{vertical-align:middle}
+table thead th,table tfoot th{font-weight:bold}
+tbody tr th{display:table-cell;line-height:1.6;background:#f7f8f7}
+tbody tr th,tbody tr th p,tfoot tr th,tfoot tr th p{color:rgba(0,0,0,.8);font-weight:bold}
+p.tableblock>code:only-child{background:none;padding:0}
+p.tableblock{font-size:1em}
+td>div.verse{white-space:pre}
+ol{margin-left:1.75em}
+ul li ol{margin-left:1.5em}
+dl dd{margin-left:1.125em}
+dl dd:last-child,dl dd:last-child>:last-child{margin-bottom:0}
+ol>li p,ul>li p,ul dd,ol dd,.olist .olist,.ulist .ulist,.ulist .olist,.olist .ulist{margin-bottom:.625em}
+ul.checklist,ul.none,ol.none,ul.no-bullet,ol.no-bullet,ol.unnumbered,ul.unstyled,ol.unstyled{list-style-type:none}
+ul.no-bullet,ol.no-bullet,ol.unnumbered{margin-left:.625em}
+ul.unstyled,ol.unstyled{margin-left:0}
+ul.checklist{margin-left:.625em}
+ul.checklist li>p:first-child>.fa-square-o:first-child,ul.checklist li>p:first-child>.fa-check-square-o:first-child{width:1.25em;font-size:.8em;position:relative;bottom:.125em}
+ul.checklist li>p:first-child>input[type="checkbox"]:first-child{margin-right:.25em}
+ul.inline{display:-ms-flexbox;display:-webkit-box;display:flex;-ms-flex-flow:row wrap;-webkit-flex-flow:row wrap;flex-flow:row wrap;list-style:none;margin:0 0 .625em -1.25em}
+ul.inline>li{margin-left:1.25em}
+.unstyled dl dt{font-weight:400;font-style:normal}
+ol.arabic{list-style-type:decimal}
+ol.decimal{list-style-type:decimal-leading-zero}
+ol.loweralpha{list-style-type:lower-alpha}
+ol.upperalpha{list-style-type:upper-alpha}
+ol.lowerroman{list-style-type:lower-roman}
+ol.upperroman{list-style-type:upper-roman}
+ol.lowergreek{list-style-type:lower-greek}
+.hdlist>table,.colist>table{border:0;background:none}
+.hdlist>table>tbody>tr,.colist>table>tbody>tr{background:none}
+td.hdlist1,td.hdlist2{vertical-align:top;padding:0 .625em}
+td.hdlist1{font-weight:bold;padding-bottom:1.25em}
+.literalblock+.colist,.listingblock+.colist{margin-top:-.5em}
+.colist td:not([class]):first-child{padding:.4em .75em 0;line-height:1;vertical-align:top}
+.colist td:not([class]):first-child img{max-width:none}
+.colist td:not([class]):last-child{padding:.25em 0}
+.thumb,.th{line-height:0;display:inline-block;border:solid 4px #fff;-webkit-box-shadow:0 0 0 1px #ddd;box-shadow:0 0 0 1px #ddd}
+.imageblock.left,.imageblock[style*="float: left"]{margin:.25em .625em 1.25em 0}
+.imageblock.right,.imageblock[style*="float: right"]{margin:.25em 0 1.25em .625em}
+.imageblock>.title{margin-bottom:0}
+.imageblock.thumb,.imageblock.th{border-width:6px}
+.imageblock.thumb>.title,.imageblock.th>.title{padding:0 .125em}
+.image.left,.image.right{margin-top:.25em;margin-bottom:.25em;display:inline-block;line-height:0}
+.image.left{margin-right:.625em}
+.image.right{margin-left:.625em}
+a.image{text-decoration:none;display:inline-block}
+a.image object{pointer-events:none}
+sup.footnote,sup.footnoteref{font-size:.875em;position:static;vertical-align:super}
+sup.footnote a,sup.footnoteref a{text-decoration:none}
+sup.footnote a:active,sup.footnoteref a:active{text-decoration:underline}
+#footnotes{padding-top:.75em;padding-bottom:.75em;margin-bottom:.625em}
+#footnotes hr{width:20%;min-width:6.25em;margin:-.25em 0 .75em;border-width:1px 0 0}
+#footnotes .footnote{padding:0 .375em 0 .225em;line-height:1.3334;font-size:.875em;margin-left:1.2em;margin-bottom:.2em}
+#footnotes .footnote a:first-of-type{font-weight:bold;text-decoration:none;margin-left:-1.05em}
+#footnotes .footnote:last-of-type{margin-bottom:0}
+#content #footnotes{margin-top:-.625em;margin-bottom:0;padding:.75em 0}
+.gist .file-data>table{border:0;background:#fff;width:100%;margin-bottom:0}
+.gist .file-data>table td.line-data{width:99%}
+div.unbreakable{page-break-inside:avoid}
+.big{font-size:larger}
+.small{font-size:smaller}
+.underline{text-decoration:underline}
+.overline{text-decoration:overline}
+.line-through{text-decoration:line-through}
+.aqua{color:#00bfbf}
+.aqua-background{background-color:#00fafa}
+.black{color:#000}
+.black-background{background-color:#000}
+.blue{color:#0000bf}
+.blue-background{background-color:#0000fa}
+.fuchsia{color:#bf00bf}
+.fuchsia-background{background-color:#fa00fa}
+.gray{color:#606060}
+.gray-background{background-color:#7d7d7d}
+.green{color:#006000}
+.green-background{background-color:#007d00}
+.lime{color:#00bf00}
+.lime-background{background-color:#00fa00}
+.maroon{color:#600000}
+.maroon-background{background-color:#7d0000}
+.navy{color:#000060}
+.navy-background{background-color:#00007d}
+.olive{color:#606000}
+.olive-background{background-color:#7d7d00}
+.purple{color:#600060}
+.purple-background{background-color:#7d007d}
+.red{color:#bf0000}
+.red-background{background-color:#fa0000}
+.silver{color:#909090}
+.silver-background{background-color:#bcbcbc}
+.teal{color:#006060}
+.teal-background{background-color:#007d7d}
+.white{color:#bfbfbf}
+.white-background{background-color:#fafafa}
+.yellow{color:#bfbf00}
+.yellow-background{background-color:#fafa00}
+span.icon>.fa{cursor:default}
+a span.icon>.fa{cursor:inherit}
+.admonitionblock td.icon [class^="fa icon-"]{font-size:2.5em;text-shadow:1px 1px 2px rgba(0,0,0,.5);cursor:default}
+.admonitionblock td.icon .icon-note::before{content:"\f05a";color:#19407c}
+.admonitionblock td.icon .icon-tip::before{content:"\f0eb";text-shadow:1px 1px 2px rgba(155,155,0,.8);color:#111}
+.admonitionblock td.icon .icon-warning::before{content:"\f071";color:#bf6900}
+.admonitionblock td.icon .icon-caution::before{content:"\f06d";color:#bf3400}
+.admonitionblock td.icon .icon-important::before{content:"\f06a";color:#bf0000}
+.conum[data-value]{display:inline-block;color:#fff!important;background-color:rgba(0,0,0,.8);-webkit-border-radius:100px;border-radius:100px;text-align:center;font-size:.75em;width:1.67em;height:1.67em;line-height:1.67em;font-family:"Open Sans","DejaVu Sans",sans-serif;font-style:normal;font-weight:bold}
+.conum[data-value] *{color:#fff!important}
+.conum[data-value]+b{display:none}
+.conum[data-value]::after{content:attr(data-value)}
+pre .conum[data-value]{position:relative;top:-.125em}
+b.conum *{color:inherit!important}
+.conum:not([data-value]):empty{display:none}
+dt,th.tableblock,td.content,div.footnote{text-rendering:optimizeLegibility}
+h1,h2,p,td.content,span.alt{letter-spacing:-.01em}
+p strong,td.content strong,div.footnote strong{letter-spacing:-.005em}
+p,blockquote,dt,td.content,span.alt{font-size:1.0625rem}
+p{margin-bottom:1.25rem}
+.sidebarblock p,.sidebarblock dt,.sidebarblock td.content,p.tableblock{font-size:1em}
+.exampleblock>.content{background-color:#fffef7;border-color:#e0e0dc;-webkit-box-shadow:0 1px 4px #e0e0dc;box-shadow:0 1px 4px #e0e0dc}
+.print-only{display:none!important}
+@page{margin:1.25cm .75cm}
+@media print{*{-webkit-box-shadow:none!important;box-shadow:none!important;text-shadow:none!important}
+html{font-size:80%}
+a{color:inherit!important;text-decoration:underline!important}
+a.bare,a[href^="#"],a[href^="mailto:"]{text-decoration:none!important}
+a[href^="http:"]:not(.bare)::after,a[href^="https:"]:not(.bare)::after{content:"(" attr(href) ")";display:inline-block;font-size:.875em;padding-left:.25em}
+abbr[title]::after{content:" (" attr(title) ")"}
+pre,blockquote,tr,img,object,svg{page-break-inside:avoid}
+thead{display:table-header-group}
+svg{max-width:100%}
+p,blockquote,dt,td.content{font-size:1em;orphans:3;widows:3}
+h2,h3,#toctitle,.sidebarblock>.content>.title{page-break-after:avoid}
+#toc,.sidebarblock,.exampleblock>.content{background:none!important}
+#toc{border-bottom:1px solid #ddddd8!important;padding-bottom:0!important}
+body.book #header{text-align:center}
+body.book #header>h1:first-child{border:0!important;margin:2.5em 0 1em}
+body.book #header .details{border:0!important;display:block;padding:0!important}
+body.book #header .details span:first-child{margin-left:0!important}
+body.book #header .details br{display:block}
+body.book #header .details br+span::before{content:none!important}
+body.book #toc{border:0!important;text-align:left!important;padding:0!important;margin:0!important}
+body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-break-before:always}
+.listingblock code[data-lang]::before{display:block}
+#footer{padding:0 .9375em}
+.hide-on-print{display:none!important}
+.print-only{display:block!important}
+.hide-for-print{display:none!important}
+.show-for-print{display:inherit!important}}
+@media print,amzn-kf8{#header>h1:first-child{margin-top:1.25rem}
+.sect1{padding:0!important}
+.sect1+.sect1{border:0}
+#footer{background:none}
+#footer-text{color:rgba(0,0,0,.6);font-size:.9em}}
+@media amzn-kf8{#header,#content,#footnotes,#footer{padding:0}}
+
+
+
+/* CUSTOMISATIONS */
+/* Change the values in root for quick customisation. If you want even more fine grain... venture further. */
+:root {
+--textcolor: #CACBCE;
+--textcoloralt: #e7b649;
+--background: #3B3B3D;
+--sidebarbackground: #2C2C30;
+--header1color: #4adb22;
+--header2color: #6de597;
+--quotecolor: #20b82b;
+--toccolor: #f3bf4a;
+--toccolorhover: #eece83;
+--linkcolor: #6de597;
+--linkhovercolor: #8fdaa9;
+--tipcolor: #f0f0f0;
+--notecolor: #f3bf4a;
+--warningcolor: #FF7D7D;
+}
+
+/* Text styles */
+
+body{font-family: "Noto Sans",sans-serif;background-color: var(--background);color:var(--textcolor);}
+
+h1{color:var(--header1color) !important;font-family:"Noto Sans",sans-serif;}
+h2,h3,h4,h5,h6{color:var(--header2color) !important;font-family:"Noto Sans",sans-serif;}
+.title{color:var(--textcolor) !important;font-family:"Noto Sans",sans-serif;font-style: normal; font-weight: normal;}
+p{font-family: "Noto Sans",sans-serif !important}
+#toc.toc2 a:link{color:var(--toccolor)}
+#toc.toc2 a:hover{color:var(--toccolorhover)}
+blockquote{color:var(--quotecolor) !important}
+.quoteblock{color:var(--textcolor)}
+code{color:var(--textcoloralt);background-color: var(--sidebarbackground) !important}
+pre,pre>code{line-height:1.25; color:var(--textcoloralt);}
+.keyseq{color:var(--textcoloralt);}
+
+
+/* Table styles */
+th{background-color: var(--background);color: var(--textcolor) !important;}
+td{background-color: var(--background);color: var(--textcoloralt) !important;}
+
+
+#toc.toc2{background-color:var(--sidebarbackground);}
+#toctitle{color:var(--textcolor);}
+
+/* Responsiveness fixes */
+video {
+  max-width: 100%;
+}
+
+.exampleblock > .content {
+  background-color: var(--background);
+}
+
+a {color: var(--linkcolor);}
+a:hover {color: var(--linkhovercolor);}
+
+.admonitionblock.tip td.content, .admonitionblock td.icon .icon-tip::before {
+  text-shadow: none;
+  color: var(--tipcolor) !important;
+}
+
+.admonitionblock.note td.content, .admonitionblock td.icon .icon-note::before {
+  color: var(--notecolor) !important;
+}
+
+.admonitionblock.important td.content, .admonitionblock td.icon .icon-important::before {
+  color: var(--warningcolor) !important;
+}
+
+.admonitionblock.warning td.content, .admonitionblock td.icon .icon-warning::before {
+  color: var(--warningcolor) !important;
+}
+
+#preamble > .sectionbody > .paragraph:first-of-type p {
+  color: var(--textcolor);
+}
+
+.quoteblock blockquote::before {
+  color: var(--header1color);
+}
+.quoteblock .attribution cite, .verseblock .attribution cite {
+  color: var(--textcolor);
+}
+.verseblock pre {
+  color: var(--textcolor);
+}
+.quoteblock blockquote, .quoteblock blockquote p {
+  color: var(--textcolor);
+}
+
+.sidebarblock {
+  background: var(--sidebarbackground);
+}
+.literalblock pre, .listingblock pre:not(.highlight), .listingblock pre[class="highlight"], .listingblock pre[class^="highlight "], .listingblock pre.CodeRay, .listingblock pre.prettyprint {
+  background: var(--sidebarbackground);
+  color: var(--textcolor);
+}
+
+#header .details {
+  color: var(--textcolor);
+}
+#header .details span.email a {
+  color: var(--toccolor);
+}
+
+.title {
+  font-size: 3em;
+}
+.subtitle {
+  font-size: 1.5em;
+}

docs/styles/pdf_theme.yml

@@ -0,0 +1,30 @@
+page:
+  layout: portrait
+  margin: [0.75in, 1in, 0.75in, 1in]
+  size: Letter
+base:
+  font-color: #333333
+  font-family: Times-Roman
+  font-size: 12
+  line-height-length: 17
+  line-height: $base-line-height-length / $base-font-size
+vertical-spacing: $base-line-height-length
+heading:
+  font-color: #262626
+  font-size: 17
+  font-style: bold
+  line-height: 1.2
+  margin-bottom: $vertical-spacing
+link:
+  font-color: #002FA7
+outline-list:
+  indent: $base-font-size * 1.5
+footer:
+  height: $base-line-height-length * 2.5
+  line-height: 1
+  recto:
+    right:
+      content: '{page-number}'
+  verso:
+    left:
+      content: $footer-recto-right-content

docs/topics/.sharedheader

@@ -0,0 +1,7 @@
+KeePassXC Team <team@keepassxc.org>
+v2.6.0
+:data-uri:
+:homepage: https://keepassxc.org
+:stylesheet: ../styles/dark.css
+:icons: font
+:toc: left

docs/topics/AutoType.adoc

@@ -0,0 +1,86 @@
+= KeePassXC - Auto-Type
+:imagesdir: ../images
+
+// tag::content[]
+== Auto-Type
+The Auto-Type feature acts like a virtual keyboard to populate data from your entries directly into the corresponding websites or applications that you use. You can use the Auto-Type feature on a global level or entry level. Each entry can be configured to be associated with a particular window title and multiple Auto-Type sequences can be pre-defined and selected upon use.
+
+NOTE: Auto-Type is a completely separate feature from Browser Integration. You do not need to have the KeePassXC browser extension installed in your browser to use Auto-Type.
+
+WARNING: Auto-Type will be disabled when run with a Wayland compositor on Linux. To use Auto-Type in this environment, you must set `QT_QPA_PLATFORM=xcb` or start KeePassXC with the `-platform xcb` command-line flag.
+
+=== Configure Global Auto-Type
+You can define a global Auto-Type hotkey that starts the Auto-Type process. To configure the hotkey, perform the following steps:
+
+1. Navigate to _Tools_ -> _Settings_ -> Auto-Type tab *(1)*. Click into the _Global Auto-Type shortcut_ box and press the desired key combination that will trigger the Auto-Type process *(2)*.
++
+.Auto-Type settings
+image::autotype_settings.png[]
++
+You can configure additional Auto-Type settings in this window such as start delay, inter-key typing delay, and matching options. If Auto-Type is not working well for you, try adjusting the default delays.
+
+=== Configure Auto-Type Sequences
+Each entry in your database can have multiple Auto-Type sequences associated with various window titles. Simulated key presses can be sent to any other currently open window of your choice (web browser windows, login dialogs boxes, and so on). When the Global Auto-Type hotkey is pressed, KeePassXC will search your database for entries matching the current selected window title.
+
+NOTE: The default Auto-Type sequence is `{USERNAME}{TAB}{PASSWORD}{ENTER}`. This means that it first types the username of the selected entry, then presses the `Tab` key, then types the password of the entry and finally presses the `Enter` key.
+
+To configure Auto-Type sequences for your entries, perform the following steps:
+
+1.	Navigate to the entries list and open the desired entry for editing. Click the _Auto-Type_ item from the left-hand menu bar *(1)*. Press the `+` button *(2)* to add a new sequence entry. Select the desired window using the drop-down menu, or simply type a window title in the box *(3)*. You can use wildcard `*` to match any value (e.g., when a window title contains a filename or website name).
++
+.Auto-Type entry sequences
+image::autotype_entry_sequences.png[]
+
+2. _(Optional)_ Define a custom auto-type sequence for each window title match by selecting the _Use specific sequence for this association_ checkbox. Sequence action codes and field placeholders are detailed in the following table. A complete list of supported actions and placeholders can be found at https://keepass.info/help/base/autotype.html#autoseq[KeePass Auto-Type Action Codes] and https://keepass.info/help/base/placeholders.html[KeePass Placeholders]. Action codes and placeholders are not case sensitive.
++
+[grid=rows, frame=none, width=70%]
+|===
+|Action Code |Description
+
+|{TAB}, {ENTER}, {SPACE}, {INSERT}, {DELETE}, {HOME}, {END}, {PGUP}, {PGDN}, {BACKSPACE}, {CAPSLOCK}, {ESC}
+|Press the corresponding keyboard key
+
+|{UP}, {DOWN}, {LEFT}, {RIGHT}  |Press the corresponding arrow key
+|{F1}, {F2}, ..., {F16}         |Press F1, F2, etc.
+|{LEFTBRACE}, {RIGHTBRACE}      |Press `{` or `}`, respectively
+|{DELAY=X}     |Set key press delay to X milliseconds
+|{DELAY X}     |Delay typing start by X milliseconds
+|{CLEARFIELD}  |Clear the input field before typing
+|{TOTP}        |Insert calculated TOTP value (if configured)
+|{<ACTION> X}  |Repeat <ACTION> X times (e.g., {SPACE 5} inserts five spaces)
+|===
++
+[grid=rows, frame=none, width=70%]
+|===
+|Placeholder |Description
+
+|{TITLE}    |Entry Title
+|{USERNAME} |Username
+|{PASSWORD} |Password
+|{URL}      |URL
+|{NOTES}    |Notes
+|{TOTP}     |Current TOTP value (if configured)
+|{DT_SIMPLE} |Current date-time
+|{DB_DIR}   |Absolute directory path for database file
+|{S:<ATTRIBUTE_NAME>}   |Value for the given attribute name
+|{REF:<FIELD>@<SEARCH_IN>:<SEARCH_TEXT>} |Search for a field in another entry using the reference syntax.
+|===
+
+=== Performing Global Auto-Type
+The global Auto-Type keyboard shortcut is used when you have focus on the window you want to type into. To make use of this feature, you must have previously configured an Auto-Type hotkey.
+
+Pressing the global Auto-Type hotkey cause KeePassXC to search the database for entries that match the window title. Multiple matches may be returned and will cause the sequence selection dialog to appear. Click on a sequence line will immediately execute the Auto-Type action. A search box is also available in case numerous matches are returned.
+
+.Auto-Type sequence selection
+image::autotype_selection_dialog.png[,70%]
+
+TIP: The _Sequence_ column will only appear when there are different sequences defined by one or more entries displayed in the selection dialog.
+
+=== Performing Entry-Level Auto-Type
+You can quickly activate the default Auto-Type sequence for a particular entry using Entry-Level Auto-Type. For this operation, the KeePassXC window will be minimized and the Auto-Type sequence occurs in the previously selected window. You can perform Entry-Level Auto-Type from the toolbar icon *(A)*, entry context menu *(B)*, or by pressing `Ctrl+Shift+V`.
+
+WARNING: Be careful when using Entry-Level Auto-Type as you can inadvertently type into the wrong window. For example, a chat window or email.
+
+.Entry-Level Auto-Type
+image::autotype_entrylevel.png[]
+// end::content[]

docs/topics/BrowserPlugin.adoc

@@ -0,0 +1,145 @@
+= KeePassXC - Browser Plugin
+include::.sharedheader[]
+:imagesdir: ../images
+
+// tag::content[]
+== Setup Browser Integration
+The KeePassXC-Browser extension is installed within your web browser so that you can automatically pull usernames and passwords from KeePassXC and populate them directly into website fields. It is a very useful and secure extension that enhances your productivity while using KeePassXC. With this extension, you do not need to manually copy the data from your KeePassXC database and paste it into the website fields.
+
+The KeePassXC-Browser extension is available on the following web browsers:
+
+* Google Chrome, Vivaldi, and Brave
+* Mozilla Firefox and Tor-Browser
+* Microsoft Edge
+* Chromium
+
+=== Install the Browser Extension
+You can download the KeePassXC-Browser extension from your web browser. To download the KeePassXC-Browser extension, perform the following steps:
+
+1. Click the link corresponding to your browser:
+  * https://chrome.google.com/webstore/detail/keepassxc-browser/oboonakemofpalcgghocfoadofidjkkk[Chrome, Chromium, Vivaldi, and Brave]
+  * https://addons.mozilla.org/en-US/firefox/addon/keepassxc-browser[Mozilla Firefox and Tor-Browser]
+  * https://microsoftedge.microsoft.com/addons/detail/keepassxcbrowser/pdffhmdngciaglkoonimfcmckehcpafo[Microsoft Edge]
+
+2. Click the button to install/add the extension to the browser. Accept any confirmation dialogs.
+
+// tag::advanced[]
+NOTE: When Microsoft Edge is installed as a managed application, system administrators are required to deploy a custom native messaging configuration. Instructions for this are found in the advanced section below.
+// end::advanced[]
+
+=== Configure KeePassXC-Browser
+To start using KeePassXC-Browser, you must configure it so that it can communicate with the KeePassXC application on your desktop.
+
+To configure KeePassXC-Browser, perform the following steps:
+
+1. Open the KeePassXC application on your desktop and navigate to Tools > Settings.
+
+2. Click the Browser Integration option on the left-hand side *(1)*. The following screen appears:
++
+.Browser Settings
+image::browser_settings.png[]
+
+3. Click the _Enable browser integration_ checkbox *(2)*. Then select the browsers for which you have downloaded the KeePassXC-Browser extension *(3)* and click *OK*.
+
+4. Ensure your database is unlocked, then open (or restart) your browser.
+
+5. Click the KeePassXC-Browser extension icon *(A)* in your browser (see figure below). A pop-up window appears.
++
+.Connect Extension to KeePassXC
+image::browser_extension_connect.png[,80%]
+
+6. Click the _Connect_ button *(B)* in the pop-up window to complete integrating the KeePassXC-Browser extension with your KeePassXC desktop application. 
+
+7. You are now prompted to enter a unique name to identify the connection between this browser and your database. Enter a unique name in the field (e.g., firefox-laptop) and click the _Save and allow access_ button.
++
+.Extension Association Dialog
+image::browser_extension_association.png[,80%]
+
+WARNING: If you reuse a connection name in a database, the previous browser connection will be overwritten and prevent access.
+
+=== Using the Browser Extension
+The KeePassXC-Browser extension lets you automatically populate the entries from your KeePassXC database into the fields on websites you visit. To do so, perform the following steps:
+
+1. Open your KeePassXC desktop application and unlock your database.
+
+2. Open your web browser. The KeePassXC-Browser extension icon in your browser window will change based on its connection state. The figure below shows the different states. 
++
+*(A)* KeePassXC is not running or is disconnected +
+*(B)* Connected to KeePassXC, but database is locked +
+*\(C)* Connected to KeePassXC and ready to use
++
+.Extension Icon States
+image::browser_extension_icons.png[,70%]
+
+3. If the KeePassXC desktop application is not connected with the KeePassXC-Browser extension, click the extension icon in your web browser and click _Reload_ from the pop-up window as shown in the following screen.
++
+.Reload Extension Connection
+image::browser_extension_reload.png[,80%]
+
+4. Open the URL for which you want to use with your database. If you have previously created an entry in your database then the KeePassXC-Browser Confirm Access dialog may appear:
++
+.Confirm Access Dialog
+image::browser_confirm_access_dialog.png[,80%]
+
+5. Ensure the credentials you want use are checked, then click *(A)* Remember _(optional)_, then click _Allow Selected_ *(B)*.
+
+6. In your website, the KeePassXC icon will appear in the username field of the login form *(A)*. Click the icon to populate the field with your stored credentials. If you have more than one credential for this website, a dropdown will appear to choose the one to use.
++
+.Fill Credentials
+image::browser_fill_credentials.png[,80%]
+
+// tag::advanced[]
+=== Advanced Usage
+You can configure unique browser integration behavior for each entry. This allows you to add multiple URLs to an entry, hide an entry from the browser integration, and more. To access these settings, open an entry for editing then click on _Browser Integration_ option in the left-hand menu *(1)*.
+
+After opening the settings you can add any number of additional URLs by clicking the _Add_ button *(2)* and typing the URL in the list to the left *(3)*.
+
+.Entry browser settings
+image::browser_entry_settings.png[]
+
+Database-wide operations are available in the database settings. To access these use the _Database_ -> _Database settings..._ menu option. Click on _Browser Integration_ on the left-hand menu. From here you can disconnect all browsers, convert legacy KeePass-HTTP settings, reset all entry-level settings, and refresh the database root group ID (useful when making copies of your database file).
+
+.Database browser settings
+image::browser_database_settings.png[]
+
+Finally, advanced application-wide settings are available in the Browser Integration tab of the application settings.
+
+WARNING: We do not recommend changing any of these settings as they may break the browser integration plugin.
+
+.Advanced browser settings
+image::browser_advanced_settings.png[]
+
+=== Advanced Setup
+==== Managed Microsoft Edge on Windows
+1. Deploy *org.keepassxc.keepassxc_browser_edge.json* to, for example, `C:\ProgramData\KeepassXC` on all managed platforms.
++
+----
+{
+    "allowed_origins": [
+        "chrome-extension://pdffhmdngciaglkoonimfcmckehcpafo/"
+    ],
+    "description": "KeePassXC integration with native messaging support",
+    "name": "org.keepassxc.keepassxc_browser",
+    "path": "C:\\Program Files\\KeePassXC\\keepassxc-proxy.exe",
+    "type": "stdio"
+}
+----
+
+2. Configure GPO options (registry result):
++
+----
+Windows Registry Editor Version 5.00
+[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\org.keepassxc.keepassxc_browser]
+@="C:\ProgramData\KeepassXC\org.keepassxc.keepassxc_browser_edge.json"
+
+[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge]
+"NativeMessagingUserLevelHosts"=dword:00000000
+
+[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\ExtensionInstallAllowlist]
+"1"="pdffhmdngciaglkoonimfcmckehcpafo"
+
+[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\NativeMessagingAllowlist]
+"1"="org.keepassxc.keepassxc_browser"
+----
+// end::advanced[]
+// end::content[]

docs/topics/DatabaseOperations.adoc

@@ -0,0 +1,341 @@
+= KeePassXC - Database Operations
+include::.sharedheader[]
+:imagesdir: ../images
+
+// tag::content[]
+== Database Operations
+=== Creating Your First Database
+To start using KeePassXC, you need to first create a database that will store the password and other details.
+
+To create a database, perform the following steps:
+
+1. Open your KeePassXC application. Click the create new database button *(A)*:
++
+.Create database - Welcome screen
+image::welcome_screen.png[]
+
+2. The database creation wizard appears. Enter the desired database name and a short description (optional):
++
+.Create database - General information
+image::new_db_wizard_1.png[,80%]
+
+3. Click Continue. The Encryption Settings screen appears, we don't recommend making any changes besides increasing or decreasing the decryption time using the slider. Setting the Decryption Time slider at a higher values means that the database will have higher level of protection but the time taken by the database to open will increase.
++
+.Create database - Encryption settings
+image::new_db_wizard_2.png[,80%]
+
+4. Click the Continue button. The Database Credentials screen appears, enter your desired database password. We recommend using a long, randomized password.
++
+.Create database - Database credentials
+image::new_db_wizard_3.png[,80%]
++
+*(A)* Open the password generator +
+*(B)* Toggle password visibility
++
+NOTE: Keep this password for your database safe. Either memorize it or note it down somewhere. Losing the database password might result in permanent locking of your database and you will not be able to retrieve information stored in the database.
+
+5. Click Done. You will be prompted to select a location to save your database file. The database file is saved on to your computer with the default `.kdbx` extension. You can store your database wherever you wish, it is fully encrypted at all times preventing unauthorized access.
+
+=== Opening an Existing Database
+To open an existing database, perform the following steps:
+
+1. Open your KeePassXC application. Click the Open existing database button *(A)* or select a recent database from the Recent Databases list *(B)*.
++
+.Open an existing database
+image::open_database.png[]
+
+2. Navigate to the location of the your database on your computer and open the database file. The database unlock screen will appear:
++
+.Database unlock screen
+image::unlock_database.png[]
+
+3. Enter the password for your database.
+
+4. _(Optional)_ Browse for the Key File if you have chosen it as an additional authentication factor while creating the database. Refer to the KeePassXC User Guide for more information on setting a Key File as an additional authentication factor.
+
+5. Click *OK*. The database opens and the following screen is displayed:
++
+.Unlocked database
+image::database_view.png[]
+
+=== Adding an Entry
+All the details such as usernames, passwords, URLs, attachments, notes, and so on are stored in database entries. You can create as many entries as you want in the database.
+
+To add an entry, perform the following step:
+
+1. Navigate to Entries > New Entry (Or, press Ctrl+N). The following screen appears:
++
+.Adding a new entry
+image::edit_entry.png[]
+
+2. Enter a desired title for the entry, username, password, URL, and notes on this screen.
+
+3. _(Optional)_ Select the Expires check-box to set the expiry date for the password. You can manually enter the date and time or click the Presets button to select a expiry date and time for your password.
+
+4. Click *OK* to add the entry to your database.
+
+=== Editing an Entry
+To edit the details in an entry, perform the following steps:
+
+1. Select the entry you want to edit.
+
+2. Press `Enter`, click the edit toolbar icon, or right-click and select Edit Entry from the menu.
+
+3. Make the desired changes.
+
+4. Click *OK*.
+
+=== Deleting an Entry
+To delete an entry, perform the following steps:
+
+1. Select the entry you want to delete and press the `Delete` button on your keyboard.
+
+2. You will be prompted to move the entry to the Recycle Bin (if enabled).
++
+NOTE: You can disable the recycle bin within the Database Settings. If the recycle bin is disabled then deleted entries will be permanently removed from the database.
+
+3. To permanently delete the entry, navigate to the Recycle Bin, select the entry you want to delete and press the `Delete` button on your keyboard.
+
+// tag::advanced[]
+=== Clone an Entry
+Creating a clone of an entry provides you a ready-to-use template for creating new entries with similar details of a master entry.
+
+To create a clone of an existing entry, perform the following steps:
+
+1.	Right-click on the entry for which you want to create a clone and select _Clone Entry_. Alternatively, select the desired entry and press `Ctrl+K`.
++
+.Clone entry from context menu
+image::clone_entry.png[]
+
+2. The clone dialog will appear.
++
+.Clone entry dialog
+image::clone_entry_dialog.png[,70%]
+  * Select the Append ‘ - Clone’ to title check-box to create a new entry with the word Clone as the suffix to the name of the new entry.
+  * Select the Replace username and password with references check-box to create the new entry where the username and the password fields contain the references to the username and password to the master entry.
+  * Select the Copy history checkbox to copy the history of the master entry to the clone.
+
+3. If you chose to replace username and password entries with references, then the new entry will point these fields to the original entry's values. Changing the original entry will automatically change the resolved value of the cloned entry. This is useful if you have multiple accounts for the same service that use a similar username or password combination.
++
+.References in a cloned entry
+image::clone_entry_references.png[]
+
+4. You can create your own references using the following syntax:
++
+`{REF:<ShortCode>@I:<UUID>}`
++
+Where `<UUID>` is the Unique Identifier of the entry to pull data from and `<ShortCode>` is from the following:
++
+ * T - Title
+ * U - Username
+ * P - Password
+ * A - URL
+ * N - Notes
+ * I - UUID
+
+== Searching the Database
+KeePassXC provides an enhanced and granular search features the enables you to search for specific entries in the databases using the different modifiers, wild card characters, and logical operators.
+
+=== Modifiers and Fields
+[grid=rows, frame=none, width=70%]
+|===
+|Modifier   |Description
+
+|-          |Exclude this term from results
+|!          |Exclude this term from results
+|+	        |Match this term exactly
+|*	        |Term is handled as a regular expression
+|===
+
+The following fields can be searched along with their abbreviated name in parenthesis:
+
+* Title (t)
+* Username (u)
+* Password (p, pw)
+* URL
+* Notes (n)
+* Attribute (attr)
+* Attachment (attach)
+* Group (g)
+
+=== Wild Card Characters and Logical Operators
+[grid=rows, frame=none, width=70%]
+|===
+|Wild Card Character    |Description
+
+|*	                    |Match anything
+|?	                    |Match one character
+|\|	                    |Logical OR
+|===
+
+=== Sample Search Queries
+The following tables lists a few samples search queries for your reference:
+
+|===
+|Query	        |Description
+
+|`user:johnsmith url:www.google.com`
+|Searches the Username field for johnsmith and the URL field for www.google.com.
+
+|`user:john\|smith`
+|Searches the Username field for john OR smith.
+
+|`+user:johnsmith -url:www.google.com *notes:"secret note \d"`
+|Search the username field for exactly johnsmith, the URL must not contain www.google.com, and notes contains secret note [digit].
+|===
+
+== Advanced Entry Options
+=== Additional Attributes
+A lot of applications and web sites now require to provide additional information when you create accounts. The additional information is used to block hackers if any suspicious activity is detected. In addition, the additional information you provide can be used to reset passwords if you forget them. You can also store arbitrary information here that can be copied to the clipboard or Auto-Typed using the `{S:<ATTR_NAME}` action code.
+
+To protect an attribute from being displayed by default, activate the _Protect_ checkbox *(A)*. To show the contents of the attribute while keeping it protected, press the _Reveal_ button *(B)*.
+
+.Additional attributes example
+image::edit_entry_attributes.png[]
+
+=== Attachments
+You can attach files to any entry in your database by pressing the _Add_ button *(A)*. These files are added to the database and stored as encrypted binaries. You can open, save, or delete attachments from this interface *(B)*.
+
+NOTE: When you try to open the attached file, KeePassXC extracts the attachment to a temporary file and opens it using the default application associated with the file type. After finishing viewing or editing the file, you can choose between importing or discarding the changes that you made to the temporary file. KeePassXC securely deletes the temporary file by overwriting it.
+
+.Attachments interface
+image::edit_entry_attachments.png[]
+
+=== Foreground and Background Color
+You can change the foreground *(A)* and/or background *(B)* color that this entry will use in the entry lists. Click the corresponding box to open the color picker dialog.
+
+.Color picker dialog
+image::edit_entry_colors.png[]
+
+=== Icons
+You can select an icon to be displayed with each entry for easy identification. KeePassXC comes with a set of default icons that you can use or you can use your own custom icons. If you defined a URL with an entry, you can also download the favorite icon for that particular website.
+
+NOTE: To delete a custom icon, select the item to be deleted and click the _Delete custom icon_ button.
+
+.Entry icon selection
+image::edit_entry_icons.png[]
+
+TIP: Each KeePass application has different default icons. If you use a mobile app or KeePass2, be aware that the default icons may not be exactly correspond to the KeePassXC icons.
+
+=== Properties
+KeePassXC lets you view the basic properties such as date and time of creation, modification, and when last accessed. This is also where you can retrieve an entry's UUID for use in references.
+
+.Entry properties view
+image::edit_entry_properties.png[]
+
+=== History
+KeePassXC maintains a history of changes you make to your entries. Each time you change an entry, KeePassXC automatically creates a backup copy of the current, non-modified entry before saving the new values. You can view the changes you made previously, restore, and delete the history of changes you made.
+
+ * Show: Display this history item for review, a read-only copy of the entry will be shown.
+ * Restore: Reinstate the selected history item as the active entry details.
+ * Delete: Delete the selected history item.
+ * Delete All: Delete the entire history for this entry.
+
+.Entry history view
+image::edit_entry_history.png[]
+
+NOTE: Restoring an old history item will store the current entry settings as a new history item.
+
+== Automatic Database Opening
+You can setup one or more databases to open automatically when you unlock a single database. This is done by *(1)* defining a special group named `AutoOpen` with *(2)* entries that contain the file path and credentials for each database that should be opened. There is no limit to the number of databases that can be opened.
+
+TIP: Case matters with auto open, the group name must be exactly `AutoOpen`.
+
+.AutoOpen Group and Entries
+image::autoopen.png[]
+
+To setup an entry for auto open perform the following steps:
+
+1. Create a new entry and give it any title you wish.
+2. If your database has a key file, enter its absolute or relative path in the `username` field.
+3. If your database has a password, enter it in the `password` field
+4. Enter the absolute or relative path to the database file in the `url` field. You can also use the `{DB_DIR}` placeholder to reference the absolute path of the current database file.
+5. To restrict auto open to particular devices, go to the advanced category and enter the following:
+  a. Create a new attribute named `IfDevice`.
+  b. Enter hostnames in a comma separated list to define computers that will open this database.
+  c. Prepend an exclamation mark (`!`) to explicitly exclude a device.
+  d. Examples: `LAPTOP, DESKTOP` will auto open on a computer named LAPTOP or DESKTOP. `!LAPTOP` will auto open on all devices *not* named LAPTOP.
+
+.Auto open IfDevice example
+image::autoopen_ifdevice.png[]
+
+NOTE: You can setup an entry to open on double click of the URL field by prepending `kdbx://` to the relative or absolute path to the database file. You may also have to add `file://` to access network shares (e.g., `kdbx://file://share/database.kdbx`).
+
+== Database Settings
+At any point of time, you can change the settings for your database. To make changes to the general settings, perform the following steps:
+
+1.	Navigate to _Database_ -> _Database settings_. The following screen appears:
++
+.Database settings
+image::database_settings.png[]
+
+2.	Click the General button in the left-hand menu bar to access the following settings:
+ * *Database name:* This is the default identifier for your database and is shown in the tab bar and title bar (when active). You can change this name as desired.
+ * *Database description:* Provide some meaningful description for your database.
+ * *Default username:* Provide a default username for all new entries that you create in this database.
+ * *Max history items:* This is the maximum number of history items that are stored for each entry. When you set this to 0, no history will be saved. Set this value to a low value to prevent the database from getting too large (we recommend no more than 10).
+ * *Max. history size:* When the history of an entry gets above this size, it is truncated. For example, this happens when entries have large attachments. Set this value small to prevent the database from getting too large (we recommend 6 MiB).
+ * *Use recycle bin:* Select this check-box if you want deleted entries to move to the recycle bin instead of being permanently removed. The recycle bin will be created if it does not already exist after your first deletion. To delete entries permanently, you must empty the recycle bin manually.
+ * *Enable compression:* KeePassXC databases can be compressed before being encrypted. Compression reduces the size of the database and does not have any appreciable affect on speed. It is  recommended to always save databases with compression.
+
+3. Click the Security button in the left-hand menu bar to change your database credentials and change encryption settings.
++
+.Database security
+image::database_security.png[]
+
+4. Here you can change your database password or add/remove additional credentials to protect your database. KeePassXC supports adding a randomly generated, static key file and hardware keys such as YubiKey and OnlyKey. To add a key file, click _Add Key File_ and either browse for an existing file or generate a new one *(A)*. To add a hardware key, click _Add YubiKey Challenge-Response_, plug in your hardware key, then click refresh *(B)*.
++
+.Database credentials
+image::database_security_credentials.png[]
+
+WARNING: Consider creating a backup of your YubiKey. Please refer to <<Creating a YubiKey backup>>
+
+5. Encryption settings allows you to change the average time it takes to encrypt and decrypt the database. The longer time that is chosen, the harder it will be to brute force attack your database. *We recommend a setting of one second.*
++
+.Database encryption
+image::database_security_encryption.png[]
++
+WARNING: Encryption time is dependent on your computer's hardware. If sharing a database with a mobile device, be mindful that it will likely take two to four times longer to access and save your database than on your home computer.
+
+6. Advanced encryption settings can be accessed by clicking the _Advanced Settings_ checkbox in the lower left-hand corner. These settings are only meant for people who know what they mean. *We do not recommend touching these settings.*
++
+.Database encryption advanced settings
+image::database_security_encryption_advanced.png[]
++
+The following key derivation functions are supported:
+
+ * AES-KDF (KDBX 4 and KDBX 3.1): This key derivation function is based on iterating AES. Users can change the number of iterations. The more iterations, the harder are dictionary and guessing attacks, but also database loading/saving takes more time (linearly). KDBX 3.1 only supports AES-KDF; any other key derivation function, like for instance Argon2, requires KDBX 4.
+
+ * Argon2 (KDBX 4 - recommended): KDBX 4, the Argon2 key derivation function can be used for transforming the composite master key (as protection against dictionary attacks). The main advantage of Argon2 over AES-KDF is that it provides a better resistance against GPU/ASIC attacks (due to being a memory-hard function). The number of iterations scales linearly with the required time. By increasing the memory parameter, GPU/ASIC attacks become harder (and the required time increases). The parallelism parameter can be used to specify how many threads should be used.
+
+=== Creating a YubiKey backup
+It is advisable to have a backup replica YubiKey In case your main YubiKey gets damaged, lost, or stolen. The same HMAC key will need to be written to both keys. To do this you can either use the YubiKey Personalization Tool GUI or the ykpersonalize CLI tool. The steps for the CLI tool are shown:
+
+1. Create a 20 byte HMAC key:
++
+```
+dd status=none if=/dev/random bs=20 count=1 | xxd -p -c 40
+```
+
+2. Write the HMAC key to slot 2 _(Set through the first switch. Out of the box the YubiKey OTP resides in slot 1)_:
++
+```
+ykpersonalize -2 -a -ochal-resp -ochal-hmac -ohmac-lt64 -oserial-api-visible -oallow-update
+```
+
+You will be asked to enter the HMAC key you created earlier, copy/paste they key output in the first step. Repeat both steps for your second YubiKey. We recommend storing your HMAC key in a safe place (e.g., printed on paper) in case you need to recreate another key.
+// end::advanced[]
+
+== Storing a Database File
+The database file that you create might contain highly sensitive data and must be stored in a very secure way. You must make sure that the database is always protected with a strong and long password. The database file that is protected with a strong and long password is secure and encrypted while stored on your computer or cloud storage service.
+
+Make sure that the database file is stored in a folder that is secure. Make sure that you or someone else does not accidentally delete the database file. Deletion of the database file will result in the total loss of your information and a lot of inconvenience to manually retrieve your logins for  various web applications. You must not share your database file with anyone unless absolutely necessary.
+
+==  Backing up a Database File
+It is a good practice to create copies of your database file and store the copies of your database on a different computer, smart phone, or cloud storage space such a Google Drive or Microsoft OneDrive. Backups can be created automatically by selecting the _Backup database file before saving_ option in the application settings. Additionally, you can create a backup on-demand using the _Database_ -> _Save Database Backup..._ menu feature.
+
+.Saving a database backup
+image::save_database_backup.png[,40%]
+
+Creating backups for your database give you a peace of mind should you lose one copy of your database. You can quickly retrieve the copy of your database and start using it.
+// end::content[]

docs/topics/Disclaimers.adoc

@@ -0,0 +1,32 @@
+== License and Disclaimers
+
+KeePassXC is licensed with the
+https://github.com/keepassxreboot/keepassxc/blob/master/LICENSE.GPL-3[GNU General Public License Version 3].
+All copyrights and additional licenses are recorded in
+https://github.com/keepassxreboot/keepassxc/blob/master/COPYING[COPYING].
+
+=== Disclaimer of Warranty
+
+THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
+Except when otherwise stated in writing the copyright holders and/or other parties provide the program "as is" without
+Warranty of any kind, either expressed or implied, including, but not limited to, the implied warranties of
+Merchantability and fitness for a particular purpose. The entire risk as to the quality and performance of the program
+Is with you. Should the program prove defective, you assume the cost of all necessary servicing, repair or correction.
+
+=== Limitation of Liability
+
+In no event unless required by applicable law or agreed to in writing will any copyright holder, or any other party
+Who modifies and/or conveys the program as permitted above, be liable to you for damages, including any general,
+Special, incidental or consequential damages arising out of the use or inability to use the program (including but not
+Limited to loss of data or data being rendered inaccurate or losses sustained by you or third parties or a failure of
+The program to operate with any other programs), even if such holder or other party has been advised of the possibility
+Of such damages.
+
+== Contact Us
+
+We are committed to continually improve KeePassXC through customer experience and your feedback is important to us.
+Please send us your feedback or comments to team@keepassxc.org.
+To report issues, visit: https://github.com/keepassxreboot/keepassxc.
+
+Thank You, +
+Team KeePassXC

docs/topics/DownloadInstall.adoc

@@ -0,0 +1,62 @@
+= KeePassXC - Download and Install
+include::.sharedheader[]
+:imagesdir: ../images
+
+// tag::content[]
+== Downloading KeePassXC
+KeePassXC is available for download for the following operating systems and platforms:
+
+* Microsoft Windows
+** Portable and MSI Installer (64-bit and 32-bit)
+* Linux - Official Cross-Distribution Packages
+** AppImage and Snap Package
+* Linux - Distribution-Specific Packages
+** Ubuntu, Debian, Arch Linux, Gentoo, Fedora, CentOS, and OpenSUSE
+* macOS
+** DMG Installer, Homebrew Cask
+
+To download the KeePassXC installer for your desired platform, visit https://keepassxc.org/download or directly from our https://github.com/keepassxreboot/keepassxc/releases[GitHub Releases].
+
+NOTE: KeePassXC is open-source software and may be available on other websites that are unaffiliated with Team KeePassXC. *We strongly discourage downloading KeePassXC from third-party websites.*
+
+Before installing KeePassXC, it is recommended that you verify that your downloaded installer matches the signature, which is published alongside the release package. By verifying the signatures of KeePassXC releases, you can verify the authenticity and integrity of the downloaded installation file. This guarantees that the file you downloaded was originally created by the KeePassXC Team and its contents have not been tampered with.
+
+To know more about the steps to verify the authenticity and integrity of your downloaded package, visit https://keepassxc.org/verifying-signatures.
+
+=== Microsoft Windows
+The Windows MSI installer is signed by a secure certificate owned by DroidMonkey Apps, LLC. If you do not see this dialog when installing the application, click *NO* and download the installer from https://keepassxc.org.
+
+.Windows UAC Dialog
+image::uac_dialog.png[50%]
+
+Installing KeePassXC is a simple process. In the following example, installation steps for KeePassXC on Microsoft Windows are described. Installing KeePassXC on other operating systems is also a simple process, which you can accomplish by using the native installers. To know more about the installation instructions on the other operating systems, refer to the KeePassXC User Manual.
+
+To install KeePassXC on Microsoft Windows, perform the following steps:
+
+1. Double click on the KeePassXC-Y.Y.Y-WinZZ.msi file. Here, Y.Y.Y represents the version of the software and ZZ represents the 32-bit/64-bit version of the Microsoft Windows operating system.
++
+.Install wizard
+image::install_wizard_1.png[,80%]
+
+2. Click Next and follow the simple instructions on the KeepPassXC Setup Wizard to complete the installation. You will have the option to choose your install location, add a desktop shortcut, and launch on startup.
++
+.Install wizard (cont)
+image::install_wizard_2.png[,80%]
+
+=== Linux
+You can easily download the KeePassXC installer for Linux. When you search for KeePassXC, multiple options are displayed as shown in the following screen:
+
+.Ubuntu Store
+image::linux_store.png[]
+
+The Snap and Flatpak options are sandboxed applications (more secure). The Native option is installed with the operating system files. Read more about the limitations of these options here: https://keepassxc.org/docs/#faq-appsnap-yubikey[KeePassXC Snap FAQ]
+
+NOTE: KeePassXC stores a configuration file in `~/.cache` to remember window position, recent files, and other local settings. If you mount this folder to a tmpdisk you will lose settings after reboot.
+
+=== macOS
+To install the KeePassXC app on macOS, double click on the downloaded DMG file and use the click and drag option as shown:
+
+.macOS DMG Install
+image::macos_install.png[,80%]
+
+// end::content[]

docs/topics/ImportExport.adoc

@@ -0,0 +1,64 @@
+= KeePassXC - Import/Export Operations
+include::.sharedheader[]
+:imagesdir: ../images
+
+// tag::content[]
+== Importing External Databases
+KeePassXC allows your to import external databases from the following options:
+
+* Comma-Separated Values (CSV) file
+* 1Password OPVault
+* KeePass 1 Database
+
+=== Importing CSV File
+If you have been saving your URLs, usernames, passwords, and so on in a CSV file, you can migrate all that information from the CSV file to KeePassXC and start using KeePassXC to maintain your data.
+
+To open the CSV file, perform the following steps:
+
+1. Open KeePassXC.
+
+2. Click Import from CSV button on the welcome screen or use the menu Database > Import > CSV File.
+
+3. Navigate to the location of the your CSV file on your computer and open the file. The new database wizard will appear. Follow the steps of creating a new database in Chapter 1.
+
+4. After saving your new database file, the CSV import wizard will appear:
++
+.CSV Import Wizard
+image::csv_import.png[,80%]
+
+Your CSV file gets imported to KeePassXC and the data is converted to the KeePassXC format for further usage and maintenance. The new database file is saved on to your computer with the default `.kdbx` extension.
+
+=== Importing 1Password OPVault
+Save your 1Password Vault locally to create an OPVault directory. Please see 1Password instructions on how to do this. Once an OPVault is created, perform the following steps:
+
+1. Open KeePassXC.
+
+2. Use the menu Database > Import > 1Password Vault. Select the OPVault to import.
+
+3. Enter the password for your OPVault to unlock and import.
+
+=== Importing KeePass 1 Database
+KeePass 1 database is an older format of the database created using legacy version of KeePass. KeePassXC lets your import this older format of the database and you can seamlessly start using this database in your new KeePassXC application.
+
+To import a KeePass 1 database file in KeePassXC, perform the following steps:
+
+1. Open KeePassXC.
+
+2. Click Import from KeePass 1 button on the welcome screen or use the menu Database > Import > KeePass 1 Database.
+
+3. Navigate to the location of the your legacy KeePass 1 database file (`.kdb`) on your computer and open the file. You are prompted for the password and the Key file for your `.kdb` file.
+
+4. Enter the password for your old `.kdb` file and click *OK*. You are prompted for provide a name for the new database format that KeePassXC recognizes.
+
+5. Provide a name for the new database format, select a folder on your computer to save the file, and click Save.
+
+6. The data from the `.kdb` file gets imported and converted to the new format, which is compatible with KeePassXC. You can now start using the new database file (`.kdbx`) in KeePassXC.
+
+== Exporting Databases
+KeePassXC supports multiple ways to export your database for transfer to another program or to print out and archive. To export your database into the KDB XML format, you must use the KeePassXC Command Line Interface program: `keepassxc-cli export <database.kdbx>`.
+
+WARNING: Exporting your database will result in all of your passwords and sensitive information being stored unencrypted. We do not recommend saving your exported database for long periods of time as that can cause compromise.
+
+.Database export menu
+image::export_database.png[,80%]
+// end::content[]

docs/topics/KeeShare.adoc

@@ -0,0 +1,51 @@
+= KeePassXC - KeeShare
+include::.sharedheader[]
+:imagesdir: ../images
+
+// tag::content[]
+== Database Sharing with KeeShare
+KeeShare allows you to share a subset of your credentials with others and vice versa.
+
+=== Enable Sharing
+To use sharing, you need to enable it for the application.
+
+1. Go to _Tools_ -> _Settings_. Select the KeeShare category on the left sidebar *(1)*.
+2. Check _Allow import_ if you want to import shared credentials. Check _Allow export_ if you want to share credentials. *(2)*
+3. (Optional) Click _Generate_ *(3)* to create your own certificate or _Import_ to select an existing one. The certificate allows you to sign shared databases. This ensures the integrity of the share and prevent import of untrusted information.
+
+.KeeShare Application Settings
+image::keeshare_application_settings.png[]
+
+=== Sharing Credentials
+If you checked _Allow export_ in the Sharing settings you can now share a group of passwords. Sharing is always is defined on a particular group. If you enable sharing on a group, every entry under this group, and its children, are shared. If you enable sharing on the root node, **every password** inside your database gets shared!
+
+NOTE: KeeShare does not synchronize group structure after the initial share is created. At this time, KeeShare operates at the entry level; shared entries moved outside of a shared group are still synchronized.
+
+1. Open the edit sheet on a group you want to share.
+2. Select the KeeShare category on the left toolbar.
+3. Choose a sharing type:
+  a. *Inactive* - Disable sharing this group
+  b. *Import* - Read-only import of entries, merge changes
+  c. *Export* - Write-only export of entries, no merge
+  d. *Synchronize* - Read/Write entries from the share, merge changes
+4. Choose a path to store the shared credentials to.
+5. The password to use for this share container.
+
+The export file will not be generated automatically. Instead, each time the database is saved, the file gets written. The file should be written to a location that is accessible by others. An easy setup is a network share or storing the file in cloud storage.
+
+.KeeShare Group Settings
+image::keeshare_group_settings.png[]
+
+=== Using Shared Credentials
+KeeShare watches the container for changes and merges them into your database when necessary (Import and Synchronize modes). Entries merge in time order; older data is moved to the history of the entry.
+
+A shared group shows a cloud icon badge over the group icon *(A)* and a banner is displayed showing the sharing mode and file location *(B)*. If the share is disabled or unavailable, the cloud icon will show as red with a white X.
+
+.KeeShare shared group
+image::keeshare_shared_group.png[]
+
+=== Technical Details and Limitations of Sharing
+Sharing relies on the combination of file exports and imports as well as the synchronization mechanism provided by KeePassXC. Since the merge algorithm uses the history of entries to prevent data loss, this history must be enabled and have a sufficient size. Furthermore, the merge algorithm is location independent, therefore it does not matter if entries are moved outside of an import group. These entries will be updated none the less. Moving entries outside of export groups will prevent a further export of the entry, but it will not ensure that the already shared data will be removed from any client.
+
+KeeShare uses a custom certification mechanism to ensure that the source of the data is the expected one. This ensures that the data was exported by the signer but it is not possible to detect if someone replaced the data with an older version from a valid signer. To prevent this, the container could be placed at a location which is only writeable for valid signers.
+// end::content[]

docs/topics/KeyboardShortcuts.adoc

@@ -0,0 +1,45 @@
+= KeePassXC - Keyboard Shortcuts
+include::.sharedheader[]
+:imagesdir: ../images
+
+// tag::content[]
+NOTE: On macOS please substitute `Ctrl` with `Cmd` (aka `⌘`).
+
+[grid=rows, frame=none, width=75%]
+|===
+|Action                       | Keyboard Shortcut
+
+|Open Database                | Ctrl + O
+|Save Database                | Ctrl + S
+|Save Database As             | Ctrl + Shift + S
+|New Database                 | Ctrl + Shift + N
+|Close Database               | Ctrl + W ; Ctrl + F4
+|Lock All Databases           | Ctrl + L
+|Quit                         | Ctrl + Q
+|New Entry                    | Ctrl + N
+|Edit Entry                   | Enter ; Ctrl + E
+|Delete Entry                 | Delete
+|Clone Entry                  | Ctrl + K
+|Copy Username                | Ctrl + B
+|Copy Password                | Ctrl + C
+|Copy URL                     | Ctrl + U
+|Open URL                     | Ctrl + Shift + U
+|Copy TOTP                    | Ctrl + T
+|Show TOTP                    | Ctrl + Shift + T
+|Trigger AutoType             | Ctrl + Shift + V
+|Add key to SSH Agent         | Ctrl + H
+|Remove key from SSH Agent    | Ctrl + Shift + H
+|Minimize Window              | Ctrl + M
+|Hide Window                  | Ctrl + Shift + M
+|Select Next Database Tab     | Ctrl + Tab ; Ctrl + PageDn
+|Select Previous Database Tab | Ctrl + Shift + Tab ; Ctrl + PageUp
+|Select the nth database      | Ctrl + n, where n is the number of the database tab
+|Toggle Passwords Hidden      | Ctrl + Shift + C
+|Toggle Usernames Hidden      | Ctrl + Shift + B
+|Focus Groups (edit if focused)  | F1
+|Focus Entries (edit if focused) | F2
+|Focus Search                 | F3 ; Ctrl + F
+|Clear Search                 | Escape
+|Show Keyboard Shortcuts      | Ctrl + /
+|===
+// end::content[]

docs/topics/PasswordGenerator.adoc

@@ -0,0 +1,44 @@
+= KeePassXC - Password Generator
+include::.sharedheader[]
+:imagesdir: ../images
+
+// tag::content[]
+== Password Generator
+This password generator helps you to generate random strong passwords and passphrases that you can use for your applications and websites you visit.
+
+=== Generating Passwords
+To generate random passwords, specify the characters to be used in your choice of password (for example, upper-case letters, digits, special characters, and so on) and KeePassXC will randomly pick characters out of the set.
+
+To generate the random password using Password Generator, perform the following steps:
+
+1. Open KeePassXC.
+2. Navigate to Tools > Password Generator. The following screen appears:
++
+.Password Generator
+image::password_generator.png[]
+
+3. Select the length of the desired password by dragging the Length slider.
+4. Select the character-sets that you want to include in your password.
+5. Use the regenerate button (Ctrl + R) to make a new password using the chosen options.
+6. Use the clipboard button (Ctrl + C) to copy the generated password to the clipboard.
+// tag::advanced[]
+7.	Click the Advanced button to specify additional conditions for your desired password.
++
+.Advanced Password Generator Options
+image::password_generator_advanced.png[]
+
+=== Generating Passphrases
+A passphrase is a sequence of words or other text used to control access to your applications and data. A passphrase is similar to a password in usage, but is generally longer for added security. To generate the random passphrase using Password Generator, perform the following steps:
+
+1. From the password generator, click the Passphrase tab. The following screen appears:
++
+.Passphrase Generator
+image::passphrase_generator.png[]
+
+2. Select the number of words you want to be included in your passphrase by dragging the
+Word Count slider.
+3. In the Word Separator field, enter a character, word, number, or space that you want to use a separator between the words in your passphrase.
+4. Click the Regenerate button (Ctrl + R) to generate a new random passphrase.
+5. Click the Clipboard button (Ctrl + C) to copy the passphrase to the clipboard.
+// end::advanced[]
+// end::content[]

docs/topics/SSHAgent.adoc

@@ -0,0 +1,125 @@
+= KeePassXC - SSH Agent
+include::.sharedheader[]
+:imagesdir: ../images
+
+// tag::content[]
+== SSH Agent
+SSH (Secure Shell) is a widely used remote secure shell protocol and is considered an industry standard for secure remote access to UNIX-like systems including Linux, BSDs, MacOS and more recently even Windows received native support. SSH supports multiple types of authentication and the most widely used ones are either interactive keyboard input with a password or a public-key cryptography pair of keys.
+
+KeePassXC SSH Agent integration is built to manage SSH keys in a secure manner by either storing them completely within your KeePassXC database or by having only the decryption key of a key file that is stored elsewhere. SSH Agent integration _does not_ provide an agent itself but works as a client for any agent implementation that is OpenSSH compatible.
+
+=== OpenSSH agent on Linux
+If you are using a modern desktop Linux distribution it is very likely the OpenSSH agent is already configured and running when you have logged in to a graphical desktop session.
+This should be true for distributions like Debian, Ubuntu (including Kubuntu, Xubuntu and Lubuntu), Linux Mint, Fedora, ElementaryOS and Manjaro.
+
+First, open a terminal and check the output of `ssh-add -l`:
+
+    $ ssh-add -l
+    The agent has no identities.
+
+If you either got a list of fingerprints or the message above the agent is already running and no further setup is required.
+If instead you got a message saying _"Could not open a connection to your authentication agent."_ that means the agent is either misconfigured or not running at all.
+
+Since every distribution and desktop environment is configured differently there is no general guide how to properly set it up yourself.
+The general rule of thumb, however, is that `ssh-agent` needs to be started as part of the startup programs for a session in a way its environment variables are exposed to all processes started by the desktop environment.
+One of the easiest ways to achieve this is to enable _GNOME Keyring_ which should in turn start the agent as part of its services.
+
+There are many guides on the internet how to hack your login shell to start an agent but it is very prone to errors and is not a supported configuration. If you prefer the login shell startup hack you need to set it up with a static socket path and use the _SSH_AUTH_SOCK override_ option in SSH Agent settings to match that.
+
+WARNING: _GNU Privacy Guard (gpg)_ with its SSH agent implementation is *not* compatible with KeePassXC as it does not support _removing_ keys that have been added to it making it impossible to use any external tool to manage key lifetime.
+
+WARNING: _GNOME Keyring_ prior to release 3.27.92 had its own custom implementation of an agent which does not support modern key types and was known to be buggy.
+It does not support any constraints you may want to configure for an added key.
+If you are running a modern distribution the custom agent has been removed and replaced with the stock OpenSSH agent which is feature complete.
+
+=== OpenSSH agent on MacOS
+Apple has made OpenSSH an integrated part of MacOS with automatic agent startup when it is first used. No further configuration is needed.
+
+=== Pageant agent on Windows
+The SSH Agent integration on Windows supports both _PuTTY Pageant_ and _OpenSSH for Windows 10_.
+Since Pageant is currently still the most widely used implementation and is easily installable on any version of Windows we focus on that.
+It is also the default on KeePassXC.
+
+Download Pageant from the official PuTTY home page at https://www.chiark.greenend.org.uk/~sgtatham/putty/
+
+To use Pageant with KeePassXC, simply start it and it will minimize into the system tray and is ready to use. PuTTY and compatible tools will use Pageant automatically.
+
+=== Setting up SSH Agent integration
+By default the SSH Agent integration plugin is disabled.
+To enable integration, follow the steps below to access the settings:
+
+ 1. Select _Tools > Settings_ from the menu
+ 2. Select _SSH Agent_ category on the left sidebar
+
+.SSH Agent Application Settings Page
+image::sshagent_application_settings.png[]
+
+On the settings page you can enable the integration by checking _Enable SSH Agent integration_.
+When the integration is enabled coming back to the settings page also shows if connection to the agent is working.
+
+On Windows you have the option to select between _Pageant_ and _OpenSSH for Windows_ and on other platforms the settings page shows the current value of _SSH_AUTH_SOCK_ environment variable which is used to connect to the running agent and an option to manually override the automatically detected path.
+
+If the value of _SSH_AUTH_SOCK_ is empty it means the agent is not properly configured and KeePassXC will be unable to connect to it unless you provide a static override path to the socket.
+
+=== Generating a key to use with KeePassXC
+KeePassXC only supports keys in the _OpenSSH_ format. On Windows, _PuTTYgen_ saves keys in its own format by default and you will need to convert them to OpenSSH format before being used. In this guide we are going to generate a standard RSA key in the default size.
+
+==== Generating a key on Linux or MacOS with _ssh-keygen_
+
+Open a terminal window and type the following command to generate a key:
+
+    $ ssh-keygen -o -f keepassxc -C johndoe@example
+    Generating public/private rsa key pair.
+    Enter passphrase (empty for no passphrase): 
+    Enter same passphrase again: 
+    Your identification has been saved in keepassxc
+    Your public key has been saved in keepassxc.pub
+    The key fingerprint is:
+    SHA256:pN+o5AqUmijYBDUrFV/caMus9oIR61+MiWLa8fcsVYI johndoe@example
+    The key's randomart image is:
+    +---[RSA 3072]----+
+    |  =. ..o         |
+    | o + .+ .        |
+    |o . .+ o.        |
+    | o..  Eo. .      |
+    |  +o .. So       |
+    |o*o.o+ ..o       |
+    |Bo=+o.+.o .      |
+    |+oo+.++o         |
+    |. ..++ooo        |
+    +----[SHA256]-----+
+
+
+Now we can see two files were generated:
+
+    $ ls -l keepassxc*
+    -rw------- 1 user group 2.6K Apr  5 07:36 keepassxc
+    -rw-r--r-- 1 user group  569 Apr  5 07:36 keepassxc.pub
+
+With KeePassXC you only need the first file listed.
+
+==== Generating a key on Windows with PuTTYgen
+Please read the manual on how to use PuTTYgen for details on generate a key: https://the.earth.li/~sgtatham/putty/0.74/htmldoc/Chapter8.html#pubkey-puttygen. Once generated, you must save the key in the new OpenSSH format, see image below.
+
+.Generating a key with PuTTYgen
+image::sshagent_puttygen.png[,70%]
+
+=== Configuring an entry to use SSH Agent
+The last step is to setup an entry to contain the SSH Agent settings and key file you generated.
+
+1. Create a new entry, or open an existing entry in edit mode.
+2. Set the password you used for the key file in the password field.
+3. Go to the advanced category and attach the key file you generated previously.
+4. Go to the SSH Agent category *(1)* and select the attachment from the list *(2)*. 
+5. Alternatively, you can load an external file dynamically using the file selection.
+6. Choose the options for this key.
+7. Press *OK* to accept the entry. Depending on the options you chose, KeePassXC will load the key and present it for use.
+
+.SSH Agent Entry Settings Page
+image::sshagent_entry_settings.png[]
+
+If you chose to not auto-load the key on database unlock, you can manually make the key available by using the context menu from the entry list.
+
+.SSH Agent Load Key from Context Menu
+image::sshagent_context_menu.png[]
+// end::content[]