From 014855cf17e194d45cb56cd8302aa5df900702d4 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Mon, 8 Apr 2024 07:04:50 -0700 Subject: [PATCH 01/17] [PM-7068] - Use a distroless container image for `bws` (#681) ## Type of change - [ ] Bug fix - [ ] New feature development - [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc) - [x] Build/deploy pipeline (DevOps) - [x] Other ## Objective Addresses [PM-7068](https://bitwarden.atlassian.net/browse/PM-7068). Build the `bws` Docker image from an empty file system. This results in a much smaller Docker image (~16MB, uncompressed) with a smaller threat surface than bundling it with a distro. ## Code changes - **./crates/bws/Dockerfile:** Use `scratch` for the final build stage. This results in a distroless image that only contains our binary, the libraries that it depends on, and the CA certificates needed for SSL to work. The `ldd` line automatically determines what dependencies we need to copy over so we don't have to manually maintain a list of them. ## Before you submit - Please add **unit tests** where it makes sense to do so [PM-7068]: https://bitwarden.atlassian.net/browse/PM-7068?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ --- crates/bws/Dockerfile | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/crates/bws/Dockerfile b/crates/bws/Dockerfile index 4f16f8e6c..cc9e1c481 100644 --- a/crates/bws/Dockerfile +++ b/crates/bws/Dockerfile @@ -15,27 +15,35 @@ COPY . /app # Build project WORKDIR /app/crates/bws -RUN cargo build --release +RUN cargo build --release --bin bws + +# Bundle bws dependencies +RUN mkdir /lib-bws +RUN ldd /app/target/release/bws | tr -s '[:blank:]' '\n' | grep '^/' | xargs -I % cp % /lib-bws + +# Make a HOME directory for the app stage +RUN mkdir -p /home/app ############################################### # App stage # ############################################### -FROM debian:bookworm-slim +FROM scratch ARG TARGETPLATFORM LABEL com.bitwarden.product="bitwarden" +# Set a HOME directory +COPY --from=build /home/app /home/app +ENV HOME=/home/app + # Copy built project from the build stage WORKDIR /usr/local/bin COPY --from=build /app/target/release/bws . -COPY --from=build /etc/ssl/certs /etc/ssl/certs - -# Create a non-root user -RUN useradd -ms /bin/bash app -# Switch to the non-root user -USER app +# Copy certs +COPY --from=build /etc/ssl/certs /etc/ssl/certs -WORKDIR /home/app +# Copy bws dependencies +COPY --from=build /lib-bws /lib ENTRYPOINT ["bws"] From 69d5104c0608900c0ea0294efc77c87167ae674b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 8 Apr 2024 09:50:28 -0600 Subject: [PATCH 02/17] [deps]: Update bitwarden/gh-actions digest to 2e9a183 (#689) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | bitwarden/gh-actions | action | digest | `4f37134` -> `2e9a183` | --- ### Configuration 📅 **Schedule**: Branch creation - "every 2nd week starting on the 2 week of the year before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/bitwarden/sdk). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/publish-php.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publish-php.yml b/.github/workflows/publish-php.yml index 782ffee1d..2b716c893 100644 --- a/.github/workflows/publish-php.yml +++ b/.github/workflows/publish-php.yml @@ -86,7 +86,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@4f37134d838f21609c38cb56694d8605f176704c + uses: bitwarden/gh-actions/get-keyvault-secrets@2e9a183f0543d25868fbb784dfe205fea6ff09a5 with: keyvault: ${{ env._KEY_VAULT }} secrets: "github-pat-bitwarden-devops-bot-repo-scope" @@ -167,7 +167,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@4f37134d838f21609c38cb56694d8605f176704c + uses: bitwarden/gh-actions/get-keyvault-secrets@2e9a183f0543d25868fbb784dfe205fea6ff09a5 with: keyvault: ${{ env._KEY_VAULT }} secrets: "github-pat-bitwarden-devops-bot-repo-scope" @@ -247,7 +247,7 @@ jobs: - name: Retrieve secrets id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@4f37134d838f21609c38cb56694d8605f176704c + uses: bitwarden/gh-actions/get-keyvault-secrets@2e9a183f0543d25868fbb784dfe205fea6ff09a5 with: keyvault: ${{ env._KEY_VAULT }} secrets: "github-pat-bitwarden-devops-bot-repo-scope, From c272758b7211948fa51f2cf5a5982ed15e4768a6 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 8 Apr 2024 09:57:42 -0600 Subject: [PATCH 03/17] [deps]: Update dtolnay/rust-toolchain digest to dc63535 (#690) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | dtolnay/rust-toolchain | action | digest | `be73d79` -> `dc63535` | --- ### Configuration 📅 **Schedule**: Branch creation - "every 2nd week starting on the 2 week of the year before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/bitwarden/sdk). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/build-android.yml | 4 ++-- .github/workflows/build-cli.yml | 8 ++++---- .github/workflows/build-napi.yml | 2 +- .github/workflows/build-python-wheels.yml | 2 +- .github/workflows/build-rust-crates.yml | 4 ++-- .github/workflows/build-rust-cross-platform.yml | 2 +- .github/workflows/direct-minimal-versions.yml | 2 +- .github/workflows/generate_schemas.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/memory-testing.yml | 2 +- .github/workflows/minimum-rust-version.yml | 2 +- .github/workflows/publish-rust-crates.yml | 2 +- .github/workflows/release-cli.yml | 2 +- .github/workflows/rust-test.yml | 6 +++--- .github/workflows/version-bump.yml | 2 +- 15 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/build-android.yml b/.github/workflows/build-android.yml index cad899ef3..8bff66f33 100644 --- a/.github/workflows/build-android.yml +++ b/.github/workflows/build-android.yml @@ -28,7 +28,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable @@ -70,7 +70,7 @@ jobs: fetch-depth: 0 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable diff --git a/.github/workflows/build-cli.yml b/.github/workflows/build-cli.yml index e60928807..ad3386ddf 100644 --- a/.github/workflows/build-cli.yml +++ b/.github/workflows/build-cli.yml @@ -61,7 +61,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable targets: ${{ matrix.settings.target }} @@ -151,7 +151,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable targets: ${{ matrix.settings.target }} @@ -260,7 +260,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable targets: ${{ matrix.settings.target }} @@ -411,7 +411,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable diff --git a/.github/workflows/build-napi.yml b/.github/workflows/build-napi.yml index aa1cfdd16..3737d3767 100644 --- a/.github/workflows/build-napi.yml +++ b/.github/workflows/build-napi.yml @@ -61,7 +61,7 @@ jobs: cache-dependency-path: crates/bitwarden-napi/package-lock.json - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable targets: ${{ matrix.settings.target }} diff --git a/.github/workflows/build-python-wheels.yml b/.github/workflows/build-python-wheels.yml index 7ffc2f24f..1c0459dd6 100644 --- a/.github/workflows/build-python-wheels.yml +++ b/.github/workflows/build-python-wheels.yml @@ -71,7 +71,7 @@ jobs: node-version: 18 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable targets: ${{ matrix.settings.target }} diff --git a/.github/workflows/build-rust-crates.yml b/.github/workflows/build-rust-crates.yml index 5d45b6f95..dc6db5c91 100644 --- a/.github/workflows/build-rust-crates.yml +++ b/.github/workflows/build-rust-crates.yml @@ -39,7 +39,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable targets: ${{ matrix.settings.target }} @@ -69,7 +69,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable targets: ${{ matrix.settings.target }} diff --git a/.github/workflows/build-rust-cross-platform.yml b/.github/workflows/build-rust-cross-platform.yml index 0db2d0cde..cacacf0e0 100644 --- a/.github/workflows/build-rust-cross-platform.yml +++ b/.github/workflows/build-rust-cross-platform.yml @@ -32,7 +32,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable diff --git a/.github/workflows/direct-minimal-versions.yml b/.github/workflows/direct-minimal-versions.yml index 8db6e3c2e..084ed3cff 100644 --- a/.github/workflows/direct-minimal-versions.yml +++ b/.github/workflows/direct-minimal-versions.yml @@ -39,7 +39,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: nightly targets: ${{ matrix.settings.target }} diff --git a/.github/workflows/generate_schemas.yml b/.github/workflows/generate_schemas.yml index bd206b21e..5c62cee01 100644 --- a/.github/workflows/generate_schemas.yml +++ b/.github/workflows/generate_schemas.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 771b368f5..8767cba89 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -20,7 +20,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable diff --git a/.github/workflows/memory-testing.yml b/.github/workflows/memory-testing.yml index af5ef6b7c..1723644f2 100644 --- a/.github/workflows/memory-testing.yml +++ b/.github/workflows/memory-testing.yml @@ -30,7 +30,7 @@ jobs: sudo apt -y install gdb - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable diff --git a/.github/workflows/minimum-rust-version.yml b/.github/workflows/minimum-rust-version.yml index d3eccf653..6213fed32 100644 --- a/.github/workflows/minimum-rust-version.yml +++ b/.github/workflows/minimum-rust-version.yml @@ -30,7 +30,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: # Important: When updating this, make sure to update the Readme file # and also the `rust-version` field in all the `Cargo.toml`. diff --git a/.github/workflows/publish-rust-crates.yml b/.github/workflows/publish-rust-crates.yml index e3b2a1626..f6a52d5d1 100644 --- a/.github/workflows/publish-rust-crates.yml +++ b/.github/workflows/publish-rust-crates.yml @@ -137,7 +137,7 @@ jobs: secrets: "cratesio-api-token" - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable diff --git a/.github/workflows/release-cli.yml b/.github/workflows/release-cli.yml index daf6dd622..3b42c3238 100644 --- a/.github/workflows/release-cli.yml +++ b/.github/workflows/release-cli.yml @@ -142,7 +142,7 @@ jobs: secrets: "cratesio-api-token" - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable diff --git a/.github/workflows/rust-test.yml b/.github/workflows/rust-test.yml index 8408dd1d7..06904ee3b 100644 --- a/.github/workflows/rust-test.yml +++ b/.github/workflows/rust-test.yml @@ -39,7 +39,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable @@ -58,7 +58,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable components: llvm-tools @@ -87,7 +87,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable targets: wasm32-unknown-unknown diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index 704bee01d..f94a51346 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -37,7 +37,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Install rust - uses: dtolnay/rust-toolchain@be73d7920c329f220ce78e0234b8f96b7ae60248 # stable + uses: dtolnay/rust-toolchain@dc6353516c68da0f06325f42ad880f76a5e77ec9 # stable with: toolchain: stable From a9d90f2d9a733429efc178f5164f0d95e136ef8e Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Tue, 9 Apr 2024 13:23:11 +0200 Subject: [PATCH 04/17] Use same version for bitwarden crates (#663) Rather than maintaining separate versions for every crate let's keep them locked. That means the rust sdk packages will always have the same version. Unfortunately a side effect of this is that every package will be released even if that package hasn't changed. --- .github/workflows/version-bump.yml | 51 ++++-------------------- Cargo.lock | 12 +++--- Cargo.toml | 15 ++++--- crates/bitwarden-api-api/Cargo.toml | 2 +- crates/bitwarden-api-identity/Cargo.toml | 2 +- crates/bitwarden-cli/Cargo.toml | 2 +- crates/bitwarden-crypto/Cargo.toml | 2 +- crates/bitwarden-exporters/Cargo.toml | 2 +- crates/bitwarden-generators/Cargo.toml | 2 +- crates/bitwarden-json/Cargo.toml | 3 +- crates/bitwarden-napi/Cargo.toml | 7 ++-- crates/bitwarden-py/Cargo.toml | 3 +- crates/bitwarden-uniffi/Cargo.toml | 7 ++-- crates/bitwarden-wasm/Cargo.toml | 9 ++--- crates/bitwarden/Cargo.toml | 2 +- crates/bw/Cargo.toml | 5 +-- crates/bws/Cargo.toml | 3 +- crates/sdk-schemas/Cargo.toml | 7 ++-- 18 files changed, 48 insertions(+), 88 deletions(-) diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index f94a51346..8b4c33ee3 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -11,12 +11,7 @@ on: type: choice options: - bitwarden - - bitwarden-api-api - - bitwarden-api-identity - - bitwarden-crypto - - bitwarden-generators - - bitwarden-json - - cli + - bws - napi - python-sdk - ruby-sdk @@ -45,7 +40,7 @@ jobs: uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3 - name: Install cargo-release - run: cargo install cargo-edit + run: cargo install cargo-edit --locked - name: Login to Azure - CI Subscription uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 @@ -103,49 +98,19 @@ jobs: - name: Bump napi crate Version if: ${{ inputs.project == 'napi' }} - run: cargo-set-version set-version -p bitwarden-napi ${{ inputs.version_number }} + run: cargo set-version -p bitwarden-napi ${{ inputs.version_number }} ### bitwarden - name: Bump bitwarden crate Version if: ${{ inputs.project == 'bitwarden' }} - run: cargo-set-version set-version -p bitwarden ${{ inputs.version_number }} + run: cargo set-version -p bitwarden ${{ inputs.version_number }} - ### bitwarden-api-api + ### bws - - name: Bump bitwarden-api-api crate Version - if: ${{ inputs.project == 'bitwarden-api-api' }} - run: cargo-set-version set-version -p bitwarden-api-api ${{ inputs.version_number }} - - ### bitwarden-api-identity - - - name: Bump bitwarden-api-identity crate Version - if: ${{ inputs.project == 'bitwarden-api-identity' }} - run: cargo-set-version set-version -p bitwarden-api-identity ${{ inputs.version_number }} - - ### bitwarden-crypto - - - name: Bump bitwarden-crypto crate Version - if: ${{ inputs.project == 'bitwarden-crypto' }} - run: cargo-set-version set-version -p bitwarden-crypto ${{ inputs.version_number }} - - ### bitwarden-generators - - - name: Bump bitwarden-generators crate Version - if: ${{ inputs.project == 'bitwarden-generators' }} - run: cargo-set-version set-version -p bitwarden-generators ${{ inputs.version_number }} - - ### cli - - - name: Bump cli Version - if: ${{ inputs.project == 'cli' }} - run: cargo-set-version set-version -p bws ${{ inputs.version_number }} - - ### bitwarden-json - - - name: Bump bitwarden-json crate Version - if: ${{ inputs.project == 'bitwarden-json' }} - run: cargo-set-version set-version -p bitwarden-json ${{ inputs.version_number }} + - name: Bump bws Version + if: ${{ inputs.project == 'bws' }} + run: cargo set-version -p bws ${{ inputs.version_number }} ### python - name: Bump python-sdk Version diff --git a/Cargo.lock b/Cargo.lock index dfa714cc6..b3538ccab 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -363,7 +363,7 @@ dependencies = [ [[package]] name = "bitwarden-api-api" -version = "0.2.3" +version = "0.4.0" dependencies = [ "reqwest", "serde", @@ -376,7 +376,7 @@ dependencies = [ [[package]] name = "bitwarden-api-identity" -version = "0.2.3" +version = "0.4.0" dependencies = [ "reqwest", "serde", @@ -398,7 +398,7 @@ dependencies = [ [[package]] name = "bitwarden-cli" -version = "0.1.0" +version = "0.4.0" dependencies = [ "clap", "color-eyre", @@ -408,7 +408,7 @@ dependencies = [ [[package]] name = "bitwarden-crypto" -version = "0.1.0" +version = "0.4.0" dependencies = [ "aes", "argon2", @@ -438,7 +438,7 @@ dependencies = [ [[package]] name = "bitwarden-exporters" -version = "0.1.0" +version = "0.4.0" dependencies = [ "base64", "bitwarden-crypto", @@ -452,7 +452,7 @@ dependencies = [ [[package]] name = "bitwarden-generators" -version = "0.1.0" +version = "0.4.0" dependencies = [ "bitwarden-crypto", "rand", diff --git a/Cargo.toml b/Cargo.toml index 7626e4cca..75685a7bf 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -4,6 +4,8 @@ members = ["crates/*"] # Global settings for all crates should be defined here [workspace.package] +# Update using `cargo set-version -p bitwarden ` +version = "0.4.0" authors = ["Bitwarden Inc"] edition = "2021" # Note: Changing rust-version should be considered a breaking change @@ -15,12 +17,13 @@ keywords = ["bitwarden"] # Define dependencies that are expected to be consistent across all crates [workspace.dependencies] -bitwarden = { path = "crates/bitwarden", version = "0.4.0" } -bitwarden-api-api = { path = "crates/bitwarden-api-api", version = "0.2.3" } -bitwarden-api-identity = { path = "crates/bitwarden-api-identity", version = "=0.2.3" } -bitwarden-crypto = { path = "crates/bitwarden-crypto", version = "=0.1.0" } -bitwarden-exporters = { path = "crates/bitwarden-exporters", version = "=0.1.0" } -bitwarden-generators = { path = "crates/bitwarden-generators", version = "=0.1.0" } +bitwarden = { path = "crates/bitwarden", version = "=0.4.0" } +bitwarden-api-api = { path = "crates/bitwarden-api-api", version = "=0.4.0" } +bitwarden-api-identity = { path = "crates/bitwarden-api-identity", version = "=0.4.0" } +bitwarden-cli = { path = "crates/bitwarden-cli", version = "=0.4.0" } +bitwarden-crypto = { path = "crates/bitwarden-crypto", version = "=0.4.0" } +bitwarden-exporters = { path = "crates/bitwarden-exporters", version = "=0.4.0" } +bitwarden-generators = { path = "crates/bitwarden-generators", version = "=0.4.0" } [workspace.lints.clippy] unwrap_used = "deny" diff --git a/crates/bitwarden-api-api/Cargo.toml b/crates/bitwarden-api-api/Cargo.toml index 538d590ec..a06a0f0e5 100644 --- a/crates/bitwarden-api-api/Cargo.toml +++ b/crates/bitwarden-api-api/Cargo.toml @@ -1,11 +1,11 @@ [package] name = "bitwarden-api-api" -version = "0.2.3" description = """ Api bindings for the Bitwarden API. """ categories = ["api-bindings"] +version.workspace = true authors.workspace = true edition.workspace = true rust-version.workspace = true diff --git a/crates/bitwarden-api-identity/Cargo.toml b/crates/bitwarden-api-identity/Cargo.toml index 067d90648..e5a49efac 100644 --- a/crates/bitwarden-api-identity/Cargo.toml +++ b/crates/bitwarden-api-identity/Cargo.toml @@ -1,11 +1,11 @@ [package] name = "bitwarden-api-identity" -version = "0.2.3" description = """ Api bindings for the Bitwarden Identity API. """ categories = ["api-bindings"] +version.workspace = true authors.workspace = true edition.workspace = true rust-version.workspace = true diff --git a/crates/bitwarden-cli/Cargo.toml b/crates/bitwarden-cli/Cargo.toml index b00479b2f..69a21704c 100644 --- a/crates/bitwarden-cli/Cargo.toml +++ b/crates/bitwarden-cli/Cargo.toml @@ -1,7 +1,7 @@ [package] name = "bitwarden-cli" -version = "0.1.0" +version.workspace = true authors.workspace = true edition.workspace = true rust-version.workspace = true diff --git a/crates/bitwarden-crypto/Cargo.toml b/crates/bitwarden-crypto/Cargo.toml index 37359367b..e42ca686f 100644 --- a/crates/bitwarden-crypto/Cargo.toml +++ b/crates/bitwarden-crypto/Cargo.toml @@ -1,10 +1,10 @@ [package] name = "bitwarden-crypto" -version = "0.1.0" description = """ Internal crate for the bitwarden crate. Do not use. """ +version.workspace = true authors.workspace = true edition.workspace = true rust-version.workspace = true diff --git a/crates/bitwarden-exporters/Cargo.toml b/crates/bitwarden-exporters/Cargo.toml index c43e4b274..fc118b922 100644 --- a/crates/bitwarden-exporters/Cargo.toml +++ b/crates/bitwarden-exporters/Cargo.toml @@ -1,11 +1,11 @@ [package] name = "bitwarden-exporters" -version = "0.1.0" description = """ Internal crate for the bitwarden crate. Do not use. """ exclude = ["/resources"] +version.workspace = true authors.workspace = true edition.workspace = true rust-version.workspace = true diff --git a/crates/bitwarden-generators/Cargo.toml b/crates/bitwarden-generators/Cargo.toml index 82315b680..af8ce60aa 100644 --- a/crates/bitwarden-generators/Cargo.toml +++ b/crates/bitwarden-generators/Cargo.toml @@ -1,10 +1,10 @@ [package] name = "bitwarden-generators" -version = "0.1.0" description = """ Internal crate for the bitwarden crate. Do not use. """ +version.workspace = true authors.workspace = true edition.workspace = true rust-version.workspace = true diff --git a/crates/bitwarden-json/Cargo.toml b/crates/bitwarden-json/Cargo.toml index 549b9040d..4981e8f4b 100644 --- a/crates/bitwarden-json/Cargo.toml +++ b/crates/bitwarden-json/Cargo.toml @@ -21,12 +21,11 @@ secrets = ["bitwarden/secrets"] # Secrets manager API [dependencies] async-lock = ">=3.3.0, <4.0" +bitwarden = { workspace = true } log = ">=0.4.18, <0.5" schemars = ">=0.8.12, <0.9" serde = { version = ">=1.0, <2.0", features = ["derive"] } serde_json = ">=1.0.96, <2.0" -bitwarden = { workspace = true } - [lints] workspace = true diff --git a/crates/bitwarden-napi/Cargo.toml b/crates/bitwarden-napi/Cargo.toml index ea37593f2..16853dbbf 100644 --- a/crates/bitwarden-napi/Cargo.toml +++ b/crates/bitwarden-napi/Cargo.toml @@ -18,15 +18,14 @@ license-file.workspace = true crate-type = ["cdylib", "rlib"] [dependencies] +bitwarden-json = { path = "../bitwarden-json", version = "0.3.0", features = [ + "secrets", +] } env_logger = "0.11.1" log = "0.4.20" napi = { version = "2", features = ["async"] } napi-derive = "2" -bitwarden-json = { path = "../bitwarden-json", version = "0.3.0", features = [ - "secrets", -] } - [build-dependencies] napi-build = "2.1.0" diff --git a/crates/bitwarden-py/Cargo.toml b/crates/bitwarden-py/Cargo.toml index 85af436bf..e9073d802 100644 --- a/crates/bitwarden-py/Cargo.toml +++ b/crates/bitwarden-py/Cargo.toml @@ -16,11 +16,10 @@ name = "bitwarden_py" crate-type = ["cdylib"] [dependencies] +bitwarden-json = { path = "../bitwarden-json", features = ["secrets"] } pyo3 = { version = "0.20.2", features = ["extension-module"] } pyo3-log = "0.9.0" -bitwarden-json = { path = "../bitwarden-json", features = ["secrets"] } - [build-dependencies] pyo3-build-config = { version = "0.20.2" } diff --git a/crates/bitwarden-uniffi/Cargo.toml b/crates/bitwarden-uniffi/Cargo.toml index 2f0a4e175..8dfddb820 100644 --- a/crates/bitwarden-uniffi/Cargo.toml +++ b/crates/bitwarden-uniffi/Cargo.toml @@ -19,6 +19,9 @@ bench = false [dependencies] async-lock = "3.3.0" +bitwarden = { workspace = true, features = ["mobile", "internal"] } +bitwarden-crypto = { workspace = true, features = ["mobile"] } +bitwarden-generators = { workspace = true, features = ["mobile"] } chrono = { version = ">=0.4.26, <0.5", features = [ "serde", "std", @@ -27,10 +30,6 @@ env_logger = "0.11.1" schemars = { version = ">=0.8, <0.9", optional = true } uniffi = "=0.26.1" -bitwarden = { workspace = true, features = ["mobile", "internal"] } -bitwarden-crypto = { workspace = true, features = ["mobile"] } -bitwarden-generators = { workspace = true, features = ["mobile"] } - [build-dependencies] uniffi = { version = "=0.26.1", features = ["build"] } diff --git a/crates/bitwarden-wasm/Cargo.toml b/crates/bitwarden-wasm/Cargo.toml index 4cf65905f..ff4cf13c3 100644 --- a/crates/bitwarden-wasm/Cargo.toml +++ b/crates/bitwarden-wasm/Cargo.toml @@ -15,6 +15,10 @@ keywords.workspace = true crate-type = ["cdylib"] [dependencies] +bitwarden-json = { path = "../bitwarden-json", features = [ + "secrets", + "internal", +] } console_error_panic_hook = "0.1.7" console_log = { version = "1.0.0", features = ["color"] } js-sys = "0.3.68" @@ -23,11 +27,6 @@ serde = { version = "1.0.196", features = ["derive"] } wasm-bindgen = { version = "0.2.91", features = ["serde-serialize"] } wasm-bindgen-futures = "0.4.41" -bitwarden-json = { path = "../bitwarden-json", features = [ - "secrets", - "internal", -] } - [dev-dependencies] wasm-bindgen-test = "0.3.41" diff --git a/crates/bitwarden/Cargo.toml b/crates/bitwarden/Cargo.toml index 7d56b4c6e..e064360c8 100644 --- a/crates/bitwarden/Cargo.toml +++ b/crates/bitwarden/Cargo.toml @@ -1,11 +1,11 @@ [package] name = "bitwarden" -version = "0.4.0" description = """ Bitwarden Secrets Manager SDK """ keywords = ["bitwarden", "secrets-manager"] +version.workspace = true authors.workspace = true edition.workspace = true rust-version.workspace = true diff --git a/crates/bw/Cargo.toml b/crates/bw/Cargo.toml index ce69f87e9..3fa5efd4a 100644 --- a/crates/bw/Cargo.toml +++ b/crates/bw/Cargo.toml @@ -14,6 +14,8 @@ repository.workspace = true license-file.workspace = true [dependencies] +bitwarden = { workspace = true, features = ["internal", "mobile"] } +bitwarden-cli = { workspace = true } clap = { version = "4.5.1", features = ["derive", "env"] } color-eyre = "0.6" env_logger = "0.11.1" @@ -21,9 +23,6 @@ inquire = "0.6.2" log = "0.4.20" tokio = { version = "1.36.0", features = ["rt-multi-thread", "macros"] } -bitwarden = { workspace = true, features = ["internal", "mobile"] } -bitwarden-cli = { path = "../bitwarden-cli", version = "0.1.0" } - [dev-dependencies] tempfile = "3.10.0" diff --git a/crates/bws/Cargo.toml b/crates/bws/Cargo.toml index 491887f93..23f78cfd5 100644 --- a/crates/bws/Cargo.toml +++ b/crates/bws/Cargo.toml @@ -18,6 +18,7 @@ license-file.workspace = true bat = { version = "0.24.0", features = [ "regex-onig", ], default-features = false } +bitwarden = { workspace = true, features = ["secrets"] } chrono = { version = "0.4.35", features = [ "clock", "std", @@ -42,8 +43,6 @@ tokio = { version = "1.36.0", features = ["rt-multi-thread", "macros"] } toml = "0.8.10" uuid = { version = "^1.7.0", features = ["serde"] } -bitwarden = { workspace = true, features = ["secrets"] } - [dev-dependencies] tempfile = "3.10.0" diff --git a/crates/sdk-schemas/Cargo.toml b/crates/sdk-schemas/Cargo.toml index c4cc9139b..3c5e0d50b 100644 --- a/crates/sdk-schemas/Cargo.toml +++ b/crates/sdk-schemas/Cargo.toml @@ -20,10 +20,9 @@ internal = [ [dependencies] anyhow = "1.0.81" +bitwarden = { workspace = true } +bitwarden-json = { path = "../bitwarden-json" } +bitwarden-uniffi = { path = "../bitwarden-uniffi" } itertools = "0.12.1" schemars = { version = "0.8.16", features = ["preserve_order"] } serde_json = "1.0.113" - -bitwarden = { path = "../bitwarden" } -bitwarden-json = { path = "../bitwarden-json" } -bitwarden-uniffi = { path = "../bitwarden-uniffi" } From 8d09775a11c8a0a085ea2a3887d8510d198fd8e0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Apr 2024 13:43:12 +0200 Subject: [PATCH 05/17] Bump h2 from 0.4.3 to 0.4.4 (#700) Bumps [h2](https://github.com/hyperium/h2) from 0.4.3 to 0.4.4.
Release notes

Sourced from h2's releases.

v0.4.4

Fixes

  • Limit number of CONTINUATION frames for misbehaving connections.

See https://seanmonstar.com/blog/hyper-http2-continuation-flood/ for more info.

Changelog

Sourced from h2's changelog.

0.4.4 (April 3, 2024)

  • Limit number of CONTINUATION frames for misbehaving connections.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=h2&package-manager=cargo&previous-version=0.4.3&new-version=0.4.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bitwarden/sdk/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Cargo.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index b3538ccab..cc24ecfc1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1481,9 +1481,9 @@ dependencies = [ [[package]] name = "h2" -version = "0.4.3" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51ee2dd2e4f378392eeff5d51618cd9a63166a2513846bbc55f21cfacd9199d4" +checksum = "816ec7294445779408f36fe57bc5b7fc1cf59664059096c65f905c1c61f58069" dependencies = [ "bytes", "fnv", From dac4751a22f4517e39350c72284fa7d80ad7fea9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Apr 2024 13:46:03 +0200 Subject: [PATCH 06/17] Bump follow-redirects from 1.15.5 to 1.15.6 (#701) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.5 to 1.15.6.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=follow-redirects&package-manager=npm_and_yarn&previous-version=1.15.5&new-version=1.15.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/bitwarden/sdk/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2c4b9b478..5728464b4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -923,9 +923,9 @@ } }, "node_modules/follow-redirects": { - "version": "1.15.5", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.5.tgz", - "integrity": "sha512-vSFWUON1B+yAw1VN4xMfxgn5fTUiaOzAJCKBwIIgT/+7CuGy9+r+5gITvP62j3RmaD5Ph65UaERdOSRGUzZtgw==", + "version": "1.15.6", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz", + "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==", "dev": true, "funding": [ { From 1ccf11b664a6d5210a4a140438ccb5b3597e05c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Garc=C3=ADa?= Date: Tue, 9 Apr 2024 14:28:19 +0200 Subject: [PATCH 07/17] [PM-6764] Move cipher to organization (#695) ## Type of change ``` - [ ] Bug fix - [x] New feature development - [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc) - [ ] Build/deploy pipeline (DevOps) - [ ] Other ``` ## Objective Added function to allow moving a cipher to an organization, which requires reencrypting the cipher key if it has one. --- Cargo.lock | 1 + crates/bitwarden-uniffi/Cargo.toml | 1 + crates/bitwarden-uniffi/src/uniffi_support.rs | 2 + crates/bitwarden-uniffi/src/vault/ciphers.rs | 18 ++ .../src/mobile/vault/client_ciphers.rs | 11 ++ crates/bitwarden/src/vault/cipher/cipher.rs | 157 +++++++++++++----- languages/kotlin/doc.md | 26 ++- 7 files changed, 177 insertions(+), 39 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index cc24ecfc1..47e2b9e9d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -515,6 +515,7 @@ dependencies = [ "env_logger", "schemars", "uniffi", + "uuid", ] [[package]] diff --git a/crates/bitwarden-uniffi/Cargo.toml b/crates/bitwarden-uniffi/Cargo.toml index 8dfddb820..90a106bce 100644 --- a/crates/bitwarden-uniffi/Cargo.toml +++ b/crates/bitwarden-uniffi/Cargo.toml @@ -29,6 +29,7 @@ chrono = { version = ">=0.4.26, <0.5", features = [ env_logger = "0.11.1" schemars = { version = ">=0.8, <0.9", optional = true } uniffi = "=0.26.1" +uuid = ">=1.3.3, <2" [build-dependencies] uniffi = { version = "=0.26.1", features = ["build"] } diff --git a/crates/bitwarden-uniffi/src/uniffi_support.rs b/crates/bitwarden-uniffi/src/uniffi_support.rs index a49e347b6..f487dfaa0 100644 --- a/crates/bitwarden-uniffi/src/uniffi_support.rs +++ b/crates/bitwarden-uniffi/src/uniffi_support.rs @@ -1,4 +1,5 @@ use bitwarden_crypto::{AsymmetricEncString, EncString, SensitiveString}; +use uuid::Uuid; // Forward the type definitions to the main bitwarden crate type DateTime = chrono::DateTime; @@ -6,3 +7,4 @@ uniffi::ffi_converter_forward!(DateTime, bitwarden::UniFfiTag, crate::UniFfiTag) uniffi::ffi_converter_forward!(EncString, bitwarden::UniFfiTag, crate::UniFfiTag); uniffi::ffi_converter_forward!(AsymmetricEncString, bitwarden::UniFfiTag, crate::UniFfiTag); uniffi::ffi_converter_forward!(SensitiveString, bitwarden::UniFfiTag, crate::UniFfiTag); +uniffi::ffi_converter_forward!(Uuid, bitwarden::UniFfiTag, crate::UniFfiTag); diff --git a/crates/bitwarden-uniffi/src/vault/ciphers.rs b/crates/bitwarden-uniffi/src/vault/ciphers.rs index eb8543947..dcf224a38 100644 --- a/crates/bitwarden-uniffi/src/vault/ciphers.rs +++ b/crates/bitwarden-uniffi/src/vault/ciphers.rs @@ -1,6 +1,7 @@ use std::sync::Arc; use bitwarden::vault::{Cipher, CipherListView, CipherView}; +use uuid::Uuid; use crate::{Client, Result}; @@ -47,4 +48,21 @@ impl ClientCiphers { .decrypt_list(ciphers) .await?) } + + /// Move a cipher to an organization, reencrypting the cipher key if necessary + pub async fn move_to_organization( + &self, + cipher: CipherView, + organization_id: Uuid, + ) -> Result { + Ok(self + .0 + .0 + .read() + .await + .vault() + .ciphers() + .move_to_organization(cipher, organization_id) + .await?) + } } diff --git a/crates/bitwarden/src/mobile/vault/client_ciphers.rs b/crates/bitwarden/src/mobile/vault/client_ciphers.rs index c35cf3080..71203374f 100644 --- a/crates/bitwarden/src/mobile/vault/client_ciphers.rs +++ b/crates/bitwarden/src/mobile/vault/client_ciphers.rs @@ -1,4 +1,5 @@ use bitwarden_crypto::{Decryptable, Encryptable, LocateKey}; +use uuid::Uuid; use super::client_vault::ClientVault; use crate::{ @@ -44,6 +45,16 @@ impl<'a> ClientCiphers<'a> { Ok(cipher_views) } + + pub async fn move_to_organization( + &self, + mut cipher_view: CipherView, + organization_id: Uuid, + ) -> Result { + let enc = self.client.get_encryption_settings()?; + cipher_view.move_to_organization(enc, organization_id)?; + Ok(cipher_view) + } } impl<'a> ClientVault<'a> { diff --git a/crates/bitwarden/src/vault/cipher/cipher.rs b/crates/bitwarden/src/vault/cipher/cipher.rs index fa85b5969..f245fdc3a 100644 --- a/crates/bitwarden/src/vault/cipher/cipher.rs +++ b/crates/bitwarden/src/vault/cipher/cipher.rs @@ -1,6 +1,6 @@ use bitwarden_api_api::models::CipherDetailsResponseModel; use bitwarden_crypto::{ - CryptoError, EncString, KeyContainer, KeyDecryptable, KeyEncryptable, LocateKey, + CryptoError, EncString, KeyContainer, KeyDecryptable, KeyEncryptable, LocateKey, SensitiveVec, SymmetricCryptoKey, }; use chrono::{DateTime, Utc}; @@ -325,6 +325,29 @@ impl CipherView { uris.retain(|u| u.is_checksum_valid()); } } + + pub fn move_to_organization( + &mut self, + enc: &dyn KeyContainer, + organization_id: Uuid, + ) -> Result<()> { + // If the cipher has a key, we need to re-encrypt it with the new organization key + if let Some(cipher_key) = &mut self.key { + let old_key = enc + .get_key(&self.organization_id) + .ok_or(Error::VaultLocked)?; + + let new_key = enc + .get_key(&Some(organization_id)) + .ok_or(Error::VaultLocked)?; + + let dec_cipher_key = SensitiveVec::new(Box::new(cipher_key.decrypt_with_key(old_key)?)); + *cipher_key = dec_cipher_key.expose().encrypt_with_key(new_key)?; + } + + self.organization_id = Some(organization_id); + Ok(()) + } } impl KeyDecryptable for Cipher { @@ -443,49 +466,51 @@ impl From for CipherRepromptType #[cfg(test)] mod tests { + use std::collections::HashMap; + use super::*; + fn generate_cipher() -> CipherView { + CipherView { + r#type: CipherType::Login, + login: Some(login::LoginView { + username: Some("test_username".to_string()), + password: Some("test_password".to_string()), + password_revision_date: None, + uris: None, + totp: None, + autofill_on_page_load: None, + fido2_credentials: None, + }), + id: "fd411a1a-fec8-4070-985d-0e6560860e69".parse().ok(), + organization_id: None, + folder_id: None, + collection_ids: vec![], + key: None, + name: "My test login".to_string(), + notes: None, + identity: None, + card: None, + secure_note: None, + favorite: false, + reprompt: CipherRepromptType::None, + organization_use_totp: true, + edit: true, + view_password: true, + local_data: None, + attachments: None, + fields: None, + password_history: None, + creation_date: "2024-01-30T17:55:36.150Z".parse().unwrap(), + deleted_date: None, + revision_date: "2024-01-30T17:55:36.150Z".parse().unwrap(), + } + } + #[test] fn test_generate_cipher_key() { let key = SymmetricCryptoKey::generate(rand::thread_rng()); - fn generate_cipher() -> CipherView { - CipherView { - r#type: CipherType::Login, - login: Some(login::LoginView { - username: Some("test_username".to_string()), - password: Some("test_password".to_string()), - password_revision_date: None, - uris: None, - totp: None, - autofill_on_page_load: None, - fido2_credentials: None, - }), - id: "fd411a1a-fec8-4070-985d-0e6560860e69".parse().ok(), - organization_id: None, - folder_id: None, - collection_ids: vec![], - key: None, - name: "My test login".to_string(), - notes: None, - identity: None, - card: None, - secure_note: None, - favorite: false, - reprompt: CipherRepromptType::None, - organization_use_totp: true, - edit: true, - view_password: true, - local_data: None, - attachments: None, - fields: None, - password_history: None, - creation_date: "2024-01-30T17:55:36.150Z".parse().unwrap(), - deleted_date: None, - revision_date: "2024-01-30T17:55:36.150Z".parse().unwrap(), - } - } - let original_cipher = generate_cipher(); // Check that the cipher gets encrypted correctly without it's own key @@ -504,4 +529,60 @@ mod tests { assert!(key_cipher_dec.key.is_some()); assert_eq!(key_cipher_dec.name, original_cipher.name); } + + struct MockKeyContainer(HashMap, SymmetricCryptoKey>); + impl KeyContainer for MockKeyContainer { + fn get_key<'a>(&'a self, org_id: &Option) -> Option<&'a SymmetricCryptoKey> { + self.0.get(org_id) + } + } + + #[test] + fn test_move_user_cipher_to_org() { + let org = uuid::Uuid::new_v4(); + + let enc = MockKeyContainer(HashMap::from([ + (None, SymmetricCryptoKey::generate(rand::thread_rng())), + (Some(org), SymmetricCryptoKey::generate(rand::thread_rng())), + ])); + + // Create a cipher with a user key + let mut cipher = generate_cipher(); + cipher + .generate_cipher_key(enc.get_key(&None).unwrap()) + .unwrap(); + + cipher.move_to_organization(&enc, org).unwrap(); + assert_eq!(cipher.organization_id, Some(org)); + + // Check that the cipher can be encrypted/decrypted with the new org key + let org_key = enc.get_key(&Some(org)).unwrap(); + let cipher_enc = cipher.encrypt_with_key(org_key).unwrap(); + let cipher_dec: CipherView = cipher_enc.decrypt_with_key(org_key).unwrap(); + + assert_eq!(cipher_dec.name, "My test login"); + } + + #[test] + fn test_move_user_cipher_to_org_manually() { + let org = uuid::Uuid::new_v4(); + + let enc = MockKeyContainer(HashMap::from([ + (None, SymmetricCryptoKey::generate(rand::thread_rng())), + (Some(org), SymmetricCryptoKey::generate(rand::thread_rng())), + ])); + + // Create a cipher with a user key + let mut cipher = generate_cipher(); + cipher + .generate_cipher_key(enc.get_key(&None).unwrap()) + .unwrap(); + + cipher.organization_id = Some(org); + + // Check that the cipher can not be encrypted, as the + // cipher key is tied to the user key and not the org key + let org_key = enc.get_key(&Some(org)).unwrap(); + assert!(cipher.encrypt_with_key(org_key).is_err()); + } } diff --git a/languages/kotlin/doc.md b/languages/kotlin/doc.md index 5dce0dbb4..e12914f64 100644 --- a/languages/kotlin/doc.md +++ b/languages/kotlin/doc.md @@ -132,6 +132,18 @@ Generate keys needed for registration process **Output**: std::result::Result +### `make_register_tde_keys` + +Generate keys needed for TDE process + +**Arguments**: + +- self: +- org_public_key: String +- remember_device: + +**Output**: std::result::Result + ### `validate_password` Validate the user password @@ -288,6 +300,18 @@ Decrypt cipher list **Output**: std::result::Result +### `move_to_organization` + +Move a cipher to an organization, reencrypting the cipher key if necessary + +**Arguments**: + +- self: +- cipher: [CipherView](#cipherview) +- organization_id: Uuid + +**Output**: std::result::Result + ## ClientCollections ### `decrypt` @@ -346,7 +370,7 @@ as it can be used to decrypt all of the user's data - self: -**Output**: std::result::Result +**Output**: std::result::Result ### `update_password` From 4a339a911e6db1583465f69b4c9ff981104ea0ef Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Tue, 9 Apr 2024 16:27:51 +0200 Subject: [PATCH 08/17] Remove doc.md (#699) Remove the `doc.md` now that we have proper documentation in the generated bindings. --- .prettierignore | 3 - crates/bitwarden-uniffi/README.md | 4 +- languages/kotlin/doc.md | 1825 ----------------------------- 3 files changed, 3 insertions(+), 1829 deletions(-) delete mode 100644 languages/kotlin/doc.md diff --git a/.prettierignore b/.prettierignore index 97474cca9..36c418776 100644 --- a/.prettierignore +++ b/.prettierignore @@ -1,8 +1,5 @@ target languages/* -!/languages/kotlin -languages/kotlin/* -!/languages/kotlin/doc.md schemas /crates/bitwarden-napi/src-ts/bitwarden_client/schemas.ts about.hbs diff --git a/crates/bitwarden-uniffi/README.md b/crates/bitwarden-uniffi/README.md index 1be7706bb..4b2e61714 100644 --- a/crates/bitwarden-uniffi/README.md +++ b/crates/bitwarden-uniffi/README.md @@ -2,10 +2,12 @@ ## Generating documentation +If desired we have some scripts that generates markdown documentation from the rustdoc output. + ```bash cargo +nightly rustdoc -p bitwarden -- -Zunstable-options --output-format json cargo +nightly rustdoc -p bitwarden-uniffi -- -Zunstable-options --output-format json npm run schemas -npx ts-node ./support/docs/docs.ts > languages/kotlin/doc.md +npx ts-node ./support/docs/docs.ts > doc.md ``` diff --git a/languages/kotlin/doc.md b/languages/kotlin/doc.md deleted file mode 100644 index e12914f64..000000000 --- a/languages/kotlin/doc.md +++ /dev/null @@ -1,1825 +0,0 @@ -# Bitwarden Mobile SDK - -Auto generated documentation for the Bitwarden Mobile SDK. For more information please refer to the -rust crates `bitwarden` and `bitwarden-uniffi`. For code samples check the `languages/kotlin/app` -and `languages/swift/app` directories. - -## Client - -### `new` - -Initialize a new instance of the SDK client - -**Arguments**: - -- settings: Option - -**Output**: Arc - -### `crypto` - -Crypto operations - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `vault` - -Vault item operations - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `generators` - -Generator operations - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `exporters` - -Exporters - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `auth` - -Auth operations - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `echo` - -Test method, echoes back the input - -**Arguments**: - -- self: -- msg: String - -**Output**: String - -## ClientAuth - -### `password_strength` - -**API Draft:** Calculate Password Strength - -**Arguments**: - -- self: -- password: String -- email: String -- additional_inputs: Vec - -**Output**: - -### `satisfies_policy` - -Evaluate if the provided password satisfies the provided policy - -**Arguments**: - -- self: -- password: String -- strength: -- policy: [MasterPasswordPolicyOptions](#masterpasswordpolicyoptions) - -**Output**: - -### `hash_password` - -Hash the user password - -**Arguments**: - -- self: -- email: String -- password: String -- kdf_params: [Kdf](#kdf) -- purpose: [HashPurpose](#hashpurpose) - -**Output**: std::result::Result - -### `make_register_keys` - -Generate keys needed for registration process - -**Arguments**: - -- self: -- email: String -- password: String -- kdf: [Kdf](#kdf) - -**Output**: std::result::Result - -### `make_register_tde_keys` - -Generate keys needed for TDE process - -**Arguments**: - -- self: -- org_public_key: String -- remember_device: - -**Output**: std::result::Result - -### `validate_password` - -Validate the user password - -To retrieve the user's password hash, use [`ClientAuth::hash_password`] with -`HashPurpose::LocalAuthentication` during login and persist it. If the login method has no -password, use the email OTP. - -**Arguments**: - -- self: -- password: String -- password_hash: String - -**Output**: std::result::Result<,BitwardenError> - -### `validate_password_user_key` - -Validate the user password without knowing the password hash - -Used for accounts that we know have master passwords but that have not logged in with a password. -Some example are login with device or TDE. - -This works by comparing the provided password against the encrypted user key. - -**Arguments**: - -- self: -- password: String -- encrypted_user_key: String - -**Output**: std::result::Result - -### `new_auth_request` - -Initialize a new auth request - -**Arguments**: - -- self: -- email: String - -**Output**: std::result::Result - -### `approve_auth_request` - -Approve an auth request - -**Arguments**: - -- self: -- public_key: String - -**Output**: std::result::Result - -### `trust_device` - -Trust the current device - -**Arguments**: - -- self: - -**Output**: std::result::Result - -## ClientAttachments - -### `encrypt_buffer` - -Encrypt an attachment file in memory - -**Arguments**: - -- self: -- cipher: [Cipher](#cipher) -- attachment: [AttachmentView](#attachmentview) -- buffer: Vec<> - -**Output**: std::result::Result - -### `encrypt_file` - -Encrypt an attachment file located in the file system - -**Arguments**: - -- self: -- cipher: [Cipher](#cipher) -- attachment: [AttachmentView](#attachmentview) -- decrypted_file_path: String -- encrypted_file_path: String - -**Output**: std::result::Result - -### `decrypt_buffer` - -Decrypt an attachment file in memory - -**Arguments**: - -- self: -- cipher: [Cipher](#cipher) -- attachment: [Attachment](#attachment) -- buffer: Vec<> - -**Output**: std::result::Result - -### `decrypt_file` - -Decrypt an attachment file located in the file system - -**Arguments**: - -- self: -- cipher: [Cipher](#cipher) -- attachment: [Attachment](#attachment) -- encrypted_file_path: String -- decrypted_file_path: String - -**Output**: std::result::Result<,BitwardenError> - -## ClientCiphers - -### `encrypt` - -Encrypt cipher - -**Arguments**: - -- self: -- cipher_view: [CipherView](#cipherview) - -**Output**: std::result::Result - -### `decrypt` - -Decrypt cipher - -**Arguments**: - -- self: -- cipher: [Cipher](#cipher) - -**Output**: std::result::Result - -### `decrypt_list` - -Decrypt cipher list - -**Arguments**: - -- self: -- ciphers: Vec - -**Output**: std::result::Result - -### `move_to_organization` - -Move a cipher to an organization, reencrypting the cipher key if necessary - -**Arguments**: - -- self: -- cipher: [CipherView](#cipherview) -- organization_id: Uuid - -**Output**: std::result::Result - -## ClientCollections - -### `decrypt` - -Decrypt collection - -**Arguments**: - -- self: -- collection: [Collection](#collection) - -**Output**: std::result::Result - -### `decrypt_list` - -Decrypt collection list - -**Arguments**: - -- self: -- collections: Vec - -**Output**: std::result::Result - -## ClientCrypto - -### `initialize_user_crypto` - -Initialization method for the user crypto. Needs to be called before any other crypto operations. - -**Arguments**: - -- self: -- req: [InitUserCryptoRequest](#initusercryptorequest) - -**Output**: std::result::Result<,BitwardenError> - -### `initialize_org_crypto` - -Initialization method for the organization crypto. Needs to be called after -`initialize_user_crypto` but before any other crypto operations. - -**Arguments**: - -- self: -- req: [InitOrgCryptoRequest](#initorgcryptorequest) - -**Output**: std::result::Result<,BitwardenError> - -### `get_user_encryption_key` - -Get the uses's decrypted encryption key. Note: It's very important to keep this key safe, -as it can be used to decrypt all of the user's data - -**Arguments**: - -- self: - -**Output**: std::result::Result - -### `update_password` - -Update the user's password, which will re-encrypt the user's encryption key with the new -password. This returns the new encrypted user key and the new password hash. - -**Arguments**: - -- self: -- new_password: String - -**Output**: std::result::Result - -### `derive_pin_key` - -Generates a PIN protected user key from the provided PIN. The result can be stored and later used to -initialize another client instance by using the PIN and the PIN key with -`initialize_user_crypto`. - -**Arguments**: - -- self: -- pin: String - -**Output**: std::result::Result - -### `derive_pin_user_key` - -Derives the pin protected user key from encrypted pin. Used when pin requires master password on -first unlock. - -**Arguments**: - -- self: -- encrypted_pin: [EncString](#encstring) - -**Output**: std::result::Result - -## ClientExporters - -### `export_vault` - -**API Draft:** Export user vault - -**Arguments**: - -- self: -- folders: Vec -- ciphers: Vec -- format: [ExportFormat](#exportformat) - -**Output**: std::result::Result - -### `export_organization_vault` - -**API Draft:** Export organization vault - -**Arguments**: - -- self: -- collections: Vec -- ciphers: Vec -- format: [ExportFormat](#exportformat) - -**Output**: std::result::Result - -## ClientFolders - -### `encrypt` - -Encrypt folder - -**Arguments**: - -- self: -- folder: [FolderView](#folderview) - -**Output**: std::result::Result - -### `decrypt` - -Decrypt folder - -**Arguments**: - -- self: -- folder: [Folder](#folder) - -**Output**: std::result::Result - -### `decrypt_list` - -Decrypt folder list - -**Arguments**: - -- self: -- folders: Vec - -**Output**: std::result::Result - -## ClientGenerators - -### `password` - -**API Draft:** Generate Password - -**Arguments**: - -- self: -- settings: [PasswordGeneratorRequest](#passwordgeneratorrequest) - -**Output**: std::result::Result - -### `passphrase` - -**API Draft:** Generate Passphrase - -**Arguments**: - -- self: -- settings: [PassphraseGeneratorRequest](#passphrasegeneratorrequest) - -**Output**: std::result::Result - -### `username` - -**API Draft:** Generate Username - -**Arguments**: - -- self: -- settings: UsernameGeneratorRequest - -**Output**: std::result::Result - -## ClientPasswordHistory - -### `encrypt` - -Encrypt password history - -**Arguments**: - -- self: -- password_history: [PasswordHistoryView](#passwordhistoryview) - -**Output**: std::result::Result - -### `decrypt_list` - -Decrypt password history - -**Arguments**: - -- self: -- list: Vec - -**Output**: std::result::Result - -## ClientPlatform - -### `fingerprint` - -Fingerprint (public key) - -**Arguments**: - -- self: -- req: [FingerprintRequest](#fingerprintrequest) - -**Output**: std::result::Result - -### `user_fingerprint` - -Fingerprint using logged in user's public key - -**Arguments**: - -- self: -- fingerprint_material: String - -**Output**: std::result::Result - -### `load_flags` - -Load feature flags into the client - -**Arguments**: - -- self: -- flags: std::collections::HashMap - -**Output**: std::result::Result<,BitwardenError> - -## ClientSends - -### `encrypt` - -Encrypt send - -**Arguments**: - -- self: -- send: [SendView](#sendview) - -**Output**: std::result::Result - -### `encrypt_buffer` - -Encrypt a send file in memory - -**Arguments**: - -- self: -- send: [Send](#send) -- buffer: Vec<> - -**Output**: std::result::Result - -### `encrypt_file` - -Encrypt a send file located in the file system - -**Arguments**: - -- self: -- send: [Send](#send) -- decrypted_file_path: String -- encrypted_file_path: String - -**Output**: std::result::Result<,BitwardenError> - -### `decrypt` - -Decrypt send - -**Arguments**: - -- self: -- send: [Send](#send) - -**Output**: std::result::Result - -### `decrypt_list` - -Decrypt send list - -**Arguments**: - -- self: -- sends: Vec - -**Output**: std::result::Result - -### `decrypt_buffer` - -Decrypt a send file in memory - -**Arguments**: - -- self: -- send: [Send](#send) -- buffer: Vec<> - -**Output**: std::result::Result - -### `decrypt_file` - -Decrypt a send file located in the file system - -**Arguments**: - -- self: -- send: [Send](#send) -- encrypted_file_path: String -- decrypted_file_path: String - -**Output**: std::result::Result<,BitwardenError> - -## ClientVault - -### `folders` - -Folder operations - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `collections` - -Collections operations - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `ciphers` - -Ciphers operations - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `password_history` - -Password history operations - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `sends` - -Sends operations - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `attachments` - -Attachment file operations - -**Arguments**: - -- self: Arc - -**Output**: Arc - -### `generate_totp` - -Generate a TOTP code from a provided key. - -The key can be either: - -- A base32 encoded string -- OTP Auth URI -- Steam URI - -**Arguments**: - -- self: -- key: String -- time: Option - -**Output**: std::result::Result - -# References - -References are generated from the JSON schemas and should mostly match the kotlin and swift -implementations. - -## `Attachment` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
idstring,null
urlstring,null
sizestring,null
sizeNamestring,nullReadable size, ex: "4.2 KB" or "1.43 GB"
fileName
key
- -## `AttachmentView` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
idstring,null
urlstring,null
sizestring,null
sizeNamestring,null
fileNamestring,null
key
- -## `Cipher` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
idstring,null
organizationIdstring,null
folderIdstring,null
collectionIdsarray
keyMore recent ciphers uses individual encryption keys to encrypt the other fields of the Cipher.
name
notes
type
login
identity
card
secureNote
favoriteboolean
reprompt
organizationUseTotpboolean
editboolean
viewPasswordboolean
localData
attachmentsarray,null
fieldsarray,null
passwordHistoryarray,null
creationDatestring
deletedDatestring,null
revisionDatestring
- -## `CipherView` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
idstring,null
organizationIdstring,null
folderIdstring,null
collectionIdsarray
key
namestring
notesstring,null
type
login
identity
card
secureNote
favoriteboolean
reprompt
organizationUseTotpboolean
editboolean
viewPasswordboolean
localData
attachmentsarray,null
fieldsarray,null
passwordHistoryarray,null
creationDatestring
deletedDatestring,null
revisionDatestring
- -## `Collection` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
idstring,null
organizationIdstring
name
externalIdstring,null
hidePasswordsboolean
readOnlyboolean
- -## `EncString` - - - - - - - -
KeyTypeDescription
- -## `ExportFormat` - - - - - - - - - - - - - - - -
KeyTypeDescription
EncryptedJsonobject
- - - - - - - - - - - -
KeyTypeDescription
passwordstring
-
- -## `FingerprintRequest` - - - - - - - - - - - - - - - - - -
KeyTypeDescription
fingerprintMaterialstringThe input material, used in the fingerprint generation process.
publicKeystringThe user's public key encoded with base64.
- -## `Folder` - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
idstring,null
name
revisionDatestring
- -## `FolderView` - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
idstring,null
namestring
revisionDatestring
- -## `HashPurpose` - - - - - - - -
KeyTypeDescription
- -## `InitOrgCryptoRequest` - - - - - - - - - - - - -
KeyTypeDescription
organizationKeysobjectThe encryption keys for all the organizations the user is a part of
- -## `InitUserCryptoMethod` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
passwordobject
- - - - - - - - - - - - - - - - -
KeyTypeDescription
passwordstringThe user's master password
user_keystringThe user's encrypted symmetric crypto key
-
decryptedKeyobject
- - - - - - - - - - - -
KeyTypeDescription
decrypted_user_keystringThe user's decrypted encryption key, obtained using `get_user_encryption_key`
-
pinobject
- - - - - - - - - - - - - - - - -
KeyTypeDescription
pinstringThe user's PIN
pin_protected_user_keyThe user's symmetric crypto key, encrypted with the PIN. Use `derive_pin_key` to obtain this.
-
authRequestobject
- - - - - - - - - - - - - - - - -
KeyTypeDescription
request_private_keystringPrivate Key generated by the `crate::auth::new_auth_request`.
method
-
deviceKeyobject
- - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
device_keystringThe device's DeviceKey
protected_device_private_keyThe Device Private Key
device_protected_user_keyThe user's symmetric crypto key, encrypted with the Device Key.
-
- -## `InitUserCryptoRequest` - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
kdfParamsThe user's KDF parameters, as received from the prelogin request
emailstringThe user's email address
privateKeystringThe user's encrypted private key
methodThe initialization method to use
- -## `Kdf` - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
pBKDF2object
- - - - - - - - - - - -
KeyTypeDescription
iterationsinteger
-
argon2idobject
- - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
iterationsinteger
memoryinteger
parallelisminteger
-
- -## `MasterPasswordPolicyOptions` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
min_complexityinteger
min_lengthinteger
require_upperboolean
require_lowerboolean
require_numbersboolean
require_specialboolean
enforce_on_loginbooleanFlag to indicate if the policy should be enforced on login. If true, and the user's password does not meet the policy requirements, the user will be forced to update their password.
- -## `PassphraseGeneratorRequest` - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
numWordsintegerNumber of words in the generated passphrase. This value must be between 3 and 20.
wordSeparatorstringCharacter separator between words in the generated passphrase. The value cannot be empty.
capitalizebooleanWhen set to true, capitalize the first letter of each word in the generated passphrase.
includeNumberbooleanWhen set to true, include a number at the end of one of the words in the generated passphrase.
- -## `PasswordGeneratorRequest` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
lowercasebooleanInclude lowercase characters (a-z).
uppercasebooleanInclude uppercase characters (A-Z).
numbersbooleanInclude numbers (0-9).
specialbooleanInclude special characters: ! @ # $ % ^ & *
lengthintegerThe length of the generated password. Note that the password length must be greater than the sum of all the minimums.
avoidAmbiguousbooleanWhen set to true, the generated password will not contain ambiguous characters. The ambiguous characters are: I, O, l, 0, 1
minLowercaseinteger,nullThe minimum number of lowercase characters in the generated password. When set, the value must be between 1 and 9. This value is ignored is lowercase is false
minUppercaseinteger,nullThe minimum number of uppercase characters in the generated password. When set, the value must be between 1 and 9. This value is ignored is uppercase is false
minNumberinteger,nullThe minimum number of numbers in the generated password. When set, the value must be between 1 and 9. This value is ignored is numbers is false
minSpecialinteger,nullThe minimum number of special characters in the generated password. When set, the value must be between 1 and 9. This value is ignored is special is false
- -## `PasswordHistoryView` - - - - - - - - - - - - - - - - - -
KeyTypeDescription
passwordstring
lastUsedDatestring
- -## `Send` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
idstring,null
accessIdstring,null
name
notes
key
passwordstring,null
type
file
text
maxAccessCountinteger,null
accessCountinteger
disabledboolean
hideEmailboolean
revisionDatestring
deletionDatestring
expirationDatestring,null
- -## `SendView` - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyTypeDescription
idstring,null
accessIdstring,null
namestring
notesstring,null
keystring,nullBase64 encoded key
newPasswordstring,nullReplace or add a password to an existing send. The SDK will always return None when decrypting a [Send] TODO: We should revisit this, one variant is to have `[Create, Update]SendView` DTOs.
hasPasswordbooleanDenote if an existing send has a password. The SDK will ignore this value when creating or updating sends.
type
file
text
maxAccessCountinteger,null
accessCountinteger
disabledboolean
hideEmailboolean
revisionDatestring
deletionDatestring
expirationDatestring,null
From 09d28266dcdfc00a6536832c26a575b9f6613a11 Mon Sep 17 00:00:00 2001 From: Colton Hurst Date: Wed, 10 Apr 2024 18:56:39 -0400 Subject: [PATCH 09/17] [SM-1178] Rename Service Accounts to Machine Accounts (#698) ## Type of change - [ ] Bug fix - [x] New feature development - [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc) - [ ] Build/deploy pipeline (DevOps) - [ ] Other ## Objective Rename instances (& similar) of "service account" to "machine account". This only impacts public facing text, so items in README's, documentation, help docs, etc. ## Before you submit - Please add **unit tests** where it makes sense to do so --- crates/bitwarden-napi/README.md | 2 +- crates/bws/src/main.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/crates/bitwarden-napi/README.md b/crates/bitwarden-napi/README.md index d16c8152d..d9e3e7f27 100644 --- a/crates/bitwarden-napi/README.md +++ b/crates/bitwarden-napi/README.md @@ -20,7 +20,7 @@ const accessToken = "-- REDACTED --"; const client = new BitwardenClient(settings, LogLevel.Info); -// Authenticating using a service accounts access token +// Authenticating using a machine account access token const result = await client.loginWithAccessToken(accessToken); if (!result.success) { throw Error("Authentication failed"); diff --git a/crates/bws/src/main.rs b/crates/bws/src/main.rs index 182e20679..0f94fd7ec 100644 --- a/crates/bws/src/main.rs +++ b/crates/bws/src/main.rs @@ -40,7 +40,7 @@ struct Cli { #[arg(short = 'c', long, global = true, value_enum, default_value_t = Color::Auto, help="Use colors in the output")] color: Color, - #[arg(short = 't', long, global = true, env = ACCESS_TOKEN_KEY_VAR_NAME, hide_env_values = true, help="Specify access token for the service account")] + #[arg(short = 't', long, global = true, env = ACCESS_TOKEN_KEY_VAR_NAME, hide_env_values = true, help="Specify access token for the machine account")] access_token: Option, #[arg( From 4b5aaa628ac7814da2672983b405d34ba2f82546 Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Thu, 11 Apr 2024 11:23:35 +0200 Subject: [PATCH 10/17] Fix android build errors (#703) Since we share the same version across crates we need to load it from the root `cargo.Toml` instead of `crates/bitwarden/cargo.Toml`. Resolves the Android SDK no longer building. --- languages/kotlin/sdk/build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/languages/kotlin/sdk/build.gradle b/languages/kotlin/sdk/build.gradle index 9b3ca3585..d92dad56a 100644 --- a/languages/kotlin/sdk/build.gradle +++ b/languages/kotlin/sdk/build.gradle @@ -55,7 +55,7 @@ publishing { def branchName = "git branch --show-current".execute().text.trim() if (branchName == "main") { - def content = ['grep', '-o', '^version = ".*"', '../../crates/bitwarden/Cargo.toml'].execute().text.trim() + def content = ['grep', '-o', '^version = ".*"', '../../Cargo.toml'].execute().text.trim() def match = ~/version = "(.*)"/ def matcher = match.matcher(content) matcher.find() From 975ac0c8992d7723c284173808e5771395fa79d2 Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Thu, 11 Apr 2024 14:04:30 +0200 Subject: [PATCH 11/17] Add bitwarden-cli and bitwarden-exporters to publish-rust-crates (#704) We need to be able to publish these crates to release the SDK. --- .github/workflows/publish-rust-crates.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/.github/workflows/publish-rust-crates.yml b/.github/workflows/publish-rust-crates.yml index f6a52d5d1..d470b5194 100644 --- a/.github/workflows/publish-rust-crates.yml +++ b/.github/workflows/publish-rust-crates.yml @@ -34,11 +34,21 @@ on: required: true default: true type: boolean + publish_bitwarden-cli: + description: "Publish bitwarden-cli crate" + required: true + default: true + type: boolean publish_bitwarden-generators: description: "Publish bitwarden-generators crate" required: true default: true type: boolean + publish_bitwarden-exporters: + description: "Publish bitwarden-exporters crate" + required: true + default: true + type: boolean defaults: run: @@ -72,7 +82,9 @@ jobs: PUBLISH_BITWARDEN_API_API: ${{ github.event.inputs.publish_bitwarden-api-api }} PUBLISH_BITWARDEN_API_IDENTITY: ${{ github.event.inputs.publish_bitwarden-api-identity }} PUBLISH_BITWARDEN_CRYPTO: ${{ github.event.inputs.publish_bitwarden-crypto }} + PUBLISH_BITWARDEN_CLI: ${{ github.event.inputs.publish_bitwarden-cli }} PUBLISH_BITWARDEN_GENERATORS: ${{ github.event.inputs.publish_bitwarden-generators }} + PUBLISH_BITWARDEN_EXPORTERS: ${{ github.event.inputs.publish_bitwarden-exporters }} run: | if [[ "$PUBLISH_BITWARDEN" == "false" ]] && [[ "$PUBLISH_BITWARDEN_API_API" == "false" ]] && [[ "$PUBLISH_BITWARDEN_API_IDENTITY" == "false" ]]; then echo "===================================" @@ -104,11 +116,21 @@ jobs: PACKAGES_LIST="$PACKAGES_LIST bitwarden-crypto" fi + if [[ "$PUBLISH_BITWARDEN_CLI" == "true" ]]; then + PACKAGES_COMMAND="$PACKAGES_COMMAND -p bitwarden-cli" + PACKAGES_LIST="$PACKAGES_LIST bitwarden-cli" + fi + if [[ "$PUBLISH_BITWARDEN_GENERATORS" == "true" ]]; then PACKAGES_COMMAND="$PACKAGES_COMMAND -p bitwarden-generators" PACKAGES_LIST="$PACKAGES_LIST bitwarden-generators" fi + if [[ "$PUBLISH_BITWARDEN_EXPORTERS" == "true" ]]; then + PACKAGES_COMMAND="$PACKAGES_COMMAND -p bitwarden-generators" + PACKAGES_LIST="$PACKAGES_LIST bitwarden-generators" + fi + echo "Packages command: " $PACKAGES_COMMAND echo "Packages list: " $PACKAGES_LIST From b4205cc7e508862818461dd739f81fae9a4bca62 Mon Sep 17 00:00:00 2001 From: Colton Hurst Date: Thu, 11 Apr 2024 09:59:56 -0400 Subject: [PATCH 12/17] SM-1147: Switch to try_init with pyo3_log (#676) ## Type of change - [x] Bug fix - [ ] New feature development - [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc) - [ ] Build/deploy pipeline (DevOps) - [ ] Other ## Objective When running the `ansible-playbook` command, we needed to export the following variable: `export OBJC_DISABLE_INITIALIZE_FORK_SAFETY=YES`. This suppresses fork safety warnings on Mac OS. With this set, you can safely query for individual secrets. However, if you query for secrets within an Ansible loop or with a Jinja2 template, we receive an error that is caused by setting up a logger more than once. (This error comes from the `pyo3_log` crate.) If we switch to using the `pyo3_log::try_init` function, we ignore the case where a logger is already set up if the attempt fails. This happens because the `pyo3_log::init` function [can panic](https://github.com/vorner/pyo3-log/blob/70819388bfcb58a7ca91a27179a73cea0abde31e/src/lib.rs#L569). This also introduces panic safety. ## Code changes - **client.rs:** Switch to `try_init` ## Before you submit - Please add **unit tests** where it makes sense to do so --- crates/bitwarden-py/src/client.rs | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/crates/bitwarden-py/src/client.rs b/crates/bitwarden-py/src/client.rs index f1d282b41..c3ea62444 100644 --- a/crates/bitwarden-py/src/client.rs +++ b/crates/bitwarden-py/src/client.rs @@ -8,7 +8,10 @@ pub struct BitwardenClient(JsonClient); impl BitwardenClient { #[new] pub fn new(settings_string: Option) -> Self { - pyo3_log::init(); + // This will only fail if another logger was already initialized, so we can ignore the + // result + let _ = pyo3_log::try_init(); + Self(JsonClient::new(settings_string)) } From e7b6c1ded84f863929d02dd769a90ad3ce095ff0 Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Thu, 11 Apr 2024 17:24:40 +0200 Subject: [PATCH 13/17] Use the shared bitwarden-cli in bws (#705) Now that we are publishing the `bitwarden-cli` crate we should start using the shared functionality in the `bws` crate. And continually extract common code out from it. --- Cargo.lock | 1 + crates/bitwarden-cli/src/color.rs | 6 ++++++ crates/bws/Cargo.toml | 1 + crates/bws/src/main.rs | 14 ++++---------- crates/bws/src/render.rs | 24 ++++-------------------- 5 files changed, 16 insertions(+), 30 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 47e2b9e9d..b17f861ec 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -597,6 +597,7 @@ version = "0.4.0" dependencies = [ "bat", "bitwarden", + "bitwarden-cli", "chrono", "clap", "clap_complete", diff --git a/crates/bitwarden-cli/src/color.rs b/crates/bitwarden-cli/src/color.rs index 410a8b6ed..2e3a2c007 100644 --- a/crates/bitwarden-cli/src/color.rs +++ b/crates/bitwarden-cli/src/color.rs @@ -8,6 +8,9 @@ pub enum Color { } impl Color { + /** + * Evaluate if colors are supported + */ pub fn is_enabled(self) -> bool { match self { Color::No => false, @@ -17,6 +20,9 @@ impl Color { } } +/** + * Installs color_eyre, if Color is disabled we use an empty theme to disable error colors. + */ pub fn install_color_eyre(color: Color) -> color_eyre::Result<(), color_eyre::Report> { if color.is_enabled() { color_eyre::install() diff --git a/crates/bws/Cargo.toml b/crates/bws/Cargo.toml index 23f78cfd5..d27daca6f 100644 --- a/crates/bws/Cargo.toml +++ b/crates/bws/Cargo.toml @@ -19,6 +19,7 @@ bat = { version = "0.24.0", features = [ "regex-onig", ], default-features = false } bitwarden = { workspace = true, features = ["secrets"] } +bitwarden-cli = { workspace = true } chrono = { version = "0.4.35", features = [ "clock", "std", diff --git a/crates/bws/src/main.rs b/crates/bws/src/main.rs index 0f94fd7ec..d57aee5a6 100644 --- a/crates/bws/src/main.rs +++ b/crates/bws/src/main.rs @@ -14,6 +14,7 @@ use bitwarden::{ }, }, }; +use bitwarden_cli::{install_color_eyre, Color}; use clap::{ArgGroup, CommandFactory, Parser, Subcommand}; use clap_complete::Shell; use color_eyre::eyre::{bail, Result}; @@ -24,7 +25,7 @@ mod render; mod state; use config::ProfileKey; -use render::{serialize_response, Color, Output}; +use render::{serialize_response, Output}; use uuid::Uuid; #[derive(Parser, Debug)] @@ -236,16 +237,9 @@ const SERVER_URL_KEY_VAR_NAME: &str = "BWS_SERVER_URL"; #[allow(clippy::comparison_chain)] async fn process_commands() -> Result<()> { let cli = Cli::parse(); + let color = cli.color; - let color = cli.color.is_enabled(); - if color { - color_eyre::install()?; - } else { - // Use an empty theme to disable error coloring - color_eyre::config::HookBuilder::new() - .theme(color_eyre::config::Theme::new()) - .install()?; - } + install_color_eyre(color)?; let Some(command) = cli.command else { let mut cmd = Cli::command(); diff --git a/crates/bws/src/render.rs b/crates/bws/src/render.rs index c92c78662..7acdd30a6 100644 --- a/crates/bws/src/render.rs +++ b/crates/bws/src/render.rs @@ -1,4 +1,5 @@ use bitwarden::secrets_manager::{projects::ProjectResponse, secrets::SecretResponse}; +use bitwarden_cli::Color; use chrono::{DateTime, Utc}; use clap::ValueEnum; use comfy_table::Table; @@ -15,29 +16,12 @@ pub(crate) enum Output { None, } -#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, ValueEnum, Debug)] -pub(crate) enum Color { - No, - Yes, - Auto, -} - -impl Color { - pub(crate) fn is_enabled(self) -> bool { - match self { - Color::No => false, - Color::Yes => true, - Color::Auto => supports_color::on(supports_color::Stream::Stdout).is_some(), - } - } -} - const ASCII_HEADER_ONLY: &str = " -- "; pub(crate) fn serialize_response, const N: usize>( data: T, output: Output, - color: bool, + color: Color, ) { match output { Output::JSON => { @@ -101,8 +85,8 @@ pub(crate) fn serialize_response, const N: usiz } } -fn pretty_print(language: &str, data: &str, color: bool) { - if color { +fn pretty_print(language: &str, data: &str, color: Color) { + if color.is_enabled() { bat::PrettyPrinter::new() .input_from_bytes(data.as_bytes()) .language(language) From e0513dcd14c8a7e6b44ae858d83abfe34d796691 Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Thu, 11 Apr 2024 17:25:06 +0200 Subject: [PATCH 14/17] Change fastMail to use forDomain instead of url (#707) It seems the web clients use `forDomain` instead of `url` for website. This changes the SDK to send the same values. --- crates/bitwarden-generators/src/username_forwarders/fastmail.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crates/bitwarden-generators/src/username_forwarders/fastmail.rs b/crates/bitwarden-generators/src/username_forwarders/fastmail.rs index 6cc63647a..8a73250c4 100644 --- a/crates/bitwarden-generators/src/username_forwarders/fastmail.rs +++ b/crates/bitwarden-generators/src/username_forwarders/fastmail.rs @@ -34,7 +34,7 @@ pub async fn generate_with_api_url( "new-masked-email": { "state": "enabled", "description": "", - "url": website, + "forDomain": website, "emailPrefix": null, }, }, From 7e1a3cb73014a7c12f30d769f49dd57c217dd504 Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Fri, 12 Apr 2024 11:56:16 +0200 Subject: [PATCH 15/17] Enable http2 feature for reqwest (#708) Some websites will require `http2` support and we should have that feature enabled to avoid errors. --- Cargo.lock | 1 + crates/bitwarden-api-api/Cargo.toml | 2 +- crates/bitwarden-api-identity/Cargo.toml | 2 +- crates/bitwarden-generators/Cargo.toml | 1 + crates/bitwarden/Cargo.toml | 1 + support/openapi-template/Cargo.mustache | 2 +- 6 files changed, 6 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index b17f861ec..a00d91bd8 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2617,6 +2617,7 @@ dependencies = [ "bytes", "futures-core", "futures-util", + "h2", "http", "http-body", "http-body-util", diff --git a/crates/bitwarden-api-api/Cargo.toml b/crates/bitwarden-api-api/Cargo.toml index a06a0f0e5..cfe357998 100644 --- a/crates/bitwarden-api-api/Cargo.toml +++ b/crates/bitwarden-api-api/Cargo.toml @@ -23,7 +23,7 @@ url = ">=2.3.1, <3" uuid = { version = ">=1.3.3, <2", features = ["serde"] } [dependencies.reqwest] version = ">=0.12, <0.13" -features = ["json", "multipart"] +features = ["http2", "json", "multipart"] default-features = false [dev-dependencies] diff --git a/crates/bitwarden-api-identity/Cargo.toml b/crates/bitwarden-api-identity/Cargo.toml index e5a49efac..74d96d144 100644 --- a/crates/bitwarden-api-identity/Cargo.toml +++ b/crates/bitwarden-api-identity/Cargo.toml @@ -23,7 +23,7 @@ url = ">=2.3.1, <3" uuid = { version = ">=1.3.3, <2", features = ["serde"] } [dependencies.reqwest] version = ">=0.12, <0.13" -features = ["json", "multipart"] +features = ["http2", "json", "multipart"] default-features = false [dev-dependencies] diff --git a/crates/bitwarden-generators/Cargo.toml b/crates/bitwarden-generators/Cargo.toml index af8ce60aa..3f79ac539 100644 --- a/crates/bitwarden-generators/Cargo.toml +++ b/crates/bitwarden-generators/Cargo.toml @@ -20,6 +20,7 @@ mobile = ["dep:uniffi"] # Mobile-specific features bitwarden-crypto = { workspace = true } rand = ">=0.8.5, <0.9" reqwest = { version = ">=0.12, <0.13", features = [ + "http2", "json", ], default-features = false } schemars = { version = ">=0.8.9, <0.9", features = ["uuid1", "chrono"] } diff --git a/crates/bitwarden/Cargo.toml b/crates/bitwarden/Cargo.toml index e064360c8..b34f9c9a1 100644 --- a/crates/bitwarden/Cargo.toml +++ b/crates/bitwarden/Cargo.toml @@ -48,6 +48,7 @@ hmac = ">=0.12.1, <0.13" log = ">=0.4.18, <0.5" rand = ">=0.8.5, <0.9" reqwest = { version = ">=0.12, <0.13", features = [ + "http2", "json", ], default-features = false } schemars = { version = ">=0.8.9, <0.9", features = ["uuid1", "chrono"] } diff --git a/support/openapi-template/Cargo.mustache b/support/openapi-template/Cargo.mustache index 6417d15cd..08f1a942e 100644 --- a/support/openapi-template/Cargo.mustache +++ b/support/openapi-template/Cargo.mustache @@ -65,7 +65,7 @@ reqwest-middleware = "0.2.0" {{/supportMiddleware}} [dependencies.reqwest] version = "^0.11" -features = ["json", "multipart"] +features = ["http2", "json", "multipart"] default-features = false {{/supportAsync}} {{/reqwest}} From b611974a84b10d5bce10f4c299f5589e9416fbd5 Mon Sep 17 00:00:00 2001 From: Oscar Hinton Date: Fri, 12 Apr 2024 13:26:59 +0200 Subject: [PATCH 16/17] Fix java build (#709) In #703 we fixed the android java build, but forgot that java also needed to be updated. --- languages/java/build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/languages/java/build.gradle b/languages/java/build.gradle index f044ea485..ed4a72f22 100644 --- a/languages/java/build.gradle +++ b/languages/java/build.gradle @@ -36,7 +36,7 @@ repositories { def branchName = "git branch --show-current".execute().text.trim() if (branchName == "main") { - def content = ['grep', '-o', '^version = ".*"', '../../crates/bitwarden/Cargo.toml'].execute().text.trim() + def content = ['grep', '-o', '^version = ".*"', '../../Cargo.toml'].execute().text.trim() def match = ~/version = "(.*)"/ def matcher = match.matcher(content) matcher.find() From 499e2131bc4cb58d7cbae372262a85be138adead Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 15 Apr 2024 11:04:02 +0200 Subject: [PATCH 17/17] [deps]: Update @types/node to v18.19.31 (#715) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@types/node](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node) ([source](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node)) | [`18.19.26` -> `18.19.31`](https://renovatebot.com/diffs/npm/@types%2fnode/18.19.26/18.19.31) | [![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fnode/18.19.31?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@types%2fnode/18.19.31?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@types%2fnode/18.19.26/18.19.31?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fnode/18.19.26/18.19.31?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - "every 2nd week starting on the 2 week of the year before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/bitwarden/sdk). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- languages/js/sdk-client/package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/languages/js/sdk-client/package-lock.json b/languages/js/sdk-client/package-lock.json index dc788c8ce..071d01578 100644 --- a/languages/js/sdk-client/package-lock.json +++ b/languages/js/sdk-client/package-lock.json @@ -39,9 +39,9 @@ } }, "node_modules/@types/node": { - "version": "18.19.26", - "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.26.tgz", - "integrity": "sha512-+wiMJsIwLOYCvUqSdKTrfkS8mpTp+MPINe6+Np4TAGFWWRWiBQ5kSq9nZGCSPkzx9mvT+uEukzpX4MOSCydcvw==", + "version": "18.19.31", + "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.31.tgz", + "integrity": "sha512-ArgCD39YpyyrtFKIqMDvjz79jto5fcI/SVUs2HwB+f0dAzq68yqOdyaSivLiLugSziTpNXLQrVb7RZFmdZzbhA==", "dev": true, "dependencies": { "undici-types": "~5.26.4"