From 42b536a1af65e3877e811c1420fa93055261ce32 Mon Sep 17 00:00:00 2001
From: Vince Grassia <593223+vgrassia@users.noreply.github.com>
Date: Fri, 27 Sep 2024 08:56:01 -0400
Subject: [PATCH 1/9] BRE-345 - Update Java workflows (#1087)
---
.github/workflows/build-java.yml | 24 ++++++++++++++++++--
.github/workflows/publish-java.yml | 36 +++++++++++++++++++++++++++---
2 files changed, 55 insertions(+), 5 deletions(-)
diff --git a/.github/workflows/build-java.yml b/.github/workflows/build-java.yml
index 7f5713087..98880e52b 100644
--- a/.github/workflows/build-java.yml
+++ b/.github/workflows/build-java.yml
@@ -1,11 +1,10 @@
+---
name: Build Java SDK
on:
push:
branches:
- main
- - rc
- - hotfix-rc
pull_request:
workflow_dispatch:
@@ -66,3 +65,24 @@ jobs:
- name: Build Maven
run: ./gradlew build
working-directory: languages/java
+
+ - name: Upload Java SDK Build
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ with:
+ name: build
+ path: ${{ github.workspace }}/languages/java/build
+ if-no-files-found: error
+
+ - name: Upload Java SDK Build
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ with:
+ name: resources
+ path: ${{ github.workspace }}/languages/java/src/main/resources
+ if-no-files-found: error
+
+ - name: Upload Java SDK Build
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ with:
+ name: schemas
+ path: languages/java/src/main/java/bit/sdk/schema
+ if-no-files-found: error
diff --git a/.github/workflows/publish-java.yml b/.github/workflows/publish-java.yml
index 2daeffe5a..65e0b0abe 100644
--- a/.github/workflows/publish-java.yml
+++ b/.github/workflows/publish-java.yml
@@ -1,3 +1,4 @@
+---
name: Publish Java SDK
run-name: Publish Java SDK ${{ inputs.release_type }}
@@ -13,6 +14,11 @@ on:
- Release
- Dry Run
+defaults:
+ run:
+ shell: bash
+ working-directory: languages/java
+
env:
_KEY_VAULT: "bitwarden-ci"
@@ -29,9 +35,9 @@ jobs:
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
run: |
- if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
echo "==================================="
- echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
+ echo "[!] Can only release from the 'main' branch"
echo "==================================="
exit 1
fi
@@ -39,7 +45,7 @@ jobs:
- name: Get version
id: version
run: |
- VERSION=$(cat languages/java/build.gradle | grep -Eo 'version = "[0-9]+\.[0-9]+\.[0-9]+"' | grep -Eo '[0-9]+\.[0-9]+\.[0-9]+')
+ VERSION=$(cat build.gradle | grep -Eo 'version = "[0-9]+\.[0-9]+\.[0-9]+"' | grep -Eo '[0-9]+\.[0-9]+\.[0-9]+')
echo "version=$VERSION" >> $GITHUB_OUTPUT
publish:
@@ -72,6 +78,30 @@ jobs:
- name: Setup Gradle
uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0
+ - name: Download Java SDK Build
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: build-java.yml
+ workflow_conclusion: success
+ artifacts: build
+ path: languages/java/build
+
+ - name: Download Java Resources
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: build-java.yml
+ workflow_conclusion: success
+ artifacts: resources
+ path: languages/java/src/main/resources
+
+ - name: Download Java Resources
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: build-java.yml
+ workflow_conclusion: success
+ artifacts: schemas
+ path: languages/java/src/main/java/bit/sdk/schema
+
- name: Publish package to GitHub Packages
if: ${{ inputs.release_type != 'Dry Run' }}
run: ./gradlew publish
From 90f8a5461e5e7ed07b1f5a13fc2fb793994a6fb5 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 30 Sep 2024 10:36:55 +0200
Subject: [PATCH 2/9] [deps]: Lock file maintenance (#1099)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This PR contains the following updates:
| Update | Change |
|---|---|
| lockFileMaintenance | All locks refreshed |
đ§ This Pull Request updates lock files to use the latest dependency
versions.
---
### Configuration
đ
**Schedule**: Branch creation - "every 2nd week starting on the 2 week
of the year before 4am on Monday" (UTC), Automerge - At any time (no
schedule defined).
đĻ **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
âģ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
đģ **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/bitwarden/sdk).
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
Cargo.lock | 179 +++++++++-------------
languages/js/sdk-client/package-lock.json | 12 +-
package-lock.json | 12 +-
3 files changed, 82 insertions(+), 121 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
index a1a9bcd23..27eddfa65 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -188,7 +188,7 @@ dependencies = [
"proc-macro2",
"quote",
"serde",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -231,13 +231,13 @@ dependencies = [
[[package]]
name = "async-trait"
-version = "0.1.82"
+version = "0.1.83"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a27b8a3a6e1a44fa4c8baf1f653e4172e81486d4941f2237e20dc2d0cf4ddff1"
+checksum = "721cae7de5c34fbb2acd27e21e6d2cf7b886dce0c27388d46c4e6c47ea4318dd"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -248,9 +248,9 @@ checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0"
[[package]]
name = "autocfg"
-version = "1.3.0"
+version = "1.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0c4b4d0bd25bd0b74681c0ad21497610ce1b7c91b1022cd21c80c6fbdd9476b0"
+checksum = "ace50bade8e6234aa140d9a2f552bbee1db4d353f69b8217bc503490fc1a9f26"
[[package]]
name = "backtrace"
@@ -845,9 +845,9 @@ dependencies = [
[[package]]
name = "cc"
-version = "1.1.21"
+version = "1.1.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "07b1695e2c7e8fc85310cde85aeaab7e3097f593c91d209d3f9df76c928100f0"
+checksum = "9540e661f81799159abee814118cc139a2004b3a3aa3ea37724a1b66530b90e0"
dependencies = [
"shlex",
]
@@ -957,7 +957,7 @@ dependencies = [
"heck 0.5.0",
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -1300,7 +1300,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "edb49164822f3ee45b17acd4a208cfc1251410cf0cad9a833234c9890774dd9f"
dependencies = [
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -1324,7 +1324,7 @@ dependencies = [
"proc-macro2",
"quote",
"strsim",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -1335,7 +1335,7 @@ checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806"
dependencies = [
"darling_core",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -1414,7 +1414,7 @@ dependencies = [
"darling",
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -1424,7 +1424,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4abae7035bf79b9877b779505d8cf3749285b80c43941eda66604841889451dc"
dependencies = [
"derive_builder_core",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -1602,9 +1602,9 @@ dependencies = [
[[package]]
name = "flate2"
-version = "1.0.33"
+version = "1.0.34"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "324a1be68054ef05ad64b861cc9eaf1d623d2d8cb25b4bf2cb9cdd902b4bf253"
+checksum = "a1b589b4dc103969ad3cf85c950899926ec64300a1a46d76c03a6072957036f0"
dependencies = [
"crc32fast",
"miniz_oxide 0.8.0",
@@ -1690,7 +1690,7 @@ checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -2002,9 +2002,9 @@ dependencies = [
[[package]]
name = "hyper-util"
-version = "0.1.8"
+version = "0.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "da62f120a8a37763efb0cf8fdf264b884c7b8b9ac8660b900c8661030c00e6ba"
+checksum = "41296eb09f183ac68eec06e03cdbea2e759633d4067b2f6552fc2e009bcad08b"
dependencies = [
"bytes",
"futures-channel",
@@ -2015,7 +2015,6 @@ dependencies = [
"pin-project-lite",
"socket2",
"tokio",
- "tower",
"tower-service",
"tracing",
]
@@ -2213,9 +2212,9 @@ dependencies = [
[[package]]
name = "libc"
-version = "0.2.158"
+version = "0.2.159"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d8adc4bb1803a324070e64a98ae98f38934d91957a99cfb3a43dcbc01bc56439"
+checksum = "561d97a539a36e26a9a5fad1ea11a3039a67714694aaa379433e580854bc3dc5"
[[package]]
name = "libloading"
@@ -2397,7 +2396,7 @@ dependencies = [
"napi-derive-backend",
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -2412,7 +2411,7 @@ dependencies = [
"quote",
"regex",
"semver",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -2536,9 +2535,12 @@ dependencies = [
[[package]]
name = "once_cell"
-version = "1.19.0"
+version = "1.20.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
+checksum = "82881c4be219ab5faaf2ad5e5e5ecdff8c66bd7402ca3160975c93b24961afd1"
+dependencies = [
+ "portable-atomic",
+]
[[package]]
name = "onig"
@@ -2746,26 +2748,6 @@ version = "2.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e"
-[[package]]
-name = "pin-project"
-version = "1.1.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b6bf43b791c5b9e34c3d182969b4abb522f9343702850a2e57f460d00d09b4b3"
-dependencies = [
- "pin-project-internal",
-]
-
-[[package]]
-name = "pin-project-internal"
-version = "1.1.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2f38a4412a78282e09a2cf38d195ea5420d15ba0602cb375210efbc877243965"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn 2.0.77",
-]
-
[[package]]
name = "pin-project-lite"
version = "0.2.14"
@@ -2854,9 +2836,9 @@ dependencies = [
[[package]]
name = "portable-atomic"
-version = "1.8.0"
+version = "1.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d30538d42559de6b034bc76fd6dd4c38961b1ee5c6c56e3808c50128fdbc22ce"
+checksum = "cc9c68a3f6da06753e9335d63e27f6b9754dd1920d941135b7ea8224f141adb2"
[[package]]
name = "powerfmt"
@@ -2978,7 +2960,7 @@ dependencies = [
"proc-macro2",
"pyo3-macros-backend",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -2991,7 +2973,7 @@ dependencies = [
"proc-macro2",
"pyo3-build-config",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -3112,9 +3094,9 @@ dependencies = [
[[package]]
name = "redox_syscall"
-version = "0.5.4"
+version = "0.5.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0884ad60e090bf1345b93da0a5de8923c93884cd03f40dfcfddd3b4bee661853"
+checksum = "355ae415ccd3a04315d3f8246e86d67689ea74d88d915576e1589a351062a13b"
dependencies = [
"bitflags 2.6.0",
]
@@ -3132,9 +3114,9 @@ dependencies = [
[[package]]
name = "regex"
-version = "1.10.6"
+version = "1.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4219d74c6b67a3654a9fbebc4b419e22126d13d2f3c4a07ee0cb61ff79a79619"
+checksum = "38200e5ee88914975b69f657f0801b6f6dccafd44fd9326302a4aaeecfacb1d8"
dependencies = [
"aho-corasick",
"memchr",
@@ -3144,9 +3126,9 @@ dependencies = [
[[package]]
name = "regex-automata"
-version = "0.4.7"
+version = "0.4.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "38caf58cc5ef2fed281f89292ef23f6365465ed9a41b7a7754eb4e26496c92df"
+checksum = "368758f23274712b504848e9d5a6f010445cc8b87a7cdb4d7cbee666c1288da3"
dependencies = [
"aho-corasick",
"memchr",
@@ -3155,9 +3137,9 @@ dependencies = [
[[package]]
name = "regex-syntax"
-version = "0.8.4"
+version = "0.8.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7a66a03ae7c801facd77a29370b4faec201768915ac14a721ba36f20bc9c209b"
+checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c"
[[package]]
name = "reqwest"
@@ -3326,9 +3308,9 @@ dependencies = [
[[package]]
name = "rustls-pki-types"
-version = "1.8.0"
+version = "1.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fc0a2ce646f8655401bb81e7927b812614bd5d91dbc968696be50603510fcaf0"
+checksum = "0e696e35370c65c9c541198af4543ccd580cf17fc25d8e05c5a242b202488c55"
[[package]]
name = "rustls-platform-verifier"
@@ -3422,7 +3404,7 @@ dependencies = [
"proc-macro2",
"quote",
"serde_derive_internals",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -3454,7 +3436,7 @@ checksum = "7f81c2fde025af7e69b1d1420531c8a8811ca898919db177141a85313b1cb932"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -3535,7 +3517,7 @@ checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -3546,7 +3528,7 @@ checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -3581,14 +3563,14 @@ checksum = "6c64451ba24fc7a6a2d60fc75dd9c83c90903b19028d4eff35e88fc1e86564e9"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
name = "serde_spanned"
-version = "0.6.7"
+version = "0.6.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eb5b1b31579f3811bf615c144393417496f152e12ac8b7663bf664f4a815306d"
+checksum = "87607cb1398ed59d48732e575a4c28a7a8ebf2454b964fe3f224f2afc07909e1"
dependencies = [
"serde",
]
@@ -3632,7 +3614,7 @@ dependencies = [
"darling",
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -3831,7 +3813,7 @@ dependencies = [
"proc-macro2",
"quote",
"rustversion",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -3844,7 +3826,7 @@ dependencies = [
"proc-macro2",
"quote",
"rustversion",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -3874,9 +3856,9 @@ dependencies = [
[[package]]
name = "syn"
-version = "2.0.77"
+version = "2.0.79"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9f35bcdf61fd8e7be6caf75f429fdca8beb3ed76584befb503b1569faee373ed"
+checksum = "89132cd0bf050864e1d38dc3bbc07a0eb8e7530af26344d3d2bbbef83499f590"
dependencies = [
"proc-macro2",
"quote",
@@ -3920,9 +3902,9 @@ checksum = "61c41af27dd6d1e27b1b16b489db798443478cef1f06a660c96db617ba5de3b1"
[[package]]
name = "tempfile"
-version = "3.12.0"
+version = "3.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "04cbcdd0c794ebb0d4cf35e88edd2f7d2c4c3e9a5a6dab322839b321c6a87a64"
+checksum = "f0f2c9fc62d0beef6951ccffd757e241266a2c833136efbe35af6cd2567dca5b"
dependencies = [
"cfg-if",
"fastrand",
@@ -3957,7 +3939,7 @@ checksum = "08904e7672f5eb876eaaf87e0ce17857500934f4981c4a0ab2b4aa98baac7fc3"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -4050,7 +4032,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -4109,9 +4091,9 @@ dependencies = [
[[package]]
name = "toml_edit"
-version = "0.22.21"
+version = "0.22.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3b072cee73c449a636ffd6f32bd8de3a9f7119139aff882f44943ce2986dc5cf"
+checksum = "4ae48d6208a266e853d946088ed816055e556cc6028c5e8e2b84d9fa5dd7c7f5"
dependencies = [
"indexmap 2.5.0",
"serde",
@@ -4120,27 +4102,6 @@ dependencies = [
"winnow",
]
-[[package]]
-name = "tower"
-version = "0.4.13"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b8fa9be0de6cf49e536ce1851f987bd21a43b771b09473c3549a6c853db37c1c"
-dependencies = [
- "futures-core",
- "futures-util",
- "pin-project",
- "pin-project-lite",
- "tokio",
- "tower-layer",
- "tower-service",
-]
-
-[[package]]
-name = "tower-layer"
-version = "0.3.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e"
-
[[package]]
name = "tower-service"
version = "0.3.3"
@@ -4306,7 +4267,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a22dbe67c1c957ac6e7611bdf605a6218aa86b0eebeb8be58b70ae85ad7d73dc"
dependencies = [
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -4338,7 +4299,7 @@ dependencies = [
"proc-macro2",
"quote",
"serde",
- "syn 2.0.77",
+ "syn 2.0.79",
"toml 0.5.11",
"uniffi_meta",
]
@@ -4453,7 +4414,7 @@ dependencies = [
"proc-macro-error",
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -4517,7 +4478,7 @@ dependencies = [
"once_cell",
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
"wasm-bindgen-shared",
]
@@ -4551,7 +4512,7 @@ checksum = "afc340c74d9005395cf9dd098506f7f44e38f2b4a21c6aaacf9a105ea5e1e836"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
"wasm-bindgen-backend",
"wasm-bindgen-shared",
]
@@ -4585,7 +4546,7 @@ checksum = "4b8220be1fa9e4c889b30fd207d4906657e7e90b12e0e6b0c8b8d8709f5de021"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -4848,9 +4809,9 @@ checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
[[package]]
name = "winnow"
-version = "0.6.18"
+version = "0.6.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "68a9bda4691f099d435ad181000724da8e5899daa10713c2d432552b9ccd3a6f"
+checksum = "36c1fec1a2bb5866f07c25f68c26e565c4c200aebb96d7e55710c19d3e8ac49b"
dependencies = [
"memchr",
]
@@ -4903,7 +4864,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
@@ -4924,7 +4885,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69"
dependencies = [
"proc-macro2",
"quote",
- "syn 2.0.77",
+ "syn 2.0.79",
]
[[package]]
diff --git a/languages/js/sdk-client/package-lock.json b/languages/js/sdk-client/package-lock.json
index ab7809936..f5b6f590b 100644
--- a/languages/js/sdk-client/package-lock.json
+++ b/languages/js/sdk-client/package-lock.json
@@ -30,9 +30,9 @@
}
},
"node_modules/@types/node": {
- "version": "20.16.6",
- "resolved": "https://registry.npmjs.org/@types/node/-/node-20.16.6.tgz",
- "integrity": "sha512-T7PpxM/6yeDE+AdlVysT62BX6/bECZOmQAgiFg5NoBd5MQheZ3tzal7f1wvzfiEcmrcJNRi2zRr2nY2zF+0uqw==",
+ "version": "20.16.10",
+ "resolved": "https://registry.npmjs.org/@types/node/-/node-20.16.10.tgz",
+ "integrity": "sha512-vQUKgWTjEIRFCvK6CyriPH3MZYiYlNy0fKiEYHWbcoWLEgs4opurGGKlebrTLqdSMIbXImH6XExNiIyNUv3WpA==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -242,9 +242,9 @@
}
},
"node_modules/package-json-from-dist": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.0.tgz",
- "integrity": "sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw==",
+ "version": "1.0.1",
+ "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz",
+ "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==",
"dev": true,
"license": "BlueOak-1.0.0"
},
diff --git a/package-lock.json b/package-lock.json
index 59b48116d..9ceb5ffed 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -359,9 +359,9 @@
"license": "MIT"
},
"node_modules/@types/node": {
- "version": "22.6.1",
- "resolved": "https://registry.npmjs.org/@types/node/-/node-22.6.1.tgz",
- "integrity": "sha512-V48tCfcKb/e6cVUigLAaJDAILdMP0fUW6BidkPK4GpGjXcfbnoHasCZDwz3N3yVt5we2RHm4XTQCpv0KJz9zqw==",
+ "version": "22.7.4",
+ "resolved": "https://registry.npmjs.org/@types/node/-/node-22.7.4.tgz",
+ "integrity": "sha512-y+NPi1rFzDs1NdQHHToqeiX2TIS79SWEAw9GYhkkx8bD0ChpfqC+n2j5OXOCpzfojBEBt6DnEnnG9MY0zk1XLg==",
"dev": true,
"license": "MIT",
"peer": true,
@@ -1573,9 +1573,9 @@
}
},
"node_modules/package-json-from-dist": {
- "version": "1.0.0",
- "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.0.tgz",
- "integrity": "sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw==",
+ "version": "1.0.1",
+ "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.1.tgz",
+ "integrity": "sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==",
"dev": true,
"license": "BlueOak-1.0.0"
},
From 2868f26058ddce9709bed2a8f31b967475dd80e4 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 30 Sep 2024 11:44:51 +0200
Subject: [PATCH 3/9] [deps]: Update gh minor (#1097)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://redirect.github.com/actions/checkout) |
action | minor | `v4.1.7` -> `v4.2.0` |
|
[docker/build-push-action](https://redirect.github.com/docker/build-push-action)
| action | minor | `v6.7.0` -> `v6.8.0` |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action)
| action | patch | `v3.26.8` -> `v3.26.9` |
|
[goto-bus-stop/setup-zig](https://redirect.github.com/goto-bus-stop/setup-zig)
| action | patch | `v2.2.0` -> `v2.2.1` |
| [ruby/setup-ruby](https://redirect.github.com/ruby/setup-ruby) |
action | minor | `v1.193.0` -> `v1.194.0` |
---
### Release Notes
actions/checkout (actions/checkout)
###
[`v4.2.0`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v420)
[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.1.7...v4.2.0)
- Add Ref and Commit outputs by
[@lucacome](https://redirect.github.com/lucacome) in
[https://github.com/actions/checkout/pull/1180](https://redirect.github.com/actions/checkout/pull/1180)
- Dependency updates by
[@dependabot-](https://redirect.github.com/dependabot-)
[https://github.com/actions/checkout/pull/1777](https://redirect.github.com/actions/checkout/pull/1777),
[https://github.com/actions/checkout/pull/1872](https://redirect.github.com/actions/checkout/pull/1872)
docker/build-push-action (docker/build-push-action)
###
[`v6.8.0`](https://redirect.github.com/docker/build-push-action/releases/tag/v6.8.0)
[Compare
Source](https://redirect.github.com/docker/build-push-action/compare/v6.7.0...v6.8.0)
- Bump
[@docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit)
from 0.37.1 to 0.38.0 in
[https://github.com/docker/build-push-action/pull/1230](https://redirect.github.com/docker/build-push-action/pull/1230)
**Full Changelog**:
https://github.com/docker/build-push-action/compare/v6.7.0...v6.8.0
github/codeql-action (github/codeql-action)
###
[`v3.26.9`](https://redirect.github.com/github/codeql-action/compare/v3.26.8...v3.26.9)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.8...v3.26.9)
goto-bus-stop/setup-zig (goto-bus-stop/setup-zig)
###
[`v2.2.1`](https://redirect.github.com/goto-bus-stop/setup-zig/releases/tag/v2.2.1)
[Compare
Source](https://redirect.github.com/goto-bus-stop/setup-zig/compare/v2.2.0...v2.2.1)
This will be the final release in this repository.
Please see
[#88](https://redirect.github.com/goto-bus-stop/setup-zig/issues/88)
for an upgrade guide.
Thanks for using setup-zig!
- Fix Apple Silicon.
[#68](https://redirect.github.com/goto-bus-stop/setup-zig/pull/68)
- Deprecate in favour of
[mlugg/setup-zig](https://redirect.github.com/mlugg/setup-zig).
[#89](https://redirect.github.com/goto-bus-stop/setup-zig/pull/89)
Thanks [@davidgm94](https://redirect.github.com/davidgm94) and
[@mlugg](https://redirect.github.com/mlugg)!
ruby/setup-ruby (ruby/setup-ruby)
###
[`v1.194.0`](https://redirect.github.com/ruby/setup-ruby/releases/tag/v1.194.0)
[Compare
Source](https://redirect.github.com/ruby/setup-ruby/compare/v1.193.0...v1.194.0)
**Full Changelog**:
https://github.com/ruby/setup-ruby/compare/v1.193.0...v1.194.0
---
### Configuration
đ
**Schedule**: Branch creation - "every 2nd week starting on the 2 week
of the year before 4am on Monday" (UTC), Automerge - At any time (no
schedule defined).
đĻ **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
âģ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
đģ **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/bitwarden/sdk).
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
.github/workflows/build-android.yml | 6 +++---
.github/workflows/build-cli-docker.yml | 4 ++--
.github/workflows/build-cli.yml | 16 ++++++++--------
.github/workflows/build-cpp.yml | 2 +-
.github/workflows/build-dotnet.yml | 4 ++--
.github/workflows/build-go.yaml | 2 +-
.github/workflows/build-java.yml | 2 +-
.github/workflows/build-napi.yml | 2 +-
.github/workflows/build-python-wheels.yml | 4 ++--
.github/workflows/build-rust-crates.yml | 4 ++--
.github/workflows/build-rust-cross-platform.yml | 4 ++--
.github/workflows/build-swift.yml | 4 ++--
.github/workflows/build-wasm.yml | 2 +-
.github/workflows/cloc.yml | 2 +-
.github/workflows/direct-minimal-versions.yml | 2 +-
.github/workflows/generate_schemas.yml | 2 +-
.github/workflows/lint.yml | 4 ++--
.github/workflows/memory-testing.yml | 2 +-
.github/workflows/minimum-rust-version.yml | 2 +-
.github/workflows/publish-dotnet.yml | 2 +-
.github/workflows/publish-java.yml | 4 ++--
.github/workflows/publish-php.yml | 10 +++++-----
.github/workflows/publish-python.yml | 2 +-
.github/workflows/publish-ruby.yml | 4 ++--
.github/workflows/publish-rust-crates.yml | 2 +-
.github/workflows/release-cli.yml | 8 ++++----
.github/workflows/release-cpp.yml | 2 +-
.github/workflows/release-go.yml | 6 +++---
.github/workflows/release-napi.yml | 4 ++--
.github/workflows/release-swift.yml | 6 +++---
.github/workflows/release-wasm.yml | 4 ++--
.github/workflows/rust-test.yml | 6 +++---
.github/workflows/rustdoc.yml | 2 +-
.github/workflows/scan.yml | 6 +++---
.github/workflows/version-bump.yml | 4 ++--
35 files changed, 71 insertions(+), 71 deletions(-)
diff --git a/.github/workflows/build-android.yml b/.github/workflows/build-android.yml
index e94bfd7a9..7607d530d 100644
--- a/.github/workflows/build-android.yml
+++ b/.github/workflows/build-android.yml
@@ -25,7 +25,7 @@ jobs:
- target: i686-linux-android
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
@@ -57,14 +57,14 @@ jobs:
needs: build
steps:
- name: Checkout repo (PR)
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
if: github.event_name == 'pull_request'
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.ref }}
- name: Checkout repo (Push)
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
if: github.event_name == 'push'
with:
fetch-depth: 0
diff --git a/.github/workflows/build-cli-docker.yml b/.github/workflows/build-cli-docker.yml
index eaf2299ff..83daabf2d 100644
--- a/.github/workflows/build-cli-docker.yml
+++ b/.github/workflows/build-cli-docker.yml
@@ -17,7 +17,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Check Branch to Publish
id: publish-branch-check
@@ -87,7 +87,7 @@ jobs:
fi
- name: Build and push Docker image
- uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
+ uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0
with:
context: .
file: crates/bws/Dockerfile
diff --git a/.github/workflows/build-cli.yml b/.github/workflows/build-cli.yml
index 355575716..9ffb3bdea 100644
--- a/.github/workflows/build-cli.yml
+++ b/.github/workflows/build-cli.yml
@@ -21,7 +21,7 @@ jobs:
sign: ${{ steps.sign.outputs.sign }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Get Package Version
id: retrieve-version
@@ -56,7 +56,7 @@ jobs:
target: aarch64-pc-windows-msvc
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
@@ -145,7 +145,7 @@ jobs:
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
@@ -259,7 +259,7 @@ jobs:
target: aarch64-unknown-linux-gnu
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
@@ -268,7 +268,7 @@ jobs:
targets: ${{ matrix.settings.target }}
- name: Set up Zig
- uses: goto-bus-stop/setup-zig@7ab2955eb728f5440978d5824358023be3a2802d # v2.2.0
+ uses: goto-bus-stop/setup-zig@abea47f85e598557f500fa1fd2ab7464fcb39406 # v2.2.1
with:
version: 0.12.0
@@ -305,7 +305,7 @@ jobs:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Download x86_64-apple-darwin artifact
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
@@ -407,7 +407,7 @@ jobs:
- setup
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
@@ -441,7 +441,7 @@ jobs:
needs: setup
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
diff --git a/.github/workflows/build-cpp.yml b/.github/workflows/build-cpp.yml
index 606cefdee..01222aac9 100644
--- a/.github/workflows/build-cpp.yml
+++ b/.github/workflows/build-cpp.yml
@@ -41,7 +41,7 @@ jobs:
steps:
- name: Checkout Repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: install dependencies linux
if: runner.os == 'Linux'
diff --git a/.github/workflows/build-dotnet.yml b/.github/workflows/build-dotnet.yml
index 97d43dfbe..bb5d56b6b 100644
--- a/.github/workflows/build-dotnet.yml
+++ b/.github/workflows/build-dotnet.yml
@@ -23,7 +23,7 @@ jobs:
version: ${{ steps.version.outputs.version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install xmllint
run: sudo apt-get install -y libxml2-utils
@@ -44,7 +44,7 @@ jobs:
steps:
- name: Checkout Repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Download C# schemas artifact
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
diff --git a/.github/workflows/build-go.yaml b/.github/workflows/build-go.yaml
index 4ad7d0345..ffb4d6693 100644
--- a/.github/workflows/build-go.yaml
+++ b/.github/workflows/build-go.yaml
@@ -19,7 +19,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Setup Go environment
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
diff --git a/.github/workflows/build-java.yml b/.github/workflows/build-java.yml
index 98880e52b..6994a5a61 100644
--- a/.github/workflows/build-java.yml
+++ b/.github/workflows/build-java.yml
@@ -24,7 +24,7 @@ jobs:
steps:
- name: Checkout Repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Download Java schemas artifact
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
diff --git a/.github/workflows/build-napi.yml b/.github/workflows/build-napi.yml
index a7d8f7bca..41ed1d17d 100644
--- a/.github/workflows/build-napi.yml
+++ b/.github/workflows/build-napi.yml
@@ -51,7 +51,7 @@ jobs:
strip *.node
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Setup Node
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
diff --git a/.github/workflows/build-python-wheels.yml b/.github/workflows/build-python-wheels.yml
index ed07bbb94..b39195679 100644
--- a/.github/workflows/build-python-wheels.yml
+++ b/.github/workflows/build-python-wheels.yml
@@ -26,7 +26,7 @@ jobs:
package_version: ${{ steps.retrieve-version.outputs.package_version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Get Package Version
id: retrieve-version
@@ -63,7 +63,7 @@ jobs:
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Setup Node
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
diff --git a/.github/workflows/build-rust-crates.yml b/.github/workflows/build-rust-crates.yml
index b7d0832fb..d4116bcf9 100644
--- a/.github/workflows/build-rust-crates.yml
+++ b/.github/workflows/build-rust-crates.yml
@@ -34,7 +34,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
@@ -62,7 +62,7 @@ jobs:
needs: build
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
diff --git a/.github/workflows/build-rust-cross-platform.yml b/.github/workflows/build-rust-cross-platform.yml
index 7c567135b..fab7df991 100644
--- a/.github/workflows/build-rust-cross-platform.yml
+++ b/.github/workflows/build-rust-cross-platform.yml
@@ -38,7 +38,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
@@ -48,7 +48,7 @@ jobs:
- name: Cache cargo registry
uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3
- - uses: goto-bus-stop/setup-zig@7ab2955eb728f5440978d5824358023be3a2802d # v2.2.0
+ - uses: goto-bus-stop/setup-zig@abea47f85e598557f500fa1fd2ab7464fcb39406 # v2.2.1
if: ${{ contains(matrix.settings.target, 'musl') }}
with:
version: 0.12.0
diff --git a/.github/workflows/build-swift.yml b/.github/workflows/build-swift.yml
index 22da084ed..372241348 100644
--- a/.github/workflows/build-swift.yml
+++ b/.github/workflows/build-swift.yml
@@ -17,7 +17,7 @@ jobs:
package_version: ${{ steps.retrieve-version.outputs.package_version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Get Package Version
id: retrieve-version
@@ -33,7 +33,7 @@ jobs:
_VERSION: ${{ needs.version.outputs.package_version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
diff --git a/.github/workflows/build-wasm.yml b/.github/workflows/build-wasm.yml
index 996ff0ade..35c0ca6b6 100644
--- a/.github/workflows/build-wasm.yml
+++ b/.github/workflows/build-wasm.yml
@@ -22,7 +22,7 @@ jobs:
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Setup Node
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
diff --git a/.github/workflows/cloc.yml b/.github/workflows/cloc.yml
index 120aeb511..644dc0bfd 100644
--- a/.github/workflows/cloc.yml
+++ b/.github/workflows/cloc.yml
@@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Set up cloc
run: |
diff --git a/.github/workflows/direct-minimal-versions.yml b/.github/workflows/direct-minimal-versions.yml
index 3cfec8a48..22feb04cf 100644
--- a/.github/workflows/direct-minimal-versions.yml
+++ b/.github/workflows/direct-minimal-versions.yml
@@ -36,7 +36,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
diff --git a/.github/workflows/generate_schemas.yml b/.github/workflows/generate_schemas.yml
index c1db37d5d..434174c7b 100644
--- a/.github/workflows/generate_schemas.yml
+++ b/.github/workflows/generate_schemas.yml
@@ -19,7 +19,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 951c8fcba..a12e263c4 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -17,7 +17,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
@@ -45,7 +45,7 @@ jobs:
RUSTFLAGS: "-D warnings"
- name: Upload Clippy results to GitHub
- uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8
+ uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9
with:
sarif_file: clippy_result.sarif
diff --git a/.github/workflows/memory-testing.yml b/.github/workflows/memory-testing.yml
index a9635bc68..41b158536 100644
--- a/.github/workflows/memory-testing.yml
+++ b/.github/workflows/memory-testing.yml
@@ -22,7 +22,7 @@ jobs:
steps:
- name: Check out repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Set up gdb
run: |
diff --git a/.github/workflows/minimum-rust-version.yml b/.github/workflows/minimum-rust-version.yml
index 19b81de63..fa95eb0bb 100644
--- a/.github/workflows/minimum-rust-version.yml
+++ b/.github/workflows/minimum-rust-version.yml
@@ -27,7 +27,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
diff --git a/.github/workflows/publish-dotnet.yml b/.github/workflows/publish-dotnet.yml
index 1c4cf5840..28a57e683 100644
--- a/.github/workflows/publish-dotnet.yml
+++ b/.github/workflows/publish-dotnet.yml
@@ -24,7 +24,7 @@ jobs:
version: ${{ steps.version.outputs.version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
diff --git a/.github/workflows/publish-java.yml b/.github/workflows/publish-java.yml
index 65e0b0abe..98f6fadd2 100644
--- a/.github/workflows/publish-java.yml
+++ b/.github/workflows/publish-java.yml
@@ -30,7 +30,7 @@ jobs:
version: ${{ steps.version.outputs.version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
@@ -54,7 +54,7 @@ jobs:
needs: validate
steps:
- name: Checkout Repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Azure login
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
diff --git a/.github/workflows/publish-php.yml b/.github/workflows/publish-php.yml
index 74939ec58..986923ab5 100644
--- a/.github/workflows/publish-php.yml
+++ b/.github/workflows/publish-php.yml
@@ -25,7 +25,7 @@ jobs:
version: ${{ steps.version.outputs.version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
@@ -48,7 +48,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Setup PHP with PECL extension
uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # 2.31.1
@@ -76,7 +76,7 @@ jobs:
_PKG_VERSION: ${{ needs.validate.outputs.version }}
steps:
- name: Checkout SDK repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
path: sdk
@@ -93,7 +93,7 @@ jobs:
secrets: "github-pat-bitwarden-devops-bot-repo-scope"
- name: Checkout SDK-PHP repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
repository: bitwarden/sm-sdk-php
path: sm-sdk-php
@@ -255,7 +255,7 @@ jobs:
packagist-key"
- name: Checkout SDK-PHP repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
repository: bitwarden/sm-sdk-php
path: sm-sdk-php
diff --git a/.github/workflows/publish-python.yml b/.github/workflows/publish-python.yml
index ef30d6598..dcbfee22f 100644
--- a/.github/workflows/publish-python.yml
+++ b/.github/workflows/publish-python.yml
@@ -24,7 +24,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
diff --git a/.github/workflows/publish-ruby.yml b/.github/workflows/publish-ruby.yml
index c372a476d..6184586a1 100644
--- a/.github/workflows/publish-ruby.yml
+++ b/.github/workflows/publish-ruby.yml
@@ -23,7 +23,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
@@ -36,7 +36,7 @@ jobs:
fi
- name: Set up Ruby
- uses: ruby/setup-ruby@f321cf5a4d1533575411f8752cf25b86478b0442 # v1.193.0
+ uses: ruby/setup-ruby@c04af2bb7258bb6a03df1d3c1865998ac9390972 # v1.194.0
with:
ruby-version: 3.2
diff --git a/.github/workflows/publish-rust-crates.yml b/.github/workflows/publish-rust-crates.yml
index bdb39d9b7..a614608f9 100644
--- a/.github/workflows/publish-rust-crates.yml
+++ b/.github/workflows/publish-rust-crates.yml
@@ -21,7 +21,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
diff --git a/.github/workflows/release-cli.yml b/.github/workflows/release-cli.yml
index 80c09142e..30f0dfd93 100644
--- a/.github/workflows/release-cli.yml
+++ b/.github/workflows/release-cli.yml
@@ -25,7 +25,7 @@ jobs:
release-version: ${{ steps.version.outputs.version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
@@ -112,7 +112,7 @@ jobs:
needs: setup
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Login to Azure
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
@@ -150,7 +150,7 @@ jobs:
needs: setup
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Generate tag list
id: tag-list
@@ -201,7 +201,7 @@ jobs:
azure-keyvault-name: "bitwarden-ci"
- name: Build and push Docker image
- uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
+ uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0
with:
context: .
file: crates/bws/Dockerfile
diff --git a/.github/workflows/release-cpp.yml b/.github/workflows/release-cpp.yml
index c96b8e088..aa4d37f62 100644
--- a/.github/workflows/release-cpp.yml
+++ b/.github/workflows/release-cpp.yml
@@ -24,7 +24,7 @@ jobs:
version: ${{ steps.version.outputs.version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
diff --git a/.github/workflows/release-go.yml b/.github/workflows/release-go.yml
index 2c2aea4e4..f88e52af5 100644
--- a/.github/workflows/release-go.yml
+++ b/.github/workflows/release-go.yml
@@ -26,7 +26,7 @@ jobs:
version: ${{ steps.version.outputs.version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
@@ -55,7 +55,7 @@ jobs:
steps:
- name: Checkout SDK repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
path: sdk
@@ -72,7 +72,7 @@ jobs:
secrets: "github-pat-bitwarden-devops-bot-repo-scope"
- name: Checkout SDK-Go repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
repository: bitwarden/sdk-go
path: sdk-go
diff --git a/.github/workflows/release-napi.yml b/.github/workflows/release-napi.yml
index fc4eaa367..fb99cc1cf 100644
--- a/.github/workflows/release-napi.yml
+++ b/.github/workflows/release-napi.yml
@@ -33,7 +33,7 @@ jobs:
release-version: ${{ steps.version.outputs.version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
@@ -90,7 +90,7 @@ jobs:
_PKG_VERSION: ${{ needs.setup.outputs.release-version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Setup Node
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
diff --git a/.github/workflows/release-swift.yml b/.github/workflows/release-swift.yml
index a9ab213a6..351581a7a 100644
--- a/.github/workflows/release-swift.yml
+++ b/.github/workflows/release-swift.yml
@@ -42,7 +42,7 @@ jobs:
swift_checksum: ${{ steps.calculate-swift-checksum.outputs.checksum }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Get version
id: version
@@ -114,7 +114,7 @@ jobs:
_BUILD_RUN_ID: ${{ needs.validate.outputs.run_id }}
steps:
- name: Checkout SDK repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
path: sdk
@@ -142,7 +142,7 @@ jobs:
github-pat-bitwarden-devops-bot-repo-scope"
- name: Checkout SDK-Swift repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
repository: bitwarden/sdk-swift
path: sdk-swift
diff --git a/.github/workflows/release-wasm.yml b/.github/workflows/release-wasm.yml
index dac64a6ce..b6476e833 100644
--- a/.github/workflows/release-wasm.yml
+++ b/.github/workflows/release-wasm.yml
@@ -32,7 +32,7 @@ jobs:
release-version: ${{ steps.version.outputs.version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
@@ -89,7 +89,7 @@ jobs:
_PKG_VERSION: ${{ needs.setup.outputs.release-version }}
steps:
- name: Checkout repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Setup Node
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
diff --git a/.github/workflows/rust-test.yml b/.github/workflows/rust-test.yml
index 3d9ed6f00..5e7703e84 100644
--- a/.github/workflows/rust-test.yml
+++ b/.github/workflows/rust-test.yml
@@ -34,7 +34,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
@@ -54,7 +54,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
@@ -83,7 +83,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
diff --git a/.github/workflows/rustdoc.yml b/.github/workflows/rustdoc.yml
index a2a07490c..45ab6d07d 100644
--- a/.github/workflows/rustdoc.yml
+++ b/.github/workflows/rustdoc.yml
@@ -20,7 +20,7 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Install rust
uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
index 364298f98..193c9fcf6 100644
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@@ -26,7 +26,7 @@ jobs:
steps:
- name: Check out repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
ref: ${{ github.event.pull_request.head.sha }}
@@ -46,7 +46,7 @@ jobs:
--output-path . ${{ env.INCREMENTAL }}
- name: Upload Checkmarx results to GitHub
- uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8
+ uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9
with:
sarif_file: cx_result.sarif
@@ -60,7 +60,7 @@ jobs:
steps:
- name: Check out repo
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml
index 8357d49bd..7053181eb 100644
--- a/.github/workflows/version-bump.yml
+++ b/.github/workflows/version-bump.yml
@@ -59,7 +59,7 @@ jobs:
github-pat-bitwarden-devops-bot-repo-scope"
- name: Checkout Branch
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
ref: main
repository: bitwarden/sdk
@@ -236,7 +236,7 @@ jobs:
runs-on: ubuntu-22.04
steps:
- name: Checkout Branch
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
ref: main
From a6fd484c31aead9f8bbdc0576cc2be3a069c9891 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Ch=C4=99ci=C5=84ski?=
Date: Mon, 30 Sep 2024 15:12:34 +0200
Subject: [PATCH 4/9] [BRE-224] Create a GitHub release workflows for sdk
(#1078)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
## đī¸ Tracking
https://bitwarden.atlassian.net/browse/BRE-224
## đ Objective
Create and/or split workflow to create a GitHub Release for SDK parts.
## â° Reminders before review
- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
team
## đĻŽ Reviewer guidelines
- đ (`:+1:`) or similar for great changes
- đ (`:memo:`) or âšī¸ (`:information_source:`) for notes or general info
- â (`:question:`) for questions
- đ¤ (`:thinking:`) or đ (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
issue and could potentially benefit from discussion
- đ¨ (`:art:`) for suggestions / improvements
- â (`:x:`) or â ī¸ (`:warning:`) for more significant problems or
concerns needing attention
- đą (`:seedling:`) or âģī¸ (`:recycle:`) for future improvements or
indications of technical debt
- â (`:pick:`) for minor or nitpick changes
---------
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
---
.github/workflows/build-ruby.yml | 95 +++++++++++
.../{release-cli.yml => publish-bws.yml} | 116 +++++++------
.github/workflows/publish-dotnet.yml | 69 ++++++--
.github/workflows/publish-java.yml | 27 ++-
.github/workflows/publish-napi.yml | 155 ++++++++++++++++++
.github/workflows/publish-python.yml | 55 +++++--
.github/workflows/publish-ruby.yml | 130 +++++++--------
.github/workflows/publish-rust-crates.yml | 38 ++++-
.github/workflows/publish-wasm.yml | 138 ++++++++++++++++
.github/workflows/release-bws.yml | 77 +++++++++
.github/workflows/release-cpp.yml | 8 +-
.github/workflows/release-dotnet.yml | 76 +++++++++
.github/workflows/release-java.yml | 61 +++++++
.github/workflows/release-napi.yml | 142 ++++------------
.github/workflows/release-python.yml | 74 +++++++++
.github/workflows/release-ruby.yml | 71 ++++++++
.github/workflows/release-rust-crates.yml | 53 ++++++
.github/workflows/release-wasm.yml | 96 +++--------
18 files changed, 1128 insertions(+), 353 deletions(-)
create mode 100644 .github/workflows/build-ruby.yml
rename .github/workflows/{release-cli.yml => publish-bws.yml} (72%)
create mode 100644 .github/workflows/publish-napi.yml
create mode 100644 .github/workflows/publish-wasm.yml
create mode 100644 .github/workflows/release-bws.yml
create mode 100644 .github/workflows/release-dotnet.yml
create mode 100644 .github/workflows/release-java.yml
create mode 100644 .github/workflows/release-python.yml
create mode 100644 .github/workflows/release-ruby.yml
create mode 100644 .github/workflows/release-rust-crates.yml
diff --git a/.github/workflows/build-ruby.yml b/.github/workflows/build-ruby.yml
new file mode 100644
index 000000000..5a3f1a016
--- /dev/null
+++ b/.github/workflows/build-ruby.yml
@@ -0,0 +1,95 @@
+---
+name: Build Ruby
+
+on:
+ pull_request:
+ push:
+ branches:
+ - "main"
+ workflow_dispatch:
+
+jobs:
+ build:
+ name: Build Ruby
+ runs-on: ubuntu-22.04
+ steps:
+ - name: Checkout Repository
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Set up Ruby
+ uses: ruby/setup-ruby@52753b7da854d5c07df37391a986c76ab4615999 # v1.191.0
+ with:
+ ruby-version: 3.2
+
+ - name: Download artifacts
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: generate_schemas.yml
+ path: languages/ruby/bitwarden_sdk_secrets/lib
+ workflow_conclusion: success
+ branch: ${{ github.ref_name }}
+ artifacts: schemas.rb
+
+ - name: Download x86_64-apple-darwin artifact
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: build-rust-cross-platform.yml
+ path: temp/macos-x64
+ workflow_conclusion: success
+ branch: ${{ github.ref_name }}
+ artifacts: libbitwarden_c_files-x86_64-apple-darwin
+
+ - name: Download aarch64-apple-darwin artifact
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: build-rust-cross-platform.yml
+ workflow_conclusion: success
+ branch: ${{ github.ref_name }}
+ artifacts: libbitwarden_c_files-aarch64-apple-darwin
+ path: temp/macos-arm64
+
+ - name: Download x86_64-unknown-linux-gnu artifact
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: build-rust-cross-platform.yml
+ workflow_conclusion: success
+ branch: ${{ github.ref_name }}
+ artifacts: libbitwarden_c_files-x86_64-unknown-linux-gnu
+ path: temp/linux-x64
+
+ - name: Download x86_64-pc-windows-msvc artifact
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: build-rust-cross-platform.yml
+ workflow_conclusion: success
+ branch: ${{ github.ref_name }}
+ artifacts: libbitwarden_c_files-x86_64-pc-windows-msvc
+ path: temp/windows-x64
+
+ - name: Copy lib files
+ run: |
+ mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/macos-arm64
+ mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/linux-x64
+ mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/macos-x64
+ mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/windows-x64
+
+ platforms=("macos-arm64" "linux-x64" "macos-x64" "windows-x64")
+ files=("libbitwarden_c.dylib" "libbitwarden_c.so" "libbitwarden_c.dylib" "bitwarden_c.dll")
+
+ for ((i=0; i<${#platforms[@]}; i++)); do
+ cp "temp/${platforms[$i]}/${files[$i]}" "languages/ruby/bitwarden_sdk_secrets/lib/${platforms[$i]}/${files[$i]}"
+ done
+
+ - name: bundle install
+ run: bundle install
+ working-directory: languages/ruby/bitwarden_sdk_secrets
+
+ - name: Build gem
+ run: gem build bitwarden-sdk-secrets.gemspec
+ working-directory: languages/ruby/bitwarden_sdk_secrets
+
+ - name: Upload artifact
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+ with:
+ path: bitwarden-sdk-secrets-*.gem
+ name: bitwarden-sdk-secrets
diff --git a/.github/workflows/release-cli.yml b/.github/workflows/publish-bws.yml
similarity index 72%
rename from .github/workflows/release-cli.yml
rename to .github/workflows/publish-bws.yml
index 30f0dfd93..506427faa 100644
--- a/.github/workflows/release-cli.yml
+++ b/.github/workflows/publish-bws.yml
@@ -1,6 +1,6 @@
---
-name: Release CLI
-run-name: Release CLI ${{ inputs.release_type }}
+name: Publish bws CLI
+run-name: Publish bws CLI ${{ inputs.release_type }}
on:
workflow_dispatch:
@@ -13,6 +13,11 @@ on:
options:
- Release
- Dry Run
+ version:
+ description: 'Version to publish (default: latest bws cli release)'
+ required: true
+ type: string
+ default: latest
env:
_AZ_REGISTRY: bitwardenprod.azurecr.io
@@ -22,7 +27,9 @@ jobs:
name: Setup
runs-on: ubuntu-22.04
outputs:
- release-version: ${{ steps.version.outputs.version }}
+ release-version: ${{ steps.version-output.outputs.version }}
+ release-tag: ${{ steps.version-output.outputs.tag_name }}
+ deployment-id: ${{ steps.deployment.outputs.deployment_id }}
steps:
- name: Checkout repo
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
@@ -37,11 +44,21 @@ jobs:
exit 1
fi
- - name: Check Release Version
- id: version
+ - name: Version output
+ id: version-output
run: |
- VERSION=$(grep -o '^version = ".*"' crates/bws/Cargo.toml | grep -Eo "[0-9]+\.[0-9]+\.[0-9]+")
- echo "version=$VERSION" >> $GITHUB_OUTPUT
+ if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then
+ TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("bws")) | .tag_name' | head -1)
+ VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+')
+ echo "Latest Released Version: $VERSION"
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ echo "Latest Released Tag name: $TAG_NAME"
+ echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT
+ else
+ echo "Release Version: ${{ inputs.version }}"
+ echo "version=${{ inputs.version }}" >> $GITHUB_OUTPUT
+ fi
- name: Create GitHub deployment
if: ${{ inputs.release_type != 'Dry Run' }}
@@ -50,66 +67,18 @@ jobs:
with:
token: "${{ secrets.GITHUB_TOKEN }}"
initial-status: "in_progress"
- environment: "CLI - Production"
- description: "Deployment ${{ steps.version.outputs.version }} from branch ${{ github.ref_name }}"
+ environment: "bws CLI - Production"
+ description: "Deployment ${{ steps.version-output.outputs.version }} from branch ${{ github.ref_name }}"
task: release
- - name: Download all Release artifacts
- uses: bitwarden/gh-actions/download-artifacts@main
- with:
- workflow: build-cli.yml
- path: packages
- workflow_conclusion: success
- branch: ${{ github.ref_name }}
-
- - name: Get checksum files
- uses: bitwarden/gh-actions/get-checksum@main
- with:
- packages_dir: "packages"
- file_path: "packages/bws-sha256-checksums-${{ steps.version.outputs.version }}.txt"
-
- - name: Create release
- if: ${{ inputs.release_type != 'Dry Run' }}
- uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
- env:
- PKG_VERSION: ${{ steps.version.outputs.version }}
- with:
- artifacts: "packages/bws-x86_64-apple-darwin-${{ env.PKG_VERSION }}.zip,
- packages/bws-aarch64-apple-darwin-${{ env.PKG_VERSION }}.zip,
- packages/bws-macos-universal-${{ env.PKG_VERSION }}.zip,
- packages/bws-x86_64-pc-windows-msvc-${{ env.PKG_VERSION }}.zip,
- packages/bws-aarch64-pc-windows-msvc-${{ env.PKG_VERSION }}.zip,
- packages/bws-x86_64-unknown-linux-gnu-${{ env.PKG_VERSION }}.zip,
- packages/bws-aarch64-unknown-linux-gnu-${{ env.PKG_VERSION }}.zip,
- packages/THIRDPARTY.html,
- packages/bws-sha256-checksums-${{ env.PKG_VERSION }}.txt"
- commit: ${{ github.sha }}
- tag: bws-v${{ env.PKG_VERSION }}
- name: bws CLI v${{ env.PKG_VERSION }}
- body: ""
- token: ${{ secrets.GITHUB_TOKEN }}
- draft: true
-
- - name: Update deployment status to Success
- if: ${{ inputs.release_type != 'Dry Run' && success() }}
- uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
- with:
- token: "${{ secrets.GITHUB_TOKEN }}"
- state: "success"
- deployment-id: ${{ steps.deployment.outputs.deployment_id }}
-
- - name: Update deployment status to Failure
- if: ${{ inputs.release_type != 'Dry Run' && failure() }}
- uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
- with:
- token: "${{ secrets.GITHUB_TOKEN }}"
- state: "failure"
- deployment-id: ${{ steps.deployment.outputs.deployment_id }}
publish:
name: Publish bws to crates.io
runs-on: ubuntu-22.04
needs: setup
+ env:
+ _VERSION: ${{ needs.setup.outputs.release-version }}
+ _TAG_NAME: ${{ needs.setup.outputs.release-tag }}
steps:
- name: Checkout
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
@@ -118,6 +87,7 @@ jobs:
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
+ ref: ${{ env._TAG_NAME }}
- name: Retrieve secrets
id: retrieve-secrets
@@ -151,6 +121,8 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+ with:
+ ref: ${{ env._TAG_NAME }}
- name: Generate tag list
id: tag-list
@@ -218,3 +190,27 @@ jobs:
run: |
docker logout
echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV
+
+ update_release_status:
+ name: Update GitHub deployment status
+ runs-on: ubuntu-22.04
+ needs: setup
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ env:
+ _DEPLOYMENT_ID: ${{ needs.setup.outputs.deployment-id }}
+ steps:
+ - name: Update deployment status to Success
+ if: ${{ inputs.release_type != 'Dry Run' && success() }}
+ uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
+ with:
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ state: "success"
+ deployment-id: ${{ env._DEPLOYMENT_ID }}
+
+ - name: Update deployment status to Failure
+ if: ${{ inputs.release_type != 'Dry Run' && failure() }}
+ uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
+ with:
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ state: "failure"
+ deployment-id: ${{ env._DEPLOYMENT_ID }}
diff --git a/.github/workflows/publish-dotnet.yml b/.github/workflows/publish-dotnet.yml
index 28a57e683..baafcc522 100644
--- a/.github/workflows/publish-dotnet.yml
+++ b/.github/workflows/publish-dotnet.yml
@@ -12,6 +12,10 @@ on:
options:
- Release
- Dry Run
+ version:
+ description: "Release Version"
+ required: false
+ default: "latest"
env:
_KEY_VAULT: "bitwarden-ci"
@@ -21,7 +25,7 @@ jobs:
name: Setup
runs-on: ubuntu-22.04
outputs:
- version: ${{ steps.version.outputs.version }}
+ version: ${{ steps.version-output.outputs.version }}
steps:
- name: Checkout repo
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
@@ -29,35 +33,50 @@ jobs:
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
run: |
- if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
echo "==================================="
- echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
+ echo "[!] Can only release from the 'main' branch"
echo "==================================="
exit 1
fi
- - name: Install xmllint
- run: sudo apt-get install -y libxml2-utils
-
- - name: Get version
- id: version
+ - name: Version output
+ id: version-output
run: |
- VERSION=$(xmllint --xpath 'string(/Project/PropertyGroup/Version)' languages/csharp/Bitwarden.Sdk/Bitwarden.Sdk.csproj)
- echo "version=$VERSION" >> $GITHUB_OUTPUT
+ if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then
+ TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("dotnet")) | .tag_name' | head -1)
+ VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+')
+ echo "Latest Released Version: $VERSION"
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ echo "Latest Released Tag name: $TAG_NAME"
+ echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT
+ else
+ echo "Release Version: ${{ inputs.version }}"
+ echo "version=${{ inputs.version }}" >> $GITHUB_OUTPUT
+ fi
deploy:
name: Deploy
runs-on: ubuntu-22.04
needs: validate
steps:
- - name: Download NuGet package
- uses: bitwarden/gh-actions/download-artifacts@main
+ - name: Create GitHub deployment
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: chrnorm/deployment-action@55729fcebec3d284f60f5bcabbd8376437d696b1 # v2.0.7
+ id: deployment
with:
- workflow: build-dotnet.yml
- workflow_conclusion: success
- branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }}
- artifacts: Bitwarden.Sdk.${{ needs.validate.outputs.version }}.nupkg
- path: ./nuget-output
+ token: '${{ secrets.GITHUB_TOKEN }}'
+ initial-status: 'in_progress'
+ environment: 'dotnet - Production'
+ description: 'Deployment ${{ needs.validate.outputs.version }} from branch ${{ github.ref_name }}'
+ task: release
+
+ - name: Download artifact
+ run: |
+ mkdir -p nuget-output
+ cd nuget-output
+ wget https://github.com/bitwarden/sdk/releases/download/dotnet-v${{ needs.validate.outputs.version }}/Bitwarden.Sdk.${{ needs.validate.outputs.version }}.nupkg
- name: Login to Azure - Prod Subscription
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
@@ -76,3 +95,19 @@ jobs:
env:
NUGET_API_KEY: ${{ steps.retrieve-secrets.outputs.nuget-api-key }}
run: dotnet nuget push ./nuget-output/*.nupkg -k ${{ env.NUGET_API_KEY }} -s https://api.nuget.org/v3/index.json
+
+ - name: Update deployment status to Success
+ if: ${{ inputs.release_type != 'Dry Run' && success() }}
+ uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
+ with:
+ token: '${{ secrets.GITHUB_TOKEN }}'
+ state: 'success'
+ deployment-id: ${{ steps.deployment.outputs.deployment_id }}
+
+ - name: Update deployment status to Failure
+ if: ${{ inputs.release_type != 'Dry Run' && failure() }}
+ uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
+ with:
+ token: '${{ secrets.GITHUB_TOKEN }}'
+ state: 'failure'
+ deployment-id: ${{ steps.deployment.outputs.deployment_id }}
diff --git a/.github/workflows/publish-java.yml b/.github/workflows/publish-java.yml
index 98f6fadd2..002a61ee4 100644
--- a/.github/workflows/publish-java.yml
+++ b/.github/workflows/publish-java.yml
@@ -13,6 +13,10 @@ on:
options:
- Release
- Dry Run
+ version:
+ description: "Release Version"
+ required: false
+ default: "latest"
defaults:
run:
@@ -27,7 +31,8 @@ jobs:
name: Setup
runs-on: ubuntu-22.04
outputs:
- version: ${{ steps.version.outputs.version }}
+ version: ${{ steps.version-output.outputs.version }}
+ tag_name: ${{ steps.version-output.outputs.tag_name }}
steps:
- name: Checkout repo
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
@@ -42,11 +47,21 @@ jobs:
exit 1
fi
- - name: Get version
- id: version
+ - name: Version output
+ id: version-output
run: |
- VERSION=$(cat build.gradle | grep -Eo 'version = "[0-9]+\.[0-9]+\.[0-9]+"' | grep -Eo '[0-9]+\.[0-9]+\.[0-9]+')
- echo "version=$VERSION" >> $GITHUB_OUTPUT
+ if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then
+ TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("java")) | .tag_name' | head -1)
+ VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+')
+ echo "Latest Released Version: $VERSION"
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ echo "Latest Released Tag name: $TAG_NAME"
+ echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT
+ else
+ echo "Release Version: ${{ inputs.version }}"
+ echo "version=${{ inputs.version }}" >> $GITHUB_OUTPUT
+ fi
publish:
name: Publish
@@ -55,6 +70,8 @@ jobs:
steps:
- name: Checkout Repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+ with:
+ ref: ${{ needs.validate.outputs.tag_name }}
- name: Azure login
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
diff --git a/.github/workflows/publish-napi.yml b/.github/workflows/publish-napi.yml
new file mode 100644
index 000000000..6a284d4a4
--- /dev/null
+++ b/.github/workflows/publish-napi.yml
@@ -0,0 +1,155 @@
+---
+name: Publish @bitwarden/sdk-napi
+run-name: Publish @bitwarden/sdk-napi ${{ inputs.release_type }}
+
+on:
+ workflow_dispatch:
+ inputs:
+ release_type:
+ description: "Release Options"
+ required: true
+ default: "Release"
+ type: choice
+ options:
+ - Release
+ - Dry Run
+ version:
+ description: "Release Version"
+ required: false
+ default: "latest"
+
+defaults:
+ run:
+ working-directory: crates/bitwarden-napi
+
+jobs:
+ setup:
+ name: Setup
+ runs-on: ubuntu-22.04
+ outputs:
+ release-version: ${{ steps.version-output.outputs.version }}
+ tag-name: ${{ steps.version-output.outputs.tag_name }}
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Branch check
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ run: |
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
+ echo "==================================="
+ echo "[!] Can only release from the 'main' branch"
+ echo "==================================="
+ exit 1
+ fi
+
+ - name: Version output
+ id: version-output
+ run: |
+ if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then
+ TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("napi")) | .tag_name' | head -1)
+ VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+')
+ echo "Latest Released Version: $VERSION"
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ echo "Latest Released Tag name: $TAG_NAME"
+ echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT
+ else
+ echo "Release Version: ${{ inputs.version }}"
+ echo "version=${{ inputs.version }}" >> $GITHUB_OUTPUT
+ fi
+
+ npm:
+ name: Publish NPM
+ runs-on: ubuntu-22.04
+ needs: setup
+ env:
+ _PKG_VERSION: ${{ needs.setup.outputs.release-version }}
+ _TAG_NAME: ${{ needs.setup.outputs.tag-name }}
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ with:
+ ref: ${{ env._TAG_NAME }}
+
+ - name: Create GitHub deployment
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: chrnorm/deployment-action@55729fcebec3d284f60f5bcabbd8376437d696b1 # v2.0.7
+ id: deployment
+ with:
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ initial-status: "in_progress"
+ environment: "Bitwarden SDK NAPI - Production"
+ description: "Deployment ${{ env._PKG_VERSION }} from branch ${{ github.ref_name }}"
+ task: release
+
+ - name: Setup Node
+ uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+ with:
+ node-version: 18
+ cache: "npm"
+ cache-dependency-path: crates/bitwarden-napi/package-lock.json
+
+ - name: Download schemas.ts artifact
+ run: |
+ wget https://github.com/bitwarden/sdk/releases/download/napi-v${{ env._PKG_VERSION }}/schemas.ts
+ mv schemas.ts ${{ github.workspace }}/crates/bitwarden-napi/src-ts/bitwarden_client/schemas.ts
+
+ - name: Install dependencies
+ run: npm ci
+
+ - name: Run tsc
+ run: npm run tsc
+
+ - name: Login to Azure
+ uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
+ with:
+ creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
+
+ - name: Retrieve secrets
+ id: retrieve-secrets
+ uses: bitwarden/gh-actions/get-keyvault-secrets@main
+ with:
+ keyvault: "bitwarden-ci"
+ secrets: "npm-api-key"
+
+ - name: Download sdk-napi artifacts
+ run: |
+ wget https://github.com/bitwarden/sdk/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.darwin-arm64.node
+ wget https://github.com/bitwarden/sdk/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.darwin-x64.node
+ wget https://github.com/bitwarden/sdk/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.win32-x64-msvc.node
+ wget https://github.com/bitwarden/sdk/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.linux-x64-gnu.node
+ mv sdk-napi.*.node ${{ github.workspace }}/crates/bitwarden-napi/artifacts
+
+ - name: Move artifacts
+ run: npm run artifacts
+
+ - name: Setup NPM
+ run: |
+ echo 'registry="https://registry.npmjs.org/"' > ./.npmrc
+ echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ./.npmrc
+
+ echo 'registry="https://registry.npmjs.org/"' > ~/.npmrc
+ echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc
+ env:
+ NPM_TOKEN: ${{ steps.retrieve-secrets.outputs.npm-api-key }}
+
+ - name: Publish NPM
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ run: npm publish --access public --registry=https://registry.npmjs.org/ --userconfig=./.npmrc
+
+ - name: Update deployment status to Success
+ if: ${{ inputs.release_type != 'Dry Run' && success() }}
+ uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
+ with:
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ state: "success"
+ deployment-id: ${{ steps.deployment.outputs.deployment_id }}
+
+ - name: Update deployment status to Failure
+ if: ${{ inputs.release_type != 'Dry Run' && failure() }}
+ uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
+ with:
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ state: "failure"
+ deployment-id: ${{ steps.deployment.outputs.deployment_id }}
diff --git a/.github/workflows/publish-python.yml b/.github/workflows/publish-python.yml
index dcbfee22f..7e3395093 100644
--- a/.github/workflows/publish-python.yml
+++ b/.github/workflows/publish-python.yml
@@ -13,6 +13,10 @@ on:
options:
- Release
- Dry Run
+ version:
+ description: "Release Version"
+ required: false
+ default: "latest"
defaults:
run:
@@ -22,6 +26,9 @@ jobs:
setup:
name: Setup
runs-on: ubuntu-22.04
+ outputs:
+ version: ${{ steps.version-output.outputs.version }}
+ tag_name: ${{ steps.version-output.outputs.tag_name }}
steps:
- name: Checkout repo
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
@@ -29,18 +36,39 @@ jobs:
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
run: |
- if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
echo "==================================="
- echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
+ echo "[!] Can only release from the 'main' branch"
echo "==================================="
exit 1
fi
+ - name: Version output
+ id: version-output
+ run: |
+ if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then
+ TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("python")) | .tag_name' | head -1)
+ VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+')
+ echo "Latest Released Version: $VERSION"
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ echo "Latest Released Tag name: $TAG_NAME"
+ echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT
+ else
+ echo "Release Version: ${{ inputs.version }}"
+ echo "version=${{ inputs.version }}" >> $GITHUB_OUTPUT
+ fi
+
publish:
name: Publish
runs-on: ubuntu-22.04
needs: setup
steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ with:
+ ref: ${{ needs.setup.outputs.tag_name }}
+
- name: Install Python
uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
with:
@@ -49,15 +77,20 @@ jobs:
- name: Install twine
run: pip install twine
- - name: Download artifacts
- uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
- with:
- workflow: build-python-wheels.yml
- path: ${{ github.workspace }}/target/wheels/dist
- workflow_conclusion: success
- branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }}
- name: bitwarden_sdk(.*)
- name_is_regexp: true
+ - name: Get release assets
+ working-directory: ${{ github.workspace }}/target/wheels/dist
+ run: |
+ ARTIFACT_URLS=$(curl -sSL https://api.github.com/repos/bitwarden/sdk/releases/tags/${{ needs.setup.outputs.tag_name }} | jq -r '.assets[].browser_download_url')
+ for url in $ARTIFACT_URLS; do
+ wget $url
+ done
+
+ - name: Unpack release assets
+ working-directory: ${{ github.workspace }}/target/wheels/dist
+ run: |
+ for file in *.zip; do
+ unzip $file
+ done
- name: Move files
working-directory: ${{ github.workspace }}/target/wheels/dist
diff --git a/.github/workflows/publish-ruby.yml b/.github/workflows/publish-ruby.yml
index 6184586a1..875def064 100644
--- a/.github/workflows/publish-ruby.yml
+++ b/.github/workflows/publish-ruby.yml
@@ -12,15 +12,22 @@ on:
options:
- Release
- Dry Run
+ version:
+ description: "Release Version"
+ required: false
+ default: "latest"
permissions:
contents: read
id-token: write
jobs:
- publish_ruby:
- name: Publish Ruby
+ setup:
+ name: Setup
runs-on: ubuntu-22.04
+ outputs:
+ release-version: ${{ steps.version-output.outputs.version }}
+ tag-name: ${{ steps.version-output.outputs.tag_name }}
steps:
- name: Checkout Repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
@@ -35,69 +42,45 @@ jobs:
exit 1
fi
- - name: Set up Ruby
- uses: ruby/setup-ruby@c04af2bb7258bb6a03df1d3c1865998ac9390972 # v1.194.0
- with:
- ruby-version: 3.2
-
- - name: Download artifacts
- uses: bitwarden/gh-actions/download-artifacts@main
- with:
- workflow: generate_schemas.yml
- path: languages/ruby/bitwarden_sdk_secrets/lib
- workflow_conclusion: success
- branch: main
- artifacts: schemas.rb
-
- - name: Download x86_64-apple-darwin artifact
- uses: bitwarden/gh-actions/download-artifacts@main
- with:
- workflow: build-rust-cross-platform.yml
- path: temp/macos-x64
- workflow_conclusion: success
- branch: main
- artifacts: libbitwarden_c_files-x86_64-apple-darwin
-
- - name: Download aarch64-apple-darwin artifact
- uses: bitwarden/gh-actions/download-artifacts@main
- with:
- workflow: build-rust-cross-platform.yml
- workflow_conclusion: success
- branch: main
- artifacts: libbitwarden_c_files-aarch64-apple-darwin
- path: temp/macos-arm64
+ - name: Version output
+ id: version-output
+ run: |
+ if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then
+ TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("ruby")) | .tag_name' | head -1)
+ VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+')
+ echo "Latest Released Version: $VERSION"
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ echo "Latest Released Tag name: $TAG_NAME"
+ echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT
+ else
+ echo "Release Version: ${{ inputs.version }}"
+ echo "version=${{ inputs.version }}" >> $GITHUB_OUTPUT
+ fi
- - name: Download x86_64-unknown-linux-gnu artifact
- uses: bitwarden/gh-actions/download-artifacts@main
+ publish:
+ name: Publish
+ runs-on: ubuntu-22.04
+ needs: setup
+ env:
+ _VERSION: ${{ needs.setup.outputs.release-version }}
+ _TAG_NAME: ${{ needs.setup.outputs.tag-name }}
+ steps:
+ - name: Checkout Repository
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
- workflow: build-rust-cross-platform.yml
- workflow_conclusion: success
- branch: main
- artifacts: libbitwarden_c_files-x86_64-unknown-linux-gnu
- path: temp/linux-x64
+ ref: ${{ env._TAG_NAME }}
- - name: Download x86_64-pc-windows-msvc artifact
- uses: bitwarden/gh-actions/download-artifacts@main
+ - name: Create GitHub deployment
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: chrnorm/deployment-action@55729fcebec3d284f60f5bcabbd8376437d696b1 # v2.0.7
+ id: deployment
with:
- workflow: build-rust-cross-platform.yml
- workflow_conclusion: success
- branch: main
- artifacts: libbitwarden_c_files-x86_64-pc-windows-msvc
- path: temp/windows-x64
-
- - name: Copy lib files
- run: |
- mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/macos-arm64
- mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/linux-x64
- mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/macos-x64
- mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/windows-x64
-
- platforms=("macos-arm64" "linux-x64" "macos-x64" "windows-x64")
- files=("libbitwarden_c.dylib" "libbitwarden_c.so" "libbitwarden_c.dylib" "bitwarden_c.dll")
-
- for ((i=0; i<${#platforms[@]}; i++)); do
- cp "temp/${platforms[$i]}/${files[$i]}" "languages/ruby/bitwarden_sdk_secrets/lib/${platforms[$i]}/${files[$i]}"
- done
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ initial-status: "in_progress"
+ environment: "Bitwarden Ruby SDK - Production"
+ description: "Deployment ${{ env._VERSION }} from branch ${{ github.ref_name }}"
+ task: release
- name: Login to Azure
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
@@ -111,13 +94,8 @@ jobs:
keyvault: "bitwarden-ci"
secrets: "rubygem-api-key"
- - name: bundle install
- run: bundle install
- working-directory: languages/ruby/bitwarden_sdk_secrets
-
- - name: Build gem
- run: gem build bitwarden-sdk-secrets.gemspec
- working-directory: languages/ruby/bitwarden_sdk_secrets
+ - name: Download ruby artifact
+ run: wget https://github.com/bitwarden/sdk/releases/download/ruby-v${{ env._VERSION }}/bitwarden-sdk-secrets-${{ env._VERSION }}.gem
- name: Push gem to Rubygems
if: ${{ inputs.release_type != 'Dry Run' }}
@@ -130,3 +108,19 @@ jobs:
env:
GEM_HOST_API_KEY: ${{ steps.retrieve-secrets.outputs.rubygem-api-key }}
working-directory: languages/ruby/bitwarden_sdk_secrets
+
+ - name: Update deployment status to Success
+ if: ${{ inputs.release_type != 'Dry Run' && success() }}
+ uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
+ with:
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ state: "success"
+ deployment-id: ${{ steps.deployment.outputs.deployment_id }}
+
+ - name: Update deployment status to Failure
+ if: ${{ inputs.release_type != 'Dry Run' && failure() }}
+ uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
+ with:
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ state: "failure"
+ deployment-id: ${{ steps.deployment.outputs.deployment_id }}
diff --git a/.github/workflows/publish-rust-crates.yml b/.github/workflows/publish-rust-crates.yml
index a614608f9..43f19323a 100644
--- a/.github/workflows/publish-rust-crates.yml
+++ b/.github/workflows/publish-rust-crates.yml
@@ -14,11 +14,19 @@ on:
- Initial Release
- Redeploy
- Dry Run
+ version:
+ description: 'Version to publish (default: latest rust crates release)'
+ required: true
+ type: string
+ default: latest
jobs:
- publish:
- name: Publish
+ setup:
+ name: setup
runs-on: ubuntu-22.04
+ outputs:
+ release-version: ${{ steps.version-output.outputs.version }}
+ release-tag: ${{ steps.version-output.outputs.tag_name }}
steps:
- name: Checkout
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
@@ -33,6 +41,32 @@ jobs:
exit 1
fi
+ - name: Version output
+ id: version-output
+ run: |
+ if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then
+ TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("rust")) | .tag_name' | head -1)
+ VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+')
+ echo "Latest Released Version: $VERSION"
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ echo "Latest Released Tag name: $TAG_NAME"
+ echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT
+ else
+ echo "Release Version: ${{ inputs.version }}"
+ echo "version=${{ inputs.version }}" >> $GITHUB_OUTPUT
+ fi
+
+ publish:
+ name: Publish
+ runs-on: ubuntu-22.04
+ needs: setup
+ steps:
+ - name: Checkout
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ with:
+ ref: ${{ needs.setup.outputs.release-tag }}
+
- name: Login to Azure
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
with:
diff --git a/.github/workflows/publish-wasm.yml b/.github/workflows/publish-wasm.yml
new file mode 100644
index 000000000..95a86a0c4
--- /dev/null
+++ b/.github/workflows/publish-wasm.yml
@@ -0,0 +1,138 @@
+---
+name: Publish @bitwarden/sdk-wasm
+run-name: Publish @bitwarden/sdk-wasm ${{ inputs.release_type }}
+
+on:
+ workflow_dispatch:
+ inputs:
+ release_type:
+ description: "Release Options"
+ required: true
+ default: "Release"
+ type: choice
+ options:
+ - Release
+ - Dry Run
+ version:
+ description: "Release Version"
+ required: false
+ default: "latest"
+
+defaults:
+ run:
+ working-directory: languages/js/wasm
+
+jobs:
+ setup:
+ name: Setup
+ runs-on: ubuntu-22.04
+ outputs:
+ release-version: ${{ steps.version-output.outputs.version }}
+ tag_name: ${{ steps.version-output.outputs.tag_name }}
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Branch check
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ run: |
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
+ echo "==================================="
+ echo "[!] Can only release from the 'main' branch"
+ echo "==================================="
+ exit 1
+ fi
+
+ - name: Version output
+ id: version-output
+ run: |
+ if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then
+ TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("napi")) | .tag_name' | head -1)
+ VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+')
+ echo "Latest Released Version: $VERSION"
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ echo "Latest Released Tag name: $TAG_NAME"
+ echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT
+ else
+ echo "Release Version: ${{ inputs.version }}"
+ echo "version=${{ inputs.version }}" >> $GITHUB_OUTPUT
+ fi
+
+ npm:
+ name: Publish NPM
+ runs-on: ubuntu-22.04
+ needs: setup
+ env:
+ _VERSION: ${{ needs.setup.outputs.release-version }}
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ with:
+ ref: ${{ needs.setup.outputs.tag_name }}
+
+ - name: Setup Node
+ uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+ with:
+ node-version: 18
+ cache: "npm"
+
+ - name: Login to Azure
+ uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
+ with:
+ creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
+
+ - name: Retrieve secrets
+ id: retrieve-secrets
+ uses: bitwarden/gh-actions/get-keyvault-secrets@main
+ with:
+ keyvault: "bitwarden-ci"
+ secrets: "npm-api-key"
+
+ - name: Download artifact
+ run: |
+ cd ${{ github.workspace }}/languages/js/wasm
+ wget https://github.com/bitwarden/sdk/releases/download/wasm-v${{ env._VERSION }}/sdk-bitwarden-wasm.zip
+ unzip sdk-bitwarden-wasm.zip
+ rm sdk-bitwarden-wasm.zip
+
+ - name: Create GitHub deployment
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: chrnorm/deployment-action@55729fcebec3d284f60f5bcabbd8376437d696b1 # v2.0.7
+ id: deployment
+ with:
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ initial-status: "in_progress"
+ environment: "Bitwarden SDK WASM - Production"
+ description: "Deployment ${{ env._VERSION }} from branch ${{ github.ref_name }}"
+ task: release
+
+ - name: Setup NPM
+ run: |
+ echo 'registry="https://registry.npmjs.org/"' > ./.npmrc
+ echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ./.npmrc
+
+ echo 'registry="https://registry.npmjs.org/"' > ~/.npmrc
+ echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc
+ env:
+ NPM_TOKEN: ${{ steps.retrieve-secrets.outputs.npm-api-key }}
+
+ - name: Publish NPM
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ run: npm publish --access public --registry=https://registry.npmjs.org/ --userconfig=./.npmrc
+
+ - name: Update deployment status to Success
+ if: ${{ inputs.release_type != 'Dry Run' && success() }}
+ uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
+ with:
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ state: "success"
+ deployment-id: ${{ steps.deployment.outputs.deployment_id }}
+
+ - name: Update deployment status to Failure
+ if: ${{ inputs.release_type != 'Dry Run' && failure() }}
+ uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
+ with:
+ token: "${{ secrets.GITHUB_TOKEN }}"
+ state: "failure"
+ deployment-id: ${{ steps.deployment.outputs.deployment_id }}
diff --git a/.github/workflows/release-bws.yml b/.github/workflows/release-bws.yml
new file mode 100644
index 000000000..92a8544b8
--- /dev/null
+++ b/.github/workflows/release-bws.yml
@@ -0,0 +1,77 @@
+---
+name: Release bws CLI
+run-name: Release bws CLI ${{ inputs.release_type }}
+
+on:
+ workflow_dispatch:
+ inputs:
+ release_type:
+ description: "Release Options"
+ required: true
+ default: "Release"
+ type: choice
+ options:
+ - Release
+ - Dry Run
+
+jobs:
+ setup:
+ name: Setup
+ runs-on: ubuntu-22.04
+ outputs:
+ release-version: ${{ steps.version.outputs.version }}
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Branch check
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ run: |
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
+ echo "==================================="
+ echo "[!] Can only release from the 'main' branch"
+ echo "==================================="
+ exit 1
+ fi
+
+ - name: Check Release Version
+ id: version
+ run: |
+ VERSION=$(grep -o '^version = ".*"' crates/bws/Cargo.toml | grep -Eo "[0-9]+\.[0-9]+\.[0-9]+")
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ - name: Download all Release artifacts
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: build-cli.yml
+ path: packages
+ workflow_conclusion: success
+ branch: ${{ github.ref_name }}
+
+ - name: Get checksum files
+ uses: bitwarden/gh-actions/get-checksum@main
+ with:
+ packages_dir: "packages"
+ file_path: "packages/bws-sha256-checksums-${{ steps.version.outputs.version }}.txt"
+
+ - name: Create release
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
+ env:
+ PKG_VERSION: ${{ steps.version.outputs.version }}
+ with:
+ artifacts: "packages/bws-x86_64-apple-darwin-${{ env.PKG_VERSION }}.zip,
+ packages/bws-aarch64-apple-darwin-${{ env.PKG_VERSION }}.zip,
+ packages/bws-macos-universal-${{ env.PKG_VERSION }}.zip,
+ packages/bws-x86_64-pc-windows-msvc-${{ env.PKG_VERSION }}.zip,
+ packages/bws-aarch64-pc-windows-msvc-${{ env.PKG_VERSION }}.zip,
+ packages/bws-x86_64-unknown-linux-gnu-${{ env.PKG_VERSION }}.zip,
+ packages/bws-aarch64-unknown-linux-gnu-${{ env.PKG_VERSION }}.zip,
+ packages/THIRDPARTY.html,
+ packages/bws-sha256-checksums-${{ env.PKG_VERSION }}.txt"
+ commit: ${{ github.sha }}
+ tag: bws-v${{ env.PKG_VERSION }}
+ name: bws CLI v${{ env.PKG_VERSION }}
+ body: ""
+ token: ${{ secrets.GITHUB_TOKEN }}
+ draft: true
diff --git a/.github/workflows/release-cpp.yml b/.github/workflows/release-cpp.yml
index aa4d37f62..47199a99f 100644
--- a/.github/workflows/release-cpp.yml
+++ b/.github/workflows/release-cpp.yml
@@ -29,9 +29,9 @@ jobs:
- name: Branch check
if: ${{ inputs.release_type != 'Dry Run' }}
run: |
- if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]] ; then
echo "==================================="
- echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
+ echo "[!] Can only release from the 'main' branches"
echo "==================================="
exit 1
fi
@@ -45,9 +45,7 @@ jobs:
github-release:
name: GitHub Release
runs-on: ubuntu-22.04
- needs:
- - repo-sync
- - validate
+ needs: validate
env:
_PKG_VERSION: ${{ needs.validate.outputs.version }}
steps:
diff --git a/.github/workflows/release-dotnet.yml b/.github/workflows/release-dotnet.yml
new file mode 100644
index 000000000..2e08e8a76
--- /dev/null
+++ b/.github/workflows/release-dotnet.yml
@@ -0,0 +1,76 @@
+name: Release .NET NuGet
+run-name: Release .NET NuGet Package ${{ inputs.release_type }}
+
+on:
+ workflow_dispatch:
+ inputs:
+ release_type:
+ description: "Release Options"
+ required: true
+ default: "Release"
+ type: choice
+ options:
+ - Release
+ - Dry Run
+
+
+jobs:
+ setup:
+ name: Setup
+ runs-on: ubuntu-22.04
+ outputs:
+ version: ${{ steps.version.outputs.version }}
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Branch check
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ run: |
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
+ echo "==================================="
+ echo "[!] Can only release from the 'main' branch"
+ echo "==================================="
+ exit 1
+ fi
+
+ - name: Install xmllint
+ run: sudo apt-get install -y libxml2-utils
+
+ - name: Get version
+ id: version
+ run: |
+ VERSION=$(xmllint --xpath 'string(/Project/PropertyGroup/Version)' languages/csharp/Bitwarden.Sdk/Bitwarden.Sdk.csproj)
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ release:
+ name: Create GitHub release
+ runs-on: ubuntu-22.04
+ needs: setup
+ steps:
+ - name: Checkout Repository
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Download NuGet package
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: build-dotnet.yml
+ workflow_conclusion: success
+ branch: main
+ artifacts: Bitwarden.Sdk.${{ needs.setup.outputs.version }}.nupkg
+ path: ./nuget-output
+
+ - name: Create release
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
+ env:
+ PKG_VERSION: ${{ needs.setup.outputs.version }}
+ with:
+ commit: ${{ github.sha }}
+ tag: dotnet-v${{ env.PKG_VERSION }}
+ name: .NET NuGet v${{ env.PKG_VERSION }}
+ body: ""
+ token: ${{ secrets.GITHUB_TOKEN }}
+ draft: true
+ artifacts: |
+ ./nuget-output/Bitwarden.Sdk.${{ needs.setup.outputs.version }}.nupkg
diff --git a/.github/workflows/release-java.yml b/.github/workflows/release-java.yml
new file mode 100644
index 000000000..6898932d5
--- /dev/null
+++ b/.github/workflows/release-java.yml
@@ -0,0 +1,61 @@
+name: Release Java SDK
+run-name: Release Java SDK ${{ inputs.release_type }}
+
+on:
+ workflow_dispatch:
+ inputs:
+ release_type:
+ description: "Release Options"
+ required: true
+ default: "Release"
+ type: choice
+ options:
+ - Release
+ - Dry Run
+
+jobs:
+ setup:
+ name: Setup
+ runs-on: ubuntu-22.04
+ outputs:
+ version: ${{ steps.version.outputs.version }}
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Branch check
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ run: |
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
+ echo "==================================="
+ echo "[!] Can only release from the 'main' branch"
+ echo "==================================="
+ exit 1
+ fi
+
+ - name: Get version
+ id: version
+ run: |
+ VERSION=$(cat languages/java/build.gradle | grep -Eo 'version = "[0-9]+\.[0-9]+\.[0-9]+"' | grep -Eo '[0-9]+\.[0-9]+\.[0-9]+')
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ release:
+ name: Release
+ runs-on: ubuntu-22.04
+ needs: setup
+ steps:
+ - name: Checkout Repository
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Create release
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
+ env:
+ PKG_VERSION: ${{ needs.setup.outputs.version }}
+ with:
+ commit: ${{ github.sha }}
+ tag: java-v${{ env.PKG_VERSION }}
+ name: Java SDK v${{ env.PKG_VERSION }}
+ body: ""
+ token: ${{ secrets.GITHUB_TOKEN }}
+ draft: true
diff --git a/.github/workflows/release-napi.yml b/.github/workflows/release-napi.yml
index fb99cc1cf..e8be69f99 100644
--- a/.github/workflows/release-napi.yml
+++ b/.github/workflows/release-napi.yml
@@ -30,17 +30,17 @@ jobs:
name: Setup
runs-on: ubuntu-22.04
outputs:
- release-version: ${{ steps.version.outputs.version }}
+ version: ${{ steps.version.outputs.version }}
steps:
- name: Checkout repo
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
- if: ${{ github.event.inputs.release_type != 'Dry Run' }}
+ if: ${{ inputs.release_type != 'Dry Run' }}
run: |
- if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
echo "==================================="
- echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
+ echo "[!] Can only release from the 'main' branch"
echo "==================================="
exit 1
fi
@@ -49,125 +49,47 @@ jobs:
id: version
uses: bitwarden/gh-actions/release-version-check@main
with:
- release-type: ${{ github.event.inputs.release_type }}
+ release-type: ${{ inputs.release_type }}
project-type: ts
file: crates/bitwarden-napi/package.json
monorepo: false
- - name: Create GitHub deployment
- if: ${{ github.event.inputs.release_type != 'Dry Run' }}
- uses: chrnorm/deployment-action@55729fcebec3d284f60f5bcabbd8376437d696b1 # v2.0.7
- id: deployment
- with:
- token: "${{ secrets.GITHUB_TOKEN }}"
- initial-status: "in_progress"
- environment: "Bitwarden SDK NAPI - Production"
- description: "Deployment ${{ steps.version.outputs.version }} from branch ${{ github.ref_name }}"
- task: release
-
- - name: Update deployment status to Success
- if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }}
- uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
- with:
- token: "${{ secrets.GITHUB_TOKEN }}"
- state: "success"
- deployment-id: ${{ steps.deployment.outputs.deployment_id }}
-
- - name: Update deployment status to Failure
- if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }}
- uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
- with:
- token: "${{ secrets.GITHUB_TOKEN }}"
- state: "failure"
- deployment-id: ${{ steps.deployment.outputs.deployment_id }}
-
- npm:
- name: Publish NPM
+ release:
+ name: Create GitHub release
runs-on: ubuntu-22.04
needs: setup
- if: inputs.npm_publish
- env:
- _PKG_VERSION: ${{ needs.setup.outputs.release-version }}
steps:
- - name: Checkout repo
+ - name: Checkout Repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- - name: Setup Node
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
- with:
- node-version: 18
- cache: "npm"
- cache-dependency-path: crates/bitwarden-napi/package-lock.json
-
- - name: Download schemas
- if: ${{ github.event.inputs.release_type != 'Dry Run' }}
- uses: bitwarden/gh-actions/download-artifacts@main
- with:
- workflow: build-napi.yml
- artifacts: schemas.ts
- path: ${{ github.workspace }}/crates/bitwarden-napi/src-ts/bitwarden_client/
- workflow_conclusion: success
- branch: ${{ github.ref_name }}
-
- - name: Dry Run - Download schemas
- if: ${{ github.event.inputs.release_type == 'Dry Run' }}
- uses: bitwarden/gh-actions/download-artifacts@main
- with:
- workflow: build-napi.yml
- artifacts: schemas.ts
- path: ${{ github.workspace }}/crates/bitwarden-napi/src-ts/bitwarden_client/
- workflow_conclusion: success
- branch: main
-
- - name: Install dependencies
- run: npm ci
-
- - name: Run tsc
- run: npm run tsc
-
- - name: Login to Azure
- uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
- with:
- creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-
- - name: Retrieve secrets
- id: retrieve-secrets
- uses: bitwarden/gh-actions/get-keyvault-secrets@main
- with:
- keyvault: "bitwarden-ci"
- secrets: "npm-api-key"
-
- name: Download artifacts
- if: ${{ github.event.inputs.release_type != 'Dry Run' }}
- uses: bitwarden/gh-actions/download-artifacts@main
- with:
- workflow: build-napi.yml
- path: ${{ github.workspace }}/crates/bitwarden-napi/artifacts
- workflow_conclusion: success
- branch: ${{ github.ref_name }}
-
- - name: Dry Run - Download artifacts
- if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@main
with:
workflow: build-napi.yml
- path: ${{ github.workspace }}/crates/bitwarden-napi/artifacts
workflow_conclusion: success
branch: main
-
- - name: Move artifacts
- run: npm run artifacts
-
- - name: Setup NPM
- run: |
- echo 'registry="https://registry.npmjs.org/"' > ./.npmrc
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ./.npmrc
-
- echo 'registry="https://registry.npmjs.org/"' > ~/.npmrc
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc
+ artifacts: |
+ sdk-bitwarden-napi-aarch64-apple-darwin
+ sdk-bitwarden-napi-x86_64-apple-darwin
+ sdk-bitwarden-napi-x86_64-pc-windows-msvc
+ sdk-bitwarden-napi-x86_64-unknown-linux-gnu
+ schemas.ts
+
+ - name: Create release
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
env:
- NPM_TOKEN: ${{ steps.retrieve-secrets.outputs.npm-api-key }}
-
- - name: Publish NPM
- if: ${{ github.event.inputs.release_type != 'Dry Run' }}
- run: npm publish --access public --registry=https://registry.npmjs.org/ --userconfig=./.npmrc
+ _VERSION: ${{ needs.setup.outputs.version }}
+ with:
+ commit: ${{ github.sha }}
+ tag: napi-v${{ env._VERSION }}
+ name: napi v${{ env._VERSION }}
+ body: ""
+ token: ${{ secrets.GITHUB_TOKEN }}
+ draft: true
+ artifacts: |
+ sdk-napi.darwin-arm64.node
+ sdk-napi.darwin-x64.node
+ sdk-napi.win32-x64-msvc.node
+ sdk-napi.linux-x64-gnu.node
+ schemas.ts
diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml
new file mode 100644
index 000000000..10b451fc5
--- /dev/null
+++ b/.github/workflows/release-python.yml
@@ -0,0 +1,74 @@
+---
+name: Release Python SDK
+run-name: Release Python SDK ${{ inputs.release_type }}
+
+on:
+ workflow_dispatch:
+ inputs:
+ release_type:
+ description: "Release Options"
+ required: true
+ default: "Release"
+ type: choice
+ options:
+ - Release
+ - Dry Run
+
+jobs:
+ setup:
+ name: Setup
+ runs-on: ubuntu-22.04
+ outputs:
+ version: ${{ steps.version.outputs.version }}
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Branch check
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ run: |
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
+ echo "==================================="
+ echo "[!] Can only release from the 'main' branch"
+ echo "==================================="
+ exit 1
+ fi
+
+ - name: Get version
+ id: version
+ run: |
+ VERSION=$(cat languages/python/pyproject.toml | grep -Eo 'version = "[0-9]+\.[0-9]+\.[0-9]+"' | grep -Eo '[0-9]+\.[0-9]+\.[0-9]+')
+ echo "version=$VERSION" >> $GITHUB_ENV
+
+ release:
+ name: Release
+ runs-on: ubuntu-22.04
+ needs: setup
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Download artifacts
+ uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
+ with:
+ workflow: build-python-wheels.yml
+ path: ${{ github.workspace }}/target/wheels/dist
+ workflow_conclusion: success
+ branch: main
+ name: bitwarden_sdk(.*)
+ name_is_regexp: true
+
+ - name: Create GitHub release
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
+ env:
+ PKG_VERSION: ${{ needs.setup.outputs.version }}
+ with:
+ commit: ${{ github.sha }}
+ tag: python-v${{ env.PKG_VERSION }}
+ name: Python v${{ env.PKG_VERSION }}
+ body: ""
+ token: ${{ secrets.GITHUB_TOKEN }}
+ draft: true
+ artifacts: |
+ ${{ github.workspace }}/target/wheels/dist/bitwarden_sdk-*.whl
diff --git a/.github/workflows/release-ruby.yml b/.github/workflows/release-ruby.yml
new file mode 100644
index 000000000..9c3e82b77
--- /dev/null
+++ b/.github/workflows/release-ruby.yml
@@ -0,0 +1,71 @@
+name: Release Ruby SDK
+run-name: Release Ruby SDK ${{ inputs.release_type }}
+
+on:
+ workflow_dispatch:
+ inputs:
+ release_type:
+ description: "Release Options"
+ required: true
+ default: "Release"
+ type: choice
+ options:
+ - Release
+ - Dry Run
+
+jobs:
+ setup:
+ name: Setup
+ runs-on: ubuntu-22.04
+ outputs:
+ version: ${{ steps.version.outputs.version }}
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Branch check
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ run: |
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
+ echo "==================================="
+ echo "[!] Can only release from the 'main' branch"
+ echo "==================================="
+ exit 1
+ fi
+
+ - name: Get version
+ id: version
+ run: |
+ VERSION=$(cat languages/ruby/lib/version.rb | grep -Eo 'VERSION = "[0-9]+\.[0-9]+\.[0-9]+"' | grep -Eo '[0-9]+\.[0-9]+\.[0-9]+')
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ release:
+ name: Create GitHub release
+ runs-on: ubuntu-22.04
+ needs: setup
+ steps:
+ - name: Checkout Repository
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Download ruby artifact
+ uses: bitwarden/gh-actions/download-artifacts@main
+ with:
+ workflow: build-ruby.yml
+ workflow_conclusion: success
+ branch: main
+ artifacts: bitwarden-sdk-secrets
+
+ - name: Create release
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
+ env:
+ PKG_VERSION: ${{ needs.setup.outputs.version }}
+ with:
+ commit: ${{ github.sha }}
+ tag: ruby-v${{ env.PKG_VERSION }}
+ name: Ruby v${{ env.PKG_VERSION }}
+ body: ""
+ token: ${{ secrets.GITHUB_TOKEN }}
+ draft: true
+ artifacts: |
+ bitwarden-sdk-secrets-${{ env.PKG_VERSION }}.gem
diff --git a/.github/workflows/release-rust-crates.yml b/.github/workflows/release-rust-crates.yml
new file mode 100644
index 000000000..54845e148
--- /dev/null
+++ b/.github/workflows/release-rust-crates.yml
@@ -0,0 +1,53 @@
+name: Release Rust crates
+run-name: Release Rust crates ${{ inputs.release_type }}
+
+on:
+ workflow_dispatch:
+ inputs:
+ release_type:
+ description: "Release Options"
+ required: true
+ default: "Release"
+ type: choice
+ options:
+ - Release
+ - Dry Run
+
+jobs:
+ setup:
+ name: Setup
+ runs-on: ubuntu-22.04
+ outputs:
+ release-version: ${{ steps.version.outputs.version }}
+ steps:
+ - name: Checkout repo
+ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+ - name: Branch check
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ run: |
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
+ echo "==================================="
+ echo "[!] Can only release from the 'main' branch"
+ echo "==================================="
+ exit 1
+ fi
+
+ - name: Get version
+ id: version
+ run: |
+ VERSION=$(grep -o '^version = ".*"' Cargo.toml | grep -Eo "[0-9]+\.[0-9]+\.[0-9]+")
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+ - name: Create release
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
+ env:
+ PKG_VERSION: ${{ steps.version.outputs.version }}
+ with:
+ commit: ${{ github.sha }}
+ tag: rust-v${{ env.PKG_VERSION }}
+ name: Rust crates v${{ env.PKG_VERSION }}
+ body: ""
+ token: ${{ secrets.GITHUB_TOKEN }}
+ draft: true
diff --git a/.github/workflows/release-wasm.yml b/.github/workflows/release-wasm.yml
index b6476e833..97b2c34dd 100644
--- a/.github/workflows/release-wasm.yml
+++ b/.github/workflows/release-wasm.yml
@@ -13,15 +13,9 @@ on:
options:
- Release
- Dry Run
- npm_publish:
- description: "Publish to NPM registry"
- required: true
- default: true
- type: boolean
defaults:
run:
- shell: bash
working-directory: languages/js/wasm
jobs:
@@ -35,11 +29,11 @@ jobs:
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Branch check
- if: ${{ github.event.inputs.release_type != 'Dry Run' }}
+ if: ${{ inputs.release_type != 'Dry Run' }}
run: |
- if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then
+ if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
echo "==================================="
- echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
+ echo "[!] Can only release from the 'main' branch"
echo "==================================="
exit 1
fi
@@ -48,85 +42,37 @@ jobs:
id: version
uses: bitwarden/gh-actions/release-version-check@main
with:
- release-type: ${{ github.event.inputs.release_type }}
+ release-type: ${{ inputs.release_type }}
project-type: ts
file: languages/js/wasm/package.json
monorepo: false
- - name: Create GitHub deployment
- if: ${{ github.event.inputs.release_type != 'Dry Run' }}
- uses: chrnorm/deployment-action@55729fcebec3d284f60f5bcabbd8376437d696b1 # v2.0.7
- id: deployment
- with:
- token: "${{ secrets.GITHUB_TOKEN }}"
- initial-status: "in_progress"
- environment: "Bitwarden SDK WASM - Production"
- description: "Deployment ${{ steps.version.outputs.version }} from branch ${{ github.ref_name }}"
- task: release
-
- - name: Update deployment status to Success
- if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }}
- uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
- with:
- token: "${{ secrets.GITHUB_TOKEN }}"
- state: "success"
- deployment-id: ${{ steps.deployment.outputs.deployment_id }}
-
- - name: Update deployment status to Failure
- if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }}
- uses: chrnorm/deployment-status@9a72af4586197112e0491ea843682b5dc280d806 # v2.0.3
- with:
- token: "${{ secrets.GITHUB_TOKEN }}"
- state: "failure"
- deployment-id: ${{ steps.deployment.outputs.deployment_id }}
-
- npm:
- name: Publish NPM
+ release:
+ name: Release
runs-on: ubuntu-22.04
needs: setup
- if: inputs.npm_publish
- env:
- _PKG_VERSION: ${{ needs.setup.outputs.release-version }}
steps:
- name: Checkout repo
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- - name: Setup Node
- uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
- with:
- node-version: 18
- cache: "npm"
-
- - name: Login to Azure
- uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
- with:
- creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
-
- - name: Retrieve secrets
- id: retrieve-secrets
- uses: bitwarden/gh-actions/get-keyvault-secrets@main
- with:
- keyvault: "bitwarden-ci"
- secrets: "npm-api-key"
-
- name: Download artifacts
- uses: bitwarden/gh-actions/download-artifacts@main
+ uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
with:
workflow: build-wasm.yml
- path: ${{ github.workspace }}/languages/js/wasm
+ skip_unpack: true
workflow_conclusion: success
- branch: ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }}
+ branch: main
- - name: Setup NPM
- run: |
- echo 'registry="https://registry.npmjs.org/"' > ./.npmrc
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ./.npmrc
-
- echo 'registry="https://registry.npmjs.org/"' > ~/.npmrc
- echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc
+ - name: Create GitHub release
+ if: ${{ inputs.release_type != 'Dry Run' }}
+ uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
env:
- NPM_TOKEN: ${{ steps.retrieve-secrets.outputs.npm-api-key }}
-
- - name: Publish NPM
- if: ${{ github.event.inputs.release_type != 'Dry Run' }}
- run: npm publish --access public --registry=https://registry.npmjs.org/ --userconfig=./.npmrc
+ PKG_VERSION: ${{ needs.setup.outputs.release-version }}
+ with:
+ commit: ${{ github.sha }}
+ tag: wasm-v${{ env.PKG_VERSION }}
+ name: WASM v${{ env.PKG_VERSION }}
+ body: ""
+ token: ${{ secrets.GITHUB_TOKEN }}
+ draft: true
+ artifacts: sdk-bitwarden-wasm.zip
From c33f82aec8e26e861830a4f65a7352dfc69f349c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Garc=C3=ADa?=
Date: Mon, 30 Sep 2024 17:27:01 +0200
Subject: [PATCH 5/9] Validate minimum KDF settings (#1100)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
## đī¸ Tracking
## đ Objective
Previously we weren't validating the KDF settings that we got from the
server prelogin message.
## â° Reminders before review
- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
team
## đĻŽ Reviewer guidelines
- đ (`:+1:`) or similar for great changes
- đ (`:memo:`) or âšī¸ (`:information_source:`) for notes or general info
- â (`:question:`) for questions
- đ¤ (`:thinking:`) or đ (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
issue and could potentially benefit from discussion
- đ¨ (`:art:`) for suggestions / improvements
- â (`:x:`) or â ī¸ (`:warning:`) for more significant problems or
concerns needing attention
- đą (`:seedling:`) or âģī¸ (`:recycle:`) for future improvements or
indications of technical debt
- â (`:pick:`) for minor or nitpick changes
---
crates/bitwarden-crypto/src/error.rs | 3 +
crates/bitwarden-crypto/src/keys/utils.rs | 79 +++++++++++++++++++----
2 files changed, 70 insertions(+), 12 deletions(-)
diff --git a/crates/bitwarden-crypto/src/error.rs b/crates/bitwarden-crypto/src/error.rs
index cd2ef9ac0..2f9a58b8b 100644
--- a/crates/bitwarden-crypto/src/error.rs
+++ b/crates/bitwarden-crypto/src/error.rs
@@ -24,6 +24,9 @@ pub enum CryptoError {
#[error("The item was missing a required field: {0}")]
MissingField(&'static str),
+ #[error("Insufficient KDF parameters")]
+ InsufficientKdfParameters,
+
#[error("EncString error, {0}")]
EncString(#[from] EncStringParseError),
diff --git a/crates/bitwarden-crypto/src/keys/utils.rs b/crates/bitwarden-crypto/src/keys/utils.rs
index 8564a7c9f..4b2c4c8cd 100644
--- a/crates/bitwarden-crypto/src/keys/utils.rs
+++ b/crates/bitwarden-crypto/src/keys/utils.rs
@@ -3,30 +3,45 @@ use std::pin::Pin;
use generic_array::{typenum::U32, GenericArray};
use sha2::Digest;
-use crate::{util::hkdf_expand, Kdf, Result, SymmetricCryptoKey};
+use crate::{util::hkdf_expand, CryptoError, Kdf, Result, SymmetricCryptoKey};
+
+const PBKDF2_MIN_ITERATIONS: u32 = 5000;
+
+const ARGON2ID_MIN_MEMORY: u32 = 16 * 1024;
+const ARGON2ID_MIN_ITERATIONS: u32 = 2;
+const ARGON2ID_MIN_PARALLELISM: u32 = 1;
/// Derive a generic key from a secret and salt using the provided KDF.
pub(super) fn derive_kdf_key(secret: &[u8], salt: &[u8], kdf: &Kdf) -> Result {
let mut hash = match kdf {
- Kdf::PBKDF2 { iterations } => crate::util::pbkdf2(secret, salt, iterations.get()),
+ Kdf::PBKDF2 { iterations } => {
+ let iterations = iterations.get();
+ if iterations < PBKDF2_MIN_ITERATIONS {
+ return Err(CryptoError::InsufficientKdfParameters);
+ }
+ crate::util::pbkdf2(secret, salt, iterations)
+ }
Kdf::Argon2id {
iterations,
memory,
parallelism,
} => {
+ let memory = memory.get() * 1024; // Convert MiB to KiB;
+ let iterations = iterations.get();
+ let parallelism = parallelism.get();
+
+ if memory < ARGON2ID_MIN_MEMORY
+ || iterations < ARGON2ID_MIN_ITERATIONS
+ || parallelism < ARGON2ID_MIN_PARALLELISM
+ {
+ return Err(CryptoError::InsufficientKdfParameters);
+ }
+
use argon2::*;
- let argon = Argon2::new(
- Algorithm::Argon2id,
- Version::V0x13,
- Params::new(
- memory.get() * 1024, // Convert MiB to KiB
- iterations.get(),
- parallelism.get(),
- Some(32),
- )?,
- );
+ let params = Params::new(memory, iterations, parallelism, Some(32))?;
+ let argon = Argon2::new(Algorithm::Argon2id, Version::V0x13, params);
let salt_sha = sha2::Sha256::new().chain_update(salt).finalize();
@@ -57,6 +72,8 @@ pub(super) fn stretch_kdf_key(k: &SymmetricCryptoKey) -> Result NonZero {
+ NonZero::new(n).unwrap()
+ }
+
+ let secret = [0u8; 32];
+ let salt = [0u8; 32];
+
+ for kdf in [
+ Kdf::PBKDF2 {
+ iterations: nz(4999),
+ },
+ Kdf::Argon2id {
+ iterations: nz(1),
+ memory: nz(16),
+ parallelism: nz(1),
+ },
+ Kdf::Argon2id {
+ iterations: nz(2),
+ memory: nz(15),
+ parallelism: nz(1),
+ },
+ Kdf::Argon2id {
+ iterations: nz(1),
+ memory: nz(15),
+ parallelism: nz(1),
+ },
+ ] {
+ assert_eq!(
+ derive_kdf_key(&secret, &salt, &kdf)
+ .unwrap_err()
+ .to_string(),
+ "Insufficient KDF parameters"
+ );
+ }
+ }
}
From fa7a02c6131ecf674b8d6cb6fbd3adc79d6291aa Mon Sep 17 00:00:00 2001
From: Vince Grassia <593223+vgrassia@users.noreply.github.com>
Date: Mon, 30 Sep 2024 12:19:15 -0400
Subject: [PATCH 6/9] Release Python Workflow - Fix logic (#1102)
---
.github/workflows/release-python.yml | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml
index 10b451fc5..5be1a12fc 100644
--- a/.github/workflows/release-python.yml
+++ b/.github/workflows/release-python.yml
@@ -38,7 +38,7 @@ jobs:
id: version
run: |
VERSION=$(cat languages/python/pyproject.toml | grep -Eo 'version = "[0-9]+\.[0-9]+\.[0-9]+"' | grep -Eo '[0-9]+\.[0-9]+\.[0-9]+')
- echo "version=$VERSION" >> $GITHUB_ENV
+ echo "version=$VERSION" >> $GITHUB_OUTPUT
release:
name: Release
@@ -58,6 +58,12 @@ jobs:
name: bitwarden_sdk(.*)
name_is_regexp: true
+ - name: Move all whl files to single directory
+ run: |
+ shopt -s globstar
+ mv **/*.whl .
+ working-directory: ${{ github.workspace }}/target/wheels/dist
+
- name: Create GitHub release
if: ${{ inputs.release_type != 'Dry Run' }}
uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
From 6c22e061c7d9e03906bbc24c3fdb1dccf53a2cef Mon Sep 17 00:00:00 2001
From: Oscar Hinton
Date: Tue, 1 Oct 2024 10:25:19 +0200
Subject: [PATCH 7/9] Move common dependencies to the root cargo.toml (#1090)
To ensure we use consistent version ranges we should concentrate common
dependencies to the root cargo.toml. This should make it easier to
maintain the SM dependency ranges.
---
Cargo.toml | 25 +++++++++++++++++
crates/bitwarden-api-api/Cargo.toml | 16 +++++++----
crates/bitwarden-api-identity/Cargo.toml | 16 +++++++----
crates/bitwarden-core/Cargo.toml | 35 +++++++++---------------
crates/bitwarden-crypto/Cargo.toml | 12 ++++----
crates/bitwarden-exporters/Cargo.toml | 18 +++++-------
crates/bitwarden-fido/Cargo.toml | 19 ++++++-------
crates/bitwarden-generators/Cargo.toml | 17 +++++-------
crates/bitwarden-json/Cargo.toml | 6 ++--
crates/bitwarden-napi/Cargo.toml | 2 +-
crates/bitwarden-py/Cargo.toml | 2 +-
crates/bitwarden-send/Cargo.toml | 17 +++++-------
crates/bitwarden-sm/Cargo.toml | 19 ++++++-------
crates/bitwarden-uniffi/Cargo.toml | 17 +++++-------
crates/bitwarden-vault/Cargo.toml | 21 ++++++--------
crates/bitwarden/Cargo.toml | 10 +++++--
crates/bw/Cargo.toml | 2 +-
crates/bws/Cargo.toml | 2 +-
crates/sdk-schemas/Cargo.toml | 2 +-
crates/uniffi-bindgen/Cargo.toml | 2 +-
20 files changed, 133 insertions(+), 127 deletions(-)
diff --git a/Cargo.toml b/Cargo.toml
index 8c978819b..190341a7e 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -30,6 +30,31 @@ bitwarden-send = { path = "crates/bitwarden-send", version = "=1.0.0" }
bitwarden-sm = { path = "crates/bitwarden-sm", version = "=1.0.0" }
bitwarden-vault = { path = "crates/bitwarden-vault", version = "=1.0.0" }
+# External crates that are expected to maintain a consistent version across all crates
+chrono = { version = ">=0.4.26, <0.5", features = [
+ "clock",
+ "serde",
+ "std",
+], default-features = false }
+log = "0.4.20"
+reqwest = { version = ">=0.12.5, <0.13", features = [
+ "json",
+ "multipart",
+ "http2",
+], default-features = false }
+schemars = { version = ">=0.8.9, <0.9", features = ["uuid1", "chrono"] }
+serde = { version = ">=1.0, <2.0", features = ["derive"] }
+serde_json = ">=1.0.96, <2.0"
+serde_qs = ">=0.12.0, <0.14"
+serde_repr = ">=0.1.12, <0.2"
+thiserror = ">=1.0.40, <2.0"
+tokio = { version = "1.36.0", features = ["macros"] }
+uniffi = "=0.28.1"
+uuid = { version = ">=1.3.3, <2.0", features = ["serde", "v4"] }
+validator = { version = "0.18.1", features = ["derive"] }
+wasm-bindgen = { version = "0.2.91", features = ["serde-serialize"] }
+wasm-bindgen-futures = "0.4.41"
+
[workspace.lints.clippy]
unused_async = "deny"
unwrap_used = "deny"
diff --git a/crates/bitwarden-api-api/Cargo.toml b/crates/bitwarden-api-api/Cargo.toml
index bd4ec05c0..43ec79ff0 100644
--- a/crates/bitwarden-api-api/Cargo.toml
+++ b/crates/bitwarden-api-api/Cargo.toml
@@ -13,10 +13,14 @@ license-file.workspace = true
keywords.workspace = true
[dependencies]
-serde = { version = ">=1.0.163, <2", features = ["derive"] }
-serde_with = { version = ">=3.8, <4", default-features = false, features = ["base64", "std", "macros"] }
-serde_json = ">=1.0.96, <2"
-serde_repr = ">=0.1.12, <0.2"
+serde = { workspace = true }
+serde_with = { version = ">=3.8, <4", default-features = false, features = [
+ "base64",
+ "std",
+ "macros",
+] }
+serde_json = { workspace = true }
+serde_repr = { workspace = true }
url = ">=2.5, <3"
-uuid = { version = ">=1.3.3, <2", features = ["serde", "v4"] }
-reqwest = { version = ">=0.12.5, <0.13", features = ["json", "multipart", "http2"], default-features = false }
+uuid = { workspace = true }
+reqwest = { workspace = true }
diff --git a/crates/bitwarden-api-identity/Cargo.toml b/crates/bitwarden-api-identity/Cargo.toml
index d101e9a9e..9d4d81a0d 100644
--- a/crates/bitwarden-api-identity/Cargo.toml
+++ b/crates/bitwarden-api-identity/Cargo.toml
@@ -13,10 +13,14 @@ license-file.workspace = true
keywords.workspace = true
[dependencies]
-serde = { version = ">=1.0.163, <2", features = ["derive"] }
-serde_with = { version = ">=3.8, <4", default-features = false, features = ["base64", "std", "macros"] }
-serde_json = ">=1.0.96, <2"
-serde_repr = ">=0.1.12, <0.2"
+serde = { workspace = true }
+serde_with = { version = ">=3.8, <4", default-features = false, features = [
+ "base64",
+ "std",
+ "macros",
+] }
+serde_json = { workspace = true }
+serde_repr = { workspace = true }
url = ">=2.5, <3"
-uuid = { version = ">=1.3.3, <2", features = ["serde", "v4"] }
-reqwest = { version = ">=0.12.5, <0.13", features = ["json", "multipart", "http2"], default-features = false }
+uuid = { workspace = true }
+reqwest = { workspace = true }
diff --git a/crates/bitwarden-core/Cargo.toml b/crates/bitwarden-core/Cargo.toml
index 7059e26c3..f4b6ec423 100644
--- a/crates/bitwarden-core/Cargo.toml
+++ b/crates/bitwarden-core/Cargo.toml
@@ -26,46 +26,37 @@ base64 = ">=0.22.1, <0.23"
bitwarden-api-api = { workspace = true }
bitwarden-api-identity = { workspace = true }
bitwarden-crypto = { workspace = true }
-chrono = { version = ">=0.4.26, <0.5", features = [
- "clock",
- "serde",
- "std",
-], default-features = false }
+chrono = { workspace = true, features = ["std"] }
# We don't use this directly (it's used by rand), but we need it here to enable WASM support
getrandom = { version = ">=0.2.9, <0.3", features = ["js"] }
hmac = ">=0.12.1, <0.13"
log = ">=0.4.18, <0.5"
rand = ">=0.8.5, <0.9"
-reqwest = { version = ">=0.12.5, <0.13", features = [
- "http2",
- "json",
-], default-features = false }
-schemars = { version = ">=0.8.9, <0.9", features = ["uuid1", "chrono"] }
-serde = { version = ">=1.0, <2.0", features = ["derive"] }
-serde_json = ">=1.0.96, <2.0"
-serde_qs = ">=0.12.0, <0.14"
-serde_repr = ">=0.1.12, <0.2"
+reqwest = { workspace = true }
+schemars = { workspace = true }
+serde = { workspace = true }
+serde_json = { workspace = true }
+serde_qs = { workspace = true }
+serde_repr = { workspace = true }
sha1 = ">=0.10.5, <0.11"
sha2 = ">=0.10.6, <0.11"
-thiserror = ">=1.0.40, <2.0"
-uniffi = { version = "=0.28.1", optional = true, features = ["tokio"] }
-uuid = { version = ">=1.3.3, <2.0", features = ["serde"] }
-validator = { version = "0.18.1", features = ["derive"] }
+thiserror = { workspace = true }
+uniffi = { workspace = true, optional = true, features = ["tokio"] }
+uuid = { workspace = true }
+validator = { workspace = true }
zeroize = { version = ">=1.7.0, <2.0", features = ["derive", "aarch64"] }
zxcvbn = { version = ">=3.0.1, <4.0", optional = true }
[target.'cfg(not(target_arch="wasm32"))'.dependencies]
# By default, we use rustls as the TLS stack and rust-platform-verifier to support user-installed root certificates
# The only exception is WASM, as it just uses the browsers/node fetch
-reqwest = { version = ">=0.12.5, <0.13", features = [
- "rustls-tls-manual-roots",
-], default-features = false }
+reqwest = { workspace = true, features = ["rustls-tls-manual-roots"] }
rustls-platform-verifier = "0.3.4"
[dev-dependencies]
bitwarden-crypto = { workspace = true }
rand_chacha = "0.3.1"
-tokio = { version = "1.36.0", features = ["rt", "macros"] }
+tokio = { workspace = true, features = ["rt"] }
wiremock = "0.6.0"
zeroize = { version = ">=1.7.0, <2.0", features = ["derive", "aarch64"] }
diff --git a/crates/bitwarden-crypto/Cargo.toml b/crates/bitwarden-crypto/Cargo.toml
index b071b4ee9..3254640fe 100644
--- a/crates/bitwarden-crypto/Cargo.toml
+++ b/crates/bitwarden-crypto/Cargo.toml
@@ -36,20 +36,20 @@ pbkdf2 = { version = ">=0.12.1, <0.13", default-features = false }
rand = ">=0.8.5, <0.9"
rayon = ">=1.8.1, <2.0"
rsa = ">=0.9.2, <0.10"
-schemars = { version = ">=0.8, <0.9", features = ["uuid1"] }
-serde = { version = ">=1.0, <2.0", features = ["derive"] }
+schemars = { workspace = true }
+serde = { workspace = true }
sha1 = ">=0.10.5, <0.11"
sha2 = ">=0.10.6, <0.11"
subtle = ">=2.5.0, <3.0"
-thiserror = ">=1.0.40, <2.0"
-uniffi = { version = "=0.28.1", optional = true }
-uuid = { version = ">=1.3.3, <2.0", features = ["serde"] }
+thiserror = { workspace = true }
+uniffi = { workspace = true, optional = true }
+uuid = { workspace = true }
zeroize = { version = ">=1.7.0, <2.0", features = ["derive", "aarch64"] }
[dev-dependencies]
criterion = "0.5.1"
rand_chacha = "0.3.1"
-serde_json = ">=1.0.96, <2.0"
+serde_json = { workspace = true }
[[bench]]
name = "default_allocator"
diff --git a/crates/bitwarden-exporters/Cargo.toml b/crates/bitwarden-exporters/Cargo.toml
index 858e9f522..38cf49953 100644
--- a/crates/bitwarden-exporters/Cargo.toml
+++ b/crates/bitwarden-exporters/Cargo.toml
@@ -22,18 +22,14 @@ base64 = ">=0.22.1, <0.23"
bitwarden-core = { workspace = true }
bitwarden-crypto = { workspace = true }
bitwarden-vault = { workspace = true }
-chrono = { version = ">=0.4.26, <0.5", features = [
- "clock",
- "serde",
- "std",
-], default-features = false }
+chrono = { workspace = true, features = ["std"] }
csv = "1.3.0"
-schemars = { version = ">=0.8.9, <0.9", features = ["uuid1", "chrono"] }
-serde = { version = ">=1.0, <2.0", features = ["derive"] }
-serde_json = ">=1.0.96, <2.0"
-thiserror = ">=1.0.40, <2.0"
-uniffi = { version = "=0.28.1", optional = true }
-uuid = { version = ">=1.3.3, <2.0", features = ["serde", "v4"] }
+schemars = { workspace = true }
+serde = { workspace = true }
+serde_json = { workspace = true }
+thiserror = { workspace = true }
+uniffi = { workspace = true, optional = true }
+uuid = { workspace = true }
[lints]
workspace = true
diff --git a/crates/bitwarden-fido/Cargo.toml b/crates/bitwarden-fido/Cargo.toml
index 6b04bd796..20f5cdaf6 100644
--- a/crates/bitwarden-fido/Cargo.toml
+++ b/crates/bitwarden-fido/Cargo.toml
@@ -22,10 +22,7 @@ base64 = ">=0.22.1, <0.23"
bitwarden-core = { workspace = true }
bitwarden-crypto = { workspace = true }
bitwarden-vault = { workspace = true }
-chrono = { version = ">=0.4.26, <0.5", features = [
- "clock",
- "serde",
-], default-features = false }
+chrono = { workspace = true }
coset = { version = "0.3.7" }
itertools = "0.13.0"
log = ">=0.4.18, <0.5"
@@ -34,13 +31,13 @@ passkey = { git = "https://github.com/bitwarden/passkey-rs", rev = "ff757604cd7b
passkey-client = { git = "https://github.com/bitwarden/passkey-rs", rev = "ff757604cd7b4e8f321ed1616fef7e40e21ac5df", features = [
"android-asset-validation",
] }
-reqwest = { version = ">=0.12.5, <0.13", default-features = false }
-schemars = { version = "0.8.21", features = ["uuid1", "chrono"] }
-serde = { version = ">=1.0, <2.0", features = ["derive"] }
-serde_json = ">=1.0.96, <2.0"
-thiserror = ">=1.0.40, <2.0"
-uniffi = { version = "=0.28.1", optional = true }
-uuid = { version = ">=1.3.3, <2.0", features = ["serde"] }
+reqwest = { workspace = true }
+schemars = { workspace = true }
+serde = { workspace = true }
+serde_json = { workspace = true }
+thiserror = { workspace = true }
+uniffi = { workspace = true, optional = true }
+uuid = { workspace = true }
[lints]
workspace = true
diff --git a/crates/bitwarden-generators/Cargo.toml b/crates/bitwarden-generators/Cargo.toml
index 442e00c08..24e5d5ebc 100644
--- a/crates/bitwarden-generators/Cargo.toml
+++ b/crates/bitwarden-generators/Cargo.toml
@@ -20,19 +20,16 @@ uniffi = ["dep:uniffi"] # Uniffi bindings
bitwarden-core = { workspace = true, features = ["internal"] }
bitwarden-crypto = { workspace = true }
rand = ">=0.8.5, <0.9"
-reqwest = { version = ">=0.12.5, <0.13", features = [
- "http2",
- "json",
-], default-features = false }
-schemars = { version = ">=0.8.9, <0.9", features = ["uuid1", "chrono"] }
-serde = { version = ">=1.0, <2.0", features = ["derive"] }
-serde_json = ">=1.0.96, <2.0"
-thiserror = ">=1.0.40, <2.0"
-uniffi = { version = "=0.28.1", optional = true }
+reqwest = { workspace = true }
+schemars = { workspace = true }
+serde = { workspace = true }
+serde_json = { workspace = true }
+thiserror = { workspace = true }
+uniffi = { workspace = true, optional = true }
[dev-dependencies]
rand_chacha = "0.3.1"
-tokio = { version = "1.36.0", features = ["rt", "macros"] }
+tokio = { workspace = true, features = ["rt"] }
wiremock = "0.6.0"
[lints]
diff --git a/crates/bitwarden-json/Cargo.toml b/crates/bitwarden-json/Cargo.toml
index 69ca8e6ab..ed1b39580 100644
--- a/crates/bitwarden-json/Cargo.toml
+++ b/crates/bitwarden-json/Cargo.toml
@@ -22,9 +22,9 @@ secrets = ["bitwarden/secrets"] # Secrets manager API
[dependencies]
bitwarden = { workspace = true }
log = ">=0.4.18, <0.5"
-schemars = ">=0.8.12, <0.9"
-serde = { version = ">=1.0, <2.0", features = ["derive"] }
-serde_json = ">=1.0.96, <2.0"
+schemars = { workspace = true }
+serde = { workspace = true }
+serde_json = { workspace = true }
[lints]
workspace = true
diff --git a/crates/bitwarden-napi/Cargo.toml b/crates/bitwarden-napi/Cargo.toml
index 59ca137aa..7a9deeb8f 100644
--- a/crates/bitwarden-napi/Cargo.toml
+++ b/crates/bitwarden-napi/Cargo.toml
@@ -22,7 +22,7 @@ bitwarden-json = { path = "../bitwarden-json", version = "0.3.0", features = [
"secrets",
] }
env_logger = "0.11.1"
-log = "0.4.20"
+log = { workspace = true }
napi = { version = "2", features = ["async"] }
napi-derive = "2"
diff --git a/crates/bitwarden-py/Cargo.toml b/crates/bitwarden-py/Cargo.toml
index c66a35889..b637d5faa 100644
--- a/crates/bitwarden-py/Cargo.toml
+++ b/crates/bitwarden-py/Cargo.toml
@@ -24,7 +24,7 @@ pyo3-log = "0.11.0"
pyo3-build-config = { version = "0.22.1" }
[target.'cfg(not(target_arch="wasm32"))'.dependencies]
-tokio = { version = "1.36.0", features = ["rt-multi-thread", "macros"] }
+tokio = { workspace = true, features = ["rt-multi-thread"] }
[lints]
workspace = true
diff --git a/crates/bitwarden-send/Cargo.toml b/crates/bitwarden-send/Cargo.toml
index 417cac89e..33c0b76c6 100644
--- a/crates/bitwarden-send/Cargo.toml
+++ b/crates/bitwarden-send/Cargo.toml
@@ -25,16 +25,13 @@ base64 = ">=0.22.1, <0.23"
bitwarden-api-api = { workspace = true }
bitwarden-core = { workspace = true }
bitwarden-crypto = { workspace = true }
-chrono = { version = ">=0.4.26, <0.5", features = [
- "clock",
- "serde",
-], default-features = false }
-schemars = { version = ">=0.8.9, <0.9", features = ["uuid1", "chrono"] }
-serde = { version = ">=1.0, <2.0", features = ["derive"] }
-serde_repr = ">=0.1.12, <0.2"
-thiserror = ">=1.0.40, <2.0"
-uniffi = { version = "=0.28.1", optional = true }
-uuid = { version = ">=1.3.3, <2.0", features = ["serde"] }
+chrono = { workspace = true }
+schemars = { workspace = true }
+serde = { workspace = true }
+serde_repr = { workspace = true }
+thiserror = { workspace = true }
+uniffi = { workspace = true, optional = true }
+uuid = { workspace = true }
zeroize = { version = ">=1.7.0, <2.0" }
[lints]
diff --git a/crates/bitwarden-sm/Cargo.toml b/crates/bitwarden-sm/Cargo.toml
index 882780001..77fa9d7c1 100644
--- a/crates/bitwarden-sm/Cargo.toml
+++ b/crates/bitwarden-sm/Cargo.toml
@@ -17,19 +17,16 @@ keywords.workspace = true
bitwarden-api-api = { workspace = true }
bitwarden-core = { workspace = true }
bitwarden-crypto = { workspace = true }
-chrono = { version = ">=0.4.26, <0.5", features = [
- "clock",
- "serde",
-], default-features = false }
-schemars = { version = ">=0.8.9, <0.9", features = ["uuid1", "chrono"] }
-serde = { version = ">=1.0, <2.0", features = ["derive"] }
-serde_json = ">=1.0.96, <2.0"
-thiserror = ">=1.0.40, <2.0"
-uuid = { version = ">=1.3.3, <2.0", features = ["serde"] }
-validator = { version = "0.18.1", features = ["derive"] }
+chrono = { workspace = true }
+schemars = { workspace = true }
+serde = { workspace = true }
+serde_json = { workspace = true }
+thiserror = { workspace = true }
+uuid = { workspace = true }
+validator = { workspace = true }
[dev-dependencies]
-tokio = { version = "1.36.0", features = ["rt", "macros"] }
+tokio = { workspace = true, features = ["rt"] }
[lints]
workspace = true
diff --git a/crates/bitwarden-uniffi/Cargo.toml b/crates/bitwarden-uniffi/Cargo.toml
index 5737d3559..822ed0d38 100644
--- a/crates/bitwarden-uniffi/Cargo.toml
+++ b/crates/bitwarden-uniffi/Cargo.toml
@@ -27,16 +27,13 @@ bitwarden-fido = { workspace = true, features = ["uniffi"] }
bitwarden-generators = { workspace = true, features = ["uniffi"] }
bitwarden-send = { workspace = true, features = ["uniffi"] }
bitwarden-vault = { workspace = true, features = ["uniffi"] }
-chrono = { version = ">=0.4.26, <0.5", features = [
- "serde",
- "std",
-], default-features = false }
-log = "0.4.20"
+chrono = { workspace = true, features = ["std"] }
+log = { workspace = true }
env_logger = "0.11.1"
-schemars = { version = ">=0.8, <0.9", optional = true }
-thiserror = ">=1.0.40, <2.0"
-uniffi = "=0.28.1"
-uuid = ">=1.3.3, <2"
+schemars = { workspace = true, optional = true }
+thiserror = { workspace = true }
+uniffi = { workspace = true }
+uuid = { workspace = true }
[target.'cfg(target_os = "android")'.dependencies]
android_logger = "0.14"
@@ -50,7 +47,7 @@ rustls-platform-verifier = "0.3.4"
oslog = "0.2.0"
[build-dependencies]
-uniffi = { version = "=0.28.1", features = ["build"] }
+uniffi = { workspace = true, features = ["build"] }
[lints]
workspace = true
diff --git a/crates/bitwarden-vault/Cargo.toml b/crates/bitwarden-vault/Cargo.toml
index 04a64078f..4c41e139c 100644
--- a/crates/bitwarden-vault/Cargo.toml
+++ b/crates/bitwarden-vault/Cargo.toml
@@ -25,25 +25,22 @@ base64 = ">=0.22.1, <0.23"
bitwarden-api-api = { workspace = true }
bitwarden-core = { workspace = true, features = ["internal"] }
bitwarden-crypto = { workspace = true }
-chrono = { version = ">=0.4.26, <0.5", features = [
- "clock",
- "serde",
-], default-features = false }
+chrono = { workspace = true }
rand = ">=0.8.5, <0.9"
hmac = ">=0.12.1, <0.13"
-reqwest = { version = ">=0.12.5, <0.13", default-features = false }
-schemars = { version = ">=0.8.9, <0.9", features = ["uuid1", "chrono"] }
-serde = { version = ">=1.0, <2.0", features = ["derive"] }
-serde_json = ">=1.0.96, <2.0"
-serde_repr = ">=0.1.12, <0.2"
+reqwest = { workspace = true }
+schemars = { workspace = true }
+serde = { workspace = true }
+serde_json = { workspace = true }
+serde_repr = { workspace = true }
sha1 = ">=0.10.5, <0.11"
sha2 = ">=0.10.6, <0.11"
-thiserror = ">=1.0.40, <2.0"
+thiserror = { workspace = true }
uniffi = { version = "=0.28.1", optional = true }
-uuid = { version = ">=1.3.3, <2.0", features = ["serde"] }
+uuid = { workspace = true }
[dev-dependencies]
-tokio = { version = "1.36.0", features = ["rt", "macros"] }
+tokio = { workspace = true, features = ["rt"] }
[lints]
workspace = true
diff --git a/crates/bitwarden/Cargo.toml b/crates/bitwarden/Cargo.toml
index f927564cf..9fa5c0cb3 100644
--- a/crates/bitwarden/Cargo.toml
+++ b/crates/bitwarden/Cargo.toml
@@ -35,7 +35,11 @@ uniffi = [
"bitwarden-send/uniffi",
"bitwarden-vault/uniffi",
] # Uniffi bindings
-secrets = ["bitwarden-core/secrets", "dep:bitwarden-sm", "dep:bitwarden-generators"] # Secrets manager API
+secrets = [
+ "bitwarden-core/secrets",
+ "dep:bitwarden-sm",
+ "dep:bitwarden-generators",
+] # Secrets manager API
[dependencies]
bitwarden-api-api = { workspace = true }
@@ -48,10 +52,10 @@ bitwarden-generators = { workspace = true, optional = true }
bitwarden-send = { workspace = true, optional = true }
bitwarden-sm = { workspace = true, optional = true }
bitwarden-vault = { workspace = true, optional = true }
-thiserror = ">=1.0.40, <2.0"
+thiserror = { workspace = true }
[dev-dependencies]
-uuid = { version = ">=1.3.3, <2.0" }
+uuid = { workspace = true }
[lints]
workspace = true
diff --git a/crates/bw/Cargo.toml b/crates/bw/Cargo.toml
index 7361f15b6..cb8e02ba1 100644
--- a/crates/bw/Cargo.toml
+++ b/crates/bw/Cargo.toml
@@ -22,7 +22,7 @@ color-eyre = "0.6.3"
env_logger = "0.11.1"
inquire = "0.7.0"
log = "0.4.20"
-tokio = { version = "1.36.0", features = ["rt-multi-thread", "macros"] }
+tokio = { workspace = true, features = ["rt-multi-thread"] }
[dev-dependencies]
tempfile = "3.10.0"
diff --git a/crates/bws/Cargo.toml b/crates/bws/Cargo.toml
index c6ef58396..08e3941f2 100644
--- a/crates/bws/Cargo.toml
+++ b/crates/bws/Cargo.toml
@@ -41,7 +41,7 @@ serde_json = "1.0.113"
serde_yaml = "0.9"
supports-color = "3.0.0"
thiserror = "1.0.57"
-tokio = { version = "1.36.0", features = ["rt-multi-thread", "macros"] }
+tokio = { workspace = true, features = ["rt-multi-thread"] }
toml = "0.8.10"
uuid = { version = "1.7.0", features = ["serde"] }
which = "6.0.1"
diff --git a/crates/sdk-schemas/Cargo.toml b/crates/sdk-schemas/Cargo.toml
index 9982e47fe..8d48cd691 100644
--- a/crates/sdk-schemas/Cargo.toml
+++ b/crates/sdk-schemas/Cargo.toml
@@ -24,5 +24,5 @@ bitwarden = { workspace = true }
bitwarden-json = { path = "../bitwarden-json" }
bitwarden-uniffi = { path = "../bitwarden-uniffi", optional = true }
itertools = "0.13.0"
-schemars = { version = "0.8.16", features = ["preserve_order"] }
+schemars = { workspace = true, features = ["preserve_order"] }
serde_json = "1.0.113"
diff --git a/crates/uniffi-bindgen/Cargo.toml b/crates/uniffi-bindgen/Cargo.toml
index 042ea8b65..b5401afb9 100644
--- a/crates/uniffi-bindgen/Cargo.toml
+++ b/crates/uniffi-bindgen/Cargo.toml
@@ -17,4 +17,4 @@ name = "uniffi-bindgen"
path = "uniffi-bindgen.rs"
[dependencies]
-uniffi = { version = "=0.28.1", features = ["cli"] }
+uniffi = { workspace = true, features = ["cli"] }
From eb0d68308648233d1e0bcdc702d62d8c14d3d70f Mon Sep 17 00:00:00 2001
From: Vince Grassia <593223+vgrassia@users.noreply.github.com>
Date: Tue, 1 Oct 2024 04:31:49 -0400
Subject: [PATCH 8/9] Release @bitwarden/sdk-napi workflow - Fix logic (#1104)
---
.github/workflows/release-napi.yml | 35 +++++++++++++++---------------
1 file changed, 18 insertions(+), 17 deletions(-)
diff --git a/.github/workflows/release-napi.yml b/.github/workflows/release-napi.yml
index e8be69f99..761515c73 100644
--- a/.github/workflows/release-napi.yml
+++ b/.github/workflows/release-napi.yml
@@ -14,11 +14,6 @@ on:
- Initial Release
- Redeploy
- Dry Run
- npm_publish:
- description: "Publish to NPM registry"
- required: true
- default: true
- type: boolean
defaults:
run:
@@ -63,17 +58,23 @@ jobs:
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Download artifacts
- uses: bitwarden/gh-actions/download-artifacts@main
+ uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
with:
workflow: build-napi.yml
workflow_conclusion: success
branch: main
- artifacts: |
- sdk-bitwarden-napi-aarch64-apple-darwin
- sdk-bitwarden-napi-x86_64-apple-darwin
- sdk-bitwarden-napi-x86_64-pc-windows-msvc
- sdk-bitwarden-napi-x86_64-unknown-linux-gnu
- schemas.ts
+ name: sdk-bitwarden-napi-(.*)|schemas.ts
+ name_is_regexp: true
+ path: dist
+
+ - name: Move artifact files to single directory
+ run: |
+ ls -alhR
+ shopt -s globstar
+ mv **/*.node .
+ mv schemas.ts/ schemas/
+ mv schemas/schemas.ts .
+ working-directory: dist
- name: Create release
if: ${{ inputs.release_type != 'Dry Run' }}
@@ -88,8 +89,8 @@ jobs:
token: ${{ secrets.GITHUB_TOKEN }}
draft: true
artifacts: |
- sdk-napi.darwin-arm64.node
- sdk-napi.darwin-x64.node
- sdk-napi.win32-x64-msvc.node
- sdk-napi.linux-x64-gnu.node
- schemas.ts
+ dist/sdk-napi.darwin-arm64.node
+ dist/sdk-napi.darwin-x64.node
+ dist/sdk-napi.win32-x64-msvc.node
+ dist/sdk-napi.linux-x64-gnu.node
+ dist/schemas.ts
From 66949afb5bb1f02012988b3839c1186a3c4eeca3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Garc=C3=ADa?=
Date: Tue, 1 Oct 2024 12:47:14 +0200
Subject: [PATCH 9/9] Fix panic handling during memory testing (#1106)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
## đ Objective
Previously the memory testing program wouldn't detect when the binary
being executed panicked unexpectedly, which caused the program to run
indefinitely while waiting for the binary to notify it to continue.
This started appearing when adding the validation for KDF minimums, as
one of the tests we run is under the minimum, which causes CI to run
until timeout: https://github.com/bitwarden/sdk/actions/runs/11109271931
## â° Reminders before review
- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
team
## đĻŽ Reviewer guidelines
- đ (`:+1:`) or similar for great changes
- đ (`:memo:`) or âšī¸ (`:information_source:`) for notes or general info
- â (`:question:`) for questions
- đ¤ (`:thinking:`) or đ (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
issue and could potentially benefit from discussion
- đ¨ (`:art:`) for suggestions / improvements
- â (`:x:`) or â ī¸ (`:warning:`) for more significant problems or
concerns needing attention
- đą (`:seedling:`) or âģī¸ (`:recycle:`) for future improvements or
indications of technical debt
- â (`:pick:`) for minor or nitpick changes
---
crates/memory-testing/cases.json | 8 ++++----
crates/memory-testing/src/bin/capture-dumps.rs | 5 +++++
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/crates/memory-testing/cases.json b/crates/memory-testing/cases.json
index 4205e3dce..5223d3671 100644
--- a/crates/memory-testing/cases.json
+++ b/crates/memory-testing/cases.json
@@ -72,7 +72,7 @@
"kdf": {
"argon2id": {
"iterations": 3,
- "memory": 4,
+ "memory": 16,
"parallelism": 1
}
}
@@ -80,15 +80,15 @@
"memory_lookups": [
{
"name": "Key",
- "hex": "3bc0520a0abff0097d521ce0ee5e5b1cee301939a84742623c0c1697d7a4bd46"
+ "hex": "59079cd7134409c6882c2701de8357a3d8aabb2dad2da19eea5f1b8081dfb51c"
},
{
"name": "Hash B64",
- "string": "lHkprdORlICVJ4Umwi94Uz/nATK6Y7If7e+iFoabzh0="
+ "string": "P1ZT6T80zOfEqXj/kPbtON3yszf7xLNGCxWjdO2xfjU="
},
{
"name": "Hash bytes",
- "hex": "947929add391948095278526c22f78533fe70132ba63b21fedefa216869bce1d"
+ "hex": "3f5653e93f34cce7c4a978ff90f6ed38ddf2b337fbc4b3460b15a374edb17e35"
}
]
},
diff --git a/crates/memory-testing/src/bin/capture-dumps.rs b/crates/memory-testing/src/bin/capture-dumps.rs
index 1fe4eead1..5dddd7622 100644
--- a/crates/memory-testing/src/bin/capture-dumps.rs
+++ b/crates/memory-testing/src/bin/capture-dumps.rs
@@ -37,6 +37,11 @@ fn wait_dump_and_continue(
loop {
let mut buf = [0u8; 1024];
let read = stdout.read(&mut buf).unwrap();
+
+ if read == 0 {
+ panic!("Process exited unexpectedly");
+ }
+
let buf_str = std::str::from_utf8(&buf[..read]).unwrap();
if buf_str.contains("Waiting for dump...") {
break;