diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 79388f11..2ef3d73e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,6 +8,8 @@ on: - 'gh-pages' paths-ignore: - '.github/workflows/**' + workflow_dispatch: + inputs: {} jobs: cloc: @@ -15,7 +17,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - name: Set up cloc run: | @@ -37,7 +39,7 @@ jobs: hotfix_branch_exists: ${{ steps.branch-check.outputs.hotfix_branch_exists }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - name: Get Package Version id: retrieve-version @@ -81,6 +83,28 @@ jobs: echo "::set-output name=hotfix_branch_exists::0" fi + lint: + name: Lint + runs-on: ubuntu-20.04 + steps: + - name: Checkout repo + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 + + - name: Cache npm + id: npm-cache + uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed + with: + path: '~/.npm' + key: ${{ runner.os }}-npm-${{ hashFiles('package-lock.json') }} + restore-keys: | + ${{ runner.os }}-npm- + + - name: Install Node dependencies + run: npm ci + + - name: Run linter + run: npm run lint + linux: name: Linux Build @@ -90,20 +114,15 @@ jobs: _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - name: Set up Node - uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea # v2.1.5 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 with: + cache: 'npm' + cache-dependency-path: '**/package-lock.json' node-version: '16' - - name: Cache npm - id: npm-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 - with: - path: '~/.npm' - key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }} - - name: Set Node options run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV @@ -130,49 +149,46 @@ jobs: - name: Install Node dependencies run: npm ci - - name: Run linter - run: npm run lint - - name: Build application run: npm run dist:lin - name: Upload .deb artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb if-no-files-found: error - name: Upload .rpm artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm if-no-files-found: error - name: Upload .freebsd artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd if-no-files-found: error - name: Upload .snap artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap path: ./dist/bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap if-no-files-found: error - name: Upload .AppImage artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage if-no-files-found: error - name: Upload latest auto-update artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: latest-linux.yml path: ./dist/latest-linux.yml @@ -187,20 +203,15 @@ jobs: _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - name: Set up Node - uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea # v2.1.5 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 with: + cache: 'npm' + cache-dependency-path: '**/package-lock.json' node-version: '16' - - name: Cache npm - id: npm-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 - with: - path: '%AppData%/npm-cache' - key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }} - - name: Set Node options run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append shell: pwsh @@ -224,13 +235,13 @@ jobs: choco --version - name: Login to Azure - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a + uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - name: Retrieve secrets id: retrieve-secrets - uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 + uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f with: keyvault: "bitwarden-prod-kv" secrets: "code-signing-vault-url, @@ -242,9 +253,6 @@ jobs: - name: Install Node dependencies run: npm ci - - name: Run linter - run: npm run lint - - name: Build & Sign (dev) env: ELECTRON_BUILDER_SIGN: 1 @@ -280,91 +288,91 @@ jobs: choco pack ./dist/chocolatey/bitwarden.nuspec --version "$env:_PACKAGE_VERSION" --out ./dist/chocolatey - name: Upload portable exe artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe path: ./dist/Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe if-no-files-found: error - name: Upload installer exe artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe path: ./dist/nsis-web/Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe if-no-files-found: error - name: Upload appx ia32 artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx if-no-files-found: error - name: Upload store appx ia32 artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx if-no-files-found: error - name: Upload NSIS ia32 artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z path: ./dist/nsis-web/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z if-no-files-found: error - name: Upload appx x64 artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx if-no-files-found: error - name: Upload store appx x64 artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx if-no-files-found: error - name: Upload NSIS x64 artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z path: ./dist/nsis-web/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z if-no-files-found: error - name: Upload appx ARM64 artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx if-no-files-found: error - name: Upload store appx ARM64 artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx if-no-files-found: error - name: Upload NSIS ARM64 artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z path: ./dist/nsis-web/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z if-no-files-found: error - name: Upload nupkg artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: bitwarden.${{ env._PACKAGE_VERSION }}.nupkg path: ./dist/chocolatey/bitwarden.${{ env._PACKAGE_VERSION }}.nupkg if-no-files-found: error - name: Upload latest auto-update artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: latest.yml path: ./dist/nsis-web/latest.yml @@ -379,20 +387,15 @@ jobs: _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - name: Set up Node - uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea # v2.1.5 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 with: + cache: 'npm' + cache-dependency-path: '**/package-lock.json' node-version: '16' - - name: Cache npm - id: npm-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 - with: - path: '~/.npm' - key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }} - - name: Set Node options run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV @@ -410,14 +413,14 @@ jobs: - name: Cache Build id: build-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 + uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed with: path: build key: ${{ runner.os }}-${{ github.run_id }}-build - name: Cache Safari id: safari-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 + uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed with: path: dist-safari key: ${{ runner.os }}-${{ github.run_id }}-safari-extension @@ -496,9 +499,6 @@ jobs: - name: Install Node dependencies run: npm ci - - name: Run linter - run: npm run lint - - name: Build application (dev) run: npm run build @@ -507,39 +507,39 @@ jobs: run: New-Item ./dist-safari -ItemType Directory -ea 0 - name: Checkout browser extension - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 with: repository: 'bitwarden/browser' path: 'dist-safari/browser' ref: ${{ needs.setup.outputs.safari_ref }} - name: Build Safari extension - shell: pwsh - run: ./scripts/safari-build.ps1 -skipcheckout -skipoutcopy + run: | + npm install + npm run dist:safari + working-directory: dist-safari/browser macos-package-github: name: MacOS Package GitHub Release Assets runs-on: macos-11 - needs: [setup, macos-build] + needs: + - setup + - macos-build + - lint env: _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - name: Set up Node - uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea # v2.1.5 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 with: + cache: 'npm' + cache-dependency-path: '**/package-lock.json' node-version: '16' - - name: Cache npm - id: npm-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 - with: - path: '~/.npm' - key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }} - - name: Set Node options run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV @@ -557,14 +557,14 @@ jobs: - name: Get Build Cache id: build-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 + uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed with: path: build key: ${{ runner.os }}-${{ github.run_id }}-build - name: Setup Safari Cache id: safari-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 + uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed with: path: dist-safari key: ${{ runner.os }}-${{ github.run_id }}-safari-extension @@ -654,7 +654,7 @@ jobs: - name: Checkout browser extension if: steps.safari-cache.outputs.cache-hit != 'true' - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 with: repository: 'bitwarden/browser' path: 'dist-safari/browser' @@ -662,12 +662,15 @@ jobs: - name: Build Safari extension if: steps.safari-cache.outputs.cache-hit != 'true' - shell: pwsh - run: ./scripts/safari-build.ps1 -skipcheckout -skipoutcopy + run: | + npm install + npm run dist:safari + working-directory: dist-safari/browser - name: Load Safari extension for .dmg - shell: pwsh - run: ./scripts/safari-build.ps1 -copyonly + run: | + mkdir PlugIns + cp -r dist-safari/browser/dist/Safari/dmg/build/Release/safari.appex PlugIns/safari.appex - name: Build application (dist) env: @@ -676,28 +679,28 @@ jobs: run: npm run pack:mac - name: Upload .zip artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal-mac.zip path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal-mac.zip if-no-files-found: error - name: Upload .dmg artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg if-no-files-found: error - name: Upload .dmg blockmap artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg.blockmap path: ./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg.blockmap if-no-files-found: error - name: Upload latest auto-update artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: latest-mac.yml path: ./dist/latest-mac.yml @@ -707,25 +710,23 @@ jobs: macos-package-mas: name: MacOS Package Prod Release Asset runs-on: macos-11 - needs: [setup, macos-build] + needs: + - setup + - macos-build + - lint env: _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - name: Set up Node - uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea # v2.1.5 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 with: + cache: 'npm' + cache-dependency-path: '**/package-lock.json' node-version: '16' - - name: Cache npm - id: npm-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 - with: - path: '~/.npm' - key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }} - - name: Set Node options run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV @@ -743,14 +744,14 @@ jobs: - name: Get Build Cache id: build-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 + uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed with: path: build key: ${{ runner.os }}-${{ github.run_id }}-build - name: Setup Safari Cache id: safari-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 + uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed with: path: dist-safari key: ${{ runner.os }}-${{ github.run_id }}-safari-extension @@ -840,7 +841,7 @@ jobs: - name: Checkout browser extension if: steps.safari-cache.outputs.cache-hit != 'true' - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 with: repository: 'bitwarden/browser' path: 'dist-safari/browser' @@ -848,12 +849,15 @@ jobs: - name: Build Safari extension if: steps.safari-cache.outputs.cache-hit != 'true' - shell: pwsh - run: ./scripts/safari-build.ps1 -skipcheckout -skipoutcopy + run: | + npm install + npm run dist:safari + working-directory: dist-safari/browser - name: Load Safari extension for App Store - shell: pwsh - run: ./scripts/safari-build.ps1 -mas -copyonly + run: | + mkdir PlugIns + cp -r dist-safari/browser/dist/Safari/mas/build/Release/safari.appex PlugIns/safari.appex - name: Build application for App Store run: npm run pack:mac:mas @@ -862,7 +866,7 @@ jobs: APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} - name: Upload .pkg artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.pkg path: ./dist/mas-universal/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.pkg @@ -885,25 +889,23 @@ jobs: name: MacOS Package Dev Release Asset if: false # We need to look into how code signing works for dev runs-on: macos-11 - needs: [setup, macos-build] + needs: + - setup + - macos-build + - lint env: _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - name: Set up Node - uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea # v2.1.5 + uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 with: + cache: 'npm' + cache-dependency-path: '**/package-lock.json' node-version: '16' - - name: Cache npm - id: npm-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 - with: - path: '~/.npm' - key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }} - - name: Set Node options run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV @@ -921,14 +923,14 @@ jobs: - name: Get Build Cache id: build-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 + uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed with: path: build key: ${{ runner.os }}-${{ github.run_id }}-build - name: Setup Safari Cache id: safari-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 + uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed with: path: dist-safari key: ${{ runner.os }}-${{ github.run_id }}-safari-extension @@ -1018,7 +1020,7 @@ jobs: - name: Checkout browser extension if: steps.safari-cache.outputs.cache-hit != 'true' - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 with: repository: 'bitwarden/browser' path: 'dist-safari/browser' @@ -1026,12 +1028,15 @@ jobs: - name: Build Safari extension if: steps.safari-cache.outputs.cache-hit != 'true' - shell: pwsh - run: ./scripts/safari-build.ps1 -skipcheckout -skipoutcopy + run: | + npm install + npm run dist:safari + working-directory: dist-safari/browser - name: Load Safari extension for App Store - shell: pwsh - run: ./scripts/safari-build.ps1 -masdev -copyonly + run: | + mkdir PlugIns + cp -r dist-safari/browser/dist/Safari/masdev/build/Release/safari.appex PlugIns/safari.appex - name: Build dev application for App Store run: npm run pack:mac:masdev @@ -1044,7 +1049,7 @@ jobs: run: zip -r Bitwarden-${{ env.PACKAGE_VERSION }}-masdev-universal.zip Bitwarden.app - name: Upload masdev artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 with: name: Bitwarden-${{ env._PACKAGE_VERSION }}-masdev-universal.zip path: ./dist/mas-universal/Bitwarden-${{ env._PACKAGE_VERSION }}-masdev-universal.zip @@ -1064,22 +1069,22 @@ jobs: _CROWDIN_PROJECT_ID: "299360" steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - name: Login to Azure - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a + uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - name: Retrieve secrets id: retrieve-secrets - uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 + uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f with: keyvault: "bitwarden-prod-kv" secrets: "crowdin-api-token" - name: Upload Sources - uses: crowdin/github-action@e39093fd75daae7859c68eded4b43d42ec78d8ea # v1.3.2 + uses: crowdin/github-action@9237b4cb361788dfce63feb2e2f15c09e2fe7415 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }} @@ -1097,6 +1102,7 @@ jobs: needs: - cloc - setup + - lint - linux - windows - macos-build @@ -1109,6 +1115,7 @@ jobs: env: CLOC_STATUS: ${{ needs.cloc.result }} SETUP_STATUS: ${{ needs.setup.result }} + LINT_STATUS: ${{ needs.lint.result }} LINUX_STATUS: ${{ needs.linux.result }} WINDOWS_STATUS: ${{ needs.windows.result }} MACOS_BUILD_STATUS: ${{ needs.macos-build.result }} @@ -1120,6 +1127,8 @@ jobs: exit 1 elif [ "$SETUP_STATUS" = "failure" ]; then exit 1 + elif [ "$LINT_STATUS" = "failure" ]; then + exit 1 elif [ "$LINUX_STATUS" = "failure" ]; then exit 1 elif [ "$WINDOWS_STATUS" = "failure" ]; then @@ -1135,21 +1144,21 @@ jobs: fi - name: Login to Azure - Prod Subscription - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a + uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf if: failure() with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - name: Retrieve secrets id: retrieve-secrets - uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 + uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f if: failure() with: keyvault: "bitwarden-prod-kv" secrets: "devops-alerts-slack-webhook-url" - name: Notify Slack on failure - uses: act10ns/slack@e4e71685b9b239384b0f676a63c32367f59c2522 # v1.2.2 + uses: act10ns/slack@da3191ebe2e67f49b46880b4633f5591a96d1d33 if: failure() env: SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} diff --git a/SECURITY.md b/SECURITY.md index 7a055501..e6edb96d 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,39 +1,11 @@ -Bitwarden believes that working with security researchers across the globe is crucial to keeping our -users safe. If you believe you've found a security issue in our product or service, we encourage you to -notify us. We welcome working with you to resolve the issue promptly. Thanks in advance! +Bitwarden believes that working with security researchers across the globe is crucial to keeping our users safe. If you believe you've found a security issue in our product or service, we encourage you to please submit a report through our [HackerOne Program](https://hackerone.com/bitwarden/). We welcome working with you to resolve the issue promptly. Thanks in advance! # Disclosure Policy -- Let us know as soon as possible upon discovery of a potential security issue, and we'll make every - effort to quickly resolve the issue. -- Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a - third-party. We may publicly disclose the issue before resolving it, if appropriate. -- Make a good faith effort to avoid privacy violations, destruction of data, and interruption or - degradation of our service. Only interact with accounts you own or with explicit permission of the - account holder. -- If you would like to encrypt your report, please use the PGP key with long ID - `0xDE6887086F892325FEC04CC0D847525B6931381F` (available in the public keyserver pool). - -# In-scope - -- Security issues in any current release of Bitwarden. This includes the web vault, browser extension, - and mobile apps (iOS and Android). Product downloads are available at https://bitwarden.com. Source - code is available at https://github.com/bitwarden. - -# Exclusions - -The following bug classes are out-of scope: - -- Bugs that are already reported on any of Bitwarden's issue trackers (https://github.com/bitwarden), - or that we already know of. Note that some of our issue tracking is private. -- Issues in an upstream software dependency (ex: Xamarin, ASP.NET) which are already reported to the - upstream maintainer. -- Attacks requiring physical access to a user's device. -- Self-XSS -- Issues related to software or protocols not under Bitwarden's control -- Vulnerabilities in outdated versions of Bitwarden -- Missing security best practices that do not directly lead to a vulnerability -- Issues that do not have any impact on the general public +- Let us know as soon as possible upon discovery of a potential security issue, and we'll make every effort to quickly resolve the issue. +- Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party. We may publicly disclose the issue before resolving it, if appropriate. +- Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder. +- If you would like to encrypt your report, please use the PGP key with long ID `0xDE6887086F892325FEC04CC0D847525B6931381F` (available in the public keyserver pool). While researching, we'd like to ask you to refrain from: @@ -42,4 +14,8 @@ While researching, we'd like to ask you to refrain from: - Social engineering (including phishing) of Bitwarden staff or contractors - Any physical attempts against Bitwarden property or data centers +# We want to help you! + +If you have something that you feel is close to exploitation, or if you'd like some information regarding the internal API, or generally have any questions regarding the app that would help in your efforts, please email us at https://bitwarden.com/contact and ask for that information. As stated above, Bitwarden wants to help you find issues, and is more than willing to help. + Thank you for helping keep Bitwarden and our users safe! diff --git a/jslib b/jslib index 6aae3beb..41b199ab 160000 --- a/jslib +++ b/jslib @@ -1 +1 @@ -Subproject commit 6aae3beb76164f0f5a7953138942b7fc92f2b694 +Subproject commit 41b199ab831eff8d197e006328274dbf8b1b11bd diff --git a/src/locales/ca/messages.json b/src/locales/ca/messages.json index e6e51911..a51a8fd8 100644 --- a/src/locales/ca/messages.json +++ b/src/locales/ca/messages.json @@ -737,10 +737,10 @@ "message": "Generador de contrasenyes" }, "contactUs": { - "message": "Contact Us" + "message": "Contacta'ns" }, "getHelp": { - "message": "Get Help" + "message": "Obteniu ajuda" }, "fileBugReport": { "message": "Presenta un informe d'error" @@ -1815,13 +1815,13 @@ "message": "Opcions" }, "sessionTimeout": { - "message": "Your session has timed out. Please go back and try logging in again." + "message": "La sessió ha expirat. Torneu arrere i proveu d'iniciar sessió de nou." }, "exportingPersonalVaultTitle": { - "message": "Exporting Personal Vault" + "message": "S'està exportant la caixa forta personal" }, "exportingPersonalVaultDescription": { - "message": "Only the personal vault items associated with $EMAIL$ will be exported. Organization vault items will not be included.", + "message": "Només s'exportaran els elements personals de la caixa forta associats a $EMAIL$. Els elements de la caixa forta de l'organització no s'inclouran.", "placeholders": { "email": { "content": "$1", diff --git a/src/locales/fi/messages.json b/src/locales/fi/messages.json index 2837c2c9..7b7354f5 100644 --- a/src/locales/fi/messages.json +++ b/src/locales/fi/messages.json @@ -1594,7 +1594,7 @@ "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated." }, "sendNotesDesc": { - "message": "Yksityiset muistiinpanot tästä Sendistä.", + "message": "Yksityisiä merkintöjä tästä Sendistä.", "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated." }, "sendLink": { diff --git a/src/locales/nb/messages.json b/src/locales/nb/messages.json index b870f9c6..ac24350c 100644 --- a/src/locales/nb/messages.json +++ b/src/locales/nb/messages.json @@ -737,10 +737,10 @@ "message": "Passordgenerator" }, "contactUs": { - "message": "Contact Us" + "message": "Kontakt oss" }, "getHelp": { - "message": "Get Help" + "message": "Få hjelp" }, "fileBugReport": { "message": "Legg inn en feilrapport" @@ -1812,13 +1812,13 @@ "message": "Bytt konto" }, "options": { - "message": "Options" + "message": "Alternativer" }, "sessionTimeout": { - "message": "Your session has timed out. Please go back and try logging in again." + "message": "Økten ble tidsavbrutt. Vennligst gå tilbake og prøv å logge inn på nytt." }, "exportingPersonalVaultTitle": { - "message": "Exporting Personal Vault" + "message": "Eksporter personlig hvelv" }, "exportingPersonalVaultDescription": { "message": "Only the personal vault items associated with $EMAIL$ will be exported. Organization vault items will not be included.", diff --git a/src/locales/zh_TW/messages.json b/src/locales/zh_TW/messages.json index 7d742c1f..0469d4c0 100644 --- a/src/locales/zh_TW/messages.json +++ b/src/locales/zh_TW/messages.json @@ -104,7 +104,7 @@ "message": "電子郵件地址" }, "verificationCodeTotp": { - "message": "驗證碼 (TOTP)" + "message": "驗證碼(TOTP)" }, "website": { "message": "網站" @@ -308,7 +308,7 @@ "message": "編輯" }, "authenticatorKeyTotp": { - "message": "驗證器金鑰 (TOTP)" + "message": "驗證器金鑰(TOTP)" }, "folder": { "message": "資料夾" @@ -389,7 +389,7 @@ "message": "複製 URI" }, "copyVerificationCodeTotp": { - "message": "複製驗證碼 (TOTP)" + "message": "複製驗證碼(TOTP)" }, "length": { "message": "長度" @@ -608,14 +608,14 @@ "message": "驗證器應用程式" }, "authenticatorAppDesc": { - "message": "使用驗證器應用程式 (如 Authy 或 Google Authenticator) 產生基於時間的驗證碼。", + "message": "使用驗證器應用程式(如 Authy 或 Google Authenticator)產生基於時間的驗證碼。", "description": "'Authy' and 'Google Authenticator' are product names and should not be translated." }, "yubiKeyTitle": { "message": "YubiKey OTP 安全鑰匙" }, "yubiKeyDesc": { - "message": "使用 YubiKey 存取您的帳戶。支援 YubiKey 4、4 Nano、4C、以及 NEO 裝置。" + "message": "使用 YubiKey 來存取您的帳戶。支援 YubiKey 4、4 Nano、4C、以及 NEO 裝置。" }, "duoDesc": { "message": "使用 Duo Security 的 Duo Mobile 程式、SMS 、致電或 U2F 安全鑰匙進行驗證。", @@ -1294,7 +1294,7 @@ "message": "主密碼強度太弱" }, "weakMasterPasswordDesc": { - "message": "您設定的主密碼很脆弱。您應該使用高強度的密碼 (或密碼短語) 來正確保護您的 bitwarden 帳戶。仍要使用這組主密碼嗎?" + "message": "您設定的主密碼很脆弱。您應該使用高強度的密碼(或密碼短語)來正確保護您的 bitwarden 帳戶。仍要使用這組主密碼嗎?" }, "pin": { "message": "PIN 碼", @@ -1606,7 +1606,7 @@ "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated." }, "textHiddenByDefault": { - "message": "存取此 Send 時,預設將隱藏文本", + "message": "存取此 Send 時,預設隱藏文字内容", "description": "'Send' is a noun and the name of a feature called 'Bitwarden Send'. It should not be translated." }, "createdSend": { @@ -1755,7 +1755,7 @@ "message": "一或多個組織策略不允許您輸出個人密碼庫。" }, "addAccount": { - "message": "新增帳號" + "message": "新增帳戶" }, "removeMasterPassword": { "message": "移除主密碼" @@ -1788,7 +1788,7 @@ "message": "鎖定所有密碼庫" }, "accountLimitReached": { - "message": "最多只能同時登入 5 隻帳號。" + "message": "最多只能同時登入 5 隻帳戶。" }, "accountPreferences": { "message": "偏好設定" diff --git a/src/main.ts b/src/main.ts index 0150f72e..0aecf0be 100644 --- a/src/main.ts +++ b/src/main.ts @@ -83,7 +83,8 @@ export class Main { null, this.logService, null, - new StateFactory(GlobalState, Account) + new StateFactory(GlobalState, Account), + false // Do not use disk caching because this will get out of sync with the renderer service ); this.windowMain = new WindowMain( diff --git a/src/package.json b/src/package.json index 47e605e9..0f8c43b8 100644 --- a/src/package.json +++ b/src/package.json @@ -2,7 +2,7 @@ "name": "@bitwarden/desktop", "productName": "Bitwarden", "description": "A secure and free password manager for all of your devices.", - "version": "1.31.4", + "version": "1.32.0", "author": "Bitwarden Inc. (https://bitwarden.com)", "homepage": "https://bitwarden.com", "license": "GPL-3.0",