bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-02-19 02:44:01 +00:00
Code Issues Releases Wiki Activity

Merge main

Browse Source
This commit is contained in:
Bernd Schoolmann
2026-02-13 14:21:59 +01:00
parent 3cd45b0ea6 412d1b541d
commit c32f9199f2
1511 changed files with 96557 additions and 20566 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
.github/CODEOWNERS vendored
View File

@@ -4,17 +4,25 @@
#
# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
## Global styles are owned by UIF
*.scss @bitwarden/team-ui-foundation
*.css @bitwarden/team-ui-foundation
## Desktop native module ##
apps/desktop/desktop_native @bitwarden/team-platform-dev
apps/desktop/desktop_native/objc/src/native/autofill @bitwarden/team-autofill-desktop-dev
apps/desktop/desktop_native/core/src/autofill @bitwarden/team-autofill-desktop-dev
apps/desktop/desktop_native/macos_provider @bitwarden/team-autofill-desktop-dev
apps/desktop/desktop_native/autofill_provider @bitwarden/team-autofill-desktop-dev
apps/desktop/desktop_native/core/src/secure_memory @bitwarden/team-key-management-dev
## No ownership for Cargo.lock and Cargo.toml to allow dependency updates
apps/desktop/desktop_native/Cargo.lock
apps/desktop/desktop_native/Cargo.toml
# Web connectors
apps/web/src/connectors @bitwarden/team-auth-dev
apps/web/src/connectors/platform @bitwarden/team-platform-dev
## Auth team files ##
apps/browser/src/auth @bitwarden/team-auth-dev
apps/cli/src/auth @bitwarden/team-auth-dev
@@ -22,8 +30,6 @@ apps/desktop/src/auth @bitwarden/team-auth-dev
apps/web/src/app/auth @bitwarden/team-auth-dev
libs/auth @bitwarden/team-auth-dev
libs/user-core @bitwarden/team-auth-dev
# web connectors used for auth
apps/web/src/connectors @bitwarden/team-auth-dev
bitwarden_license/bit-web/src/app/auth @bitwarden/team-auth-dev
libs/angular/src/auth @bitwarden/team-auth-dev
libs/common/src/auth @bitwarden/team-auth-dev
@@ -84,6 +90,7 @@ apps/web/src/app/billing @bitwarden/team-billing-dev
libs/angular/src/billing @bitwarden/team-billing-dev
libs/common/src/billing @bitwarden/team-billing-dev
libs/billing @bitwarden/team-billing-dev
libs/pricing @bitwarden/team-billing-dev
bitwarden_license/bit-web/src/app/billing @bitwarden/team-billing-dev
## Platform team files ##
@@ -153,13 +160,16 @@ apps/desktop/macos/autofill-extension @bitwarden/team-autofill-desktop-dev
apps/desktop/src/app/components/fido2placeholder.component.ts @bitwarden/team-autofill-desktop-dev
apps/desktop/desktop_native/windows_plugin_authenticator @bitwarden/team-autofill-desktop-dev
apps/desktop/desktop_native/autotype @bitwarden/team-autofill-desktop-dev
apps/desktop/desktop_native/core/src/ssh_agent @bitwarden/team-autofill-desktop-dev @bitwarden/wg-ssh-keys
apps/desktop/desktop_native/ssh_agent @bitwarden/team-autofill-desktop-dev @bitwarden/wg-ssh-keys
apps/desktop/desktop_native/napi/src/autofill.rs @bitwarden/team-autofill-desktop-dev
apps/desktop/desktop_native/napi/src/autotype.rs @bitwarden/team-autofill-desktop-dev
apps/desktop/desktop_native/napi/src/sshagent.rs @bitwarden/team-autofill-desktop-dev
# DuckDuckGo integration
apps/desktop/native-messaging-test-runner @bitwarden/team-autofill-desktop-dev
apps/desktop/src/services/duckduckgo-message-handler.service.ts @bitwarden/team-autofill-desktop-dev
apps/desktop/src/services/encrypted-message-handler.service.ts @bitwarden/team-autofill-desktop-dev
.github/workflows/alert-ddg-files-modified.yml @bitwarden/team-autofill-desktop-dev
# SSH Agent
apps/desktop/desktop_native/core/src/ssh_agent @bitwarden/team-autofill-desktop-dev @bitwarden/wg-ssh-keys
## UI Foundation ##
.github/workflows/chromatic.yml @bitwarden/team-ui-foundation
@@ -220,6 +230,9 @@ apps/web/src/locales/en/messages.json
**/docker-compose.yml @bitwarden/team-appsec @bitwarden/dept-bre
**/entrypoint.sh @bitwarden/team-appsec @bitwarden/dept-bre
# Scanning tools
.checkmarx/ @bitwarden/team-appsec
## Overrides
# For the time being platform owns tsconfig and jest config
# These overrides will be removed after Nx is implemented
@@ -227,7 +240,9 @@ apps/web/src/locales/en/messages.json
**/tsconfig.json @bitwarden/team-platform-dev
**/jest.config.js @bitwarden/team-platform-dev
**/project.jsons @bitwarden/team-platform-dev
libs/pricing @bitwarden/team-billing-dev
# Platform override specifically for the package-lock.json in
# native-messaging-test-runner so that Platform can manage all lock file updates
apps/desktop/native-messaging-test-runner/package-lock.json @bitwarden/team-platform-dev
# Claude related files
.claude/ @bitwarden/team-ai-sme

24
.github/PULL_REQUEST_TEMPLATE.md vendored
View File

@@ -9,27 +9,3 @@
## 📸 Screenshots
<!-- Required for any UI changes; delete if not applicable. Use fixed width images for better display. -->
## ⏰ Reminders before review
- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team
## 🦮 Reviewer guidelines
<!-- Suggested interactions but feel free to use (or not) as you desire! -->
- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes

4
.github/renovate.json5 vendored
View File

@@ -79,7 +79,6 @@
matchPackageNames: [
"@emotion/css",
"@webcomponents/custom-elements",
"bitwarden-russh",
"concurrently",
"cross-env",
"del",
@@ -187,6 +186,7 @@
"semver",
"serde",
"serde_json",
"serde_with",
"simplelog",
"style-loader",
"sysinfo",
@@ -312,7 +312,6 @@
"@types/inquirer",
"@types/koa",
"@types/koa__multer",
"@types/koa__router",
"@types/koa-bodyparser",
"@types/koa-json",
"@types/lunr",
@@ -562,5 +561,6 @@
"node-ipc",
"@bitwarden/sdk-internal",
"@bitwarden/commercial-sdk-internal",
"bitwarden-russh",
],
}

2
.github/workflows/alert-ddg-files-modified.yml vendored
View File

@@ -73,7 +73,7 @@ jobs:
_MONITORED_FILES: ${{ steps.changed-files.outputs.monitored_files }}
with:
script: |
const changedFiles = `$_MONITORED_FILES`.split(' ').filter(file => file.trim() !== '');
const changedFiles = process.env._MONITORED_FILES.split(' ').filter(file => file.trim() !== '');
const message = `<!-- comment_tag: ddg-test-warning -->
⚠️🦆 **DuckDuckGo Integration files have been modified in this PR:**

8
.github/workflows/build-browser.yml vendored
View File

@@ -152,7 +152,7 @@ jobs:
persist-credentials: false
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
@@ -260,7 +260,7 @@ jobs:
persist-credentials: false
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
@@ -392,7 +392,7 @@ jobs:
persist-credentials: false
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
@@ -565,7 +565,7 @@ jobs:
uses: bitwarden/gh-actions/azure-logout@main
- name: Upload Sources
uses: crowdin/github-action@08713f00a50548bfe39b37e8f44afb53e7a802d4 # v2.12.0
uses: crowdin/github-action@b4b468cffefb50bdd99dd83e5d2eaeb63c880380 # v2.14.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}

4
.github/workflows/build-cli.yml vendored
View File

@@ -130,7 +130,7 @@ jobs:
} >> "$GITHUB_ENV"
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
@@ -326,7 +326,7 @@ jobs:
choco install nasm --no-progress
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'

102
.github/workflows/build-desktop.yml vendored
View File

@@ -57,7 +57,7 @@ jobs:
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
ref: ${{ github.event.pull_request.head.sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Verify
@@ -90,7 +90,7 @@ jobs:
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
ref: ${{ github.event.pull_request.head.sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: true
- name: Get Package Version
@@ -176,14 +176,14 @@ jobs:
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 1
ref: ${{ github.event.pull_request.head.sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Free disk space
uses: bitwarden/gh-actions/free-disk-space@main
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
@@ -236,7 +236,7 @@ jobs:
npm link ../sdk-internal
- name: Cache Native Module
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
id: cache
with:
path: |
@@ -335,11 +335,11 @@ jobs:
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
ref: ${{ github.event.pull_request.head.sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
@@ -399,7 +399,7 @@ jobs:
npm link ../sdk-internal
- name: Cache Native Module
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
id: cache
with:
path: |
@@ -483,11 +483,11 @@ jobs:
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
ref: ${{ github.event.pull_request.head.sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
@@ -562,7 +562,7 @@ jobs:
npm link ../sdk-internal
- name: Cache Native Module
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
id: cache
with:
path: |
@@ -755,7 +755,7 @@ jobs:
persist-credentials: false
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
@@ -827,7 +827,7 @@ jobs:
npm link ../sdk-internal
- name: Cache Native Module
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
id: cache
with:
path: |
@@ -996,18 +996,18 @@ jobs:
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
ref: ${{ github.event.pull_request.head.sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: ${{ env._NODE_VERSION }}
- name: Set up Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: '3.14.2'
@@ -1032,14 +1032,14 @@ jobs:
- name: Cache Build
id: build-cache
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
with:
path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Cache Safari
id: safari-cache
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
with:
path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@@ -1185,7 +1185,7 @@ jobs:
npm link ../sdk-internal
- name: Cache Native Module
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
id: cache
with:
path: |
@@ -1236,18 +1236,18 @@ jobs:
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
ref: ${{ github.event.pull_request.head.sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: ${{ env._NODE_VERSION }}
- name: Set up Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: '3.14.2'
@@ -1272,14 +1272,14 @@ jobs:
- name: Get Build Cache
id: build-cache
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
with:
path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Setup Safari Cache
id: safari-cache
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
with:
path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@@ -1409,7 +1409,7 @@ jobs:
npm link ../sdk-internal
- name: Cache Native Module
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
id: cache
with:
path: |
@@ -1511,18 +1511,18 @@ jobs:
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
ref: ${{ github.event.pull_request.head.sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: ${{ env._NODE_VERSION }}
- name: Set up Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version: '3.14.2'
@@ -1547,14 +1547,14 @@ jobs:
- name: Get Build Cache
id: build-cache
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
with:
path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Setup Safari Cache
id: safari-cache
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
with:
path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@@ -1692,7 +1692,7 @@ jobs:
npm link ../sdk-internal
- name: Cache Native Module
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
id: cache
with:
path: |
@@ -1852,7 +1852,7 @@ jobs:
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
ref: ${{ github.event.pull_request.head.sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Log in to Azure
@@ -1873,7 +1873,7 @@ jobs:
uses: bitwarden/gh-actions/azure-logout@main
- name: Upload Sources
uses: crowdin/github-action@08713f00a50548bfe39b37e8f44afb53e7a802d4 # v2.12.0
uses: crowdin/github-action@b4b468cffefb50bdd99dd83e5d2eaeb63c880380 # v2.14.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}
@@ -1894,15 +1894,16 @@ jobs:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
steps:
- name: Check out repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 1
ref: ${{ github.event.pull_request.head.sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Download deb artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
run_id: ${{ github.run_id }}
path: apps/desktop/artifacts/linux/deb
artifacts: Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb
@@ -1937,15 +1938,16 @@ jobs:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
steps:
- name: Check out repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 1
ref: ${{ github.event.workflow_run.head_sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Download appimage artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
run_id: ${{ github.run_id }}
path: apps/desktop/artifacts/linux/appimage
artifacts: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
@@ -1978,15 +1980,16 @@ jobs:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
steps:
- name: Check out repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 1
ref: ${{ github.event.workflow_run.head_sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Download appimage artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
run_id: ${{ github.run_id }}
path: apps/desktop/artifacts/linux/appimage
artifacts: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
@@ -2033,15 +2036,16 @@ jobs:
- linux-arm64
steps:
- name: Check out repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 1
ref: ${{ github.event.workflow_run.head_sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Download flatpak artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
run_id: ${{ github.run_id }}
path: apps/desktop/artifacts/linux/flatpak/
artifacts: com.bitwarden.${{ matrix.os == 'ubuntu-22.04' && 'desktop' || 'desktop-arm64' }}.flatpak
@@ -2050,7 +2054,6 @@ jobs:
sudo apt-get update
sudo apt-get install -y libasound2 flatpak xvfb dbus-x11
flatpak remote-add --if-not-exists --user flathub https://flathub.org/repo/flathub.flatpakrepo
flatpak install -y --user flathub
- name: Install flatpak
working-directory: apps/desktop/artifacts/linux/flatpak
@@ -2086,15 +2089,16 @@ jobs:
_CPU_ARCH: ${{ matrix.os == 'ubuntu-22.04' && 'amd64' || 'arm64' }}
steps:
- name: Check out repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 1
ref: ${{ github.event.workflow_run.head_sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Download snap artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
run_id: ${{ github.run_id }}
path: apps/desktop/artifacts/linux/snap
artifacts: bitwarden_${{ env._PACKAGE_VERSION }}_${{ env._CPU_ARCH }}.snap
@@ -2130,15 +2134,16 @@ jobs:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
steps:
- name: Check out repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 1
ref: ${{ github.event.workflow_run.head_sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Download dmg artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
run_id: ${{ github.run_id }}
path: apps/desktop/artifacts/macos/dmg
artifacts: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg
@@ -2174,15 +2179,16 @@ jobs:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
steps:
- name: Check out repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
fetch-depth: 1
ref: ${{ github.event.workflow_run.head_sha }}
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
- name: Download portable artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
run_id: ${{ github.run_id }}
path: apps/desktop/artifacts/windows/portable
artifacts: Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe

28
.github/workflows/build-web.yml vendored
View File

@@ -63,6 +63,11 @@ jobs:
node_version: ${{ steps.retrieve-node-version.outputs.node_version }}
has_secrets: ${{ steps.check-secrets.outputs.has_secrets }}
steps:
- name: Log inputs to job summary
uses: bitwarden/ios/.github/actions/log-inputs@main
with:
inputs: "${{ toJson(inputs) }}"
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
@@ -112,7 +117,7 @@ jobs:
npm_command: dist:bit:selfhost
- artifact_name: selfhosted-DEV
license_type: "commercial"
image_name: web
image_name: web-dev
npm_command: build:bit:selfhost:dev
git_metadata: true
- artifact_name: cloud-QA
@@ -181,6 +186,19 @@ jobs:
ref: ${{ steps.set-server-ref.outputs.server_ref }}
persist-credentials: false
- name: Download SDK Artifacts
if: ${{ inputs.sdk_branch != '' }}
uses: bitwarden/gh-actions/download-artifacts@main
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
workflow: build-wasm-internal.yml
workflow_conclusion: success
branch: ${{ inputs.sdk_branch }}
artifacts: sdk-internal
repo: bitwarden/sdk-internal
path: sdk-internal
if_no_artifact_found: fail
- name: Check Branch to Publish
env:
PUBLISH_BRANCHES: "main,rc,hotfix-rc-web"
@@ -204,7 +222,7 @@ jobs:
########## Set up Docker ##########
- name: Set up Docker
uses: docker/setup-docker-action@efe9e3891a4f7307e689f2100b33a155b900a608 # v4.5.0
uses: docker/setup-docker-action@e43656e248c0bd0647d3f5c195d116aacf6fcaf4 # v4.7.0
with:
daemon-config: |
{
@@ -218,7 +236,7 @@ jobs:
uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
########## ACRs ##########
- name: Log in to Azure
@@ -334,7 +352,7 @@ jobs:
- name: Scan Docker image
if: ${{ needs.setup.outputs.has_secrets == 'true' }}
id: container-scan
uses: anchore/scan-action@568b89d27fc18c60e56937bff480c91c772cd993 # v7.1.0
uses: anchore/scan-action@0d444ed77d83ee2ba7f5ced0d90d640a1281d762 # v7.3.0
with:
image: ${{ steps.image-name.outputs.name }}
fail-build: false
@@ -390,7 +408,7 @@ jobs:
uses: bitwarden/gh-actions/azure-logout@main
- name: Upload Sources
uses: crowdin/github-action@08713f00a50548bfe39b37e8f44afb53e7a802d4 # v2.12.0
uses: crowdin/github-action@b4b468cffefb50bdd99dd83e5d2eaeb63c880380 # v2.14.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}

4
.github/workflows/chromatic.yml vendored
View File

@@ -58,14 +58,14 @@ jobs:
echo "node_version=$NODE_VERSION" >> "$GITHUB_OUTPUT"
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
node-version: ${{ steps.retrieve-node-version.outputs.node_version }}
if: steps.get-changed-files-for-chromatic.outputs.storyFiles == 'true'
- name: Cache NPM
id: npm-cache
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
with:
path: "~/.npm"
key: ${{ runner.os }}-npm-chromatic-${{ hashFiles('**/package-lock.json') }}

2
.github/workflows/crowdin-pull.yml vendored
View File

@@ -49,7 +49,7 @@ jobs:
uses: bitwarden/gh-actions/azure-logout@main
- name: Generate GH App token
uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-token
with:
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}

2
.github/workflows/lint-crowdin-config.yml vendored
View File

@@ -45,7 +45,7 @@ jobs:
uses: bitwarden/gh-actions/azure-logout@main
- name: Lint ${{ matrix.app.name }} config
uses: crowdin/github-action@08713f00a50548bfe39b37e8f44afb53e7a802d4 # v2.12.0
uses: crowdin/github-action@b4b468cffefb50bdd99dd83e5d2eaeb63c880380 # v2.14.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_PROJECT_ID: ${{ matrix.app.project_id }}

8
.github/workflows/lint.yml vendored
View File

@@ -64,7 +64,7 @@ jobs:
echo "node_version=$NODE_VERSION" >> "$GITHUB_OUTPUT"
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
@@ -115,7 +115,7 @@ jobs:
run: rustup --version
- name: Cache cargo registry
uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1
uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2
- name: Run cargo fmt
working-directory: ./apps/desktop/desktop_native
@@ -128,7 +128,7 @@ jobs:
RUSTFLAGS: "-D warnings"
- name: Install cargo-sort
run: cargo install cargo-sort --locked --git https://github.com/DevinR528/cargo-sort.git --rev f5047967021cbb1f822faddc355b3b07674305a1
run: cargo install cargo-sort --locked --git https://github.com/DevinR528/cargo-sort.git --rev ac6e328faf467a39e38ab48dc60dcf4f6a46d7a5 # v2.0.2
- name: Cargo sort
working-directory: ./apps/desktop/desktop_native
@@ -142,7 +142,7 @@ jobs:
run: cargo +nightly udeps --workspace --all-features --all-targets
- name: Install cargo-deny
uses: taiki-e/install-action@073d46cba2cde38f6698c798566c1b3e24feeb44 # v2.62.67
uses: taiki-e/install-action@887bc4e03483810873d617344dd5189cd82e7b8b # v2.67.11
with:
tool: cargo-deny@0.18.6

2
.github/workflows/nx.yml vendored
View File

@@ -26,7 +26,7 @@ jobs:
echo "node_version=$NODE_VERSION" >> "$GITHUB_OUTPUT"
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'

2
.github/workflows/publish-cli.yml vendored
View File

@@ -216,7 +216,7 @@ jobs:
echo "node_version=$NODE_VERSION" >> "$GITHUB_OUTPUT"
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
node-version: ${{ steps.retrieve-node-version.outputs.node_version }}
registry-url: "https://registry.npmjs.org/"

2
.github/workflows/publish-desktop.yml vendored
View File

@@ -331,7 +331,7 @@ jobs:
run: wget "https://github.com/bitwarden/clients/releases/download/${_RELEASE_TAG}/macos-build-number.json"
- name: Setup Ruby and Install Fastlane
uses: ruby/setup-ruby@d5126b9b3579e429dd52e51e68624dda2e05be25 # v1.267.0
uses: ruby/setup-ruby@90be1154f987f4dc0fe0dd0feedac9e473aa4ba8 # v1.286.0
with:
ruby-version: '3.4.7'
bundler-cache: false

2
.github/workflows/publish-web.yml vendored
View File

@@ -182,7 +182,7 @@ jobs:
uses: bitwarden/gh-actions/azure-logout@main
- name: Generate GH App token
uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-token
with:
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}

2
.github/workflows/release-cli.yml vendored
View File

@@ -91,7 +91,9 @@ jobs:
apps/cli/bw-macos-${{ env.PKG_VERSION }}.zip,
apps/cli/bw-macos-arm64-${{ env.PKG_VERSION }}.zip,
apps/cli/bw-oss-linux-${{ env.PKG_VERSION }}.zip,
apps/cli/bw-oss-linux-arm64-${{ env.PKG_VERSION }}.zip,
apps/cli/bw-linux-${{ env.PKG_VERSION }}.zip,
apps/cli/bw-linux-arm64-${{ env.PKG_VERSION }}.zip,
apps/cli/bitwarden-cli.${{ env.PKG_VERSION }}.nupkg,
apps/cli/bw_${{ env.PKG_VERSION }}_amd64.snap,
apps/cli/bitwarden-cli-${{ env.PKG_VERSION }}-npm-build.zip"

50
.github/workflows/repository-management.yml vendored
View File

@@ -72,7 +72,6 @@ jobs:
permissions:
id-token: write
contents: write
pull-requests: write
steps:
- name: Validate version input format
@@ -106,13 +105,12 @@ jobs:
uses: bitwarden/gh-actions/azure-logout@main
- name: Generate GH App token
uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-token
with:
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}
permission-contents: write # for creating, committing to, and pushing new branches
permission-pull-requests: write # for generating pull requests
permission-contents: write # for committing and pushing to main (bypasses rulesets)
- name: Check out branch
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
@@ -448,53 +446,15 @@ jobs:
echo "No changes to commit!";
fi
- name: Create version bump branch
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
run: |
BRANCH_NAME="version-bump-$(date +%s)"
git checkout -b "$BRANCH_NAME"
echo "BRANCH_NAME=$BRANCH_NAME" >> $GITHUB_ENV
- name: Commit version bumps with GPG signature
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
run: |
git commit -m "Bumped client version(s)" -a
- name: Push version bump branch
- name: Push changes to main
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
run: |
git push --set-upstream origin "$BRANCH_NAME"
- name: Create Pull Request for version bump
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
env:
VERSION_BROWSER: ${{ steps.set-final-version-output.outputs.version_browser }}
VERSION_CLI: ${{ steps.set-final-version-output.outputs.version_cli }}
VERSION_DESKTOP: ${{ steps.set-final-version-output.outputs.version_desktop }}
VERSION_WEB: ${{ steps.set-final-version-output.outputs.version_web }}
with:
github-token: ${{ steps.app-token.outputs.token }}
script: |
const versions = [];
if (process.env.VERSION_BROWSER) versions.push(`- Browser: ${process.env.VERSION_BROWSER}`);
if (process.env.VERSION_CLI) versions.push(`- CLI: ${process.env.VERSION_CLI}`);
if (process.env.VERSION_DESKTOP) versions.push(`- Desktop: ${process.env.VERSION_DESKTOP}`);
if (process.env.VERSION_WEB) versions.push(`- Web: ${process.env.VERSION_WEB}`);
const body = versions.length > 0
? `Automated version bump:\n\n${versions.join('\n')}`
: 'Automated version bump';
const { data: pr } = await github.rest.pulls.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: 'Bumped client version(s)',
body: body,
head: process.env.BRANCH_NAME,
base: context.ref.replace('refs/heads/', '')
});
console.log(`Created PR #${pr.number}: ${pr.html_url}`);
git push
cut_branch:
name: Cut branch
@@ -525,7 +485,7 @@ jobs:
uses: bitwarden/gh-actions/azure-logout@main
- name: Generate GH App token
uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-token
with:
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}

4
.github/workflows/sdk-breaking-change-check.yml vendored
View File

@@ -53,7 +53,7 @@ jobs:
secrets: "BW-GHAPP-ID,BW-GHAPP-KEY"
- name: Generate GH App token
uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-token
with:
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
@@ -76,7 +76,7 @@ jobs:
echo "node_version=$NODE_VERSION" >> "$GITHUB_OUTPUT"
- name: Set up Node
uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'

175
.github/workflows/test.yml vendored
View File

@@ -14,14 +14,79 @@ permissions: {}
jobs:
typecheck:
name: Run typechecking
runs-on: ubuntu-22.04
permissions:
contents: read
steps:
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false
- name: Get Node Version
id: retrieve-node-version
run: |
NODE_NVMRC=$(cat .nvmrc)
NODE_VERSION=${NODE_NVMRC/v/''}
echo "node_version=$NODE_VERSION" >> "$GITHUB_OUTPUT"
- name: Set up Node
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: ${{ steps.retrieve-node-version.outputs.node_version }}
- name: Print environment
run: |
node --version
npm --version
- name: Install Node dependencies
run: npm ci
# We use isolatedModules: true which disables typechecking in tests
# Tests in apps/ are typechecked when their app is built, so we just do it here for libs/
# See https://bitwarden.atlassian.net/browse/EC-497
- name: Run typechecking
run: npm run test:types
testing:
name: Run tests
name: Run tests - ${{ matrix.test-group.name }}
runs-on: ubuntu-22.04
permissions:
checks: write
contents: read
pull-requests: write
strategy:
fail-fast: false
matrix:
test-group:
- name: Browser
paths: apps/browser bitwarden_license/bit-browser
artifact: jest-coverage-browser
junit: junit-browser.xml
- name: Web
paths: apps/web bitwarden_license/bit-web
artifact: jest-coverage-web
junit: junit-web.xml
- name: Desktop
paths: apps/desktop
artifact: jest-coverage-desktop
junit: junit-desktop.xml
- name: CLI
paths: apps/cli bitwarden_license/bit-cli
artifact: jest-coverage-cli
junit: junit-cli.xml
- name: Libs
paths: libs bitwarden_license/bit-common
artifact: jest-coverage-libs
junit: junit-libs.xml
steps:
- name: Check out repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
@@ -50,33 +115,32 @@ jobs:
- name: Install Node dependencies
run: npm ci
# We use isolatedModules: true which disables typechecking in tests
# Tests in apps/ are typechecked when their app is built, so we just do it here for libs/
# See https://bitwarden.atlassian.net/browse/EC-497
- name: Run typechecking
run: npm run test:types
- name: Run tests
- name: Run tests - ${{ matrix.test-group.name }}
# maxWorkers is a workaround for a memory leak that crashes tests in CI:
# https://github.com/facebook/jest/issues/9430#issuecomment-1149882002
run: npm test -- --coverage --maxWorkers=3
# Reduced to 2 workers and split tests across parallel jobs to prevent OOM kills
run: npm test -- ${{ matrix.test-group.paths }} --coverage --maxWorkers=2
env:
JEST_JUNIT_OUTPUT_NAME: ${{ matrix.test-group.junit }}
- name: Report test results
uses: dorny/test-reporter@7b7927aa7da8b82e81e755810cb51f39941a2cc7 # v2.2.0
uses: dorny/test-reporter@b082adf0eced0765477756c2a610396589b8c637 # v2.5.0
if: ${{ github.event.pull_request.head.repo.full_name == github.repository && !cancelled() }}
with:
name: Test Results
path: "junit.xml"
name: Test Results - ${{ matrix.test-group.name }}
path: ${{ matrix.test-group.junit }}
reporter: jest-junit
fail-on-error: true
- name: Upload results to codecov.io
uses: codecov/test-results-action@47f89e9acb64b76debcd5ea40642d25a4adced9f # v1.1.1
uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
with:
report_type: test_results
- name: Upload test coverage
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
with:
name: jest-coverage
name: ${{ matrix.test-group.artifact }}
path: ./coverage/lcov.info
rust:
@@ -111,7 +175,7 @@ jobs:
working-directory: ./apps/desktop/desktop_native
run: cargo build
- name: Test Ubuntu
- name: Linux unit tests
if: ${{ matrix.os=='ubuntu-22.04' }}
working-directory: ./apps/desktop/desktop_native
run: |
@@ -120,17 +184,21 @@ jobs:
mkdir -p ~/.local/share/keyrings
eval "$(printf '\n' | gnome-keyring-daemon --unlock)"
eval "$(printf '\n' | /usr/bin/gnome-keyring-daemon --start)"
cargo test -- --test-threads=1
cargo test --lib -- --test-threads=1
- name: Test macOS
- name: MacOS unit tests
if: ${{ matrix.os=='macos-14' }}
working-directory: ./apps/desktop/desktop_native
run: cargo test -- --test-threads=1
run: cargo test --lib -- --test-threads=1
- name: Test Windows
- name: Windows unit tests
if: ${{ matrix.os=='windows-2022'}}
working-directory: ./apps/desktop/desktop_native
run: cargo test --workspace --exclude=desktop_napi -- --test-threads=1
run: cargo test --lib --workspace --exclude=desktop_napi -- --test-threads=1
- name: Doc tests
working-directory: ./apps/desktop/desktop_native
run: cargo test --doc
rust-coverage:
name: Rust Coverage
@@ -177,11 +245,35 @@ jobs:
with:
persist-credentials: false
- name: Download jest coverage
- name: Download Browser coverage
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
with:
name: jest-coverage
path: ./
name: jest-coverage-browser
path: ./jest-coverage-browser
- name: Download Web coverage
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
with:
name: jest-coverage-web
path: ./jest-coverage-web
- name: Download Desktop coverage
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
with:
name: jest-coverage-desktop
path: ./jest-coverage-desktop
- name: Download CLI coverage
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
with:
name: jest-coverage-cli
path: ./jest-coverage-cli
- name: Download Libs coverage
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
with:
name: jest-coverage-libs
path: ./jest-coverage-libs
- name: Download rust coverage
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
@@ -193,5 +285,40 @@ jobs:
uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
with:
files: |
./lcov.info
./jest-coverage-browser/lcov.info
./jest-coverage-web/lcov.info
./jest-coverage-desktop/lcov.info
./jest-coverage-cli/lcov.info
./jest-coverage-libs/lcov.info
./apps/desktop/desktop_native/lcov.info
run-tests: # Verifies all required tests complete successfully
name: Run tests
runs-on: ubuntu-24.04
if: always()
needs:
- typecheck
- testing
- rust
- rust-coverage
- upload-codecov
permissions:
contents: read
steps:
- name: Check job results
env:
NEEDS: ${{ toJSON(needs) }}
run: |
# Print status of all jobs
echo "$NEEDS" | jq -r 'to_entries[] | "\(.key): \(.value.result)"'
# Collect failed jobs
failed_jobs=$(echo "$NEEDS" | jq -r 'to_entries[] | select(.value.result != "success") | .key' | tr '\n' ' ')
if [ -n "$failed_jobs" ]; then
echo "::error::The following jobs failed:$failed_jobs"
exit 1
fi
echo "All required jobs passed successfully!"

2
.github/workflows/version-auto-bump.yml vendored
View File

@@ -31,7 +31,7 @@ jobs:
uses: bitwarden/gh-actions/azure-logout@main
- name: Generate GH App token
uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-token
with:
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}