* Add new workflow.
* Workflow lints
* More security fixes.
* Claude feedback.
* Don't make empty commit.
* Update job name.
* Updated node version check.
* Print environments.
* Addressed PR feedback.
* Removed concept of distingushing downgrade.
* Updated to reference specific run_id if triggered by one.
* Addressed Claude feedback.
Building upon the prior SSH agent v2 commits, this PR introduces the high level interfaces between the napi layer, the agent, and the underlying server.
Two traits are defined to act as abstraction layers:
AuthPolicy allows the underlying server to externally request authorization to complete the various ssh operation requests it receives. The implementation of this in the BitwardenSshAgent is effectively the agent's business logic, and has unit tests accordingly.
ApprovalRequester allows the agent to externally request approval for those authorization requests.
These interfaces allow better unit test-ability and integration test-ability, and additionally are context-independent from each other; meaning the ssh agent server doesn't know about vault items, or that there is an electron app at all. Similarly, the agent knows it needs to request approval, but it doesn't have to be from an Electron app.
Co-authored-by: Bernd Schoolmann <mail@quexten.com>
* add release channel for snap, defaulted to stable, add download for arm64 variant, add upload for arm, make channel a variable we can pass
* temporarily comment out amd publish to resolve duplicate rejection error
* restore branch check, uncomment amd64 line
NAPI modules are all in one file. We use nested modules to define types within TypeScript namespaces, and NAPI requires nested modules to be inline due to rust proc-macro limitations.
However, we can still split these into multiple files and repeat the nested module name for the namespace.
This will improve the ability to set code ownership and navigate the data.
This PR splits the NAPI module files without further modification and assigns code ownership to @bitwarden/team-autofill-desktop-dev for the autofill, autotype and sshagent modules. I verified locally that the generated index.d.ts file does not change at all with this PR; all types are generated exactly the same.
* fix: add support for overriding commercial SDK
* fix: only download commercial when needed
* fix: only download OSS SDK for OSS builds and commercial SDK for commercial builds
Previously, the OSS sdk-internal was downloaded and linked for all
build types including commercial, which is wasteful. Now each build
type only downloads the SDK artifact it needs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* revert: changes to build-desktop.yml
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
`actions/create-github-app-token` breaks test-browser-interactions.yml
if updated past v2.0.3 according to Autofill. This PR will pin the
verison untill the team can look into the issue.
* [deps]: Update Minor github-actions updates
* Revert bump of create-github-app-token for test-browser-interactions.yml
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* [deps] Vault: Update @koa/router to v15
* update router imports from `@koa/router`
* remove `@types/koa__router` no longer needed with update to `@koa/router`
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Nick Krantz <125900171+nick-livefront@users.noreply.github.com>
Co-authored-by: Nick Krantz <nick@livefront.com>
* Create a subfolder for platform-owned connectors and ensure it's included in the web builds
* Add platform as codeowner of apps/web/src/connectors/platform
* Create proxy-cookie-redirect connector
* Create section within CODEOWNERS for Web connectors
* Swap order of codeowners
* Use kebap-style route
* Update url to redirect to
* Add override to test locally
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Fix file list
* Add ddg-alert-files-list branch to test PR triggers
* Update branches for pull request trigger
Restrict pull request monitoring to the main branch only.
* [deps]: Update Minor github-actions updates
* Revert update of actions/create-github-app-token in test-browser-interactions.yml
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>