diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 8c76d7329..bca64732e 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -34,6 +34,15 @@ .github/workflows/release-wasm.yml .github/workflows/version-bump.yml +## BRE & Platform teams shared ownership +.github/workflows/release-* @bitwarden/dept-bre @bitwarden/team-platform-dev + +# Platform team +.github/workflows/build-* @bitwarden/team-platform-dev +.github/workflows/version-bump.yml @bitwarden/team-platform-dev +crates/bitwarden-sm @bitwarden/team-platform-dev +crates/bws @bitwarden/team-platform-dev + # BRE Automations crates/bws/Cargo.toml crates/bws/scripts/install.ps1 diff --git a/.github/workflows/build-cli-docker.yml b/.github/workflows/build-cli-docker.yml index d01e81256..7bebd9a83 100644 --- a/.github/workflows/build-cli-docker.yml +++ b/.github/workflows/build-cli-docker.yml @@ -14,6 +14,10 @@ jobs: build-docker: name: Build Docker image runs-on: ubuntu-22.04 + permissions: + security-events: write + id-token: write + steps: - name: Checkout Repository uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 @@ -86,6 +90,7 @@ jobs: fi - name: Build and push Docker image + id: build-docker uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: context: . @@ -98,6 +103,36 @@ jobs: secrets: | "GH_PAT=${{ steps.retrieve-secret-pat.outputs.github-pat-bitwarden-devops-bot-repo-scope }}" + - name: Install Cosign + if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' + uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 + + - name: Sign image with Cosign + if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' + env: + DIGEST: ${{ steps.build-docker.outputs.digest }} + TAGS: ${{ steps.tag-list.outputs.tags }} + run: | + IFS="," read -a tags <<< "${TAGS}" + images="" + for tag in "${tags[@]}"; do + images+="${tag}@${DIGEST} " + done + cosign sign --yes ${images} + + - name: Scan Docker image + id: container-scan + uses: anchore/scan-action@5ed195cc06065322983cae4bb31e2a751feb86fd # v5.2.0 + with: + image: ${{ steps.tag-list.outputs.primary_tag }} + fail-build: false + output-format: sarif + + - name: Upload Grype results to GitHub + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 + with: + sarif_file: ${{ steps.container-scan.outputs.sarif }} + - name: Log out of Docker and disable Docker Notary if: ${{ env.is_publish_branch == 'true' }} run: | diff --git a/.github/workflows/build-cli.yml b/.github/workflows/build-cli.yml index c5177173e..0450a5148 100644 --- a/.github/workflows/build-cli.yml +++ b/.github/workflows/build-cli.yml @@ -58,7 +58,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable targets: ${{ matrix.settings.target }} @@ -147,7 +147,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable targets: ${{ matrix.settings.target }} @@ -261,7 +261,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable targets: ${{ matrix.settings.target }} @@ -409,7 +409,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable @@ -443,7 +443,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable diff --git a/.github/workflows/build-napi.yml b/.github/workflows/build-napi.yml index bd80ff9a5..09eb8ca76 100644 --- a/.github/workflows/build-napi.yml +++ b/.github/workflows/build-napi.yml @@ -60,7 +60,7 @@ jobs: cache-dependency-path: crates/bitwarden-napi/package-lock.json - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable targets: ${{ matrix.settings.target }} diff --git a/.github/workflows/build-python-wheels.yml b/.github/workflows/build-python-wheels.yml index 2ab5fa829..ad58d8701 100644 --- a/.github/workflows/build-python-wheels.yml +++ b/.github/workflows/build-python-wheels.yml @@ -70,7 +70,7 @@ jobs: node-version: 18 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable targets: ${{ matrix.settings.target }} diff --git a/.github/workflows/build-rust-crates.yml b/.github/workflows/build-rust-crates.yml index 8224eb496..a76fb5b60 100644 --- a/.github/workflows/build-rust-crates.yml +++ b/.github/workflows/build-rust-crates.yml @@ -32,7 +32,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable @@ -54,7 +54,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable diff --git a/.github/workflows/build-rust-cross-platform.yml b/.github/workflows/build-rust-cross-platform.yml index 102839f3a..1b3f8e093 100644 --- a/.github/workflows/build-rust-cross-platform.yml +++ b/.github/workflows/build-rust-cross-platform.yml @@ -41,7 +41,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable diff --git a/.github/workflows/build-wasm.yml b/.github/workflows/build-wasm.yml index 19e42854a..881321614 100644 --- a/.github/workflows/build-wasm.yml +++ b/.github/workflows/build-wasm.yml @@ -34,7 +34,7 @@ jobs: run: npm i -g binaryen - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: 1.81.0 targets: wasm32-unknown-unknown diff --git a/.github/workflows/direct-minimal-versions.yml b/.github/workflows/direct-minimal-versions.yml index 84d1ef817..5c7fdd705 100644 --- a/.github/workflows/direct-minimal-versions.yml +++ b/.github/workflows/direct-minimal-versions.yml @@ -38,7 +38,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: nightly targets: ${{ matrix.settings.target }} diff --git a/.github/workflows/generate_schemas.yml b/.github/workflows/generate_schemas.yml index e37b8d5f2..84b05aae7 100644 --- a/.github/workflows/generate_schemas.yml +++ b/.github/workflows/generate_schemas.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 8b3c0e267..8b2bc7c86 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -20,7 +20,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable diff --git a/.github/workflows/minimum-rust-version.yml b/.github/workflows/minimum-rust-version.yml index e685a8606..5eb7c39e7 100644 --- a/.github/workflows/minimum-rust-version.yml +++ b/.github/workflows/minimum-rust-version.yml @@ -29,7 +29,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: # Important: When updating this, make sure to update the Readme file # and also the `rust-version` field in all the `Cargo.toml`. diff --git a/.github/workflows/publish-bws.yml b/.github/workflows/publish-bws.yml index 0cfb08551..53fd9f67d 100644 --- a/.github/workflows/publish-bws.yml +++ b/.github/workflows/publish-bws.yml @@ -47,7 +47,7 @@ jobs: id: version-output run: | if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then - TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("bws")) | .tag_name' | head -1) + TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk-sm/releases" | jq -c '.[] | select(.tag_name | contains("bws")) | .tag_name' | head -1) VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+') echo "Latest Released Version: $VERSION" echo "version=$VERSION" >> $GITHUB_OUTPUT @@ -95,7 +95,7 @@ jobs: secrets: "cratesio-api-token" - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable @@ -115,7 +115,11 @@ jobs: publish-docker: name: Publish docker versioned and latest image runs-on: ubuntu-22.04 + permissions: + security-events: write + id-token: write needs: setup + steps: - name: Checkout uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 @@ -171,6 +175,7 @@ jobs: azure-keyvault-name: "bitwarden-ci" - name: Build and push Docker image + id: build-docker uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: context: . @@ -183,6 +188,34 @@ jobs: secrets: | "GH_PAT=${{ steps.retrieve-secret-pat.outputs.github-pat-bitwarden-devops-bot-repo-scope }}" + - name: Install Cosign + uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 + + - name: Sign image with Cosign + env: + DIGEST: ${{ steps.build-docker.outputs.digest }} + TAGS: ${{ steps.tag-list.outputs.tags }} + run: | + IFS="," read -a tags <<< "${TAGS}" + images="" + for tag in "${tags[@]}"; do + images+="${tag}@${DIGEST} " + done + cosign sign --yes ${images} + + - name: Scan Docker image + id: container-scan + uses: anchore/scan-action@5ed195cc06065322983cae4bb31e2a751feb86fd # v5.2.0 + with: + image: ${{ steps.tag-list.outputs.primary_tag }} + fail-build: false + output-format: sarif + + - name: Upload Grype results to GitHub + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 + with: + sarif_file: ${{ steps.container-scan.outputs.sarif }} + - name: Log out of Docker and disable Docker Notary if: ${{ inputs.release_type != 'Dry Run' }} run: | diff --git a/.github/workflows/publish-dotnet.yml b/.github/workflows/publish-dotnet.yml index 3522d6307..d7543846b 100644 --- a/.github/workflows/publish-dotnet.yml +++ b/.github/workflows/publish-dotnet.yml @@ -44,7 +44,7 @@ jobs: id: version-output run: | if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then - TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("dotnet")) | .tag_name' | head -1) + TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk-sm/releases" | jq -c '.[] | select(.tag_name | contains("dotnet")) | .tag_name' | head -1) VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+') echo "Latest Released Version: $VERSION" echo "version=$VERSION" >> $GITHUB_OUTPUT @@ -76,7 +76,7 @@ jobs: run: | mkdir -p nuget-output cd nuget-output - wget https://github.com/bitwarden/sdk/releases/download/dotnet-v${{ needs.validate.outputs.version }}/Bitwarden.Sdk.${{ needs.validate.outputs.version }}.nupkg + wget https://github.com/bitwarden/sdk-sm/releases/download/dotnet-v${{ needs.validate.outputs.version }}/Bitwarden.Sdk.${{ needs.validate.outputs.version }}.nupkg - name: Login to Azure - Prod Subscription uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 diff --git a/.github/workflows/publish-java.yml b/.github/workflows/publish-java.yml index 8461499a5..931698956 100644 --- a/.github/workflows/publish-java.yml +++ b/.github/workflows/publish-java.yml @@ -50,7 +50,7 @@ jobs: id: version-output run: | if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then - TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -rc '.[] | select(.tag_name | contains("java")) | .tag_name' | head -1) + TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk-sm/releases" | jq -rc '.[] | select(.tag_name | contains("java")) | .tag_name' | head -1) VERSION=$(echo $TAG_NAME | grep -oE '[0-9]+\.[0-9]+\.[0-9]+') echo "Latest Released Version: $VERSION" echo "version=$VERSION" >> $GITHUB_OUTPUT diff --git a/.github/workflows/publish-napi.yml b/.github/workflows/publish-napi.yml index 4009af6b6..3761f5318 100644 --- a/.github/workflows/publish-napi.yml +++ b/.github/workflows/publish-napi.yml @@ -46,7 +46,7 @@ jobs: id: version-output run: | if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then - TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("napi")) | .tag_name' | head -1) + TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk-sm/releases" | jq -c '.[] | select(.tag_name | contains("napi")) | .tag_name' | head -1) VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+') echo "Latest Released Version: $VERSION" echo "version=$VERSION" >> $GITHUB_OUTPUT @@ -91,7 +91,7 @@ jobs: - name: Download schemas.ts artifact run: | - wget https://github.com/bitwarden/sdk/releases/download/napi-v${{ env._PKG_VERSION }}/schemas.ts + wget https://github.com/bitwarden/sdk-sm/releases/download/napi-v${{ env._PKG_VERSION }}/schemas.ts mv schemas.ts ${{ github.workspace }}/crates/bitwarden-napi/src-ts/bitwarden_client/schemas.ts - name: Install dependencies @@ -114,10 +114,10 @@ jobs: - name: Download sdk-napi artifacts run: | - wget https://github.com/bitwarden/sdk/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.darwin-arm64.node - wget https://github.com/bitwarden/sdk/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.darwin-x64.node - wget https://github.com/bitwarden/sdk/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.win32-x64-msvc.node - wget https://github.com/bitwarden/sdk/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.linux-x64-gnu.node + wget https://github.com/bitwarden/sdk-sm/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.darwin-arm64.node + wget https://github.com/bitwarden/sdk-sm/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.darwin-x64.node + wget https://github.com/bitwarden/sdk-sm/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.win32-x64-msvc.node + wget https://github.com/bitwarden/sdk-sm/releases/download/napi-v${{ env._PKG_VERSION }}/sdk-napi.linux-x64-gnu.node mv sdk-napi.*.node ${{ github.workspace }}/crates/bitwarden-napi/artifacts - name: Move artifacts diff --git a/.github/workflows/publish-python.yml b/.github/workflows/publish-python.yml index 7a4c6d071..2c934cac6 100644 --- a/.github/workflows/publish-python.yml +++ b/.github/workflows/publish-python.yml @@ -46,7 +46,7 @@ jobs: id: version-output run: | if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then - TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("python")) | .tag_name' | head -1) + TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk-sm/releases" | jq -c '.[] | select(.tag_name | contains("python")) | .tag_name' | head -1) VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+') echo "Latest Released Version: $VERSION" echo "version=$VERSION" >> $GITHUB_OUTPUT @@ -79,7 +79,7 @@ jobs: - name: Get release assets working-directory: ${{ github.workspace }}/target/wheels/dist run: | - ARTIFACT_URLS=$(curl -sSL https://api.github.com/repos/bitwarden/sdk/releases/tags/${{ needs.setup.outputs.tag_name }} | jq -r '.assets[].browser_download_url') + ARTIFACT_URLS=$(curl -sSL https://api.github.com/repos/bitwarden/sdk-sm/releases/tags/${{ needs.setup.outputs.tag_name }} | jq -r '.assets[].browser_download_url') for url in $ARTIFACT_URLS; do wget $url done diff --git a/.github/workflows/publish-ruby.yml b/.github/workflows/publish-ruby.yml index 114f910cd..edbf23bca 100644 --- a/.github/workflows/publish-ruby.yml +++ b/.github/workflows/publish-ruby.yml @@ -46,7 +46,7 @@ jobs: id: version-output run: | if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then - TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("ruby")) | .tag_name' | head -1) + TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk-sm/releases" | jq -c '.[] | select(.tag_name | contains("ruby")) | .tag_name' | head -1) VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+') echo "Latest Released Version: $VERSION" echo "version=$VERSION" >> $GITHUB_OUTPUT @@ -95,7 +95,7 @@ jobs: secrets: "rubygem-api-key" - name: Download ruby artifact - run: wget https://github.com/bitwarden/sdk/releases/download/ruby-v${{ env._VERSION }}/bitwarden-sdk-secrets-${{ env._VERSION }}.gem + run: wget https://github.com/bitwarden/sdk-sm/releases/download/ruby-v${{ env._VERSION }}/bitwarden-sdk-secrets-${{ env._VERSION }}.gem - name: Push gem to Rubygems if: ${{ inputs.release_type != 'Dry Run' }} diff --git a/.github/workflows/publish-rust-crates.yml b/.github/workflows/publish-rust-crates.yml index 0d9789062..78deb2ae5 100644 --- a/.github/workflows/publish-rust-crates.yml +++ b/.github/workflows/publish-rust-crates.yml @@ -44,7 +44,7 @@ jobs: id: version-output run: | if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then - TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("rust")) | .tag_name' | head -1) + TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk-sm/releases" | jq -c '.[] | select(.tag_name | contains("rust")) | .tag_name' | head -1) VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+') echo "Latest Released Version: $VERSION" echo "version=$VERSION" >> $GITHUB_OUTPUT @@ -79,7 +79,7 @@ jobs: secrets: "cratesio-api-token" - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable diff --git a/.github/workflows/publish-wasm.yml b/.github/workflows/publish-wasm.yml index b0f53b3d4..8da55fe3f 100644 --- a/.github/workflows/publish-wasm.yml +++ b/.github/workflows/publish-wasm.yml @@ -46,7 +46,7 @@ jobs: id: version-output run: | if [[ "${{ inputs.version }}" == "latest" || "${{ inputs.version }}" == "" ]]; then - TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk/releases" | jq -c '.[] | select(.tag_name | contains("napi")) | .tag_name' | head -1) + TAG_NAME=$(curl "https://api.github.com/repos/bitwarden/sdk-sm/releases" | jq -c '.[] | select(.tag_name | contains("napi")) | .tag_name' | head -1) VERSION=$(echo $TAG_NAME | grep -ohE '20[0-9]{2}\.([1-9]|1[0-2])\.[0-9]+') echo "Latest Released Version: $VERSION" echo "version=$VERSION" >> $GITHUB_OUTPUT @@ -91,7 +91,7 @@ jobs: - name: Download artifact run: | cd ${{ github.workspace }}/languages/js/wasm - wget https://github.com/bitwarden/sdk/releases/download/wasm-v${{ env._VERSION }}/sdk-bitwarden-wasm.zip + wget https://github.com/bitwarden/sdk-sm/releases/download/wasm-v${{ env._VERSION }}/sdk-bitwarden-wasm.zip unzip sdk-bitwarden-wasm.zip rm sdk-bitwarden-wasm.zip diff --git a/.github/workflows/rust-test.yml b/.github/workflows/rust-test.yml index db4394694..bfe841a4d 100644 --- a/.github/workflows/rust-test.yml +++ b/.github/workflows/rust-test.yml @@ -37,7 +37,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable @@ -57,7 +57,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable components: llvm-tools @@ -86,7 +86,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable targets: wasm32-unknown-unknown diff --git a/.github/workflows/rustdoc.yml b/.github/workflows/rustdoc.yml index 1e08f4198..699f1ead1 100644 --- a/.github/workflows/rustdoc.yml +++ b/.github/workflows/rustdoc.yml @@ -23,7 +23,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: nightly diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index 89fe4a337..adc1cb612 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -66,7 +66,7 @@ jobs: ref: ${{ github.event.pull_request.head.sha }} - name: Scan with SonarCloud - uses: sonarsource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838 # v3.1.0 + uses: sonarsource/sonarcloud-github-action@02ef91109b2d589e757aefcfb2854c2783fd7b19 # v4.0.0 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index ecc9ce059..27fbc1c8d 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -33,7 +33,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Install rust - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # stable + uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa # stable with: toolchain: stable @@ -61,7 +61,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: main - repository: bitwarden/sdk + repository: bitwarden/sdk-sm - name: Import GPG key uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0 diff --git a/Cargo.toml b/Cargo.toml index b17e20d2b..c5050cc0a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -11,7 +11,7 @@ edition = "2021" # Note: Changing rust-version should be considered a breaking change rust-version = "1.75" homepage = "https://bitwarden.com" -repository = "https://github.com/bitwarden/sdk" +repository = "https://github.com/bitwarden/sdk-sm" license-file = "LICENSE" keywords = ["bitwarden"] diff --git a/LICENSE b/LICENSE index e9d496ff7..1714fe8ac 100644 --- a/LICENSE +++ b/LICENSE @@ -5,7 +5,7 @@ Version 1, 17 March 2023 1.1 The Bitwarden Software Development Kit (referred to in the License Agreement as the "SDK" and available for download at the following URL -https://github.com/bitwarden/sdk) is licensed to you subject to the terms of +https://github.com/bitwarden/sdk-sm) is licensed to you subject to the terms of this License Agreement. The License Agreement forms a legally binding contract between you and the Company in relation to your use of the SDK. diff --git a/about.toml b/about.toml index bd56148af..e3efa2870 100644 --- a/about.toml +++ b/about.toml @@ -11,6 +11,6 @@ accepted = [ "OpenSSL", ] -# Ring has all the licenses combined into a single file, which causes cargo about to +# Ring has all the licenses combined into a single file, which causes cargo about to # be confused about it. Thankfully it includes a workaround for this that we can enable. workarounds = ["ring"] diff --git a/crates/bitwarden-napi/npm/darwin-arm64/LICENSE b/crates/bitwarden-napi/npm/darwin-arm64/LICENSE index e9d496ff7..1714fe8ac 100644 --- a/crates/bitwarden-napi/npm/darwin-arm64/LICENSE +++ b/crates/bitwarden-napi/npm/darwin-arm64/LICENSE @@ -5,7 +5,7 @@ Version 1, 17 March 2023 1.1 The Bitwarden Software Development Kit (referred to in the License Agreement as the "SDK" and available for download at the following URL -https://github.com/bitwarden/sdk) is licensed to you subject to the terms of +https://github.com/bitwarden/sdk-sm) is licensed to you subject to the terms of this License Agreement. The License Agreement forms a legally binding contract between you and the Company in relation to your use of the SDK. diff --git a/crates/bitwarden-napi/npm/darwin-arm64/package.json b/crates/bitwarden-napi/npm/darwin-arm64/package.json index 88e3122c5..b582bf264 100644 --- a/crates/bitwarden-napi/npm/darwin-arm64/package.json +++ b/crates/bitwarden-napi/npm/darwin-arm64/package.json @@ -1,13 +1,13 @@ { "name": "@bitwarden/sdk-napi-darwin-arm64", "version": "1.0.0", - "homepage": "https://github.com/bitwarden/sdk#readme", + "homepage": "https://github.com/bitwarden/sdk-sm#readme", "bugs": { - "url": "https://github.com/bitwarden/sdk/issues" + "url": "https://github.com/bitwarden/sdk-sm/issues" }, "repository": { "type": "git", - "url": "git+https://github.com/bitwarden/sdk.git" + "url": "git+https://github.com/bitwarden/sdk-sm.git" }, "license": "SEE LICENSE IN LICENSE", "author": "Bitwarden Inc. (https://bitwarden.com)", diff --git a/crates/bitwarden-napi/npm/darwin-x64/LICENSE b/crates/bitwarden-napi/npm/darwin-x64/LICENSE index e9d496ff7..1714fe8ac 100644 --- a/crates/bitwarden-napi/npm/darwin-x64/LICENSE +++ b/crates/bitwarden-napi/npm/darwin-x64/LICENSE @@ -5,7 +5,7 @@ Version 1, 17 March 2023 1.1 The Bitwarden Software Development Kit (referred to in the License Agreement as the "SDK" and available for download at the following URL -https://github.com/bitwarden/sdk) is licensed to you subject to the terms of +https://github.com/bitwarden/sdk-sm) is licensed to you subject to the terms of this License Agreement. The License Agreement forms a legally binding contract between you and the Company in relation to your use of the SDK. diff --git a/crates/bitwarden-napi/npm/darwin-x64/package.json b/crates/bitwarden-napi/npm/darwin-x64/package.json index 4650654ce..934a12514 100644 --- a/crates/bitwarden-napi/npm/darwin-x64/package.json +++ b/crates/bitwarden-napi/npm/darwin-x64/package.json @@ -1,13 +1,13 @@ { "name": "@bitwarden/sdk-napi-darwin-x64", "version": "1.0.0", - "homepage": "https://github.com/bitwarden/sdk#readme", + "homepage": "https://github.com/bitwarden/sdk-sm#readme", "bugs": { - "url": "https://github.com/bitwarden/sdk/issues" + "url": "https://github.com/bitwarden/sdk-sm/issues" }, "repository": { "type": "git", - "url": "git+https://github.com/bitwarden/sdk.git" + "url": "git+https://github.com/bitwarden/sdk-sm.git" }, "license": "SEE LICENSE IN LICENSE", "author": "Bitwarden Inc. (https://bitwarden.com)", diff --git a/crates/bitwarden-napi/npm/linux-x64-gnu/LICENSE b/crates/bitwarden-napi/npm/linux-x64-gnu/LICENSE index e9d496ff7..1714fe8ac 100644 --- a/crates/bitwarden-napi/npm/linux-x64-gnu/LICENSE +++ b/crates/bitwarden-napi/npm/linux-x64-gnu/LICENSE @@ -5,7 +5,7 @@ Version 1, 17 March 2023 1.1 The Bitwarden Software Development Kit (referred to in the License Agreement as the "SDK" and available for download at the following URL -https://github.com/bitwarden/sdk) is licensed to you subject to the terms of +https://github.com/bitwarden/sdk-sm) is licensed to you subject to the terms of this License Agreement. The License Agreement forms a legally binding contract between you and the Company in relation to your use of the SDK. diff --git a/crates/bitwarden-napi/npm/linux-x64-gnu/package.json b/crates/bitwarden-napi/npm/linux-x64-gnu/package.json index ed3b62f80..441faae9e 100644 --- a/crates/bitwarden-napi/npm/linux-x64-gnu/package.json +++ b/crates/bitwarden-napi/npm/linux-x64-gnu/package.json @@ -1,13 +1,13 @@ { "name": "@bitwarden/sdk-napi-linux-x64-gnu", "version": "1.0.0", - "homepage": "https://github.com/bitwarden/sdk#readme", + "homepage": "https://github.com/bitwarden/sdk-sm#readme", "bugs": { - "url": "https://github.com/bitwarden/sdk/issues" + "url": "https://github.com/bitwarden/sdk-sm/issues" }, "repository": { "type": "git", - "url": "git+https://github.com/bitwarden/sdk.git" + "url": "git+https://github.com/bitwarden/sdk-sm.git" }, "license": "SEE LICENSE IN LICENSE", "author": "Bitwarden Inc. (https://bitwarden.com)", diff --git a/crates/bitwarden-napi/npm/win32-x64-msvc/LICENSE b/crates/bitwarden-napi/npm/win32-x64-msvc/LICENSE index e9d496ff7..1714fe8ac 100644 --- a/crates/bitwarden-napi/npm/win32-x64-msvc/LICENSE +++ b/crates/bitwarden-napi/npm/win32-x64-msvc/LICENSE @@ -5,7 +5,7 @@ Version 1, 17 March 2023 1.1 The Bitwarden Software Development Kit (referred to in the License Agreement as the "SDK" and available for download at the following URL -https://github.com/bitwarden/sdk) is licensed to you subject to the terms of +https://github.com/bitwarden/sdk-sm) is licensed to you subject to the terms of this License Agreement. The License Agreement forms a legally binding contract between you and the Company in relation to your use of the SDK. diff --git a/crates/bitwarden-napi/npm/win32-x64-msvc/package.json b/crates/bitwarden-napi/npm/win32-x64-msvc/package.json index 5b2a93121..98b7c3ebf 100644 --- a/crates/bitwarden-napi/npm/win32-x64-msvc/package.json +++ b/crates/bitwarden-napi/npm/win32-x64-msvc/package.json @@ -1,13 +1,13 @@ { "name": "@bitwarden/sdk-napi-win32-x64-msvc", "version": "1.0.0", - "homepage": "https://github.com/bitwarden/sdk#readme", + "homepage": "https://github.com/bitwarden/sdk-sm#readme", "bugs": { - "url": "https://github.com/bitwarden/sdk/issues" + "url": "https://github.com/bitwarden/sdk-sm/issues" }, "repository": { "type": "git", - "url": "git+https://github.com/bitwarden/sdk.git" + "url": "git+https://github.com/bitwarden/sdk-sm.git" }, "license": "SEE LICENSE IN LICENSE", "author": "Bitwarden Inc. (https://bitwarden.com)", diff --git a/crates/bitwarden-napi/package.json b/crates/bitwarden-napi/package.json index 31cee632b..eec3579cf 100644 --- a/crates/bitwarden-napi/package.json +++ b/crates/bitwarden-napi/package.json @@ -1,13 +1,13 @@ { "name": "@bitwarden/sdk-napi", "version": "1.0.0", - "homepage": "https://github.com/bitwarden/sdk#readme", + "homepage": "https://github.com/bitwarden/sdk-sm#readme", "bugs": { - "url": "https://github.com/bitwarden/sdk/issues" + "url": "https://github.com/bitwarden/sdk-sm/issues" }, "repository": { "type": "git", - "url": "git+https://github.com/bitwarden/sdk.git" + "url": "git+https://github.com/bitwarden/sdk-sm.git" }, "license": "SEE LICENSE IN LICENSE", "author": "Bitwarden Inc. (https://bitwarden.com)", diff --git a/crates/bws/README.md b/crates/bws/README.md index 524a168ad..7a29baf2b 100644 --- a/crates/bws/README.md +++ b/crates/bws/README.md @@ -28,7 +28,7 @@ the `bws` binary and the configuration directory (`~/.bws`). ### GitHub Releases (Manual) -Download a pre-built binary from the [Releases](https://github.com/bitwarden/sdk/releases) page. +Download a pre-built binary from the [Releases](https://github.com/bitwarden/sdk-sm/releases) page. ## Usage diff --git a/crates/bws/scripts/install.ps1 b/crates/bws/scripts/install.ps1 index daa5cf9d1..70a889dc9 100755 --- a/crates/bws/scripts/install.ps1 +++ b/crates/bws/scripts/install.ps1 @@ -32,7 +32,7 @@ function Test-BwsInstallation { function Invoke-BwsDownload { Write-Host "Detected architecture: $arch" - $bwsUrl = "https://github.com/bitwarden/sdk/releases/download/bws-v$bwsVersion/bws-$arch-pc-windows-msvc-$bwsVersion.zip" + $bwsUrl = "https://github.com/bitwarden/sdk-sm/releases/download/bws-v$bwsVersion/bws-$arch-pc-windows-msvc-$bwsVersion.zip" Write-Host "Downloading bws from: $bwsUrl" $outputPath = Join-Path $env:TEMP "bws.zip" Invoke-WebRequest -Uri $bwsUrl -OutFile $outputPath @@ -43,7 +43,7 @@ function Test-Checksum { param($zipPath) Write-Host "Validating checksum..." - $checksumUrl = "https://github.com/bitwarden/sdk/releases/download/bws-v$bwsVersion/bws-sha256-checksums-$bwsVersion.txt" + $checksumUrl = "https://github.com/bitwarden/sdk-sm/releases/download/bws-v$bwsVersion/bws-sha256-checksums-$bwsVersion.txt" $checksumFile = Join-Path $env:TEMP "bws-checksums.txt" Invoke-WebRequest -Uri $checksumUrl -OutFile $checksumFile diff --git a/crates/bws/scripts/install.sh b/crates/bws/scripts/install.sh index 6cd7fe01f..00d500152 100755 --- a/crates/bws/scripts/install.sh +++ b/crates/bws/scripts/install.sh @@ -99,14 +99,14 @@ extract() { } download_bws() { - bws_url="https://github.com/bitwarden/sdk/releases/download/bws-v${BWS_VERSION}/bws-${ARCH}-${PLATFORM}-${BWS_VERSION}.zip" + bws_url="https://github.com/bitwarden/sdk-sm/releases/download/bws-v${BWS_VERSION}/bws-${ARCH}-${PLATFORM}-${BWS_VERSION}.zip" echo "Downloading bws from: $bws_url" tmp_dir="$(mktemp -d)" downloader "$bws_url" "$tmp_dir/bws.zip" } validate_checksum() { - checksum_url="https://github.com/bitwarden/sdk/releases/download/bws-v${BWS_VERSION}/bws-sha256-checksums-${BWS_VERSION}.txt" + checksum_url="https://github.com/bitwarden/sdk-sm/releases/download/bws-v${BWS_VERSION}/bws-sha256-checksums-${BWS_VERSION}.txt" echo "Downloading checksum file from: $checksum_url" checksum_file="$tmp_dir/bws-checksums.txt" downloader "$checksum_url" "$checksum_file" diff --git a/languages/cpp/vcpkg.json b/languages/cpp/vcpkg.json index 8e5b968b9..01eb664c5 100644 --- a/languages/cpp/vcpkg.json +++ b/languages/cpp/vcpkg.json @@ -1,7 +1,7 @@ { "name": "bitwarden-sdk-secrets", "version": "0.1.0", - "homepage": "https://github.com/bitwarden/sdk/tree/languages/cpp", + "homepage": "https://github.com/bitwarden/sdk-sm/tree/languages/cpp", "description": "Bitwarden Secrets Manager SDK for C++", "dependencies": [ "boost-uuid", diff --git a/languages/csharp/Bitwarden.Sdk/Bitwarden.Sdk.csproj b/languages/csharp/Bitwarden.Sdk/Bitwarden.Sdk.csproj index a7c82e4b5..20ba35234 100644 --- a/languages/csharp/Bitwarden.Sdk/Bitwarden.Sdk.csproj +++ b/languages/csharp/Bitwarden.Sdk/Bitwarden.Sdk.csproj @@ -12,7 +12,7 @@ Bitwarden Inc. SDK - https://github.com/bitwarden/sdk/tree/main/languages/csharp + https://github.com/bitwarden/sdk-sm/tree/main/languages/csharp Git https://bitwarden.com/products/secrets-manager/ diff --git a/languages/csharp/LICENSE.txt b/languages/csharp/LICENSE.txt index e9d496ff7..1714fe8ac 100644 --- a/languages/csharp/LICENSE.txt +++ b/languages/csharp/LICENSE.txt @@ -5,7 +5,7 @@ Version 1, 17 March 2023 1.1 The Bitwarden Software Development Kit (referred to in the License Agreement as the "SDK" and available for download at the following URL -https://github.com/bitwarden/sdk) is licensed to you subject to the terms of +https://github.com/bitwarden/sdk-sm) is licensed to you subject to the terms of this License Agreement. The License Agreement forms a legally binding contract between you and the Company in relation to your use of the SDK. diff --git a/languages/java/build.gradle b/languages/java/build.gradle index 7e98de1de..12786f46a 100644 --- a/languages/java/build.gradle +++ b/languages/java/build.gradle @@ -44,7 +44,7 @@ repositories { repositories { maven { name = "GitHubPackages" - url = "https://maven.pkg.github.com/bitwarden/sdk" + url = "https://maven.pkg.github.com/bitwarden/sdk-sm" credentials { username = System.getenv("GITHUB_ACTOR") password = System.getenv("GITHUB_TOKEN") diff --git a/languages/php/composer.json b/languages/php/composer.json index 6df44ed0b..e23890b0f 100644 --- a/languages/php/composer.json +++ b/languages/php/composer.json @@ -3,7 +3,7 @@ "description": "PHP bindings for interacting with the Bitwarden Secrets Manager. This is a beta release and might be missing some functionality.", "type": "library", "keywords": ["bitwarden","sdk","password-manager"], - "homepage": "https://github.com/bitwarden/sdk", + "homepage": "https://github.com/bitwarden/sdk-sm", "version": "1.0.0", "require": { "php": "^8.0", diff --git a/languages/ruby/bitwarden_sdk_secrets/bitwarden-sdk-secrets.gemspec b/languages/ruby/bitwarden_sdk_secrets/bitwarden-sdk-secrets.gemspec index 457e60a3e..6f8f0861c 100644 --- a/languages/ruby/bitwarden_sdk_secrets/bitwarden-sdk-secrets.gemspec +++ b/languages/ruby/bitwarden_sdk_secrets/bitwarden-sdk-secrets.gemspec @@ -14,8 +14,8 @@ Gem::Specification.new do |spec| spec.required_ruby_version = '>= 3.0.0' spec.metadata['homepage_uri'] = spec.homepage - spec.metadata['source_code_uri'] = 'https://github.com/bitwarden/sdk' - spec.metadata['changelog_uri'] = 'https://github.com/bitwarden/sdk/blob/main/languages/ruby/CHANGELOG.md' + spec.metadata['source_code_uri'] = 'https://github.com/bitwarden/sdk-sm' + spec.metadata['changelog_uri'] = 'https://github.com/bitwarden/sdk-sm/blob/main/languages/ruby/CHANGELOG.md' # Specify which files should be added to the gem when it is released. # The `git ls-files -z` loads the files in the RubyGem that have been added into git. diff --git a/package.json b/package.json index 0553d5829..66da3b9b6 100644 --- a/package.json +++ b/package.json @@ -2,13 +2,13 @@ "name": "@bitwarden/sdk", "version": "0.0.0", "description": "", - "homepage": "https://github.com/bitwarden/sdk#readme", + "homepage": "https://github.com/bitwarden/sdk-sm#readme", "bugs": { - "url": "https://github.com/bitwarden/sdk/issues" + "url": "https://github.com/bitwarden/sdk-sm/issues" }, "repository": { "type": "git", - "url": "git+https://github.com/bitwarden/sdk.git" + "url": "git+https://github.com/bitwarden/sdk-sm.git" }, "license": "SEE LICENSE IN LICENSE", "author": "Bitwarden Inc. (https://bitwarden.com)",