[pull] main from dani-garcia:main #64
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As mentioned in #3111, using a very very large vault causes some issues. Mainly because of a SQLite limit, but, it could also cause issue on MariaDB/MySQL or PostgreSQL. It also uses a lot of memory, and memory allocations. This PR solves this by removing the need of all the cipher_uuid's just to gather the correct attachments. It will use the user_uuid and org_uuid's to get all attachments linked to both, weither the user has access to them or not. This isn't an issue, since the matching is done per cipher and the attachment data is only returned if there is a matching cipher to where the user has access to. I also modified some code to be able to use `::with_capacity(n)` where possible. This prevents re-allocations if the `Vec` increases size, which will happen a lot if there are a lot of ciphers. According to my tests measuring the time it takes to sync, it seems to have lowered the duration a bit more. Fixes #3111
The Organization member overview supports showing an icon if the user has MFA enabled or not. This PR adds this feature. This is very useful if you want to enable force mfa for example.
The new web-vault v2023.1.0 supports a custom color for the avatar. bitwarden/server#2330 This PR adds this feature.
This PR sets Rust to v1.66.1 to fix a CVE. https://blog.rust-lang.org/2023/01/10/cve-2022-46176.html https://blog.rust-lang.org/2023/01/10/Rust-1.66.1.html Also updated some packages while at it.
The Organization member overview supports showing an icon if the user has MFA enabled or not. This PR adds this feature. This is very useful if you want to enable force mfa for example.
The Organization member overview supports showing an icon if the user has MFA enabled or not. This PR adds this feature. This is very useful if you want to enable force mfa for example.
This PR sets Rust to v1.66.1 to fix a CVE. https://blog.rust-lang.org/2023/01/10/cve-2022-46176.html https://blog.rust-lang.org/2023/01/10/Rust-1.66.1.html Also updated some packages while at it.
Update Rust, MSRV and Crates
Merge ClientIp with Headers.
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
- Added support for Quay.io - Added support for GHCR.io To enable support for these container image registries the following needs to be added. As `Actions secrets and variables` - `Secrets` - `DOCKERHUB_TOKEN` and `DOCKERHUB_USERNAME` - `QUAY_TOKEN` and `QUAY_USERNAME` As `Actions secrets and variables` - `Variables` - `Repository Variables` - `DOCKERHUB_REPO` - `GHCR_REPO` - `QUAY_REPO` The `DOCKERHUB_REPO` currently configured in `Secrets` can be removed if wanted, probably best after this PR has been merged. If one of the vars/secrets are not configured it will skip that specific registry!
add endpoints to bulk delete collections/groups
Add support for Quay.io and GHCR.io as registries
- Updated workflows to use new checkout version This probably fixes the curl download for hadolint also. - Updated crates including Rocket to the latest rc3 :party: - Applied 2 nightly clippy lints to prevent future clippy issues.
Some small fixes and updates
The clients end up removing the padding characters [1][2]. [1] https://github.com/bitwarden/clients/blob/web-v2023.3.0/libs/common/src/misc/utils.ts#L141-L143 [2] https://github.com/bitwarden/mobile/blob/v2023.3.1/src/Core/Utilities/CoreHelpers.cs#L227-L234
Decode knowndevice `X-Request-Email` as base64url with no padding
There was used a wrong macro to produce an error message when mailing the user his password was reset failed. It was using `error!()` which does not return an `Err` and aborts the rest of the code. This resulted in the users password still being resetted, but not being notified. This PR fixes this by using `err!()`. Also, do not set the user object as mutable until it really is needed. Second, when a user was using the new Argon2id KDF with custom values like memory and parallelism, that would have rendered the password incorrect. The endpoint which should return all the data did not returned all the new Argon2id values. Fixes #3388 Co-authored-by: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com>
the client will ignore the value of theses fields in case of `PBKDF2` (whether they are unset or left from trying out `Argon2id` as KDF). with `Argon2id` those fields should never be `null` but always in a valid state. if they are `null` (how would that even happen?) the client still assumes default values for `Argon2id` (i.e. m=64 and p=4) and if they are set to something else login will fail anyway.
when changing back from argon2id to PBKDF2 the unused parameters should be set to 0. also fix small bug in _register
Fix abort on pw reset mail error
- Revert #3170 as discussed in #3387 In hindsight it's better to not have this feature - Update Dockerfile.j2 for easy version changes. Just change it in one place instead of multiple - Updated to Rust to latest patched version - Updated crates to latest available - Pinned mimalloc to an older version, as it breaks on musl builds
…dpoint support `/users/<uuid>/invite/resend` admin api
…allelism always return KdfMemory and KdfParallelism
For some reason I encountered a strange bug which resulted in sending out multiple websocket notifications for the exact same user. Added a `distinct()` for the query to filter out multiple uuid's.
Fix sending out multiple websocket notifications
Revert setcap, update rust and crates
Ping-timeout
added a commit
that referenced
this pull request
Apr 3, 2023
This reverts commit ade3859.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )