Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SM-1237 Part 2] Add BitwardenClientInterface and Update cgo Flags #792

Merged
merged 5 commits into from
May 26, 2024
Merged

[SM-1237 Part 2] Add BitwardenClientInterface and Update cgo Flags #792

merged 5 commits into from
May 26, 2024

Conversation

coltonhurst
Copy link
Member

@coltonhurst coltonhurst commented May 20, 2024
edited
Loading

Type of change

  • Bug fix
  • New feature development
  • Tech debt (refactoring, code cleanup, dependency upgrades, etc)
  • Build/deploy pipeline (DevOps)
  • Other

Objective

Description

Add the BitwardenClientInterface and related functions which will be used in integrations for mocks / testing. Update the cgo flags for multi-platform support via static linking.

Note

The -L /usr/local/lib -L /usr/lib locations were removed from the cgo lines. They only apply to Mac & Linux, and we are only currently supporting static linking. If anyone is opposed to removing these please let me know, I figure we can add them back if we want to support dynamic linking in the future.

Before you submit

  • Please add unit tests where it makes sense to do so

@coltonhurst coltonhurst self-assigned this May 20, 2024
@coltonhurst coltonhurst requested review from Hinton, dani-garcia and a team May 20, 2024 20:51
@coltonhurst coltonhurst marked this pull request as ready for review May 20, 2024 20:51
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented May 20, 2024
edited
Loading

Logo
Checkmarx One – Scan Summary & Details7d0c58db-375c-4a4b-b2c3-4f62d08ba8c2

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Privacy_Violation /languages/go/example/example.go: 103 Attack Vector

Fixed Issues

Severity Issue Source File / Package
HIGH Command_Injection /languages/python/example.py: 66
HIGH Command_Injection /languages/python/example.py: 35
HIGH Reflected_XSS /languages/kotlin/app/src/main/java/com/bitwarden/myapplication/MainActivity.kt: 379
MEDIUM Denial_Of_Service_Resource_Exhaustion /languages/go/example/example.go: 15
MEDIUM Denial_Of_Service_Resource_Exhaustion /languages/go/example/example.go: 16
MEDIUM Denial_Of_Service_Resource_Exhaustion /languages/go/example/example.go: 21
MEDIUM Missing_HSTS_Header /languages/php/example.php: 3
MEDIUM Parameter_Tampering /languages/kotlin/app/src/main/java/com/bitwarden/myapplication/MainActivity.kt: 379
MEDIUM Privacy_Violation /languages/go/example/example.go: 103
MEDIUM Privacy_Violation /languages/go/example/example.go: 103
MEDIUM Privacy_Violation /languages/java/Example.java: 12
MEDIUM Privacy_Violation /languages/java/src/main/java/com/bitwarden/sdk/SecretsClient.java: 40
MEDIUM Privacy_Violation /languages/java/Example.java: 13
MEDIUM Unchecked_Input_for_Loop_Condition /languages/kotlin/app/src/main/java/com/bitwarden/myapplication/MainActivity.kt: 379
LOW Missing_CSP_Header /about.hbs: 48
LOW Use_of_Hardcoded_Password /languages/kotlin/app/src/main/java/com/bitwarden/myapplication/MainActivity.kt: 73

@codecov Codecov
Copy link

codecov bot commented May 20, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 57.96%. Comparing base (0ca7dc4) to head (60dd2ab).
Report is 2 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #792   +/-   ##
=======================================
  Coverage   57.96%   57.96%           
=======================================
  Files         179      179           
  Lines       11652    11652           
=======================================
  Hits         6754     6754           
  Misses       4898     4898

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

tangowithfoxtrot
tangowithfoxtrot previously approved these changes May 23, 2024
View reviewed changes
Copy link
Contributor

@tangowithfoxtrot tangowithfoxtrot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Confirmed that we can still get a working, statically-linked Go executable on Linux with MUSL. Thanks!

Thomas-Avery
Thomas-Avery approved these changes May 24, 2024
View reviewed changes
Copy link
Contributor

@Thomas-Avery Thomas-Avery left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@coltonhurst coltonhurst merged commit 2b207f6 into main May 26, 2024
104 checks passed
@coltonhurst coltonhurst deleted the sm/sm-1237_2 branch May 26, 2024 20:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dani-garcia dani-garcia dani-garcia approved these changes

@Thomas-Avery Thomas-Avery Thomas-Avery approved these changes

@Hinton Hinton Awaiting requested review from Hinton

@tangowithfoxtrot tangowithfoxtrot Awaiting requested review from tangowithfoxtrot

Assignees

@coltonhurst coltonhurst

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@coltonhurst @dani-garcia @tangowithfoxtrot @Thomas-Avery