bitwarden-desktop: 2024.9.0 -> 2024.11.1 (1aa5fcdc) · Commits · nix / nixpkgs

pkgs/by-name/bi/bitwarden-desktop/dont-auto-setup-biometrics.patch

+4 −4

Original line number	Diff line number	Diff line
		diff --git a/apps/desktop/src/platform/main/biometric/biometric.unix.main.ts b/apps/desktop/src/platform/main/biometric/biometric.unix.main.ts
		index e2428d9d12..de4e9e1e62 100644
		--- a/apps/desktop/src/platform/main/biometric/biometric.unix.main.ts
		+++ b/apps/desktop/src/platform/main/biometric/biometric.unix.main.ts
		diff --git a/apps/desktop/src/key-management/biometrics/biometric.unix.main.ts b/apps/desktop/src/key-management/biometrics/biometric.unix.main.ts
		index 8962e7f3ec..a7291420f2 100644
		--- a/apps/desktop/src/key-management/biometrics/biometric.unix.main.ts
		+++ b/apps/desktop/src/key-management/biometrics/biometric.unix.main.ts
		@@ -109,7 +109,7 @@ export default class BiometricUnixMain implements OsBiometricService {
		// The user needs to manually set up the polkit policy outside of the sandbox
		// since we allow access to polkit via dbus for the sandboxed clients, the authentication works from

pkgs/by-name/bi/bitwarden-desktop/package.nix

+6 −19

Original line number	Diff line number	Diff line
		@@ -35,19 +35,20 @@ let

		in buildNpmPackage rec {
		pname = "bitwarden-desktop";
		version = "2024.9.0";
		version = "2024.11.1";

		src = fetchFromGitHub {
		owner = "bitwarden";
		repo = "clients";
		rev = "desktop-v${version}";
		hash = "sha256-o5nRG2j73qheDOyeFfSga64D8HbTn1EUrCiN0W+Xn0w=";
		hash = "sha256-4QTQgW8k3EMf07Xqs2B+VXQOUPzoOgaNvoC02x4zvu8=";
		};

		patches = [
		./electron-builder-package-lock.patch
		./dont-auto-setup-biometrics.patch
		./set-exe-path.patch # ensures `app.getPath("exe")` returns our wrapper, not ${electron}/bin/electron
		./skip-afterpack.diff # this modifies bin/electron etc., but we wrap read-only bin/electron ourselves
		];

		postPatch = ''
		@@ -62,7 +63,7 @@ in buildNpmPackage rec {
		makeCacheWritable = true;
		npmFlags = [ "--engine-strict" "--legacy-peer-deps" ];
		npmWorkspace = "apps/desktop";
		npmDepsHash = "sha256-L7/frKCNlq0xr6T+aSqyEQ44yrIXwcpdU/djrhCJNNk=";
		npmDepsHash = "sha256-YzhCyNMvfXGmgOpl3qWj1Pqd1hY8CJ9QLwQds5ZMnqg=";

		cargoDeps = rustPlatform.fetchCargoTarball {
		name = "${pname}-${version}";
		@@ -78,7 +79,7 @@ in buildNpmPackage rec {
		patches;
		patchFlags = [ "-p4" ];
		sourceRoot = "${src.name}/${cargoRoot}";
		hash = "sha256-y+6vaESiOeVrFJpZoOJ75onOpldqSsT2kqkMMzTDUmM=";
		hash = "sha256-aurjpVzWET30O+ysyE4ZzauMe8kHjOL169tfKUR1Vpg=";
		};
		cargoRoot = "apps/desktop/desktop_native";

		@@ -103,20 +104,6 @@ in buildNpmPackage rec {
		libsecret
		];

		# node-argon2 builds with LTO, but that causes missing symbols. So disable it
		# and rebuild. Then we need to copy it into the build output for
		# electron-builder, as `apps/desktop/src/package.json` specifies `argon2` as
		# a dependency and electron-builder will otherwise install a fresh (and
		# broken) argon2. See https://github.com/ranisalt/node-argon2/pull/415
		preConfigure = ''
		pushd node_modules/argon2
		substituteInPlace binding.gyp --replace-fail '"-flto", ' ""
		"$npm_config_node_gyp" rebuild
		popd
		mkdir -p apps/desktop/build/node_modules
		cp -r ./{,apps/desktop/build/}node_modules/argon2
		'';

		preBuild = ''
		if [[ $(jq --raw-output '.devDependencies.electron' < package.json \| grep -E --only-matching '^[0-9]+') != ${lib.escapeShellArg (lib.versions.major electron.version)} ]]; then
		echo 'ERROR: electron version mismatch'
		@@ -181,7 +168,7 @@ in buildNpmPackage rec {
		# Extract the polkit policy file from the multiline string in the source code.
		# This may break in the future but its better than copy-pasting it manually.
		mkdir -p $out/share/polkit-1/actions/
		pushd apps/desktop/src/platform/main/biometric
		pushd apps/desktop/src/key-management/biometrics
		awk '/const polkitPolicy = `/{gsub(/^.*`/, ""); print; str=1; next} str{if (/`;/) str=0; gsub(/`;/, ""); print}' biometric.unix.main.ts > $out/share/polkit-1/actions/com.bitwarden.Bitwarden.policy
		popd

pkgs/by-name/bi/bitwarden-desktop/skip-afterpack.diff

0 → 100644

+39 −0

Original line number	Diff line number	Diff line
		diff --git a/apps/desktop/scripts/after-pack.js b/apps/desktop/scripts/after-pack.js
		index fd16cd5ffb..05a2325ee1 100644
		--- a/apps/desktop/scripts/after-pack.js
		+++ b/apps/desktop/scripts/after-pack.js
		@@ -13,25 +13,6 @@ async function run(context) {
		console.log("## After pack");
		// console.log(context);

		- if (context.packager.platform.nodeName !== "darwin" \|\| context.arch === builder.Arch.universal) {
		- await addElectronFuses(context);
		- }
		-
		- if (context.electronPlatformName === "linux") {
		- console.log("Creating memory-protection wrapper script");
		- const appOutDir = context.appOutDir;
		- const oldBin = path.join(appOutDir, context.packager.executableName);
		- const newBin = path.join(appOutDir, "bitwarden-app");
		- fse.moveSync(oldBin, newBin);
		- console.log("Moved binary to bitwarden-app");
		-
		- const wrapperScript = path.join(__dirname, "../resources/memory-dump-wrapper.sh");
		- const wrapperBin = path.join(appOutDir, context.packager.executableName);
		- fse.copyFileSync(wrapperScript, wrapperBin);
		- fse.chmodSync(wrapperBin, "755");
		- console.log("Copied memory-protection wrapper script");
		- }
		-
		if (["darwin", "mas"].includes(context.electronPlatformName)) {
		const is_mas = context.electronPlatformName === "mas";
		const is_mas_dev = context.targets.some((e) => e.name === "mas-dev");
		@@ -140,6 +121,8 @@ function getIdentities() {
		* @param {import("electron-builder").AfterPackContext} context
		*/
		async function addElectronFuses(context) {
		+ return;
		+
		const platform = context.packager.platform.nodeName;

		const ext = {

Admin message