dani-garcia / bw_web_builds Goto Github PK

I see this and this. I suggest to add an empty-by-default custom.css file for injecting custom css by mounting the file with docker.

It would be invoked by adding the appropriate code inside the html (<link> tag) or on top of one css file (@import) that gets always loaded.

Hello,
I just saw that version v2.12.0 has been released, are you going to update the project to this version? https://github.com/bitwarden/web/releases/tag/v2.12.0

I have noticed that the 2 additional assets

• bw_web_v2022.X.Y.tar.gz
• bw_web_v2022.X.Y.tar.gz.asc

are usually created 15-45 minutes after the release has been created.

I am just curious how these are created. Are they created by @dani-garcia manually or is there a hidden gh action that creates them?

Hello,

First of all thank you very much for your great effort with this tool.

Personally I'm a premium original bitwarden user, but I'm looking into using the bitwarden_rs in my company so we can use organisations.
In the long run, we might even go for the "official" bitwarden server, but in the mean time I would like to make a pilot to ensure we are happy with the results.

With my initial tests I ended up finding some issues right on the first day.

I've compiled from the source in my server the bitwarden software, and also build from source the web vault using your patch.

The issue occurs when I use my own build of the web vault and the pre-patched versions you provide.

The issue manifests it self when after you login into the webvault and lock your account on the top right menu and press lock now.
The correct password, or any other password, doesn't work and the account can't get unlocked.
If you fully logout and log back in with the correct password all is ok.

On the password change, the problem is bigger. When you change the master password on the web vault, you will lose access to your vault, and you will need to delete the user and create a new one, with all the issues that might occur from that.

I'm available to do testing over this, or any other subject.

Can you please let me know if this is a known issue, or if no one else is experiencing this with the latest version?

My deploy is:

Diagnostics
Version
Server Installed Ok 1.16.1
Server Latest 1.16.1
Web Installed Ok 2.15.1
Web Latest 2.15.1
Checks
DNS (github.com) Ok 140.82.118.3
Date & Time (UTC) Ok
Server: 2020-07-28 19:55:24
Browser: 2020-07-28 19:55:24

Thank you.

Kind regards,
JB

Hello,

Not sure why this field hasn't been created as sensitive in the first place, would it be possible to introduce one more patch to make it so?

Regards

Hello,

Displaying version information on unauthenticated pages is a bad security practice as it give attackers quick and easy informations to seek working flaws.

Security by obscurity might be controversial on some points but displaying version on an unauthenticated page give too much information to possible attackers.
Displaying this information to unauthenticated users offers no other purposes than weakening the security of the instance.

Can this be remove in future releases ?

The server image on Docker Hub has many tags including "latest", why this is not possible for the web-vault image?

See: https://vaultwarden.discourse.group/t/free-bitwarden-families/1323

We need to remove that menu item from our builds.

Let's make sure most future deployments of Vaultwarden are automatically compliant with the AGPLv3.0 license by adding a simple hyperlink around the Vaultwarden name in the footer. This should link to the official Vaultwarden Github repository - https://github.com/dani-garcia/vaultwarden.

I was going to submit a PR myself but this repo setup was entirely too confusing to figure out in a reasonable amount of time. It would be much faster for someone who has already figured this out to add the simple hyperlink.

Hi,
I'm trying to update to the latest release.
When i run the script adjusting new statements according to changelog but I get errors both using npm and Docker.

Log error: "error: pathspec 'v2022.05.0' did not match any file(s) known to git" when i try to exec
RUN git -c advice.detachedHead=false checkout "${VAULT_VERSION}" && \ git submodule update --recursive --init --force

Are there some precautions I should use about new update?
Whole script in attachement about npm build: it has always worked until now.

Thank you very much for your time,
EC

vault.txt

Hey,
i've tried to update the Web to v2.18.1 but when applying the patch it get this message:

2021-02-07 21:13:10 (32,8 MB/s) - ‘v2.18.1.patch’ saved [6870/6870]

error: patch failed: src/app/services/services.module.ts:135
error: src/app/services/services.module.ts: patch does not apply

Am I doing something wrong?

Attempting to build from latest Dockerfile:

$ docker build -t bw_vault .
Sending build context to Docker daemon  580.6kB
Step 1/22 : FROM node:14-buster as build
 ---> a7e633305d89
Step 2/22 : RUN npm -g install npm@7
 ---> Using cache
 ---> e86ef39a2a17
Step 3/22 : RUN mkdir /vault
 ---> Using cache
 ---> fa61b7d8728b
Step 4/22 : RUN chown node:node /vault
 ---> Using cache
 ---> f46ed9c7b784
Step 5/22 : USER node
 ---> Using cache
 ---> c5bddec0ae90
Step 6/22 : ARG VAULT_VERSION=cfa3d81cf87ed59c471021608b9b922023c825f1
 ---> Using cache
 ---> 37f4e1b73dc0
Step 7/22 : RUN git clone https://github.com/bitwarden/web.git /vault
 ---> Using cache
 ---> 36ee9217445d
Step 8/22 : WORKDIR /vault
 ---> Using cache
 ---> ff911c5bf6f1
Step 9/22 : RUN git checkout "$VAULT_VERSION" &&     git submodule update --recursive --init
 ---> Using cache
 ---> a5430c6f312b
Step 10/22 : COPY --chown=node:node patches /patches
 ---> 6ca610ae163e
Step 11/22 : COPY --chown=node:node apply_patches.sh /apply_patches.sh
 ---> 3b015d86dc25
Step 12/22 : RUN bash /apply_patches.sh
 ---> Running in 3205e3cb2835
Patch file not found, using latest
Using patch: v2.23.0.patch
Patching successful!
Removing intermediate container 3205e3cb2835
 ---> f1bdf90e33fc
Step 13/22 : RUN npm ci
 ---> Running in a747aac0f50d
npm WARN deprecated [email protected]: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated [email protected]: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated [email protected]: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated [email protected]: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated [email protected]: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN deprecated [email protected]: TSLint has been deprecated in favor of ESLint. Please see https://github.com/palantir/tslint/issues/4534 for more information.
npm WARN deprecated [email protected]: core-js@<3.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Please, upgrade your dependencies to the actual version of core-js.

> [email protected] preinstall
> npm run sub:init


> [email protected] sub:init
> git submodule update --init --recursive


added 1265 packages, and audited 1268 packages in 39s

78 packages are looking for funding
  run `npm fund` for details

15 vulnerabilities (3 low, 11 moderate, 1 high)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.
Removing intermediate container a747aac0f50d
 ---> bc8b334eb087
Step 14/22 : RUN npm audit fix || true
 ---> Running in 1c214e2573d8
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR!
npm ERR! While resolving: @ngtools/[email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/webpack
npm ERR!   dev webpack@"^4.46.0" from the root project
npm ERR!   peer webpack@"^4.0.0" from @ngtools/[email protected]
npm ERR!   node_modules/@ngtools/webpack
npm ERR!     dev @ngtools/webpack@"^11.2.10" from the root project
npm ERR!   16 more (@webpack-cli/configtest, clean-webpack-plugin, ...)
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer webpack@"^4.0.0" from @ngtools/[email protected]
npm ERR! node_modules/@ngtools/webpack
npm ERR!   dev @ngtools/webpack@"^11.2.10" from the root project
npm ERR!
npm ERR! Conflicting peer dependency: [email protected]
npm ERR! node_modules/webpack
npm ERR!   peer webpack@"^4.0.0" from @ngtools/[email protected]
npm ERR!   node_modules/@ngtools/webpack
npm ERR!     dev @ngtools/webpack@"^11.2.10" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /home/node/.npm/eresolve-report.txt for a full report.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/node/.npm/_logs/2021-09-30T19_21_29_128Z-debug.log
Removing intermediate container 1c214e2573d8
 ---> a5f8e3d49bfb
Step 15/22 : RUN npm run dist
 ---> Running in fe95a93783c9

> [email protected] dist
> npm run build:cloud && gulp postdist


> [email protected] build:cloud
> cross-env NODE_ENV=production ENV=cloud npm run build


> [email protected] build
> gulp prebuild && webpack -c bitwarden_license/webpack.config.js

[19:21:37] Using gulpfile /vault/gulpfile.js
[19:21:37] Starting 'prebuild'...
[19:21:37] Starting 'clean'...
[19:21:37] Finished 'clean' after 9.9 ms
[19:21:37] Starting 'webfonts'...
[19:21:37] 'webfonts' errored after 243 ms
[19:21:37] TypeError: Cannot read property 'match' of undefined
	at formatData (/vault/node_modules/gulp-google-webfonts/index.js:251:20)
	at extractData (/vault/node_modules/gulp-google-webfonts/index.js:246:23)
	at parseCss (/vault/node_modules/gulp-google-webfonts/index.js:228:19)
	at fn (/vault/node_modules/gulp-google-webfonts/node_modules/async/lib/async.js:638:34)
	at Immediate.<anonymous> (/vault/node_modules/gulp-google-webfonts/node_modules/async/lib/async.js:554:34)
	at processImmediate (internal/timers.js:464:21)
	at process.topLevelDomainCallback (domain.js:152:15)
	at process.callbackTrampoline (internal/async_hooks.js:128:24)
[19:21:37] 'prebuild' errored after 255 ms
The command '/bin/sh -c npm run dist' returned a non-zero code: 1

Previous version build just fine. Thanks!

When building the web-vault, there is an error during the build, which seems unimportant, because the final web-vault works just fine.

However, it is also shown in the github action that runs to build the web-vault: https://github.com/dani-garcia/bw_web_builds/actions/runs/5842418493/job/15843518701#step:8:343

Here's the relevant part:

#20 [build 15/20] RUN npm audit fix || true
#20 10.12 npm ERR! Unable to resolve reference $tailwindcss
#20 10.12 
#20 10.12 npm ERR! A complete log of this run can be found in:
#20 10.12 npm ERR!     /home/node/.npm/_logs/2023-08-12T16_46_43_100Z-debug-0.log
#20 DONE 10.3s

When I run this locally, the debug file is gone, before I can check the contents.

This issue can be closed right away, I just wanted to mention it, in case you are not aware of this.

I am unable to build the webvault on macOS with node+npm.
To reproduce, follow the build instruction on macOS.

bw_web_builds % make full    
./scripts/checkout_web_vault.sh
Input a git ref (commit hash, branch name, tag name, 'master'): master
Using: 'master' to checkout bitwarden/client.
~/bw_web_builds/web-vault ~/bw_web_builds
Already on 'master'
Your branch is up to date with 'origin/master'.
HEAD is now at 4e4de9812 Bumped web version to 2023.2.0 (#4753)
Your branch is up to date with 'origin/master'.
~/bw_web_builds
~/bw_web_builds/web-vault ~/bw_web_builds
From https://github.com/bitwarden/clients
 * branch                master     -> FETCH_HEAD
Already up to date.
Already on 'master'
Your branch is up to date with 'origin/master'.
~/bw_web_builds
./scripts/patch_web_vault.sh
~/bw_web_builds/web-vault ~/bw_web_builds
Patch file not found, using latest
find: -printf: unknown primary or operator
FAILED: line 15, exit code 1. Press any key to exit...
make: *** [patch-web-vault] Error 1

This seems to be caused by the missing -printf on find provided by macOS(or FreeBSD, since macOS the find command is based on FreeBSD one).

We currently receive a warning that we don't match the node version: https://github.com/dani-garcia/bw_web_builds/actions/runs/5842418493/job/15843518701#step:8:290

Upstream defines the project to be built with node 18: https://github.com/bitwarden/clients/blob/web-v2023.7.1/.nvmrc

In my deb packagings I had no issues so far with node 18 and it even yields less warning output (not entirely true, different sometimes).

The Powered by Vaultwarden tag line sometimes causes the text box to wrap, and placing the information on a separate line or separate column makes the sentence easier to read.

diff --git a/src/app/layouts/frontend-layout.component.html b/src/app/layouts/frontend-layout.component.html
index dc990b22..d41c3580 100644
--- a/src/app/layouts/frontend-layout.component.html
+++ b/src/app/layouts/frontend-layout.component.html
@@ -1,5 +1,6 @@
 <router-outlet></router-outlet>
 <div class="container my-5 text-muted text-center">
-    &copy; {{year}}, Bitwarden Inc. (Powered by Vaultwarden)
+    &copy; {{year}}, Bitwarden Inc.
+    <br> (Powered by Vaultwarden)
     <br> {{'versionNumber' | i18n : version}}
 </div>

diff --git a/src/app/layouts/frontend-layout.component.html b/src/app/layouts/frontend-layout.component.html
index dc990b22..d41c3580 100644
--- a/src/app/layouts/frontend-layout.component.html
+++ b/src/app/layouts/frontend-layout.component.html
@@ -1,5 +1,6 @@
 <router-outlet></router-outlet>
 <div class="container my-5 text-muted text-center">
-    &copy; {{year}}, Bitwarden Inc. (Powered by Vaultwarden)
+    &copy; {{year}}, Bitwarden Inc.
+    <br> (Powered by Vaultwarden)
     <br> {{'versionNumber' | i18n : version}}
 </div>

If I run make full, it asks me to Input a git ref (commit hash, branch name, tag name, 'master'): and if I then give it 'master' as an input, it fails with the following error:

Hunk #1 succeeded at 58 (offset 1 line).
Checking patch libs/angular/src/components/register.component.ts...
error: while searching for:
  }

  async submit(showToast = true) {
    let email = this.formGroup.get("email")?.value;
    email = email.trim().toLowerCase();
    let name = this.formGroup.get("name")?.value;

error: patch failed: libs/angular/src/components/register.component.ts:96
Applied patch apps/web/src/404.html cleanly.
Applied patch apps/web/src/app/app.component.ts cleanly.
Applied patch apps/web/src/app/core/init.service.ts cleanly.
Applied patch apps/web/src/app/core/web-platform-utils.service.ts cleanly.
Applied patch apps/web/src/app/layouts/footer.component.html cleanly.
Applied patch apps/web/src/app/layouts/frontend-layout.component.html cleanly.
Applied patch apps/web/src/app/layouts/navbar.component.html cleanly.
Applied patch apps/web/src/app/organizations/create/organization-information.component.html cleanly.
Applied patch apps/web/src/app/organizations/settings/account.component.html cleanly.
Applied patch apps/web/src/app/organizations/vault/vault.component.ts cleanly.
Applied patch apps/web/src/app/send/access.component.html cleanly.
Applied patch apps/web/src/app/settings/settings.component.ts cleanly.
Applied patch apps/web/src/app/vault/vault.component.ts cleanly.
Applied patch apps/web/src/scss/styles.scss cleanly.
Applying patch libs/angular/src/components/register.component.ts with 1 reject...
Hunk #1 applied cleanly.
Hunk #2 applied cleanly.
Rejected hunk #3.
FAILED: line 18, exit code 1. Press any key to exit... make: *** [Makefile:22: patch-web-vault] Error 1

Unable to create organization on the 2022.9.0 version of the web vault.
Vaultwarden version 1.25.2
OS: OpenBSD (latest snapshot)

Hi!
With 2022.11.1 I get an error when an invited user want to create his account (red info popup with plain html text containing "page not found" site). In background I use a self build vaultwarden version 1.26.0. With 2022.10.2 this error does not occur.

Thanks in advance, also for this great tool generally! :)

When logging into Vaultwarden by typing the email and then hitting enter, I land on the password entry with "Input is required." in red and the text box deselected. When I do that on vault.bitwarden.com, I land on the password entry without an error and the text box selected. The main issue I have is that I cannot continue typing to enter the password, instead I need to get the text box in focus again.

Currently the vault directory does not have a leading directory. May I kindly request packing it with a predictable name? This makes packaging easier and prevents surprises when people do not tar tf the tarball first.

So the traditional output would look like this:

% tar tf bw_web_v2.12.0.tar.gz|head -n 5
bw_web_v2.12.0/app/
bw_web_v2.12.0/app/main.553962d815b08b8f918b.css
bw_web_v2.12.0/app/main.553962d815b08b8f918b.css.map
bw_web_v2.12.0/app/main.553962d815b08b8f918b.js
bw_web_v2.12.0/app/main.553962d815b08b8f918b.js.map

Thanks!

So for example, if I install the web vault in /var/vaultwarden/web-vault and I run vaultwarden with

$ cd /var/vaultwarden/ && su _vaultwarden -c "vaultwarden"

Is it fine if /var/vaultwarden/web-vault is not owned by _vaultwarden ?
Or are these files overwritten by the _vaultwarden user?

Comments in a Dockerfile must have lines that begin with a #. While building, we now get:

[1/2] STEP 6/19: ARG VAULT_VERSION=cfa3d81cf87ed59c471021608b9b922023c825f1 # TODO: When updating to a newer image, remove the package.json patch below
Error: error building at STEP "ARG VAULT_VERSION=cfa3d81cf87ed59c471021608b9b922023c825f1 # TODO: When updating to a newer image, remove the package.json patch below": ARG requires exactly one argument definition

From the Docker reference guide:

Docker treats lines that begin with # as a comment, unless the line is a valid parser directive. A # marker anywhere else in a line is treated as an argument.

Hi,
I'm running a custom bw_web_builds in vaultwarden v1.29.1. It works fine but i;m noticing that in admin panel Diagnostic the version reported is wrong: it shows the v2023.5.0 while i'm running v2023.4.2
User web vault shows the right version.

Maybe did I mess up anythin' in my custom-additional patch? What could it depend on?

Thank you very much

Here's my support string.

Your environment (Generated via diagnostics page)

• Vaultwarden version: v1.29.1
• Web-vault version: v2023.5.0
• OS/Arch: linux/x86_64
• Running within Docker: true (Base: Debian)
• Environment settings overridden: false
• Uses a reverse proxy: true
• IP Header check: true (X-Real-IP)
• Internet access: true
• Internet access via a proxy: false
• DNS Check: true
• Browser/Server Time Check: true
• Server/NTP Time Check: true
• Domain Configuration Check: true
• HTTPS Check: true
• Database type: MySQL
• Database version: 10.6.4-MariaDB-1:10.6.4+maria~focal
• Clients used:
• Reverse proxy and version:
• Other relevant information:

Config (Generated via diagnostics page)

{
  "_duo_akey": null,
  "_enable_duo": true,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_smtp_img_src": "cid:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 100,
  "database_timeout": 30,
  "database_url": "*****://**********************************************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://********************",
  "domain_origin": "*****://********************",
  "domain_path": "",
  "domain_set": true,
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "email_attempts_limit": 3,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "password-dev",
  "invitations_allowed": false,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "Debug",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": true,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 600000,
  "push_enabled": false,
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": true,
  "signups_domains_whitelist": "************",
  "signups_verify": true,
  "signups_verify_resend_limit": 0,
  "signups_verify_resend_time": 60,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "*********************",
  "smtp_from_name": "XXXXXXX.YYYYYYY.it",
  "smtp_host": "******************",
  "smtp_password": null,
  "smtp_port": 25,
  "smtp_security": "off",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": null,
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "websocket_address": "0.0.0.0",
  "websocket_enabled": true,
  "websocket_port": 3012,
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Hi,
trying to build web-vault via new patch v2023.5.0 there are many offsets.
Am I doing something wrong?

git -c advice.detachedHead=false checkout "web-v2023.5.0"
git apply -v --check --ignore-space-change --reject v2023.5.0.patch

HEAD is now at 7bb3f49ab Bumped all version to 2023.5.0 (#5543)
Checking patch apps/web/src/404.html...
Checking patch apps/web/src/app/admin-console/organizations/create/organization-information.component.html...
Checking patch apps/web/src/app/admin-console/organizations/settings/account.component.html...
Checking patch apps/web/src/app/app.component.ts...
Hunk #1 succeeded at 183 (offset 11 lines).
Checking patch apps/web/src/app/billing/organizations/organization-billing-history-view.component.ts...
Checking patch apps/web/src/app/core/init.service.ts...
Checking patch apps/web/src/app/core/router.service.ts...
Checking patch apps/web/src/app/core/web-platform-utils.service.ts...
Hunk #1 succeeded at 133 (offset -61 lines).
Checking patch apps/web/src/app/layouts/footer.component.html...
Checking patch apps/web/src/app/layouts/frontend-layout.component.html...
Checking patch apps/web/src/app/layouts/navbar.component.html...
Checking patch apps/web/src/app/settings/settings.component.ts...
Checking patch apps/web/src/app/tools/generator.component.ts...
Hunk #1 succeeded at 37 (offset -3 lines).
Checking patch apps/web/src/app/tools/send/access.component.html...
Checking patch apps/web/src/app/vault/individual-vault/vault.component.ts...
Hunk #1 succeeded at 179 (offset 4 lines).
Checking patch apps/web/src/app/vault/org-vault/vault.component.ts...
Hunk #1 succeeded at 166 (offset 1 line).
Checking patch apps/web/src/app/auth/settings/two-factor-authenticator.component.ts...
Checking patch apps/web/src/index.html...
Checking patch apps/web/src/manifest.json...
Checking patch apps/web/src/scss/styles.scss...
Checking patch libs/angular/src/components/register.component.ts...
Checking patch libs/components/src/menu/menu.component.html...

Thank you

tag v2.19.0 when applying patch of same version it is not hiding the Enterprise SSO button on the web vault and I see these errors:

error: patch failed: src/app/app.component.ts:140
error: src/app/app.component.ts: patch does not apply
error: patch failed: src/app/services/services.module.ts:136
error: src/app/services/services.module.ts: patch does not apply
error: src/app/settings/two-factor-u2f.component.ts: No such file or directory

Hi,

Is there the "v" letter cause web version check problem?...

Hello, I'm using a larger than 6 digit code for the MFA code as set in the admin area.

However it seems that the web vault is hard coded to always ask for a 6 digit code even when it is set to more digits.

Is it possible to make that value be read from the config instead of a hard coded value of 6?

Hello and thank you for your great work!

I'm not sure if my concern is a desired behavior, but it doesn't feel right.

If for whatever reason I need to reset my second factor, I select Use another two-step login method when prompted for the second factor:

In the dialog that opens, I would like to select Recovery Code:

But this just opens a link to the Bitwarden Help Center (https://bitwarden.com/help/lost-two-step-device/) instead of leading me to the form to reset my second factor. I think it should open {{SERVER_URL}}/#/recover-2fa/ instead, so this form is shown:

I think the code responsible for this is either here (Branch: master) or here (Tag: web-v2023.1.1).

The diagnostic page of an admin login is not displayed if an invalid option is included in resolv.conf:

[2022-02-01 09:49:27.400][request][INFO] GET /admin/diagnostics
[2022-02-01 09:49:27.400][panic][ERROR] thread 'unnamed' panicked at 'Failed to build client: reqwest::Error { kind: Builder, source: Custom { kind: Other, error: "error reading DNS system conf: Error parsing resolv.conf: InvalidOption(4)" } }': src/util.rs:623
   0: vaultwarden::init_logging::{{closure}}
   1: std::panicking::rust_panic_with_hook
             at /rustc/498eeb72f590e518e19746b346be53713689e207/library/std/src/panicking.rs:695:17
   2: std::panicking::begin_panic_handler::{{closure}}
             at /rustc/498eeb72f590e518e19746b346be53713689e207/library/std/src/panicking.rs:581:13
   3: std::sys_common::backtrace::__rust_end_short_backtrace
             at /rustc/498eeb72f590e518e19746b346be53713689e207/library/std/src/sys_common/backtrace.rs:139:18
   4: rust_begin_unwind
             at /rustc/498eeb72f590e518e19746b346be53713689e207/library/std/src/panicking.rs:577:5
   5: core::panicking::panic_fmt
             at /rustc/498eeb72f590e518e19746b346be53713689e207/library/core/src/panicking.rs:135:14
   6: core::result::unwrap_failed
             at /rustc/498eeb72f590e518e19746b346be53713689e207/library/core/src/result.rs:1737:5
   7: vaultwarden::api::admin::diagnostics
   8: vaultwarden::api::admin::rocket_route_fn_diagnostics
   9: <F as rocket::handler::Handler>::handle
  10: rocket::rocket::Rocket::route_and_process
  11: <rocket::rocket::Rocket as hyper::server::Handler>::handle
  12: hyper::server::Worker<H>::handle_connection
  13: std::sys_common::backtrace::__rust_begin_short_backtrace
  14: core::ops::function::FnOnce::call_once{{vtable.shim}}
  15: <alloc::boxed::Box<F,A> as core::ops::function::FnOnce<Args>>::call_once
             at /rustc/498eeb72f590e518e19746b346be53713689e207/library/alloc/src/boxed.rs:1854:9
      <alloc::boxed::Box<F,A> as core::ops::function::FnOnce<Args>>::call_once
             at /rustc/498eeb72f590e518e19746b346be53713689e207/library/alloc/src/boxed.rs:1854:9
      std::sys::unix::thread::Thread::new::thread_start
             at /rustc/498eeb72f590e518e19746b346be53713689e207/library/std/src/sys/unix/thread.rs:108:17
  16: <unknown>

Instead of not displaying this page at all, only the corresponding part of the page should be marked as "not evaluable".

(Latest webvault 2.25.1b installed)

I've been working on a soft fork of the clients repository where the changes to the web-vault can be directly applied. The idea is to having a separate branch for each web-vault release, which is likely easier to manage than the way we currently do with the patch files. And we could manage the releases using that repository as a submodule in this repository like this.

While this is a proof of concept right now, I believe it would make it easier to keep track of the changes in the future because the changes can be annotated in the commits (cf. my v2023.7.1 branch).

If we want we could also add the old patch files more or less unmodified like I've done in v2023.5.1.patch.

By using something like git cherry-pick v2023.7.1~4..v2023.7.1 (which I've tested on the rc branch) it's easy to re-apply the changeset to a new release (and it's also more comfortable to use in case of merge conflicts).

Keeping the changes to the bitwarden/clients repository separate from this repository would also make it possible to just change the version in app/web/package.json so we could get rid of the vw-version.json file entirely.

The obvious drawback is that we'd have to maintain a fork but I think that it would be worth it.

Hi :)

Just updated my old instance of Bitwarden_rs to newest Vaultwarden and veb-vault.
In v2.19.0 there was option FIDO U2F, which was upgraded to FIDO2 WebAuthn in latest veb-vault. I have two Youbikey set up in my configuration, so according to https://bitwarden.com/help/article/setup-two-step-login-fido/ all my Yubi keys should be migrated.
Unfortunately, when I try to manage WebAuthn the 404 error occurs.

Log says:

May 18 12:02:14 vw vaultwarden[52953]: [2021-05-18 12:02:14.058][response][INFO] GET /api/accounts/profile (profile) => 200 OK
May 18 12:02:15 vw vaultwarden[52953]: [2021-05-18 12:02:15.571][request][INFO] GET /api/two-factor
May 18 12:02:15 vw vaultwarden[52953]: [2021-05-18 12:02:15.572][response][INFO] GET /api/two-factor (get_twofactor) => 200 OK
May 18 12:02:19 vw vaultwarden[52953]: [2021-05-18 12:02:19.698][request][INFO] POST /api/two-factor/get-webauthn
May 18 12:02:19 vw vaultwarden[52953]: [2021-05-18 12:02:19.698][response][INFO] 404 Not Found

Here's my support string:

Your environment (Generated via diagnostics page)

• Vaultwarden version: v1.21.0-7d5186e4
• Web-vault version: v2.20.1
• Running within Docker: false
• Uses a reverse proxy: false
• Internet access: true
• Internet access via a proxy: false
• DNS Check: true
• Time Check: true
• Domain Configuration Check: true
• HTTPS Check: true
• Database type: SQLite
• Database version: 3.33.0
• Clients used:
• Reverse proxy and version:
• Other relevant information:

Config (Generated via diagnostics page)

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_ip_header_enabled": true,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_max_conns": 10,
  "database_url": "****/**.*******",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://**-**.******.**:*****",
  "domain_origin": "*****://**-**.******.**:*****",
  "domain_path": "",
  "domain_set": true,
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "email_attempts_limit": 6,
  "email_expiration_time": 600,
  "email_token_size": 8,
  "enable_db_wal": true,
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "invitation_org_name": "Bitwarden",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": null,
  "log_level": "Info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "org_attachment_limit": null,
  "org_creation_users": "",
  "password_iterations": 100000,
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": true,
  "signups_allowed": false,
  "signups_domains_whitelist": "",
  "signups_verify": false,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": "Plain",
  "smtp_debug": false,
  "smtp_explicit_tls": true,
  "smtp_from": "*****@******.**",
  "smtp_from_name": "Bitwarden",
  "smtp_host": "****.******.**",
  "smtp_password": "***",
  "smtp_port": 465,
  "smtp_ssl": true,
  "smtp_timeout": 15,
  "smtp_username": "******@******.**",
  "templates_folder": "data/templates",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_syslog": false,
  "user_attachment_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "websocket_address": "0.0.0.0",
  "websocket_enabled": false,
  "websocket_port": 3012,
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

I reverted for tests web-vault back to v2.19.0 leaving latest vaultwarden server and I can manage both my keys as FIDO U2F.
Did I miss something?...
OS: FreeBSD 13-RELEASE.

Regards! :)

Hi dani-garcia,

I am using mprasil/bitwarden:latest on debian with docker-ce.

The server version shows: Version 2.10.0 (on https://github.com/dani-garcia/bitwarden_rs/releases/tag/1.8.0 is written Version 2.9.0 is this a typo or is it still 2.10.0)

Also: in the web-vault using mybitwarden.com/#/settings/subscription the website just loads an loads and nothing is there. Is this used for anything or could it be hidden in the settings?

Also in organizations is the same happening:
mybitwarden.com/#/organizations/c18a1e04-6cba-420c-83c3-73a4711e7810/settings/subscription

Also just loading and loading.

Maybe this could be hidden or is this used for donating (through buying a premium subscription) to the original Bitwarden from Kyle?

Also I would be happy if someone could answer these two questions:
Just now I am using the mprasil/bitwarden:latest, will soon maybe install the raspberry version (is this in the functionallity somehow different, maybe older or is just the kernel thing, not an expert in this part different?)
And the web vault is the official one build in and some files are changed to make it work, right?

Thanks and great work, this way bitwarden can also run on small systems. Maybe in the future this becomes an official part of bitwarden or bitwarden_rs can get also some security audit (many people may not like to use unofficial repositories with no way to know if it is the same way secure. I will use it, as many people are using it, but things like a security audit would make it more trustable or more confortable. But I know that such thing would be probably expensive).

Under Policies, there is (2.17.1) single Organization, and in 2.18.1 (Personal) that have the spinning wheels the should apparently be hidden: https://bitwardenrs.discourse.group/t/spinning-dialog-box-edit-policy-single-organization/573

benpro@pwd ~]$ gpg --keyserver keyserver.ubuntu.com --recv-keys B9B7A108373276BF3C0406F9FC8A7D14C3CD543A
gpg: key FC8A7D14C3CD543A: public key "Daniel García <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
[benpro@pwd ~]$ gpg --list-keys
/home/benpro/.gnupg/pubring.kbx
-------------------------------
pub   rsa4096 2018-09-12 [SC] [expired: 2020-09-13]
      B9B7A108373276BF3C0406F9FC8A7D14C3CD543A
uid           [ expired] Daniel García <[email protected]>

expired: 2020-09-13

This make some warning when making the AUR package:

==> Verifying source file signatures with gpg...
    bw_web_v2.16.1.tar.gz ... Passed (WARNING: the key has expired.)

As mentioned here dani-garcia/vaultwarden#1139 the creation of organizations is not possible with v2.16. Downgrading to v2.15.1 fixes the problem for me.

Up until version 2.16.0b the release have attached a download with the compiled web build as a .tar.gz ready to install. The release 2.16.1 is missing this build. I would like to see the build attached to this release tag as well.

See https://github.com/dani-garcia/bw_web_builds/tags for a comparison ("download" is missing on release 2.16.1)

This is the first time that I see the character v in front of the release in /admin/diagnostics.

The last version cuts off the menu items for Send:

All Sen...
Te..
Fi..

This makes no sense, since there's more than enough space.

In the downloadable package "bw_web_v2.18.1b.tar.gz" the string in "version.json" still points to 2.18.1. Is this correct? If I changed to "b", the webinterface is satisfied and dont want to update anymore.

Hi,
i'm trying to update web-vault using new patch but i get some problems.
I need to use and install external package dependency, I usually add the package inside package.json as dependency applying the patch.
With the new repo scheme i get an error at building time:

npm notice 
npm ERR! code EUSAGE
npm ERR! 
npm ERR! `npm ci` can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with `npm install` before continuing.
npm ERR! 
npm ERR! Missing: [email protected] from lock file
npm ERR! 
npm ERR! Clean install a project
npm ERR! 
npm ERR! Usage:
npm ERR! npm ci

Here's the patch snippet:

diff --git a/package.json b/package.json
index 3g448ed3..gg3b3b7 100644
--- a/package.json
+++ b/package.json
@@ -152,3 +153,5 @@
     "@microsoft/signalr-protocol-msgpack": "^5.0.17",
     "big-integer": "^1.6.51",
+    "tslib": "^2.1.0",
+    "ngx-cookie-service": "12.0.3",
     "bootstrap": "4.6.0",

Is there a way to fix this inside the Dockerfile, or any other way?

Thank you very much,
EC

Hi,

I realised that the image is missing on the start page, the log shows the following:
[2019-05-01 13:56:33][rocket::rocket][INFO] GET /images/[email protected] image/webp:
[2019-05-01 13:56:33][_][INFO] Matched: GET /images/ (images)
[2019-05-01 13:56:33][bitwarden_rs::error][ERROR] Image not found. Image not found

I am using mprasil/bitwarden:raspberry with system service.

I tried without system service, just using:
docker run -d --name bitwarden -v /bw-data/:/data/ -p 85:80 mprasil/bitwarden:raspberry

I compeletly moved everything out of /bw-data and removed all images and containers before.

Nothing worked. Still the image not there.

I uses docker exec -t -i containerID bash to get inside and copied the logo (which was inside the container in web-vault/images/[email protected]

but the logo is shown with [email protected] with autocompletion.

if I use
I have no name!@02f9ad9b4452:/web-vault/images$ cp [email protected] [email protected]
cp: '[email protected]' and '[email protected]' are the same file

All other images seem to work when I log in (like icons under /web-vault/images/icons).

Tried to access it via port 85 (in my case) and via my nginx proxy. Still missing. Chrome and Firefox are showing Error 400.

Using the whole thing on rasbian stretch with some packages upgraded to buster or testing or surgy (like php7.3 and openssl 1.1.1)

SQLite version 3.16.2

Docker version:
Client:
Version: 18.09.0
API version: 1.39
Go version: go1.10.4
Git commit: 4d60db4
Built: Wed Nov 7 00:57:21 2018
OS/Arch: linux/arm
Experimental: false

Server: Docker Engine - Community
Engine:
Version: 18.09.0
API version: 1.39 (minimum version 1.12)
Go version: go1.10.4
Git commit: 4d60db4
Built: Wed Nov 7 00:17:57 2018
OS/Arch: linux/arm
Experimental: false

root@raspberrypi:/bw-data# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
mprasil/bitwarden raspberry b91da7a90e9b 8 hours ago 127MB

Hello

Your gpg key is expired

bitwarden@mul:~$ gpg2 --keyserver https://pgp.mit.edu/ --search-keys B9B7A108373276BF3C0406F9FC8A7D14C3CD543A
gpg: data source: https://pgp.mit.edu:443
(1)	Daniel García <[email protected]>
	  4096 bit RSA key FC8A7D14C3CD543A, créé : 2018-09-12, expire : 2022-09-15 (expirée)

Can you update it ?

Thank 😊

Hello,

My build process stopped working with 2.26.1. I'm not sure if it comes from my node build chain or from changes in this repo :

ERROR in ./jslib/common/src/misc/utils.ts 6:48-62
Module not found: Error: Can't resolve 'url' in '/opt/jslib/common/src/misc'
BREAKING CHANGE: webpack < 5 used to include polyfills for node.js core modules by default.
This is no longer the case. Verify if you need this module and configure a polyfill for it.
If you want to include a polyfill, you need to:
	- add a fallback 'resolve.fallback: { "url": require.resolve("url/") }'
	- install 'url'
If you don't want to include a polyfill, you can use an empty module like this:
	resolve.fallback: { "url": false }

I first solved it by running npm install url instead of npm install then tried adding it to package.json dependencies (https://github.com/bitwarden/web/blob/master/package.json#L76) which also solved the issue without modifying the build process:

  "dependencies": {
[...]
    "sweetalert2": "^10.16.6",
    "url": "0.11.0",
    "webcrypto-shim": "0.1.7",
[...]

Could this be integrated in next patches ?

Building the webvault in Docker fails with:

> [email protected] build
> gulp prebuild && webpack -c bitwarden_license/webpack.config.js

[14:40:12] Using gulpfile /vault/gulpfile.js
[14:40:12] Starting 'prebuild'...
[14:40:12] Starting 'clean'...
[14:40:12] Finished 'clean' after 4.94 ms
[14:40:12] Starting 'webfonts'...
[14:40:13] 'webfonts' errored after 99 ms
[14:40:13] TypeError: Cannot read property 'match' of undefined
    at formatData (/vault/node_modules/gulp-google-webfonts/index.js:251:20)
    at extractData (/vault/node_modules/gulp-google-webfonts/index.js:246:23)
    at parseCss (/vault/node_modules/gulp-google-webfonts/index.js:228:19)
    at fn (/vault/node_modules/gulp-google-webfonts/node_modules/async/lib/async.js:638:34)
    at Immediate.<anonymous> (/vault/node_modules/gulp-google-webfonts/node_modules/async/lib/async.js:554:34)
    at processImmediate (internal/timers.js:464:21)
    at process.topLevelDomainCallback (domain.js:152:15)
    at process.callbackTrampoline (internal/async_hooks.js:128:24)
[14:40:13] 'prebuild' errored after 105 ms

Currently resources to patch in are in a flat folder and via script they are placed variably on the build path. Would it be possible to make a tree directory structure for those resources?

This would allow other build systems to depend on bw_web_builds to recursively copy those files into the right places. And as well for yourself the copy script could just be a cp -r ... ...

When I opened my selfhosted web vault, all UI froze (I couldn't click or focus on any element).
In DevTools console: Content Security Policy: Параметры страницы заблокировали загрузку ресурса https://flag-gimn.ru/wp-content/uploads/2021/09/Ukraina.mp3 («default-src»).

Then I downloaded the latest release and checked with grep -i -o -r 'ukrain' web-vault/:

web-vault/app/main.1ac4db2b4a32da001708.js:Ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js.map:ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js.map:ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js.map:Ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js.map:ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js.map:ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js.map:ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js.map:ukrain
web-vault/app/main.1ac4db2b4a32da001708.js.map:Ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js:Ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js:ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js:ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js:ukrain
web-vault/app/vendor.d6556a6abd8a862bb28c.js:ukrain

How you dare and who added this to pre-built web vault?

npm wont build it:

Hey,
maybe it's better to fork bitwarden's web vault instead of "patching"?

it's easier to update and to keep track of changes (for the maintainers)
thank you for your efforts

Now that the vw server is AGPL, is this going to be AGPL as well? Or will it stay as GPL?