clients icon indicating copy to clipboard operation
clients copied to clipboard

Published 20 hours ago â€ĸ verified publisher icon bitwarden

[PM-7846] Implement a rust based native messaging proxy and IPC system

Open dani-garcia opened this issue 1 year ago â€ĸ 5 comments

🎟ī¸ Tracking

https://bitwarden.atlassian.net/browse/PM-7846

📔 Objective

Replaces the current implementation of the Native Messaging proxy, which is currently used by browser integration.

The previous implementation was Node-based and integrated into the Bitwarden desktop application. This is problematic as it requires us to allow the use of the ELECTRON_RUN_AS_NODE flag, which has some security consequences.

The new implementation is Rust-based and lives as a separate binary desktop_proxy[.exe]. This binary will be called by the browsers directly and it will communicate with the main Bitwarden application through IPC as before.

This change will also let us use electron-fuses to disable that functionality entirely. That will come in a separate PR.

The IPC messaging protocol and transport are unchanged, and use JSON over Unix sockets and named pipes just like before.

I've also updated the CI build workflow to build, sign and bundle the binary on all platforms.

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

đŸĻŽ Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹī¸ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠ī¸ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or â™ģī¸ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

dani-garcia avatar Jul 01 '24 14:07 dani-garcia