server icon indicating copy to clipboard operation
server copied to clipboard
verified publisher icon bitwarden

Move Microsoft.Extensions.Caching.Cosmos dep to Auth ownership

Open trmartin4 opened this issue 2 months ago â€ĸ 4 comments

🎟ī¸ Tracking

📔 Objective

This PR proposes that the Microsoft.Extensions.Caching.Cosmos package be moved from Platform to Auth ownership from a dependency maintenance perspective. Currently, with https://github.com/bitwarden/server/pull/3772, the Cosmos cache is only used as a keyed singleton service that is used for caching persisted grants in our Identity store.

While in conceptual terms a caching store makes sense to be Platform-owned, given its current usage as a store for Identity grants it feels like it belongs under Auth ownership.

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

đŸĻŽ Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹī¸ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠ī¸ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or â™ģī¸ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

trmartin4 avatar Oct 21 '25 20:10 trmartin4

Codecov Report

:white_check_mark: All modified and coverable lines are covered by tests. :white_check_mark: Project coverage is 53.64%. Comparing base (3ff5902) to head (3267601). :warning: Report is 3 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #6475      +/-   ##
==========================================
+ Coverage   53.60%   53.64%   +0.03%     
==========================================
  Files        1921     1926       +5     
  Lines       85650    85720      +70     
  Branches     7687     7687              
==========================================
+ Hits        45911    45981      +70     
  Misses      37967    37967              
  Partials     1772     1772

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

:rocket: New features to boost your workflow:
  • :snowflake: Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

codecov[bot] avatar Oct 21 '25 20:10 codecov[bot]

Logo Checkmarx One – Scan Summary & Details – ce4a1973-d9c2-4b4a-9c38-d1529ffa36f9

Great job! No new security vulnerabilities introduced in this pull request

github-actions[bot] avatar Oct 21 '25 20:10 github-actions[bot]

Claude finished @trmartin4's task —— View job

Code Review Complete

Tasks

  • [x] Gather context and read changed files
  • [x] Review PR changes using bitwarden-code-reviewer
  • [x] Post review feedback

Review Findings

Overall Assessment: ✅ APPROVE

This PR correctly moves Microsoft.Extensions.Caching.Cosmos from Platform to Auth ownership in the Renovate configuration.

Change Summary

  • File Modified: .github/renovate.json5
  • Change: Moved Microsoft.Extensions.Caching.Cosmos from Platform owned dependencies (lines 136-163) to Auth owned dependencies (lines 64-79)
  • Impact: Future Renovate PRs for this package will be tagged with [deps] Auth: and assigned to team:team-auth-dev reviewers

Analysis

👍 Correct Ownership Alignment
The change correctly reflects architectural reality. The Cosmos cache is used exclusively for Auth/Identity Server purposes:

  • Configured as a keyed singleton IDistributedCache with the "persistent" key in ServiceCollectionExtensions.cs:817-824
  • Used by DistributedCacheCookieManager for Identity Server cookie management
  • Related to persisting grants in the Identity store via GrantRepository in the Auth.Repositories.Cosmos namespace

👍 Complete and Consistent
The package is properly placed alphabetically in the Auth dependencies list and removed from Platform dependencies. The change follows the existing pattern for dependency ownership in the file.

👍 No Security Concerns
This is purely a configuration change affecting how dependency updates are routed via Renovate. No code or security-sensitive logic is modified.

Recommendation

Approve and merge. The ownership change is well-justified by the PR description and aligns with the actual usage of the package in the codebase.

claude[bot] avatar Dec 07 '25 20:12 claude[bot]

Related PR: https://github.com/bitwarden/server/pull/6326

djsmith85 avatar Dec 09 '25 13:12 djsmith85