Skip to content

[PM-33122] Propogate Cipher field decryption errors#818

Merged
nikwithak merged 4 commits intomainfrom
vault/pm-33122/throw-decrypt-errors
Mar 26, 2026
Merged

[PM-33122] Propogate Cipher field decryption errors#818
nikwithak merged 4 commits intomainfrom
vault/pm-33122/throw-decrypt-errors

Conversation

@nikwithak
Copy link
Copy Markdown
Contributor

@nikwithak nikwithak commented Mar 5, 2026
edited by atlassian Bot
Loading

🎟️ Tracking

PM-33122

📔 Objective

When individual fields fail to decrypt on a Cipher, the fields are cleared out and the errors are swallowed. This means the user never knows that their ciphers are failing, and they could lose data if they edit the cipher, which will overwrite the bad data (which could still be recoverable).

This change propogates any decryption errors instead of swallowing them.

@nikwithak nikwithak requested review from a team as code owners March 5, 2026 22:37
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 5, 2026
edited
Loading

Logo
Checkmarx One – Scan Summary & Details3db9a3ff-0af0-42fb-8713-4956753cbc4f

Great job! No new security vulnerabilities introduced in this pull request

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 5, 2026
edited
Loading

🔍 SDK Breaking Change Detection Results

SDK Version: vault/pm-33122/throw-decrypt-errors (c766b89)
Completed: 2026-03-16 22:59:07 UTC
Total Time: 245s

Client Status Details
typescript ✅ No breaking changes detected TypeScript compilation passed with new SDK version - View Details

Breaking change detection completed. View SDK workflow

@codecov
Copy link
Copy Markdown

codecov Bot commented Mar 6, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 73.18841% with 37 lines in your changes missing coverage. Please review.
✅ Project coverage is 82.85%. Comparing base (cff7bb2) to head (c766b89).
⚠️ Report is 20 commits behind head on main.

Files with missing lines Patch % Lines
crates/bitwarden-vault/src/cipher/identity.rs 0.00% 18 Missing ⚠️
crates/bitwarden-vault/src/cipher/cipher.rs 80.39% 10 Missing ⚠️
crates/bitwarden-vault/src/cipher/card.rs 0.00% 7 Missing ⚠️
crates/bitwarden-vault/src/cipher/field.rs 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #818      +/-   ##
==========================================
+ Coverage   82.81%   82.85%   +0.04%     
==========================================
  Files         351      351              
  Lines       42066    42096      +30     
==========================================
+ Hits        34836    34878      +42     
+ Misses       7230     7218      -12

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@nikwithak nikwithak mentioned this pull request Mar 16, 2026
Closed
shane-melton
shane-melton reviewed Mar 16, 2026
View reviewed changes
Comment thread crates/bitwarden-vault/src/folder/folder_models.rs Outdated
Comment thread crates/bitwarden-vault/src/password_history.rs Outdated
@nikwithak nikwithak requested a review from shane-melton March 16, 2026 22:47
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Mar 16, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@nikwithak nikwithak merged commit 73cc150 into main Mar 26, 2026
58 checks passed
@nikwithak nikwithak deleted the vault/pm-33122/throw-decrypt-errors branch March 26, 2026 21:54
bw-ghapp Bot pushed a commit to bitwarden/sdk-swift that referenced this pull request Mar 26, 2026
@bitwarden-devops-bot
bitwarden/sdk-internal@73cc150 2.0.0-5154-73cc150 - [PM-33122] Propog…
d9bf3ce 
…ate Cipher field decryption errors (bitwarden/sdk-internal#818)
@bw-ghapp bw-ghapp Bot mentioned this pull request Mar 26, 2026
Merged
nikwithak added a commit that referenced this pull request Mar 30, 2026
@nikwithak
Revert "[PM-33122] Propogate Cipher field decryption errors (#818)"
f47cbd6 
This reverts commit 73cc150.
@nikwithak nikwithak mentioned this pull request Mar 30, 2026
Merged
nikwithak added a commit that referenced this pull request Apr 2, 2026
@nikwithak
[PM-33122] Move Strict Cipher Decryption behind Feature Flag (#890)
7c8e020 
## 🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-33122

## 📔 Objective

#818 introduced strict cipher decryption, to propogate decryption errors
instead of swallowing them. This PR reverts those changes and puts them
behind a feature flag. It does this in two parts:

* Introduces a new struct `StrictDecrypt<T>(T)`, as a wrapper for adding
a second implementation of `Decryptable`
* In all calls to decrypt a cipher from the `CiphersClient`, gates that
call in a feature flag check. If the flag is enabled, decrypts ciphers
using the `StrictDecrypt` implementation instead of the old
implementation.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shane-melton shane-melton shane-melton approved these changes

@jaasen-livefront jaasen-livefront Awaiting requested review from jaasen-livefront jaasen-livefront is a code owner automatically assigned from bitwarden/team-vault-dev

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nikwithak @shane-melton