fix(desktop): Select Linux secret storage backend#2916
Conversation
|
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Repository UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
github-actions
Bot
added
vouch:unvouched
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
ApprovabilityVerdict: Needs human review This PR introduces new Linux secret storage backend selection functionality, which touches security-sensitive credential storage handling. Additionally, there's an unresolved review comment identifying a potential issue with DBUS session bus address handling that could affect secret-store backends. You can customize Macroscope's approvability policy. Learn more. |
mwolson
force-pushed
the
fix/linux-secret-store-backend-v2
branch
3 times, most recently
from
1ec83f0 to
57dcaa9
Compare
mwolson
force-pushed
the
fix/linux-secret-store-backend-v2
branch
from
57dcaa9 to
9bf124e
Compare
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 9bf124e. Configure here.
| if (linux !== null) { | ||
| if (linux.dbusSessionBusAddress !== null) { | ||
| process.env.DBUS_SESSION_BUS_ADDRESS = linux.dbusSessionBusAddress; | ||
| } |
There was a problem hiding this comment.
Early DBUS blocks shell address
Medium Severity
During pre-ready Linux setup, a fallback DBUS_SESSION_BUS_ADDRESS is written when the default session socket exists. Later login-shell hydration only copies DBUS_SESSION_BUS_ADDRESS when it is unset, so an AppImage session that already got the fallback can never pick up a different address from the login shell, which can break secret-store backends that need the real session bus.
Additional Locations (1)
Reviewed by Cursor Bugbot for commit 9bf124e. Configure here.
mwolson
force-pushed
the
fix/linux-secret-store-backend-v2
branch
from
9bf124e to
f8925a5
Compare
mwolson
force-pushed
the
fix/linux-secret-store-backend-v2
branch
from
f8925a5 to
19b1afe
Compare
1 participant
Summary
Closes #2539.
Closes #2880.
This selects an encrypted Linux safeStorage backend before Electron is ready, so desktop SSH environment credentials can be persisted on Linux sessions Electron does not recognize automatically.
Problem and Fix
basic_texton Linux sessions such as Niri or unversioned KDE/Plasma because the desktop name is not one of Electron's recognized backend selectors.app.readyand default unknown non-KDE sessions tognome-libsecret, while using KWallet for KDE/Plasma sessions.linuxPasswordStoresetting synchronously during early Electron startup, with unsupported values normalized toautowithout dropping unrelated settings./run/user/<uid>/buswhen the DBus session bus exists but is not exported.Defensive Fixes
ready.readyand the selected backend afterready, without probing keyring availability during startup.Validation
bun fmtbun lintbun typecheckbun run --filter @t3tools/desktop test -- linuxSecretStorage DesktopEarlyElectronStartup DesktopAppSettings DesktopShellEnvironment DesktopSavedEnvironmentsChecklist
Note
High Risk
Changes how Linux chooses Electron's encrypted credential backend at startup (DBus, password-store switches, and auto heuristics), which can affect whether existing users can read or write saved SSH secrets until they adjust keyring/KWallet setup.
Overview
Configures Linux desktop startup so Electron picks an encrypted safeStorage backend before
app.ready, fixing SSH environment credential persistence on sessions Electron does not recognize (e.g. Niri, unversioned KDE).Adds a persisted
linuxPasswordStoresetting (defaultauto) and reads it synchronously fromdesktop-settings.jsonduring early bootstrap, alongside heuristics that mapautotognome-libsecretor KWallet when needed.main.tsnow applies Linux pre-ready switches (password-store, WMclass, optionalDBUS_SESSION_BUS_ADDRESS) and registers the desktop scheme privileges synchronously;DesktopAppcan clear and re-applypassword-storeafter login-shell hydration and logs the chosen store and selected backend after ready.DesktopShellEnvironmentpulls more session variables from the login shell and falls back to/run/user/<uid>/buswhen DBus is unset. Supporting pieces includeremoveCommandLineSwitch,selectedStorageBackendon safe storage, shared path helpers, and targeted tests.Reviewed by Cursor Bugbot for commit 9bf124e. Bugbot is set up for automated code reviews on this repo. Configure here.
Note
Select Linux secret storage backend before Electron app ready
linuxPasswordStoresetting (defaulting to'auto') from desktop settings and resolves the appropriate Electron--password-storecommand-line switch before the app is ready.linuxSecretStorage.tsto select the correct backend based on the active desktop environment when set to'auto'.DBUS_SESSION_BUS_ADDRESSif unset and the default bus socket is found, and propagates additional session env vars (DISPLAY,XDG_CURRENT_DESKTOP,WAYLAND_DISPLAY, etc.) from the login shell on Linux.ElectronApp.removeCommandLineSwitchandElectronSafeStorage.selectedStorageBackend(Linux only, returnsOption.noneon non-Linux or error) to support runtime switch management and backend introspection.--class,--password-store) and protocol scheme privileges are now registered synchronously beforeapp.readyinstead of after.Macroscope summarized 9bf124e. (Automatic summaries will resume when PR exits draft mode or review begins).