Skip to content

Commit

Permalink
Switch to using npm for sdk-internal (#1113)
Browse files Browse the repository at this point in the history
## 🎟️ Tracking

<!-- Paste the link to the Jira or GitHub issue or otherwise describe /
point to where this change is coming from. -->

## 📔 Objective

<!-- Describe what the purpose of this PR is, for example what bug
you're fixing or new feature you're adding. -->

It's a hassle to consume an package published on GitHub Packages in
GitHub Actions as you need a PAT. Proposing we switch to publishing on
npm instead.

## ⏰ Reminders before review

- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or
informed the documentation
  team

## 🦮 Reviewer guidelines

<!-- Suggested interactions but feel free to use (or not) as you desire!
-->

- 👍 (`:+1:`) or similar for great changes
- 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info
- ❓ (`:question:`) for questions
- 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry
that's not quite a confirmed
  issue and could potentially benefit from discussion
- 🎨 (`:art:`) for suggestions / improvements
- ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or
concerns needing attention
- 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or
indications of technical debt
- ⛏ (`:pick:`) for minor or nitpick changes
  • Loading branch information
Hinton authored Oct 4, 2024
1 parent e0a4c2e commit bb93c23
Show file tree
Hide file tree
Showing 4 changed files with 322 additions and 4 deletions.
27 changes: 23 additions & 4 deletions .github/workflows/publish-internal.yml
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,18 @@ jobs:
uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
with:
node-version: 20
registry-url: "https://npm.pkg.github.com"

- name: Login to Azure
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}

- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: "bitwarden-ci"
secrets: "npm-api-key"

- name: Download artifact
uses: bitwarden/gh-actions/download-artifacts@main
Expand All @@ -67,8 +78,16 @@ jobs:
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Setup NPM
run: |
echo 'registry="https://registry.npmjs.org/"' > ./.npmrc
echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ./.npmrc
echo 'registry="https://registry.npmjs.org/"' > ~/.npmrc
echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" >> ~/.npmrc
env:
NPM_TOKEN: ${{ steps.retrieve-secrets.outputs.npm-api-key }}

- name: Publish NPM
if: ${{ inputs.release_type != 'Dry Run' }}
run: npm publish --access public
env:
NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: npm publish --access public --registry=https://registry.npmjs.org/ --userconfig=./.npmrc
295 changes: 295 additions & 0 deletions languages/js/sdk-internal/LICENSE
Original file line number Diff line number Diff line change
@@ -0,0 +1,295 @@
BITWARDEN SOFTWARE DEVELOPMENT KIT LICENSE AGREEMENT
Version 1, 17 March 2023

1. Introduction

1.1 The Bitwarden Software Development Kit (referred to in the License Agreement
as the "SDK" and available for download at the following URL
https://github.com/bitwarden/sdk) is licensed to you subject to the terms of
this License Agreement. The License Agreement forms a legally binding contract
between you and the Company in relation to your use of the SDK.

1.2 "Bitwarden" means the Bitwarden software made available by the Company,
available for download at the following URL, as updated from time to time.

1.3 A "Compatible Application" means any software program or service that (i)
connects to and interoperates with a current version of the Bitwarden server
products distributed by the Company; and (ii) complies with the Company’s
acceptable use policy available at the following URL:
https://bitwarden.com/terms/#acceptable_use.

1.4 "Company" means Bitwarden Inc., organized under the laws of the State of
Delaware.

2. Accepting this License Agreement

2.1 In order to access or use the SDK, you must first agree to the License
Agreement. You may not access or use the SDK if you do not accept the License
Agreement.

2.2 By clicking to accept and/or accessing or using the SDK, you hereby agree to
the terms of the License Agreement.

2.3 You may not access or use the SDK and may not accept the License Agreement
if you are a person barred from receiving the SDK under the laws of the United
States or other countries, including the country in which you are resident or
from which you access or use the SDK.

2.4 If you are agreeing to be bound by the License Agreement on behalf of your
employer or any other entity, you represent and warrant that you have full legal
authority to bind your employer or such other entity to the License Agreement.
If you do not have the requisite authority, you may not accept the License
Agreement or you may not access or use the SDK on behalf of your employer or
other entity.

3. SDK License from Bitwarden

3.1 Subject to the terms of this License Agreement, Bitwarden grants you a
limited, worldwide, royalty-free, non-assignable, non-exclusive, and
non-sublicensable license to use the SDK solely (a) to develop, test, and
demonstrate a Compatible Application; (b) to develop, test, and run a Compatible
Application for personal use by your family; or (c) to to develop, test, and run
a Compatible Application for the internal business operations of your
organization in connection with a paid license for a Bitwarden server product,
provided that in no case above may the Compatible Application be offered,
licensed, or sold to a third party.

3.2 You agree that Bitwarden or third parties own all legal right, title and
interest in and to the SDK, including any Intellectual Property Rights that
subsist in the SDK. "Intellectual Property Rights" means any and all rights
under patent law, copyright law, trade secret law, trademark law, and any and
all other proprietary rights. Bitwarden reserves all rights not expressly
granted to you.

3.3 You may not use this SDK to develop applications for use with software other
than Bitwarden (including non-compatible implementations of Bitwarden) or to
develop another SDK.

3.4 You may not use the SDK for any purpose not expressly permitted by the
License Agreement. Except for contributions to Bitwarden pursuant to the
Contribution License Agreement available at this URL:
https://cla-assistant.io/bitwarden/clients, or to the extent required by
applicable third party licenses, you may not copy modify, adapt, redistribute,
decompile, reverse engineer, disassemble, or create derivative works of the SDK
or any part of the SDK.

3.5 Use, reproduction, and distribution of a component of the SDK licensed under
an open source software license are governed solely by the terms of that open
source software license and not the License Agreement.

3.6 You agree that the form and nature of the SDK that the Company provides may
change without prior notice to you and that future versions of the SDK may be
incompatible with applications developed on previous versions of the SDK. You
agree that the Company may stop (permanently or temporarily) providing the SDK
or any features within the SDK to you or to users generally at the Company’s
sole discretion, without prior notice to you.

3.7 Nothing in the License Agreement gives you a right to use any of the
Company’s trade names, trademarks, service marks, logos, domain names, or other
distinctive brand features.

3.8 You agree that you will not remove, obscure, or alter any proprietary rights
notices (including copyright and trademark notices) that may be affixed to or
contained within the SDK.

4. Use of the SDK by You

4.1 The Company agrees that it obtains no right, title, or interest from you (or
your licensors) under the License Agreement in or to any software applications
that you develop using the SDK, including any Intellectual Property Rights that
subsist in those applications.

4.2 You agree to use the SDK and write applications only for purposes that are
permitted by (a) the License Agreement and (b) any applicable law, regulation or
generally accepted practices or guidelines in the relevant jurisdictions
(including any laws regarding the export of data or software to and from the
United States or other relevant countries).

4.3 You agree that if you use the SDK to develop applications for other users,
you will protect the privacy and legal rights of those users. If the users
provide you with user names, passwords, or other login information or personal
information, you must make the users aware that the information will be
available to your application, and you must provide legally adequate privacy
notice and protection for those users. If your application stores personal or
sensitive information provided by users, it must do so securely. If the user
provides your application with Bitwarden Account information, your application
may only use that information to access the user's Bitwarden Account when, and
for the limited purposes for which, the user has given you permission to do so.

4.4 You agree that you will not engage in any activity with the SDK, including
the development or distribution of an application, that interferes with,
disrupts, damages, or accesses in an unauthorized manner the servers, networks,
or other properties or services of any third party including, but not limited
to, the Company, or any mobile communications carrier or public cloud service.

4.5 If you use the SDK to retrieve a user's data from Bitwarden, you acknowledge
and agree that you shall retrieve data only with the user's explicit consent and
only when, and for the limited purposes for which, the user has given you
permission to do so.

4.6 You agree that you are solely responsible for, and that the Company has no
responsibility to you or to any third party for, any data, content, or resources
that you create, transmit or display through Bitwarden and/or applications for
Bitwarden, and for the consequences of your actions (including any loss or
damage which Bitwarden may suffer) by doing so.

4.7 You agree that you are solely responsible for, and that the Company has no
responsibility to you or to any third party for, any breach of your obligations
under the License Agreement, any applicable third party contract or Terms of
Service, or any applicable law or regulation, and for the consequences
(including any loss or damage which the Company or any third party may suffer)
of any such breach.

5. Third Party Applications

5.1 If you use the SDK to integrate or run applications developed by a third
party or that access data, content or resources provided by a third party, you
agree that the Company is not responsible for those applications, data, content,
or resources. You understand that all data, content or resources which you may
access through such third party applications are the sole responsibility of the
person from which they originated and that the Company is not liable for any
loss or damage that you may experience as a result of the use or access of any
of those third party applications, data, content, or resources.

5.2 You should be aware that the data, content, and resources presented to you
through such a third party application may be protected by intellectual property
rights which are owned by the providers (or by other persons or companies on
their behalf). You acknowledge that your use of such third party applications,
data, content, or resources may be subject to separate terms between you and the
relevant third party. In that case, the License Agreement does not affect your
legal relationship with these third parties.

6. Use of Bitwarden Server

You acknowledge and agree that the Bitwarden server products to which any
Compatible Application must connect is protected by intellectual property rights
which are owned by the Company and your use of the Bitwarden server products is
subject to additional terms not set forth in this License Agreement.

7. Terminating this License Agreement

7.1 The License Agreement will continue to apply until terminated by either you
or the Company as set out below.

7.2 If you want to terminate the License Agreement, you may do so by ceasing
your use of the SDK and any relevant developer credentials.

7.3 The Company may at any time, terminate the License Agreement with you if:

(a) you have breached any provision of the License Agreement; or

(b) the Company is required to do so by law; or

(c) a third party with whom the Company offered certain parts of the SDK to you
has terminated its relationship with the Company or ceased to offer certain
parts of the SDK to either the Company or to you; or

(d) the Company decides to no longer provide the SDK or certain parts of the SDK
to users in the country in which you are resident or from which you use the
service, or the provision of the SDK or certain SDK services to you by the
Company is, in the Company’'s sole discretion, no longer commercially viable or
technically practicable.

7.4 When the License Agreement comes to an end, all of the legal rights,
obligations and liabilities that you and the Company have benefited from, been
subject to (or which have accrued over time whilst the License Agreement has
been in force) or which are expressed to continue indefinitely, shall be
unaffected by this cessation, and the provisions of paragraph 12.8 shall
continue to apply to such rights, obligations and liabilities indefinitely.

8. NO SUPPORT

The Company is not obligated under this License Agreement to provide you any
support services for the SDK. Any support provided is at the Company’s sole
discretion and provided on an "as is" basis and without warranty of any kind.

9. DISCLAIMER OF WARRANTIES

9.1 YOU EXPRESSLY UNDERSTAND AND AGREE THAT YOUR USE OF THE SDK IS AT YOUR SOLE
RISK AND THAT THE SDK IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF
ANY KIND FROM Bitwarden.

9.2 YOUR USE OF THE SDK AND ANY MATERIAL DOWNLOADED OR OTHERWISE OBTAINED
THROUGH THE USE OF THE SDK IS AT YOUR OWN DISCRETION AND RISK AND YOU ARE SOLELY
RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR OTHER DEVICE OR LOSS OF
DATA THAT RESULTS FROM SUCH USE.

9.3 THE COMPANY FURTHER EXPRESSLY DISCLAIMS ALL WARRANTIES AND CONDITIONS OF ANY
KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED
WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
AND NON-INFRINGEMENT.

10. LIMITATION OF LIABILITY

YOU EXPRESSLY UNDERSTAND AND AGREE THAT THE COMPANY, ITS SUBSIDIARIES AND
AFFILIATES, AND ITS LICENSORS SHALL NOT BE LIABLE TO YOU UNDER ANY THEORY OF
LIABILITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL,
STATUTORY, OR EXEMPLARY DAMAGES THAT MAY BE INCURRED BY YOU, INCLUDING ANY LOSS
OF DATA, WHETHER OR NOT THE COMPANY OR ITS REPRESENTATIVES HAVE BEEN ADVISED OF
OR SHOULD HAVE BEEN AWARE OF THE POSSIBILITY OF ANY SUCH LOSSES ARISING.

11. Indemnification

To the maximum extent permitted by law, you agree to defend, indemnify and hold
harmless the Company, its affiliates and their respective directors, officers,
employees and agents from and against any and all claims, actions, suits or
proceedings, as well as any and all losses, liabilities, damages, costs and
expenses (including reasonable attorneys fees) arising out of or accruing from
(a) your use of the SDK, (b) any application you develop on the SDK that
infringes any copyright, trademark, trade secret, trade dress, patent or other
intellectual property right of any person or defames any person or violates
their rights of publicity or privacy, and (c) any non-compliance by you with the
License Agreement.

12. General Legal Terms

12.1 The Company may make changes to the License Agreement as it distributes new
versions of the SDK. When these changes are made, the Company will make a new
version of the License Agreement available on the website where the SDK is made
available.

12.2 The License Agreement constitutes the whole legal agreement between you and
the Company and governs your use of the SDK (excluding any services or software
which the Company may provide to you under a separate written agreement), and
completely replaces any prior agreements between you and the Company in relation
to the SDK.

12.3 You agree that if the Company does not exercise or enforce any legal right
or remedy which is contained in the License Agreement (or which the Company has
the benefit of under any applicable law), this will not be taken to be a formal
waiver of the Company's rights and that those rights or remedies will still be
available to the Company.

12.4 If any court of law, having the jurisdiction to decide on this matter,
rules that any provision of the License Agreement is invalid, then that
provision will be removed from the License Agreement without affecting the rest
of the License Agreement. The remaining provisions of the License Agreement will
continue to be valid and enforceable.

12.5 You acknowledge and agree that each member of the group of companies of
which the Company is the parent shall be third party beneficiaries to the
License Agreement and that such other companies shall be entitled to directly
enforce, and rely upon, any provision of the License Agreement that confers a
benefit on them or rights in favor of them. Other than this, no other person or
company shall be third party beneficiaries to the License Agreement.

12.6 EXPORT RESTRICTIONS. THE SDK IS SUBJECT TO UNITED STATES EXPORT LAWS AND
REGULATIONS. YOU MUST COMPLY WITH ALL DOMESTIC AND INTERNATIONAL EXPORT LAWS AND
REGULATIONS THAT APPLY TO THE SDK. THESE LAWS INCLUDE RESTRICTIONS ON
DESTINATIONS, END USERS, AND END USE.

12.7 The rights granted in the License Agreement may not be assigned or
transferred by either you or the Company without the prior written approval of
the other party, provided that the Company may assign this License Agreement
upon notice to you in connection with an acquisition, merger, sale of assets, or
similar corporate change in control for the Company or the Intellectual Property
Rights in the SDK.

12.8 The License Agreement, and any dispute relating to or arising out of this
License Agreement, shall be governed by the laws of the State of California
without regard to its conflict of laws provisions. You and the Company agree to
submit to the exclusive jurisdiction of the courts located within the county of
Los Angeles, California to resolve any dispute or legal matter arising from the
License Agreement. Notwithstanding this, you agree that the Company shall be
allowed to apply for injunctive remedies, or any equivalent type of urgent legal
relief, in any forum or jurisdiction.
3 changes: 3 additions & 0 deletions languages/js/sdk-internal/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# @bitwarden/sdk-internal

**Note:** This is only for internal use. Bitwarden will not provide any support for this package.
1 change: 1 addition & 0 deletions languages/js/sdk-internal/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
{
"name": "@bitwarden/sdk-internal",
"version": "0.1.0",
"license": "SEE LICENSE IN LICENSE",
"files": [
"bitwarden_wasm_internal_bg.js",
"bitwarden_wasm_internal_bg.wasm",
Expand Down

0 comments on commit bb93c23

Please sign in to comment.