github-starred/android
2
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2026-05-09 05:20:24 -05:00
Code Issues 1.1k Packages Projects Releases 122 Wiki Activity

[PR #6177] [CLOSED] [PM-22479] Checking signingCertificateHistory for a valid asset link certificate #54596

New Issue
Closed
opened 2026-05-01 20:14:14 -05:00 by GiteaMirror · 0 comments
GiteaMirror commented 2026-05-01 20:14:14 -05:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/bitwarden/android/pull/6177
Author: @aj-rosado
Created: 11/18/2025
Status: Closed

Base: mainHead: PM-22479/check-all-certificates-validate-asset-links

📝 Commits (1)

  • 4479d56 Checking signingCertificateHistory for a valid asset link certificate

📊 Changes

4 files changed (+339 additions, -22 deletions)

View changed files

📝 app/src/main/kotlin/com/x8bit/bitwarden/data/credentials/manager/OriginManagerImpl.kt (+38 -22)
📝 app/src/main/kotlin/com/x8bit/bitwarden/data/platform/util/CallingAppInfoExtensions.kt (+18 -0)
📝 app/src/test/kotlin/com/x8bit/bitwarden/data/credentials/manager/OriginManagerTest.kt (+240 -0)
📝 app/src/test/kotlin/com/x8bit/bitwarden/data/platform/util/CallingAppInfoExtensionsTest.kt (+43 -0)

📄 Description

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-22479

📔 Objective

Added method to return signature from current certificate and past signing certificates from signingCertificateHistory when hasMultipleSigners returns false.
Using it to validate AssetLinks as some .well-known might not have the most recent certificate.

Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/bitwarden/android/pull/6177 **Author:** [@aj-rosado](https://github.com/aj-rosado) **Created:** 11/18/2025 **Status:** ❌ Closed **Base:** `main` ← **Head:** `PM-22479/check-all-certificates-validate-asset-links` --- ### 📝 Commits (1) - [`4479d56`](https://github.com/bitwarden/android/commit/4479d56241e522cd45c22202761a7d2f53de9642) Checking signingCertificateHistory for a valid asset link certificate ### 📊 Changes **4 files changed** (+339 additions, -22 deletions) <details> <summary>View changed files</summary> 📝 `app/src/main/kotlin/com/x8bit/bitwarden/data/credentials/manager/OriginManagerImpl.kt` (+38 -22) 📝 `app/src/main/kotlin/com/x8bit/bitwarden/data/platform/util/CallingAppInfoExtensions.kt` (+18 -0) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/data/credentials/manager/OriginManagerTest.kt` (+240 -0) 📝 `app/src/test/kotlin/com/x8bit/bitwarden/data/platform/util/CallingAppInfoExtensionsTest.kt` (+43 -0) </details> ### 📄 Description ## 🎟️ Tracking https://bitwarden.atlassian.net/browse/PM-22479 ## 📔 Objective Added method to return signature from current certificate and past signing certificates from `signingCertificateHistory` when `hasMultipleSigners` returns false. Using it to validate AssetLinks as some .well-known might not have the most recent certificate. ## ⏰ Reminders before review - Contributor guidelines followed - All formatters and local linters executed and passed - Written new unit and / or integration tests where applicable - Protected functional changes with optionality (feature flags) - Used internationalization (i18n) for all UI strings - CI builds passed - Communicated to DevOps any deployment requirements - Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team ## 🦮 Reviewer guidelines <!-- Suggested interactions but feel free to use (or not) as you desire! --> - 👍 (`:+1:`) or similar for great changes - 📝 (`:memo:`) or ℹ️ (`:information_source:`) for notes or general info - ❓ (`:question:`) for questions - 🤔 (`:thinking:`) or 💭 (`:thought_balloon:`) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion - 🎨 (`:art:`) for suggestions / improvements - ❌ (`:x:`) or ⚠️ (`:warning:`) for more significant problems or concerns needing attention - 🌱 (`:seedling:`) or ♻️ (`:recycle:`) for future improvements or indications of technical debt - ⛏ (`:pick:`) for minor or nitpick changes --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-05-01 20:14:14 -05:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
app:authenticator
app:password-manager
bug
bug-passkey
customer-support
duplicate
enhancement
good first issue
help wanted
needs-reply
needs-response
pull-request
Mirrored from GitHub Pull Request
 question
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/android#54596
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?