Harden Proton validation and report candidate details #1
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Objective
Harden the Rust passkey migration tool before it is used on real exports by tightening input validation and improving audit report detail.
Background
Duplicate Bitwarden item creation is now the default migration behavior, with
--no-create-duplicatesas the opt-out. During the follow-up review, two correctness/usability gaps stood out that are not part of that default-policy change.Findings
proton::extract_passkeyscurrently returns an empty list when the top-levelvaultsobject is missing or when vault/item shapes are wrong. That can make a malformed or wrong file look like a successful zero-passkey migration instead of a bad input.ActionRecordcarries only candidate ids, andreport_entry_from_actionmaps those toTargetItem { id, name: None }. The text renderer only prints candidate names, so ambiguous reports can show an empty candidate list even when candidates existed.Proposed approach
vaultsobject, require vaultitemsarrays when vaults are present, and return clear non-zero CLI errors for invalid structure.ActionRecordor useTargetItemdirectly so text and JSON reports identify the exact ambiguous/conflicting Bitwarden items.Acceptance criteria
cargo testcoverage passes, with new tests for the validation and report cases.Risks