pkgs/by-name/bi/bitwarden-cli/package.nix at python-updates

tjh.dev / nixpkgs
fork atom
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom
nixpkgs / pkgs / by-name / bi / bitwarden-cli / package.nix
at python-updates 119 lines 2.8 kB view raw
wrap content
  1{
  2  lib,
  3  stdenv,
  4  buildNpmPackage,
  5  fetchFromGitHub,
  6  nodejs_22,
  7  perl,
  8  xcbuild,
  9  writableTmpDirAsHomeHook,
 10  versionCheckHook,
 11  nixosTests,
 12  nix-update-script,
 13}:
 14
 15buildNpmPackage (finalAttrs: {
 16  pname = "bitwarden-cli";
 17  version = "2025.12.1";
 18
 19  src = fetchFromGitHub {
 20    owner = "bitwarden";
 21    repo = "clients";
 22    tag = "cli-v${finalAttrs.version}";
 23    hash = "sha256-yER9LDFwTQkOdjB84UhEiWUDE+5Qa2vlRzq1/Qc/soY=";
 24  };
 25
 26  patches = [
 27    # https://github.com/bitwarden/clients/pull/18308
 28    ./fix-lockfile.patch
 29  ];
 30
 31  postPatch = ''
 32    # remove code under unfree license
 33    rm -r bitwarden_license
 34  '';
 35
 36  nodejs = nodejs_22;
 37
 38  npmDepsHash = "sha256-kgYXuiHeyqAKW0gVitL3b7eZMiZPFCeVeNtxClEJRfc=";
 39
 40  nativeBuildInputs = lib.optionals stdenv.hostPlatform.isDarwin [
 41    perl
 42    xcbuild.xcrun
 43  ];
 44
 45  makeCacheWritable = true;
 46
 47  env = {
 48    ELECTRON_SKIP_BINARY_DOWNLOAD = "1";
 49    npm_config_build_from_source = "true";
 50  };
 51
 52  npmBuildScript = "build:oss:prod";
 53
 54  npmWorkspace = "apps/cli";
 55
 56  npmFlags = [ "--legacy-peer-deps" ];
 57
 58  npmRebuildFlags = [
 59    # we'll run npm rebuild manually later
 60    "--ignore-scripts"
 61  ];
 62
 63  postConfigure = ''
 64    # we want to build everything from source
 65    shopt -s globstar
 66    rm -r node_modules/**/prebuilds
 67    shopt -u globstar
 68
 69    npm rebuild --verbose
 70  '';
 71
 72  postBuild = ''
 73    # remove build artifacts that bloat the closure
 74    shopt -s globstar
 75    rm -r node_modules/**/{*.target.mk,binding.Makefile,config.gypi,Makefile,Release/.deps}
 76    shopt -u globstar
 77  '';
 78
 79  postInstall = ''
 80    # The @bitwarden modules are actually npm workspaces inside the source tree, which
 81    # leave dangling symlinks behind. They can be safely removed, because their source is
 82    # bundled via webpack and thus not needed at run-time.
 83    rm -rf $out/lib/node_modules/@bitwarden/clients/node_modules/{@bitwarden,.bin}
 84  ''
 85  + lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) ''
 86    installShellCompletion --cmd bw --zsh <($out/bin/bw completion --shell zsh)
 87  '';
 88
 89  doInstallCheck = true;
 90  nativeInstallCheckInputs = [
 91    writableTmpDirAsHomeHook
 92    versionCheckHook
 93  ];
 94  versionCheckKeepEnvironment = [ "HOME" ];
 95
 96  passthru = {
 97    tests = {
 98      vaultwarden = nixosTests.vaultwarden.sqlite;
 99    };
100    updateScript = nix-update-script {
101      extraArgs = [
102        "--version=stable"
103        "--version-regex=^cli-v(.*)$"
104      ];
105    };
106  };
107
108  meta = {
109    changelog = "https://github.com/bitwarden/clients/releases/tag/${finalAttrs.src.tag}";
110    description = "Secure and free password manager for all of your devices";
111    homepage = "https://bitwarden.com";
112    license = lib.licenses.gpl3Only;
113    mainProgram = "bw";
114    maintainers = with lib.maintainers; [
115      xiaoxiangmoe
116      dotlambda
117    ];
118  };
119})