starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-12-10 17:23:04 +03:00
Code Issues 429 Packages Projects Releases 10 Wiki Activity

version is not a valid key of server in the JSON returned from api/config #396

New Issue
Closed
opened 2025-10-09 16:26:59 +03:00 by OVERLORD · 3 comments
OVERLORD commented 2025-10-09 16:26:59 +03:00
Owner
Copy Link

Originally created by @zacknewman on GitHub.

Vaultwarden Support String

Not applicable.

Steps To Reproduce

Read source code:

Json(json!({
  // Note: The clients use this version to handle backwards compatibility concerns
  // This means they expect a version that closely matches the Bitwarden server version
  // We should make sure that we keep this updated when we support the new server features
  // Version history:
  // - Individual cipher key encryption: 2023.9.1
  "version": "2024.2.0",
  "gitHash": option_env!("GIT_REV"),
  "server": {
    "name": "Vaultwarden",
    "url": "https://github.com/dani-garcia/vaultwarden",
    "version": crate::VERSION
  },
  "environment": {
    "vault": domain,
    "api": format!("{domain}/api"),
    "identity": format!("{domain}/identity"),
    "notifications": format!("{domain}/notifications"),
    "sso": "",
  },
  "featureStates": feature_states,
  "object": "config",
}))

Expected Result

server to either be null like upstream:

{
  "version":"2024.8.0",
  "gitHash":"47afe973",
  "server":null,
  "environment":{
    "cloudRegion":"US",
    "vault":"https://vault.bitwarden.com",
    "api":"https://api.bitwarden.com",
    "identity":"https://identity.bitwarden.com",
    "notifications":"https://notifications.bitwarden.com",
    "sso":"https://sso.bitwarden.com"
  },
  "featureStates":{
    "display-eu-environment":true,
    "browser-fileless-import":false,
    "return-error-on-existing-keypair":true,
    "use-tree-walker-api-for-page-details-collection":true,
    "flexible-collections-v-1":true,
    "key-rotation-improvements":true,
    "duo-redirect":true,
    "PM-5864-dollar-threshold":true,
    "show-payment-method-warning-banners":false,
    "enable-consolidated-billing":true,
    "AC-1795_updated-subscription-status-section":false,
    "AC-1218-delete-provider":true,
    "email-verification":false,
    "anh-fcmv1-migration":true,
    "extension-refresh":false,
    "restrict-provider-access":true,
    "PM-4154-bulk-encryption-service":true,
    "vault-bulk-management-action":true,
    "bulk-device-approval":true,
    "ac-2059-member-access-report":false,
    "block-legacy-users":false,
    "inline-menu-field-qualification":true,
    "two-factor-component-refactor":false,
    "inline-menu-positioning-improvements":true,
    "AC-2828_provider-portal-members-page":false,
    "ac-2833-provider-client-vault-privacy-banner":false,
    "pm-8285-device-trust-logging":true,
    "authenticator-2fa-token":true,
    "AC-2708-upgrade-password-manager-sub":false,
    "unauth-ui-refresh":false,
    "generate-identity-fill-script-refactor":true,
    "delay-fido2-page-script-init-within-mv2":true,
    "ac-1698-members-two-fa-query-optimization":false
  },
  "object":"config"
}

or to only contain the keys name and url as defined upstream:

public class ServerConfigResponseModel
{
    public string Name { get; set; }
    public string Url { get; set; }
}

Actual Result

server contains a key version.

Screenshots or Videos

No response

Logs

No response

Additional Context

No response

Host/Server Operating System

Linux

Operating System Version

No response

Deployment method

Other method

Custom deployment method

No response

Vaultwarden Build Version

1.32.0

Clients

Web Vault

Client Version

v2024.7.2

Originally created by @zacknewman on GitHub. ### Vaultwarden Support String Not applicable. ### Steps To Reproduce [Read source code](https://github.com/dani-garcia/vaultwarden/blob/main/src/api/core/mod.rs#L206): ```rust Json(json!({ // Note: The clients use this version to handle backwards compatibility concerns // This means they expect a version that closely matches the Bitwarden server version // We should make sure that we keep this updated when we support the new server features // Version history: // - Individual cipher key encryption: 2023.9.1 "version": "2024.2.0", "gitHash": option_env!("GIT_REV"), "server": { "name": "Vaultwarden", "url": "https://github.com/dani-garcia/vaultwarden", "version": crate::VERSION }, "environment": { "vault": domain, "api": format!("{domain}/api"), "identity": format!("{domain}/identity"), "notifications": format!("{domain}/notifications"), "sso": "", }, "featureStates": feature_states, "object": "config", })) ``` ### Expected Result `server` to either be `null` like upstream: ```json { "version":"2024.8.0", "gitHash":"47afe973", "server":null, "environment":{ "cloudRegion":"US", "vault":"https://vault.bitwarden.com", "api":"https://api.bitwarden.com", "identity":"https://identity.bitwarden.com", "notifications":"https://notifications.bitwarden.com", "sso":"https://sso.bitwarden.com" }, "featureStates":{ "display-eu-environment":true, "browser-fileless-import":false, "return-error-on-existing-keypair":true, "use-tree-walker-api-for-page-details-collection":true, "flexible-collections-v-1":true, "key-rotation-improvements":true, "duo-redirect":true, "PM-5864-dollar-threshold":true, "show-payment-method-warning-banners":false, "enable-consolidated-billing":true, "AC-1795_updated-subscription-status-section":false, "AC-1218-delete-provider":true, "email-verification":false, "anh-fcmv1-migration":true, "extension-refresh":false, "restrict-provider-access":true, "PM-4154-bulk-encryption-service":true, "vault-bulk-management-action":true, "bulk-device-approval":true, "ac-2059-member-access-report":false, "block-legacy-users":false, "inline-menu-field-qualification":true, "two-factor-component-refactor":false, "inline-menu-positioning-improvements":true, "AC-2828_provider-portal-members-page":false, "ac-2833-provider-client-vault-privacy-banner":false, "pm-8285-device-trust-logging":true, "authenticator-2fa-token":true, "AC-2708-upgrade-password-manager-sub":false, "unauth-ui-refresh":false, "generate-identity-fill-script-refactor":true, "delay-fido2-page-script-init-within-mv2":true, "ac-1698-members-two-fa-query-optimization":false }, "object":"config" } ``` or to only contain the keys `name` and `url` as [defined upstream](https://github.com/bitwarden/server/blob/main/src/Api/Models/Response/ConfigResponseModel.cs#L42): ```c# public class ServerConfigResponseModel { public string Name { get; set; } public string Url { get; set; } } ``` ### Actual Result `server` contains a key `version`. ### Screenshots or Videos _No response_ ### Logs _No response_ ### Additional Context _No response_ ### Host/Server Operating System Linux ### Operating System Version _No response_ ### Deployment method Other method ### Custom deployment method _No response_ ### Vaultwarden Build Version 1.32.0 ### Clients Web Vault ### Client Version v2024.7.2
OVERLORD added the bug label 2025-10-09 16:26:59 +03:00
OVERLORD commented 2025-10-09 16:27:02 +03:00
Author
Owner
Copy Link

@dani-garcia commented on GitHub:

The server entry is there to be used only by third party servers, so it makes sense that it's not upstream
c782c92f6c/libs/common/src/platform/models/data/server-config.data.ts (L22-L25)

This was meant to be used by the clients to change help links to our repo but as far as I know it hasn't happened yet.

Now that the clients are using the version field in the root to do compatibility checks, that's forced us to lie about our version number, I think the version was added to server to still have the real value somewhere. Not really necessary though, as we still have the gitHash

@dani-garcia commented on GitHub: The `server` entry is there to be used only by third party servers, so it makes sense that it's not upstream https://github.com/bitwarden/clients/blob/c782c92f6ce72497f0d19862418333e8d5d57bfb/libs/common/src/platform/models/data/server-config.data.ts#L22-L25 This was meant to be used by the clients to change help links to our repo but as far as I know it hasn't happened yet. Now that the clients are using the `version` field in the root to do compatibility checks, that's forced us to lie about our version number, I think the `version` was added to `server` to still have the real value somewhere. Not really necessary though, as we still have the `gitHash`
OVERLORD commented 2025-10-09 16:27:02 +03:00
Author
Owner
Copy Link

@zacknewman commented on GitHub:

That explains why it should not be null, but the same file you linked does not define a version key:

export class ThirdPartyServerConfigData {
  name: string;
  url: string;

  constructor(response: Partial<ThirdPartyServerConfigResponse>) {
    this.name = response.name;
    this.url = response.url;
  }

  static fromJSON(obj: Jsonify<ThirdPartyServerConfigData>): ThirdPartyServerConfigData {
    return Object.assign(new ThirdPartyServerConfigData({}), obj);
  }
}

If the clients were ever to be strict with JSON deserialization by rejecting unknown keys—something I highly doubt will happen—then this would cause issues. I see you made a bunch of changes to the JSON payloads that are sent (specifically changing PascalCase to camelCase), so I thought a reason for that is to mirror more closely what the clients expect. Feel free to close if you don't care about this.

@zacknewman commented on GitHub: That explains why it should not be `null`, but the same file you linked does not define a `version` key: ```ts export class ThirdPartyServerConfigData { name: string; url: string; constructor(response: Partial<ThirdPartyServerConfigResponse>) { this.name = response.name; this.url = response.url; } static fromJSON(obj: Jsonify<ThirdPartyServerConfigData>): ThirdPartyServerConfigData { return Object.assign(new ThirdPartyServerConfigData({}), obj); } } ``` If the clients were ever to be strict with JSON deserialization by rejecting unknown keys—something I _highly_ doubt will happen—then this would cause issues. I see you made a bunch of changes to the JSON payloads that are sent (specifically changing PascalCase to camelCase), so I thought a reason for that is to mirror more closely what the clients expect. Feel free to close if you don't care about this.
OVERLORD commented 2025-10-09 16:27:03 +03:00
Author
Owner
Copy Link

@dani-garcia commented on GitHub:

Oh yeah that's what I was trying to say, but maybe wasn't very clear, the server being non-null is expected, but the internal version value is a thing we added ourselves outside of "spec". I don't think it provides much value, so it should be safe to remove.

@dani-garcia commented on GitHub: Oh yeah that's what I was trying to say, but maybe wasn't very clear, the server being non-null is expected, but the internal version value is a thing we added ourselves outside of "spec". I don't think it provides much value, so it should be safe to remove.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
better for forum
bug
bug
bug
documentation
duplicate
enhancement
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
SSO
Third party
troubleshooting
troubleshooting
wontfix
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#396
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?