Adds keychain availability checks for all platforms#46
Adds keychain availability checks for all platforms#46hrantzsch merged 2 commits intohrantzsch:masterfrom
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #46 +/- ##
==========================================
- Coverage 81.14% 77.97% -3.17%
==========================================
Files 4 4
Lines 228 286 +58
Branches 68 92 +24
==========================================
+ Hits 185 223 +38
- Misses 28 43 +15
- Partials 15 20 +5
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
That looks very good and useful, thanks! I'll take a closer look as soon as I can. |
|
Thanks! Sorry for forgetting to mark the PR as WIP initially |
hrantzsch
left a comment
hrantzsch
left a comment
There was a problem hiding this comment.
Thanks a lot for this, very polished and thought-out. I did request a few changes. Don't hesitate to disagree though.
|
|
||
| bool isAvailable(Error &err) { | ||
| err = Error{}; | ||
|
|
There was a problem hiding this comment.
I wouldn't consider any runtime failure here as an indicator of the keychain not being available, and I wouldn't shadow the lower-level errors with the Unavailable error type.
Can we use createQuery to make the query as usual, fail with any errors it might produce, and then only look at whether or not SecItemCopyMatching succeeds as an indicator of isAvailable?
I think we can do without the specific test cases for KEYCHAIN_TEST_FAIL_DICT and KEYCHAIN_TEST_FAIL_STRING too.
There was a problem hiding this comment.
I agree that runtime errors should not be masked with Unavailable actually. I am not sure what I was thinking there. However, createQuery can block forever if no keychain exists at the time. This is an attempt to detect the potential of this happening beforehand.
I am okay with removing these test hooks
There was a problem hiding this comment.
I think I needed to go back and review I do feel like you're right for everything
There was a problem hiding this comment.
My only real thing is that the way I did it is more of a proactive probe... it's confirming the keychain is usable and can help indicate if ceateQuery is not safe to use (due to how it may hang).
By breaking it down to the lowest level parts and testing each step in isolation we can help improve the use experience
|
Looks great now! I think tests are failing because we need You can add the new build flag to the two Although seeing the errors from running without it, do you think it makes sense to run both configurations in the CI? We could add one more target to the matrix. For example (and |
|
Sorry for the delay on this, will be getting this squared tomorrow! |
Introduces `isAvailable` function to verify keychain accessibility on Linux, macOS, and Windows. On Linux, checks Secret Service status; on macOS, ensures a default keychain exists; on Windows, always returns true since CredentialManager is always present. Enhances platform-specific error handling for better diagnostics.
hrantzsch
force-pushed
the
feature/isAvailable
branch
from
52458db to
cd3f1ae
Compare
|
I took the liberty to finish this up. Let me know if I missed something. I any case, thank you for your contribution! |
2 participants
Introduces
isAvailablefunction to verify keychain accessibility on Linux, macOS, and Windows.On Linux, checks Secret Service status
On macOS, ensures a default keychain exists
On Windows, always returns true since CredentialManager is always present.
Enhances platform-specific error handling for better diagnostics.