Merge pull request #68 from BlackDex/update-vault-and-scripts

Update web-vault to v2022.05.0 and misc changes

.dockerignore

@@ -1,7 +1,12 @@
 # Local build artifacts
 builds
+docker_builds
 web-vault
 
 # Documentation
 *.md
 *.txt
+
+# Other
+.github
+Makefile

.github/workflows/release.yml

@@ -30,7 +30,7 @@ jobs:
             echo "set-output name=DOCKER_TAG::testing"
             echo "::set-output name=DOCKER_TAG::testing"
           fi
-      
+
       - name: Build and push
         uses: docker/build-push-action@a66e35b9cbcf4ad0ea91ffcaf7bbad63ad9e0229 # v2.7.0
         with:

.gitignore

@@ -1,4 +1,5 @@
 builds/
+docker_builds/
 web-vault/
 
 *.tar.gz

Dockerfile

@@ -13,7 +13,7 @@
 #    docker rm $image_id
 
 FROM node:16-bullseye as build
-RUN node -v && npm -v
+RUN node --version && npm --version
 
 # Prepare the folder to enable non-root, otherwise npm will refuse to run the postinstall
 RUN mkdir /vault
@@ -21,19 +21,19 @@ RUN chown node:node /vault
 USER node
 
 # Can be a tag, release, but prefer a commit hash because it's not changeable
-# https://github.com/bitwarden/web/commit/$VAULT_VERSION
+# https://github.com/bitwarden/web/commit/${VAULT_VERSION}
 #
-# Using https://github.com/bitwarden/web/releases/tag/v2.28.1
-ARG VAULT_VERSION=78a7181fe5afa677220d69c6ebb2d6c0a5b83729
+# Using https://github.com/bitwarden/web/releases/tag/2022.05.0
+ARG VAULT_VERSION=ec80782d8f2ec593adf4f2d874fc8b97783c9d33
 
 RUN git clone https://github.com/bitwarden/web.git /vault
 WORKDIR /vault
 
-RUN git checkout "$VAULT_VERSION" && \
-    git submodule update --recursive --init
+RUN git -c advice.detachedHead=false checkout "${VAULT_VERSION}" && \
+    git submodule update --recursive --init --force
 
 COPY --chown=node:node patches /patches
-COPY --chown=node:node apply_patches.sh /apply_patches.sh
+COPY --chown=node:node scripts/apply_patches.sh /apply_patches.sh
 
 RUN bash /apply_patches.sh
 

Makefile

@@ -0,0 +1,51 @@
+SHELL := bash
+.ONESHELL:
+.SHELLFLAGS := -eu -o pipefail -c
+.DELETE_ON_ERROR:
+
+help:
+	@echo "Use either: clean, checkout, build, patch-web-vault, generate-patch, tar, or full"
+	@echo "Or for docker builds use: docker or docker-extract"
+.PHONY: help
+
+clean:
+	rm -rvf "./web-vault"
+	rm -rvf "./builds"
+	rm -rvf "./docker_builds"
+.PHONY: clean
+
+checkout:
+	./scripts/checkout_web_vault.sh
+.PHONY: checkout
+
+patch-web-vault:
+	./scripts/patch_web_vault.sh
+.PHONY: patch-web-vault
+
+generate-patch:
+	./scripts/generate_patch_file.sh
+.PHONY: generate-patch
+
+build:
+	./scripts/build_web_vault.sh
+.PHONY: checkout
+
+tar:
+	./scripts/tar_web_vault.sh
+.PHONY: tar
+
+full: checkout patch-web-vault build tar
+.PHONY: full
+
+docker:
+	docker build -t bw_web_vault .
+.PHONY: docker
+
+docker-extract: docker
+	@docker rm bw_web_vault_extract || true
+	@docker create --name bw_web_vault_extract bw_web_vault
+	@mkdir -vp docker_builds
+	@docker cp bw_web_vault_extract:/bw_web_vault.tar.gz ./docker_builds/bw_web_vault.tar.gz
+	@docker cp bw_web_vault_extract:/web-vault ./docker_builds/web-vault
+	@docker rm bw_web_vault_extract || true
+.PHONY: docker-extract

README.md

@@ -5,18 +5,54 @@
 [![GPL-3.0 Licensed](https://img.shields.io/github/license/dani-garcia/bw_web_builds.svg)](https://github.com/dani-garcia/bw_web_builds/blob/master/LICENSE.txt)
 [![Matrix Chat](https://img.shields.io/matrix/vaultwarden:matrix.org.svg?logo=matrix)](https://matrix.to/#/#vaultwarden:matrix.org)
 
+**This project is not associated with the [Bitwarden](https://bitwarden.com/) project nor 8bit Solutions LLC.**
+
+#### ⚠️**IMPORTANT**⚠️: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.
+
+---
+
+<br>
+
 This is a repository to store the builds of the [Bitwarden web vault](https://github.com/bitwarden/web) with the patches to make it work with [vaultwarden](https://github.com/dani-garcia/vaultwarden)
 
 To create a patch you need to modify the original sources from [Bitwarden web vault](https://github.com/bitwarden/web) and execute:
 
 ```bash
-git diff --submodule=diff
+git --no-pager diff --submodule=diff --no-color --minimal
 ```
 
 This is needed because there are patches within the jslib submodule which with a default `git diff` are not shown.
 
+## Building the web-vault
+To build the web-vault you need either node and npm installed or use Docker.
+
+### Using node and npm
+For a quick and easy local build you could run:
+```bash
+make full
+```
+
+That will generate a `tar.gz` file within the `builds` directory which you can extract and use with the `WEB_VAULT_FOLDER` environment variable.
+
+### Using Docker
+Or via the usage of Docker:
+```bash
+make docker-extract
+```
+
+That will extract the `tar.gz` and files generated via Docker into the `docker_builds` directory.
+
+### More information
 For more information see: [Install the web-vault](https://github.com/dani-garcia/vaultwarden/wiki/Building-binary#install-the-web-vault)
 
+### Pre-build
 The builds are available in the [releases page](https://github.com/dani-garcia/bw_web_builds/releases), and can be replicated with the scripts in this repo.
 
-_*Note, that this project is not associated with the [Bitwarden](https://bitwarden.com/) project nor 8bit Solutions LLC._
+<br>
+
+## Get in touch
+To ask a question, offer suggestions or new features or to get help configuring or installing the software, please [use the forum](https://vaultwarden.discourse.group/).
+
+If you spot any bugs or crashes with vaultwarden itself, please [create an issue](https://github.com/dani-garcia/vaultwarden/issues/). Make sure there aren't any similar issues open, though!
+
+If you prefer to chat, we're usually hanging around at [#vaultwarden:matrix.org](https://matrix.to/#/#vaultwarden:matrix.org) room on Matrix. Feel free to join us!

package_web_vault.sh

@@ -1,63 +0,0 @@
-#!/usr/bin/env bash
-set -o pipefail -o errexit
-
-# Error handling
-handle_error() {
-    read -n1 -r -p "FAILED: line $1, exit code $2. Press any key to exit..." _
-    exit 1
-}
-trap 'handle_error $LINENO $?' ERR
-
-# Ask for ref if not provided
-if [[ -z "$VAULT_VERSION" ]]; then
-  read -rp "Input a git ref (commit hash, branch name, tag name, 'master'): " input
-  VAULT_VERSION="$input"
-fi
-
-VAULT_FOLDER=web-vault
-OUTPUT_FOLDER=builds
-OUTPUT_NAME="$OUTPUT_FOLDER/bw_web_$VAULT_VERSION.tar.gz"
-
-mkdir -p "$OUTPUT_FOLDER"
-
-# If this is the first time, clone the project
-if [ ! -d "$VAULT_FOLDER" ]; then
-    git clone https://github.com/bitwarden/web.git "$VAULT_FOLDER"
-fi
-
-cd $VAULT_FOLDER
-
-# Clean
-git checkout -f
-
-# Update branch
-git fetch --tags --all
-git pull origin master
-
-# Checkput the branch we want
-git checkout "$VAULT_VERSION"
-git submodule update --recursive --init
-
-## How to create patches
-# git --no-pager diff --submodule=diff --no-color --minimal > changes.patch
-## How to apply patches
-# git apply changes.patch
-. ../apply_patches.sh
-
-# Build
-npm ci
-# npm audit fix || true
-npm run dist:oss:selfhost
-
-# Delete debugging map files, optional
-#find build -name "*.map" -delete
-
-# Create bwrs-version.json with the latest tag from the remote repo.
-printf '{"version":"%s"}' \
-      "$(git -c 'versionsort.suffix=-' ls-remote --tags --sort='v:refname' https://github.com/dani-garcia/bw_web_builds.git 'v*' | tail -n1 | sed -E 's#.*?refs/tags/v##')" \
-      > build/vw-version.json
-
-# Prepare the final archives
-mv build web-vault
-tar -czvf "../$OUTPUT_NAME" web-vault --owner=0 --group=0
-mv web-vault build

package_web_vault.sh

@@ -0,0 +1 @@
+scripts/package_web_vault.sh

patches/v2022.05.0.patch

@@ -0,0 +1,283 @@
+Submodule jslib contains modified content
+diff --git a/jslib/angular/src/components/register.component.ts b/jslib/angular/src/components/register.component.ts
+index d4b99e17..c1626200 100644
+--- a/jslib/angular/src/components/register.component.ts
++++ b/jslib/angular/src/components/register.component.ts
+@@ -28,7 +28,7 @@ export class RegisterComponent extends CaptchaProtectedComponent implements OnIn
+   formPromise: Promise<any>;
+   masterPasswordScore: number;
+   referenceData: ReferenceEventRequest;
+-  showTerms = true;
++  showTerms = false;
+   acceptPolicies = false;
+ 
+   protected successRoute = "login";
+@@ -47,7 +47,7 @@ export class RegisterComponent extends CaptchaProtectedComponent implements OnIn
+     protected logService: LogService
+   ) {
+     super(environmentService, i18nService, platformUtilsService);
+-    this.showTerms = !platformUtilsService.isSelfHost();
++    this.showTerms = false;
+   }
+ 
+   async ngOnInit() {
+@@ -85,6 +85,15 @@ export class RegisterComponent extends CaptchaProtectedComponent implements OnIn
+   }
+ 
+   async submit() {
++    if (typeof crypto.subtle === 'undefined') {
++      this.platformUtilsService.showToast(
++        "error",
++        "This browser requires HTTPS to use the web vault",
++        "Check the Vaultwarden wiki for details on how to enable it"
++      );
++      return;
++    }
++
+     if (!this.acceptPolicies && this.showTerms) {
+       this.platformUtilsService.showToast(
+         "error",
+diff --git a/src/404.html b/src/404.html
+index 6cf5e363..54d11495 100644
+--- a/src/404.html
++++ b/src/404.html
+@@ -42,11 +42,10 @@
+         </a>
+       </p>
+       <p>
+-        You can <a href="/">return to the web vault</a>, check our
+-        <a href="https://status.bitwarden.com/">status page</a> or
+-        <a href="https://bitwarden.com/contact/">contact us</a>.
++        You can <a href="/">return to the web vault</a>, or
++        <a href="https://github.com/dani-garcia/vaultwarden">contact us</a>.
+       </p>
+     </div>
+-    <div class="container footer text-muted content">© Copyright 2022 Bitwarden, Inc.</div>
++    <div class="container footer text-muted content">© Copyright 2022 Bitwarden, Inc. (Powered by Vaultwarden)</div>
+   </body>
+ </html>
+diff --git a/src/app/app.component.ts b/src/app/app.component.ts
+index 9e26f680..dd759fd7 100644
+--- a/src/app/app.component.ts
++++ b/src/app/app.component.ts
+@@ -165,6 +165,10 @@ export class AppComponent implements OnDestroy, OnInit {
+             break;
+           }
+           case "showToast":
++            if (typeof message.text === "string" && typeof crypto.subtle === 'undefined') {
++              message.title="This browser requires HTTPS to use the web vault";
++              message.text="Check the Vaultwarden wiki for details on how to enable it";
++            }
+             this.showToast(message);
+             break;
+           case "setFullWidth":
+diff --git a/src/app/layouts/footer.component.html b/src/app/layouts/footer.component.html
+index 8601e123..22a0248b 100644
+--- a/src/app/layouts/footer.component.html
++++ b/src/app/layouts/footer.component.html
+@@ -1,6 +1,6 @@
+ <div class="container footer text-muted">
+   <div class="row">
+-    <div class="col">&copy; {{ year }}, Bitwarden Inc.</div>
++    <div class="col">&copy; {{ year }}, Bitwarden Inc. (Powered by Vaultwarden)</div>
+     <div class="col text-center"></div>
+     <div class="col text-right">
+       {{ "versionNumber" | i18n: version }}
+diff --git a/src/app/layouts/frontend-layout.component.html b/src/app/layouts/frontend-layout.component.html
+index 479302d3..84930683 100644
+--- a/src/app/layouts/frontend-layout.component.html
++++ b/src/app/layouts/frontend-layout.component.html
+@@ -1,5 +1,5 @@
+ <router-outlet></router-outlet>
+ <div class="container my-5 text-muted text-center">
+-  &copy; {{ year }}, Bitwarden Inc. <br />
++  &copy; {{ year }}, Bitwarden Inc. (Powered by Vaultwarden)<br />
+   {{ "versionNumber" | i18n: version }}
+ </div>
+diff --git a/src/app/layouts/navbar.component.html b/src/app/layouts/navbar.component.html
+index 9bbd8d2e..d2438cae 100644
+--- a/src/app/layouts/navbar.component.html
++++ b/src/app/layouts/navbar.component.html
+@@ -69,7 +69,7 @@
+               <i class="bwi bwi-fw bwi-user" aria-hidden="true"></i>
+               {{ "accountSettings" | i18n }}
+             </a>
+-            <a bit-menu-item href="https://bitwarden.com/help/" target="_blank" rel="noopener">
++            <a bit-menu-item href="https://github.com/dani-garcia/vaultwarden/" target="_blank" rel="noopener">
+               <i class="bwi bwi-fw bwi-question-circle" aria-hidden="true"></i>
+               {{ "getHelp" | i18n }}
+             </a>
+diff --git a/src/app/modules/vault/modules/individual-vault/individual-vault.component.ts b/src/app/modules/vault/modules/individual-vault/individual-vault.component.ts
+index 47e1906a..def8164c 100644
+--- a/src/app/modules/vault/modules/individual-vault/individual-vault.component.ts
++++ b/src/app/modules/vault/modules/individual-vault/individual-vault.component.ts
+@@ -94,11 +94,7 @@ export class IndividualVaultComponent implements OnInit, OnDestroy {
+   async ngOnInit() {
+     this.showVerifyEmail = !(await this.tokenService.getEmailVerified());
+     this.showBrowserOutdated = window.navigator.userAgent.indexOf("MSIE") !== -1;
+-    this.trashCleanupWarning = this.i18nService.t(
+-      this.platformUtilsService.isSelfHost()
+-        ? "trashCleanupWarningSelfHosted"
+-        : "trashCleanupWarning"
+-    );
++    this.trashCleanupWarning = this.i18nService.t("trashCleanupWarningSelfHosted");
+ 
+     this.route.queryParams.pipe(first()).subscribe(async (params) => {
+       await this.syncService.fullSync(false);
+diff --git a/src/app/modules/vault/modules/organization-vault/organization-vault.component.ts b/src/app/modules/vault/modules/organization-vault/organization-vault.component.ts
+index c7edcbe0..0e0d4807 100644
+--- a/src/app/modules/vault/modules/organization-vault/organization-vault.component.ts
++++ b/src/app/modules/vault/modules/organization-vault/organization-vault.component.ts
+@@ -75,11 +75,7 @@ export class OrganizationVaultComponent implements OnInit, OnDestroy {
+   ) {}
+ 
+   ngOnInit() {
+-    this.trashCleanupWarning = this.i18nService.t(
+-      this.platformUtilsService.isSelfHost()
+-        ? "trashCleanupWarningSelfHosted"
+-        : "trashCleanupWarning"
+-    );
++    this.trashCleanupWarning = this.i18nService.t("trashCleanupWarningSelfHosted");
+     this.route.parent.params.subscribe(async (params: any) => {
+       this.organization = await this.organizationService.get(params.organizationId);
+       this.vaultFilterComponent.organization = this.organization;
+diff --git a/src/app/send/access.component.html b/src/app/send/access.component.html
+index 19bc107b..7e1dbcc7 100644
+--- a/src/app/send/access.component.html
++++ b/src/app/send/access.component.html
+@@ -137,15 +137,6 @@
+     <div class="col-12 text-center mt-5 text-muted">
+       <p class="mb-0">
+         {{ "sendAccessTaglineProductDesc" | i18n }}<br />
+-        {{ "sendAccessTaglineLearnMore" | i18n }}
+-        <a href="https://www.bitwarden.com/products/send?source=web-vault" target="_blank"
+-          >Bitwarden Send</a
+-        >
+-        {{ "sendAccessTaglineOr" | i18n }}
+-        <a href="https://vault.bitwarden.com/#/register" target="_blank">{{
+-          "sendAccessTaglineSignUp" | i18n
+-        }}</a>
+-        {{ "sendAccessTaglineTryToday" | i18n }}
+       </p>
+     </div>
+   </div>
+diff --git a/src/app/services/init.service.ts b/src/app/services/init.service.ts
+index eacfea97..c2f81033 100644
+--- a/src/app/services/init.service.ts
++++ b/src/app/services/init.service.ts
+@@ -36,11 +36,23 @@ export class InitService {
+   ) {}
+ 
+   init() {
++    function getBaseUrl() {
++        // If the base URL is `https://vaultwarden.example.com/base/path/`,
++        // `window.location.href` should have one of the following forms:
++        //
++        // - `https://vaultwarden.example.com/base/path/`
++        // - `https://vaultwarden.example.com/base/path/#/some/route[?queryParam=...]`
++        //
++        // We want to get to just `https://vaultwarden.example.com/base/path`.
++        let baseUrl = window.location.href;
++        baseUrl = baseUrl.replace(/#.*/, '');  // Strip off `#` and everything after.
++        baseUrl = baseUrl.replace(/\/+$/, ''); // Trim any trailing `/` chars.
++        return baseUrl;
++    }
+     return async () => {
+       await this.stateService.init();
+ 
+-      const urls = process.env.URLS as Urls;
+-      urls.base ??= this.win.location.origin;
++      const urls = {base: getBaseUrl()};
+       this.environmentService.setUrls(urls);
+ 
+       setTimeout(() => this.notificationsService.init(), 3000);
+diff --git a/src/app/vault/add-edit.component.html b/src/app/vault/add-edit.component.html
+index 37410ea5..8c9e1a6f 100644
+--- a/src/app/vault/add-edit.component.html
++++ b/src/app/vault/add-edit.component.html
+@@ -182,7 +182,7 @@
+             <div class="col-6 form-group totp d-flex align-items-end" [ngClass]="{ low: totpLow }">
+               <div *ngIf="!cipher.login.totp || !totpCode">
+                 <img
+-                  src="../../images/totp-countdown.png"
++                  src="images/totp-countdown.png"
+                   id="totpImage"
+                   title="{{ 'verificationCodeTotp' | i18n }}"
+                   class="ml-2"
+diff --git a/src/scss/styles.scss b/src/scss/styles.scss
+index 26c5e5c7..b42df01b 100644
+--- a/src/scss/styles.scss
++++ b/src/scss/styles.scss
+@@ -58,3 +58,54 @@
+ @import "./tables";
+ @import "./toasts";
+ @import "./vault-filters";
++
++/**** START Vaultwarden CHANGES ****/
++/* This combines all selectors extending it into one */
++%vw-hide { display: none !important; }
++
++/* This allows searching for the combined style in the browsers dev-tools (look into the head tag) */
++#vw-hide, head { @extend %vw-hide; }
++
++/* Hide any link pointing to billing */
++a[href$="/settings/billing"] { @extend %vw-hide; }
++
++/* Hide any link pointing to subscriptions */
++a[href$="/settings/subscription"] { @extend %vw-hide; }
++
++/* Hide any link pointing to Sponsored Families */
++a[href$="/settings/sponsored-families"] { @extend %vw-hide; }
++
++/* Hide the `Enterprise Single Sign-On` button on the login page */
++a[href$="/sso"] { @extend %vw-hide; }
++
++/* Hide the info box that advertises Bitwarden Send */
++app-send-info.d-block { @extend %vw-hide; }
++
++/* Hide Two-Factor menu in Organization settings */
++app-org-settings a[href$="/settings/two-factor"] { @extend %vw-hide; }
++
++/* Hide organization plans */
++app-organization-plans > form > div.form-check { @extend %vw-hide; }
++app-organization-plans > form > h2.mt-5 { @extend %vw-hide; }
++
++/* Hide the `This account is owned by a business` checkbox and label */
++#ownedBusiness, label[for^=ownedBusiness] { @extend %vw-hide; }
++
++/* Hide External Id field for Collections */
++app-collection-add-edit form div.form-group:nth-child(2) { @extend %vw-hide; }
++
++/* Hide the radio button and label for the `Custom` org user type */
++#userTypeCustom, label[for^=userTypeCustom] { @extend %vw-hide; }
++
++/* Hide the warning that policy config is moving to Business Portal */
++app-org-policies > app-callout { @extend %vw-hide; }
++
++/* Hide Business Name and Identifier */
++app-org-account form div.form-group:nth-child(3) { display: none; }
++app-org-account form div.form-group:nth-child(4) { display: none; }
++
++/* Hide Tax Info and Form in Organization settings */
++app-org-account > div.secondary-header:nth-child(3) { @extend %vw-hide; }
++app-org-account > div.secondary-header:nth-child(3) + p { @extend %vw-hide; }
++app-org-account > div.secondary-header:nth-child(3) + p + form { @extend %vw-hide; }
++/**** END Vaultwarden CHANGES ****/
+diff --git a/src/services/webPlatformUtils.service.ts b/src/services/webPlatformUtils.service.ts
+index 755600a1..25f4561e 100644
+--- a/src/services/webPlatformUtils.service.ts
++++ b/src/services/webPlatformUtils.service.ts
+@@ -240,11 +240,11 @@ export class WebPlatformUtilsService implements PlatformUtilsService {
+   }
+ 
+   isDev(): boolean {
+-    return process.env.NODE_ENV === "development";
++    return false;
+   }
+ 
+   isSelfHost(): boolean {
+-    return process.env.ENV.toString() === "selfhosted";
++    return false;
+   }
+ 
+   copyToClipboard(text: string, options?: any): void | boolean {

scripts/.script_env

@@ -0,0 +1,16 @@
+#!/usr/bin/env bash
+# shellcheck disable=SC2034
+set -o pipefail -o errexit
+
+VAULT_FOLDER=web-vault
+OUTPUT_FOLDER=builds
+
+function get_web_vault_version {
+    # First check if we are able to get a tag or branch
+    VAULT_VERSION=$(git describe --abbrev=0 --tags --exact-match 2>/dev/null || git branch --show-current)
+    # Else we will use the current commit hash
+    if [[ -z "${VAULT_VERSION}" ]]; then
+      VAULT_VERSION=$(git rev-parse HEAD)
+    fi
+    echo "${VAULT_VERSION}"
+}

scripts/apply_patches.sh

@@ -1,12 +1,12 @@
-#!/bin/bash
+#!/usr/bin/env bash
 set -o pipefail -o errexit
 
 # If a patch was not provided, try to choose one
-if [[ -z $PATCH_NAME ]]; then
+if [[ -z ${PATCH_NAME} ]]; then
     # If a patch with the same name as the ref exists, use it
-    if [ -f "../patches/$VAULT_VERSION.patch" ]; then
-        echo "Patch file found, using that"
-        PATCH_NAME="$VAULT_VERSION.patch"
+    if [ -f "../patches/${VAULT_VERSION}.patch" ]; then
+        echo "Exact patch file found, using that"
+        PATCH_NAME="${VAULT_VERSION}.patch"
     else
         echo "Patch file not found, using latest"
         # If not, use the latest one
@@ -14,6 +14,6 @@ if [[ -z $PATCH_NAME ]]; then
     fi
 fi
 
-echo "Using patch: $PATCH_NAME"
-git apply "../patches/$PATCH_NAME" --reject
+echo "Using patch: ${PATCH_NAME}"
+git apply "../patches/${PATCH_NAME}" --reject
 echo "Patching successful!"

scripts/build_web_vault.sh

@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+set -o pipefail -o errexit
+BASEDIR=$(dirname "$(readlink -f "$0")")
+
+# Error handling
+handle_error() {
+    read -n1 -r -p "FAILED: line $1, exit code $2. Press any key to exit..." _
+    exit 1
+}
+trap 'handle_error $LINENO $?' ERR
+
+# Load default script environment variables
+# shellcheck source=.script_env
+. "${BASEDIR}/.script_env"
+
+pushd "${VAULT_FOLDER}"
+
+# Show used versions
+node --version
+npm --version
+
+# Build
+npm ci
+npm audit fix || true
+npm run dist:oss:selfhost
+
+# Delete debugging map files, optional
+#find build -name "*.map" -delete
+
+# Create vw-version.json with the latest tag from the remote repo.
+printf '{"version":"%s"}' \
+      "$(git -c 'versionsort.suffix=-' ls-remote --tags --sort='v:refname' https://github.com/dani-garcia/bw_web_builds.git 'v*' | tail -n1 | sed -E 's#.*?refs/tags/v##')" \
+      > build/vw-version.json
+
+popd

scripts/checkout_web_vault.sh

@@ -0,0 +1,47 @@
+#!/usr/bin/env bash
+set -o pipefail -o errexit
+BASEDIR=$(dirname "$(readlink -f "$0")")
+
+# Error handling
+handle_error() {
+    read -n1 -r -p "FAILED: line $1, exit code $2. Press any key to exit..." _
+    exit 1
+}
+trap 'handle_error $LINENO $?' ERR
+
+# Load default script environment variables
+# shellcheck source=.script_env
+. "${BASEDIR}/.script_env"
+
+# Ask for ref if not provided
+if [[ -z "$VAULT_VERSION" ]]; then
+    read -rp "Input a git ref (commit hash, branch name, tag name, 'master'): " input
+    VAULT_VERSION="${input}"
+fi
+
+if [ ! -d "${VAULT_FOLDER}" ]; then
+    # If this is the first time, clone the project
+    git clone https://github.com/bitwarden/web.git "${VAULT_FOLDER}"
+else
+    # If there already is a checked-out repo, lets clean it up first.
+    pushd "${VAULT_FOLDER}"
+        # Stash current changes if there are any, we don't want to loose our work if we had some
+        git stash --all --quiet &> /dev/null || true
+        # Checkout the master repo first
+        git checkout master
+        git reset --hard
+        git checkout -f
+    popd
+fi
+
+pushd "${VAULT_FOLDER}"
+
+# Update branch and tag metadata
+git fetch --tags --all
+git pull origin master
+
+# Checkout the branch we want
+git -c advice.detachedHead=false checkout "${VAULT_VERSION}"
+git submodule update --recursive --init --force
+
+popd

scripts/generate_patch_file.sh

@@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+set -o pipefail -o errexit
+BASEDIR=$(dirname "$(readlink -f "$0")")
+
+# Error handling
+handle_error() {
+    read -n1 -r -p "FAILED: line $1, exit code $2. Press any key to exit..." _
+    exit 1
+}
+trap 'handle_error $LINENO $?' ERR
+
+# Load default script environment variables
+# shellcheck source=.script_env
+. "${BASEDIR}/.script_env"
+
+pushd "${VAULT_FOLDER}"
+
+VAULT_VERSION=$(get_web_vault_version)
+# Check if the vault versions starts with 20
+if [[ ${VAULT_VERSION} = 20* ]] && [ ${#VAULT_VERSION} -ne 40 ]; then
+    VAULT_VERSION="v${VAULT_VERSION}"
+fi
+PATCH_FILENAME="${VAULT_VERSION}.patch"
+
+if [ "$(git status --porcelain | wc -l)" -ge 1 ]; then
+    git --no-pager diff --submodule=diff --no-color --minimal > "../patches/${PATCH_FILENAME}"
+    echo "Patch has been created here: patches/${PATCH_FILENAME}"
+else
+    echo "No changes found, skip generating a patch file."
+fi
+
+popd

scripts/package_web_vault.sh

@@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+set -o pipefail -o errexit
+BASEDIR=$(dirname "$(readlink -f "$0")")
+
+handle_error() {
+    read -n1 -r -p "FAILED: line $1, exit code $2. Press any key to exit..." _
+    exit 1
+}
+trap 'handle_error $LINENO $?' ERR
+
+# This script now calls all other scripts and will do the exact same as it did before.
+# The only change is that all parts are split-up so they can run separately
+
+# Load default script environment variables
+# shellcheck source=.script_env
+. "${BASEDIR}/.script_env"
+
+# Checkout the web-vault from github
+# shellcheck source=checkout_web_vault.sh
+. "${BASEDIR}/checkout_web_vault.sh"
+
+# Patch the web-vault using our patches
+# shellcheck source=patch_web_vault.sh
+. "${BASEDIR}/patch_web_vault.sh"
+
+# Build the web-vault using node and npm
+# shellcheck source=build_web_vault.sh
+. "${BASEDIR}/build_web_vault.sh"
+
+# Generate an archive from the build
+# shellcheck source=tar_web_vault.sh
+. "${BASEDIR}/tar_web_vault.sh"

scripts/patch_web_vault.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+set -o pipefail -o errexit
+BASEDIR=$(dirname "$(readlink -f "$0")")
+
+# Error handling
+handle_error() {
+    read -n1 -r -p "FAILED: line $1, exit code $2. Press any key to exit..." _
+    exit 1
+}
+trap 'handle_error $LINENO $?' ERR
+
+# Load default script environment variables
+# shellcheck source=.script_env
+. "${BASEDIR}/.script_env"
+
+pushd "${VAULT_FOLDER}"
+
+# Apply a patch from the patches directory
+# shellcheck source=apply_patches.sh
+. "${BASEDIR}/apply_patches.sh"
+
+popd

scripts/tar_web_vault.sh

@@ -0,0 +1,27 @@
+#!/usr/bin/env bash
+set -o pipefail -o errexit
+BASEDIR=$(dirname "$(readlink -f "$0")")
+
+# Error handling
+handle_error() {
+    read -n1 -r -p "FAILED: line $1, exit code $2. Press any key to exit..." _
+    exit 1
+}
+trap 'handle_error $LINENO $?' ERR
+
+# Load default script environment variables
+# shellcheck source=.script_env
+. "${BASEDIR}/.script_env"
+
+mkdir -pv "${OUTPUT_FOLDER}"
+
+pushd "${VAULT_FOLDER}"
+
+VAULT_VERSION=$(get_web_vault_version)
+OUTPUT_NAME="${OUTPUT_FOLDER}/bw_web_${VAULT_VERSION}.tar.gz"
+
+mv build web-vault
+tar -czvf "../${OUTPUT_NAME}" web-vault --owner=0 --group=0
+mv web-vault build
+
+popd