Replace @1password/op-js with the 1Password JavaScript SDK#2
Merged
Merged
Conversation
Replace the CLI-based @1password/op-js dependency with the native @1password/sdk (onepassword-sdk-js). The SDK authenticates against the 1Password desktop app via DesktopAuth (biometric unlock) instead of shelling out to the installed op CLI. Key changes: - Add a OnePassword client wrapper (src/client.ts) that lazily creates and reuses an SDK client, replacing the CLI validation wrapper (src/cli.ts). - Account setup now prompts for an account name/URL/UUID, since the SDK cannot enumerate accounts (no account.list/whoami). Vault selection uses client.vaults.list. - Items use client.items.get/create and client.items.list; secret references are constructed from vault/item/field IDs (the SDK doesn't return a reference string on fields). - Secret injection resolves op:// references via client.secrets.resolveAll and substitutes them, replacing inject.data. - Password generation uses Secrets.generatePassword with a parsed recipe. - Field types/categories map to the SDK's ItemFieldType/ItemCategory enums. - Hover auth check uses the SDK client; the Windows-only CLI workaround is removed and hover previews are enabled on all platforms. - Keep the SDK and its WebAssembly core external in the esbuild bundle and ship them in node_modules (the ~10MB wasm is loaded from disk at runtime). - The items.cacheValues setting is marked deprecated (the SDK has no cache). - Update tests, factories, and README to match.
Updated quick start guide for 1Password extension installation.
Signed-off-by: GitHub <noreply@github.com>
When the 1Password desktop app integration is disabled (or the app isn't running/unlocked), the SDK throws "Native library is not available." This previously surfaced as a raw message and, on quiet paths like hover, only went to the logs. Detect this specific error and show a clear notification explaining how to fix it (enable app integration in Settings -> Developer) with a "Learn more" link to the docs. The notification is shown even on otherwise-quiet paths, deduped so it appears only once until the account changes or a client connects. Add client tests covering the new behavior.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.