Skip to content

Windows secure storage: report unset keys as NotFound#13278

Merged
acarl005 merged 1 commit into
masterfrom
factory/windows-secure-storage-not-found
Jul 1, 2026
Merged

Windows secure storage: report unset keys as NotFound#13278
acarl005 merged 1 commit into
masterfrom
factory/windows-secure-storage-not-found

Conversation

@warp-dev-github-integration

@warp-dev-github-integration warp-dev-github-integration Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Description

On Windows, SecureStorage::read_value (and remove_value) read/remove the backing file via std::fs, so a missing key surfaced as a generic Error::IOError rather than the Error::NotFound variant that the macOS (mac.rs) and Linux (linux.rs) implementations return for an unset key.

Because of that mismatch, callers that special-case NotFound to fail closed to a default without logging — e.g. SecureSetting::read_from_secure_storage in crates/settings/src/lib.rs — fell through to their generic error arm on Windows and emitted log::error! for what is really just an unset key. That's the "not found errors logged at too high a level" reported in the thread.

This maps io::ErrorKind::NotFound to Error::NotFound in the Windows impl, so an unset key is handled as "not found" (returns cleanly, no error log), matching the other platforms. Genuine I/O errors still map to Error::IOError and continue to log.

Per reporter request, this is kept as a minimal log-noise fix with no new unit tests.

Testing

  • I have manually tested my changes locally with ./script/run

This is Windows-only, #[cfg(target_os = "windows")] code; it can't be exercised on the Linux cloud runner, and per the reporter's request no unit tests were added. Validated by cross-compiling the affected crate for the Windows target:

  • cargo check -p warpui_extras --target x86_64-pc-windows-gnu — clean
  • cargo clippy -p warpui_extras --target x86_64-pc-windows-gnu --all-targets — clean

@cla-bot cla-bot Bot added the cla-signed label Jul 1, 2026
@oz-for-oss

oz-for-oss Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

@warp-dev-github-integration[bot]

I'm starting a first review of this pull request.

You can view the conversation on Warp.

I completed the review and no human review was requested for this pull request.

Comment /oz-review on this pull request to retrigger a review (up to 3 times on the same pull request).

Powered by Oz

@oz-for-oss oz-for-oss Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overview

This PR maps Windows secure-storage filesystem NotFound errors from read_value and remove_value to Error::NotFound, aligning unset-key behavior with macOS/Linux and avoiding noisy generic error handling for absent keys.

Concerns

  • No blocking correctness, security, or spec-drift concerns found. No approved spec context was available for this PR.

Verdict

Found: 0 critical, 0 important, 0 suggestions

Approve

Comment /oz-review on this pull request to retrigger a review (up to 3 times on the same pull request).

Powered by Oz

On Windows, `SecureStorage::read_value` (and `remove_value`) read/remove the
backing file with `std::fs`, so a missing key surfaced as a generic
`Error::IOError` instead of the `Error::NotFound` variant that the macOS and
Linux implementations return for an unset key.

As a result, callers that special-case `NotFound` to fail closed to a default
without logging (e.g. `SecureSetting::read_from_secure_storage`) fell through to
their generic error arm on Windows and logged `log::error!` for what is really
just an unset key.

Map `io::ErrorKind::NotFound` to `Error::NotFound` in the Windows impl so an
unset key is handled as "not found" (no error log), matching the other
platforms, while genuine I/O errors still return `Error::IOError`.

Co-Authored-By: Warp <agent@warp.dev>
@warp-dev-github-integration warp-dev-github-integration Bot force-pushed the factory/windows-secure-storage-not-found branch from 62ebc75 to 52d7bab Compare July 1, 2026 22:52
@acarl005 acarl005 enabled auto-merge (squash) July 1, 2026 22:54
@acarl005 acarl005 merged commit 902b6bc into master Jul 1, 2026
30 checks passed
@acarl005 acarl005 deleted the factory/windows-secure-storage-not-found branch July 1, 2026 23:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants