Skip to content

New secret service #125

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 9 commits into
base: develop
Choose a base branch
from
Open

New secret service #125

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
a8a57c2
Replace GnomeKeyringKeychainAccess, KDEWalletKeychainAccess by Secret…
purejava Oct 25, 2025
13e3132
Encrypted session is needed for tests to work
purejava Oct 25, 2025
5163d8b
Ensure unlocking
purejava Oct 26, 2025
9f227d0
Set default alias when missing
purejava Oct 26, 2025
c22f813
Migrate KDE wallet entries
purejava Oct 26, 2025
161ea15
Service 1.0.0 was released 🎉
purejava Oct 27, 2025
b9c6eb1
Get back GnomeKeyringKeychainAccess, KDEWalletKeychainAccess
purejava Oct 27, 2025
1c54f97
Remove added line by IDE
purejava Oct 27, 2025
17a4f69
Keep migrated items
purejava Oct 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 2 additions & 8 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,7 @@
<!-- runtime dependencies -->

<api.version>1.7.0</api.version>
<secret-service.version>2.0.1-alpha</secret-service.version>
<kdewallet.version>1.4.0</kdewallet.version>
<secret-service.version>1.0.0</secret-service.version>
<slf4j.version>2.0.17</slf4j.version>
<appindicator.version>1.4.2</appindicator.version>

Expand Down Expand Up @@ -73,15 +72,10 @@
<version>${slf4j.version}</version>
</dependency>
<dependency>
<groupId>de.swiesend</groupId>
<groupId>org.purejava</groupId>
<artifactId>secret-service</artifactId>
<version>${secret-service.version}</version>
</dependency>
<dependency>
<groupId>org.purejava</groupId>
<artifactId>kdewallet</artifactId>
<version>${kdewallet.version}</version>
</dependency>
<!-- Java bindings for appindicator -->
<dependency>
<groupId>org.purejava</groupId>
Expand Down
8 changes: 3 additions & 5 deletions src/main/java/module-info.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,7 @@
import org.cryptomator.integrations.revealpath.RevealPathService;
import org.cryptomator.integrations.tray.TrayMenuController;
import org.cryptomator.linux.autostart.FreedesktopAutoStartService;
import org.cryptomator.linux.keychain.KDEWalletKeychainAccess;
import org.cryptomator.linux.keychain.GnomeKeyringKeychainAccess;
import org.cryptomator.linux.keychain.SecretServiceKeychainAccess;
import org.cryptomator.linux.quickaccess.DolphinPlaces;
import org.cryptomator.linux.quickaccess.NautilusBookmarks;
import org.cryptomator.linux.revealpath.DBusSendRevealPathService;
Expand All @@ -16,12 +15,11 @@
requires org.slf4j;
requires org.freedesktop.dbus;
requires org.purejava.appindicator;
requires org.purejava.kwallet;
requires de.swiesend.secretservice;
requires org.purejava.secret;
Copy link

@coderabbitai coderabbitai bot Oct 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

Verify the module name for the secret-service dependency.

The module name is declared as org.purejava.secret, but according to the AI summary, the Maven artifact is org.purejava:secret-service. Module names don't always match Maven artifact names, but this should be verified to ensure module resolution succeeds at compile time.

Run the following script to verify the module name exported by the secret-service JAR:

🏁 Script executed:

#!/bin/bash
# Description: Extract and verify the module name from the secret-service JAR

# Find the secret-service JAR in Maven local repository or target
secret_jar=$(fd -e jar -g '*secret-service*.jar' ~/.m2/repository 2>/dev/null | head -1)

if [ -z "$secret_jar" ]; then
  echo "Secret service JAR not found in local Maven repository."
  echo "Attempting to check Maven Central for module info..."
  # Alternative: check Maven Central metadata
  curl -s "https://repo1.maven.org/maven2/org/purejava/secret-service/maven-metadata.xml" | grep -o '<latest>[^<]*</latest>' || echo "Could not retrieve version info"
else
  echo "Found JAR: $secret_jar"
  echo "Extracting module-info..."
  unzip -p "$secret_jar" module-info.class > /tmp/module-info.class 2>/dev/null
  if [ -f /tmp/module-info.class ]; then
    javap /tmp/module-info.class | grep "^module" || echo "Module info not found or not readable"
  else
    echo "Could not extract module-info.class from JAR"
  fi
fi

Length of output: 131

🌐 Web query:

org.purejava secret-service module name Java

💡 Result:

Do you mean the Java module name (module-info / Automatic-Module-Name) for an org.purejava "secret-service" artifact, or the Maven artifactId/groupId to add as a dependency? If you mean one of those, tell me which and I’ll look it up.

🌐 Web query:

org.purejava secret-service GitHub Java library

💡 Result:

I couldn't find a GitHub repository named "org.purejava/secret-service". The purejava (org.purejava) GitHub organization (owner: Ralph Plawetzki) hosts several Java libraries related to secrets/security instead — e.g. kdewallet and keepassxc-proxy-access. [1][2][3]

Sources:

  • purejava GitHub org (repositories list). [1]
  • org.purejava: kdewallet (Maven / project page). [2]
  • org.purejava: keepassxc-proxy-access (Maven / project page). [3]

🌐 Web query:

Maven Central org.purejava secret-service 1.0.0 jar module

💡 Result:

I couldn't find org.purejava:secret-service:1.0.0 on Maven Central. I searched Maven Central/sonatype and public Maven indexes — there is no artifact with groupId org.purejava and artifactId secret-service at version 1.0.0. [1][2]

Related hits (different groupIds) you may want to check:

  • de.swiesend:secret-service (pre‑release/RC versions shown). [3]
  • other "secret"/"secret-core" artifacts under com.github.houbb (unrelated groupId/artifactId). [4]

If you want, tell me whether you mean one of those (de.swiesend or com.github.houbb), or provide a pom.xml/URL and I’ll look up the exact Maven coordinates and the available module/jar files.

Sources:

  1. Maven Central org.purejava namespace. [https://central.sonatype.com/namespace/org.purejava] [1]
  2. Search results for org.purejava artifacts on Central (keepassxc-proxy-access, winsparkle-java). [https://central.sonatype.com/artifact/org.purejava/keepassxc-proxy-access] [2]
  3. mvnrepository / listings showing secret-service under other groups (de.swiesend / similar). [https://mvnrepository.com/artifact/com.github.javakeyring/java-keyring/1.0.0] [3]
  4. JarCasting pages for com.github.houbb:secret and secret-core. [https://jarcasting.com/artifacts/com.github.houbb/secret-core/] [4]

🏁 Script executed:

#!/bin/bash
# Find pom.xml and search for secret-service dependency
fd -name pom.xml -type f | head -5

Length of output: 230

🏁 Script executed:

#!/bin/bash
# Find pom.xml using find command
find . -name pom.xml -type f | head -5

Length of output: 9

🏁 Script executed:

#!/bin/bash
# Display pom.xml to find the dependency declaration
cat pom.xml

Length of output: 8613

🏁 Script executed:

#!/bin/bash
# Display module-info.java to see all requires directives
cat src/main/java/module-info.java

Length of output: 1745

🌐 Web query:

org.purejava secret-service Maven Central repository versions

💡 Result:

I couldn't find any versions of org.purejava:secret-service on Maven Central — the project's GitHub README shows the intended Maven/Gradle coordinates (version 1.0.0) but the repository shows "No packages published" (i.e. not on Maven Central). [1]

Sources:

  • purejava/secret-service GitHub (shows dependency snippet and "No packages published"). [1]

The dependency org.purejava:secret-service:1.0.0 is not published on Maven Central and will cause build failures.

The pom.xml declares org.purejava:secret-service version 1.0.0, but the project's GitHub shows the intended Maven coordinates but repository shows "No packages published". The build will fail during dependency resolution. Either use a different version if available, or ensure this artifact is published to the repository before building.

requires java.xml;

provides AutoStartProvider with FreedesktopAutoStartService;
provides KeychainAccessProvider with GnomeKeyringKeychainAccess, KDEWalletKeychainAccess;
provides KeychainAccessProvider with SecretServiceKeychainAccess;
provides RevealPathService with DBusSendRevealPathService;
provides TrayMenuController with AppindicatorTrayMenuController;
provides QuickAccessService with NautilusBookmarks, DolphinPlaces;
Expand Down
103 changes: 0 additions & 103 deletions src/main/java/org/cryptomator/linux/keychain/GnomeKeyringKeychainAccess.java
View file
Open in desktop

This file was deleted.

195 changes: 0 additions & 195 deletions src/main/java/org/cryptomator/linux/keychain/KDEWalletKeychainAccess.java
View file
Open in desktop

This file was deleted.

Loading