Your environment

Windows 11

op-vscode version:

v1.0.4

VS Code version:

1.71.0

CLI version:

2.5.1

OS:

Steps to reproduce

run this

What happened?

What did you expect to happen?

Notes & Logs

["ERROR" - 12:00:35 PM] Error executing CLI command

Your environment

op-vscode version: 1.0.1

VS Code version: 1.71.2

CLI version: 2.7.1

OS: Ubuntu 22.04.1 LTS

Steps to reproduce

1. Open a file in vscode (it can be blank)
2. Open the command palette (ctrl+shift+p)
3. Execute the "1Password: Preview with secrets" command
4. Click "Preview" in the popup modal

What happened?

I get 2 toast notifications in the bottom right:

1. An error notification saying: "Error executing CLI command"
2. An info notification saying "Injecting secrets..." with a progress bar. This notification persists for a while (maybe 5 minutes) until timeout.

What did you expect to happen?

I expected the command to open a new view of the file with op://... secret references replaced with the actual secrets.

Notes & Logs

I tested all the other 1password commands that were available and they all worked as I expected, except "1Password: Save in 1Password" where I have the same issue as described in #69.

Vscode "1Password" log:

["INFO" - 2:53:49 PM] Starting 1Password for VS Code.
["INFO" - 2:53:49 PM] Extension Version: 1.0.1.
["ERROR" - 2:53:52 PM] Error executing CLI command
["DEBUG" - 3:00:14 PM] Opening 1Password with path: 
["ERROR" - 3:00:35 PM] Error executing CLI command
["ERROR" - 3:03:26 PM] Error executing CLI command
["ERROR" - 3:04:14 PM] Error executing CLI command
["ERROR" - 3:04:55 PM] Error executing CLI command
["ERROR" - 3:06:25 PM] Error executing CLI command

Vscode "Extension Host" log doesn't show anything when this failure happens.

The log at ~/.config/1Password/logs/1Password_rCURRENT.log also shows nothing.

I tried debugging the op-js library directly and would get errors like:

CLIError: connecting to desktop app: read: connection reset, make sure the CLI is correctly installed and CLI Biometric Unlock is enabled in the 1Password app

but the log at ~/.config/1Password/logs/1Password_rCURRENT.log contains errors like the below:

WARN  2022-09-21T14:57:28.666 tokio-runtime-worker(ThreadId(15)) [1P:foundation/op-sys-info/src/process_information/linux.rs:247] binary permission verification failed for /home/$USER/.config/nvm/versions/node/v16.12.0/bin/node

so I suspect my failure to get op-js to work might not be the cause of the vscode extension failing. I do have "Unlock using system authentication service" and "Biometric unlock for 1Password CLI" options enabled.

I have the sockets listening that I would expect, based on reading https://1password.community/discussion/128447/op-cli-with-biometric-unlock-using-polkit-not-working

$ ss --listening | grep -i pass | column -t ; ls -la ${XDG_RUNTIME_DIR}/1Password-BrowserSupport.sock 
nl     UNCONN  0  0     rtnl:1password/6361                           *         
nl     UNCONN  0  0     rtnl:1password/6520                           *         
nl     UNCONN  0  0     rtnl:1password/6520                           *         
nl     UNCONN  0  0     rtnl:1password/6361                           *         
nl     UNCONN  0  0     uevent:1password/6361                         *         
nl     UNCONN  0  0     uevent:1password/6361                         *         
u_str  LISTEN  0  1024  /home/greg/.1password/agent.sock              59117  *  0
u_str  LISTEN  0  1024  /run/user/1000/1Password-BrowserSupport.sock  67780  *  0
srw------- 1 greg greg 0 Sep 21 11:13 /run/user/1000/1Password-BrowserSupport.sock

I've tried restarting 1Password, toggling system-auth and biometric settings off and back on, and rebooting, but none seem to change the behavior.

Your environment

op-vscode version: v1.0.0
1Password for Mac 8.8.0
VS Code version: Version: 1.68.1 (Universal)
CLI version: 2.5.1
OS: macOS 12.4 (21F79)

Steps to reproduce

1. Cursor on a given line in VS Code2.
2. CMD-Shift-P
3. --> 1Password: Get from 1password
4. Type name of 1password Login item: "Backblaze" (with first capital, exactly as in 1password
5. 1password app on macOS gives prompt: "1Password is trying to authorize CLI access to your account “<my_vault_name>” in “Code”
6. Clicked the "Accept" button
7. I get the dialog box in VS Code: "Command '1Password: Get from 1Password' resulted in an error (Cannot read properties of undefined (reading 'kind'))"

Note I've completely restarted VS Code and 1password, and 1password helper extension before reproducing this again.

What happened?

Command '1Password: Get from 1Password' resulted in an error (Cannot read properties of undefined (reading 'kind'))

What did you expect to happen?

op:// string should have been pasted in to the line in VS code

Notes & Logs

From ~/Library/Application\ Support/Code/logs/20220624T123025/exthost1/exthost.log

[2022-06-24 12:30:26.676] [exthost] [info] Extension host with pid 73539 started
[2022-06-24 12:30:26.676] [exthost] [info] Skipping acquiring lock for /Users/pete/Library/Application Support/Code/User/workspaceStorage/5664e5b984fa2711b279ab81a4de5fd7.
[2022-06-24 12:30:26.707] [exthost] [info] ExtensionService#_doActivateExtension GrapeCity.gc-excelviewer, startup: false, activationEvent: 'onLanguage:plaintext'
[2022-06-24 12:30:26.711] [exthost] [info] ExtensionService#_doActivateExtension ms-python.python, startup: false, activationEvent: 'onLanguage:ansible', root cause: redhat.ansible
[2022-06-24 12:30:26.754] [exthost] [info] ExtensionService#_doActivateExtension redhat.vscode-yaml, startup: false, activationEvent: 'onLanguage:ansible', root cause: redhat.ansible
[2022-06-24 12:30:26.783] [exthost] [info] ExtensionService#_doActivateExtension vscode.microsoft-authentication, startup: false, activationEvent: 'onAuthenticationRequest:microsoft'
[2022-06-24 12:30:26.799] [exthost] [info] ExtensionService#_doActivateExtension vscode.debug-auto-launch, startup: true, activationEvent: ''
[2022-06-24 12:30:26.802] [exthost] [info] ExtensionService#_doActivateExtension vscode.git-base, startup: true, activationEvent: '', root cause: vscode.git
[2022-06-24 12:30:26.804] [exthost] [info] ExtensionService#_doActivateExtension vscode.ipynb, startup: true, activationEvent: ''
[2022-06-24 12:30:26.807] [exthost] [info] ExtensionService#_doActivateExtension vscode.github-authentication, startup: true, activationEvent: '', root cause: GitHub.vscode-pull-request-github
[2022-06-24 12:30:26.816] [exthost] [info] ExtensionService#_doActivateExtension oderwat.indent-rainbow, startup: true, activationEvent: ''
[2022-06-24 12:30:26.836] [exthost] [info] ExtensionService#_doActivateExtension vscode.git, startup: true, activationEvent: ''
[2022-06-24 12:30:26.850] [exthost] [info] ExtensionService#_doActivateExtension vscode.github, startup: true, activationEvent: ''
[2022-06-24 12:30:26.853] [exthost] [info] ExtensionService#_doActivateExtension GitHub.vscode-pull-request-github, startup: true, activationEvent: ''
[2022-06-24 12:30:26.958] [exthost] [info] ExtensionService#_doActivateExtension redhat.ansible, startup: false, activationEvent: 'onLanguage:ansible'
[2022-06-24 12:30:26.985] [exthost] [warning] [redhat.vscode-yaml] Accessing a resource scoped configuration without providing a resource is not expected. To get the effective value for '[yaml]', provide the URI of a resource or 'null' for any resource.
[2022-06-24 12:30:26.985] [exthost] [warning] [redhat.vscode-yaml] Accessing a resource scoped configuration without providing a resource is not expected. To get the effective value for '[yaml]', provide the URI of a resource or 'null' for any resource.
[2022-06-24 12:30:27.095] [exthost] [warning] [redhat.vscode-yaml] Accessing a resource scoped configuration without providing a resource is not expected. To get the effective value for '[yaml]', provide the URI of a resource or 'null' for any resource.
[2022-06-24 12:30:27.136] [exthost] [info] Eager extensions activated
[2022-06-24 12:30:27.138] [exthost] [info] ExtensionService#_doActivateExtension vscode.emmet, startup: false, activationEvent: 'onStartupFinished'
[2022-06-24 12:30:27.142] [exthost] [info] ExtensionService#_doActivateExtension vscode.merge-conflict, startup: false, activationEvent: 'onStartupFinished'
[2022-06-24 12:30:27.143] [exthost] [info] ExtensionService#_doActivateExtension 1Password.op-vscode, startup: false, activationEvent: 'onStartupFinished'
[2022-06-24 12:30:27.146] [exthost] [info] ExtensionService#_doActivateExtension aaron-bond.better-comments, startup: false, activationEvent: 'onStartupFinished'
[2022-06-24 12:30:27.157] [exthost] [info] ExtensionService#_doActivateExtension eamodio.gitlens, startup: false, activationEvent: 'onStartupFinished'
[2022-06-24 12:30:27.171] [exthost] [info] ExtensionService#_doActivateExtension esbenp.prettier-vscode, startup: false, activationEvent: 'onStartupFinished'
[2022-06-24 12:30:27.191] [exthost] [info] ExtensionService#_doActivateExtension ms-vscode-remote.remote-containers, startup: false, activationEvent: 'onStartupFinished'
[2022-06-24 12:30:27.205] [exthost] [info] ExtensionService#_doActivateExtension PascalReitermann93.vscode-yaml-sort, startup: false, activationEvent: 'onStartupFinished'
[2022-06-24 12:30:27.250] [exthost] [info] ExtensionService#_doActivateExtension PKief.material-icon-theme, startup: false, activationEvent: 'onStartupFinished'
[2022-06-24 12:30:27.255] [exthost] [info] ExtensionService#_doActivateExtension sourcery.sourcery, startup: false, activationEvent: 'onStartupFinished'
[2022-06-24 12:30:27.311] [exthost] [info] ExtensionService#_doActivateExtension vscode.configuration-editing, startup: false, activationEvent: 'onLanguage:jsonc'
[2022-06-24 12:30:27.312] [exthost] [info] ExtensionService#_doActivateExtension vscode.json-language-features, startup: false, activationEvent: 'onLanguage:jsonc'
[2022-06-24 12:30:27.319] [exthost] [info] ExtensionService#_doActivateExtension vscode.typescript-language-features, startup: false, activationEvent: 'onLanguage:jsonc'
[2022-06-24 12:30:55.046] [exthost] [error] TypeError: Cannot read properties of undefined (reading 'kind')
at /Applications/Visual Studio Code.app/Contents/Resources/app/out/vs/workbench/api/node/extensionHostProcess.js:83:206465
at processTicksAndRejections (node:internal/process/task_queues:96:5) op-vscode.getValueFromItem {"value":"1Password.op-vscode","_lower":"1password.op-vscode"}
[2022-06-24 13:33:09.970] [exthost] [warning] TextEditor is closed/disposed
[2022-06-24 13:40:15.948] [exthost] [error] TypeError: Cannot read properties of undefined (reading 'kind')
at /Applications/Visual Studio Code.app/Contents/Resources/app/out/vs/workbench/api/node/extensionHostProcess.js:83:206465
at processTicksAndRejections (node:internal/process/task_queues:96:5) op-vscode.getValueFromItem {"value":"1Password.op-vscode","_lower":"1password.op-vscode"}

Hey there, huge fan of 1Password.

I don't seem to be able to login, or figure out how.

I have the CLI installed, logged in with Invoke-Expression $(op signin) using Powershell without any issues.
However once I go into VSCode, I do F1 -> Choose Account and pick the account, it shows
Error executing CLI command: You are not currently signed in. Please run op signin --help for instructions.

I am not using Biometric Unlock by the way (which I assume isn't required since the docs say so).

OP Version: 2.4.1
OP-VSCode Version: 0.1.1
OS: Windows 10 (21H1)
1Password Version: 8.7.2

op-vscode version: 1.0.4

VS Code version: 1.84.2

CLI version: 2.22.0

OS: WIndows

Steps to reproduce

Trough the command palleto trying to execute generate or store password both give the same error well other commands are working like select account etc also the commands like op vault list etc works in the terminal but like those 2 command will not work from the command pallete and this is the error i get: Error executing CLI command: invalid JSON in piped input.

Summary

It appears that there are no docs on using the op cli for injecting secrets in a devcontainer setup.sh script (the "postCreateCommand" in the devcontainer.json). It would be helpful to have docs on best-practices for that scenario.

Use cases

I currently have the following in my setup.sh script for my devcontainer:

curl -sS https://downloads.1password.com/linux/keys/1password.asc | \
  sudo gpg --dearmor --output /usr/share/keyrings/1password-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/1password-archive-keyring.gpg] https://downloads.1password.com/linux/debian/$(dpkg --print-architecture) stable main" |
  sudo tee /etc/apt/sources.list.d/1password.list
sudo mkdir -p /etc/debsig/policies/AC2D62742012EA22/
curl -sS https://downloads.1password.com/linux/debian/debsig/1password.pol | \
  sudo tee /etc/debsig/policies/AC2D62742012EA22/1password.pol
sudo mkdir -p /usr/share/debsig/keyrings/AC2D62742012EA22
curl -sS https://downloads.1password.com/linux/keys/1password.asc | \
  sudo gpg --dearmor --output /usr/share/debsig/keyrings/AC2D62742012EA22/debsig.gpg
sudo apt update && sudo apt install 1password-cli
eval $(op signin)
# I then have to manually type in 4 items of information in order to complete the login 

AWS_ACCESS_KEY_ID=`op read op://Private/AWS/username`
AWS_SECRET_ACCESS_KEY=`op read op://Private/AWS/credential`
AWS_DEFAULT_REGION=`op read op://Private/AWS/region` 
mkdir -p ~/.aws/
cat <<-END > ~/.aws/credentials
[default]
aws_access_key_id = $AWS_ACCESS_KEY_ID
aws_secret_access_key = $AWS_SECRET_ACCESS_KEY
region = $AWS_DEFAULT_REGION
END
chmod 600 ~/.aws/credentials

Proposed solution

It would be great to have some docs on whether the above method is best-practices or whether there is a better way. AFAIK, the VS Code extension cannot be used during the postCreateCommand job, but maybe I'm wrong?

Is there a workaround to accomplish this today?

See above

Summary

We maintain a list of regular expressions to help detect secrets within your open files in VS Code. There will always be room to expand this list, and in some the extension may encounter a false positive. It would be nice if an individual could customize this list to not disable certain patterns, but add their own pattern.

Use cases

• User regularly works in code that results in false positives for a specific secret pattern, and disables it as a result so it does not impact their development workflow
• User works for a company that has a special type of token known only to them. They add a pattern to match this token.

Proposed solution

Add two new settings:

• One storing and listing disabled patterns by name
  • The ability to disable a pattern should be presented as a CodeLens next to the existing CL offering to save. For example "Save in 1Password • Ignore pattern"
• One storing custom pattern regexps
  • The settings will hold the patterns, which will be merged into the existing pattern list
  • Possibly include an option to store a name and field alongside the pattern that is suggested as the item and field values

Is there a workaround to accomplish this today?

No

Your environment

op-vscode version: 1.0.2

VS Code version: 1.71.2

CLI version: 2.7.1

OS: Ubuntu 22.04

Steps to reproduce

1. Command Palette > 1password: choose acount OR 1password: choose vault
2. Choose one of the listed accounts.
   a. FWIW, both the listed acounts here have my.1password.com in light grey text displayed next to them.

What happened?

vs code error toast popup:
Error executing CLI command: found multiple accounts for filter "my.1password.com".

What did you expect to happen?

Be able to use one of the accounts. Be able to choose a vault belonging to one of the accounts

Notes & Logs

["INFO" - 9:55:07 PM] Starting 1Password for VS Code.
["INFO" - 9:55:07 PM] Extension Version: 1.0.2.
["ERROR" - 9:55:15 PM] Error executing CLI command

Your environment

op-vscode version: 1.0.1

VS Code version: 1.70.2 (Apple Silicon)

CLI version: 2.6.2

OS: macOS Monterey v12.5.1

Steps to reproduce

When using the Save in 1Password feature in the command palette or json file.

1. Select a secret
2. ⌘+⇧+P
3. Select 1Password: Save in 1Password
4. Enter a name: MyEntry
5. Enter field name: password
6. Use TouchID to allow 1Password

What happened?

A notification with: Cannot read properties of undefined (reading 'reference')
An entry in 1Password is created with just the title and without the secret.

What did you expect to happen?

Saving the secret in 1Password entry.

Notes & Logs

[2022-08-26 15:34:40.657] [exthost] [error] TypeError: Cannot read properties of undefined (reading 'reference')
at /Users/thiago/.vscode/extensions/1password.op-vscode-1.0.1/dist/extension.js:53:6016
at Object.edit (/Applications/Visual Studio Code.app/Contents/Resources/app/out/vs/workbench/api/node/extensionHostProcess.js:83:54197)
at Ct.insertSavedItem (/Users/thiago/.vscode/extensions/1password.op-vscode-1.0.1/dist/extension.js:53:5994)
at Ct.saveItem (/Users/thiago/.vscode/extensions/1password.op-vscode-1.0.1/dist/extension.js:53:4340)
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at /Users/thiago/.vscode/extensions/1password.op-vscode-1.0.1/dist/extension.js:53:2298
at a._executeContributedCommand (/Applications/Visual Studio Code.app/Contents/Resources/app/out/vs/workbench/api/node/extensionHostProcess.js:85:63914)
at a._executeContributedCommand (/Applications/Visual Studio Code.app/Contents/Resources/app/out/vs/workbench/api/node/extensionHostProcess.js:85:63914) op-vscode.saveValueToItem {"value":"1Password.op-vscode","_lower":"1password.op-vscode"}
[2022-08-26 15:34:40.658] [exthost] [error] TypeError: Cannot read properties of undefined (reading 'reference')
at /Users/thiago/.vscode/extensions/1password.op-vscode-1.0.1/dist/extension.js:53:6016
at Object.edit (/Applications/Visual Studio Code.app/Contents/Resources/app/out/vs/workbench/api/node/extensionHostProcess.js:83:54197)
at Ct.insertSavedItem (/Users/thiago/.vscode/extensions/1password.op-vscode-1.0.1/dist/extension.js:53:5994)
at Ct.saveItem (/Users/thiago/.vscode/extensions/1password.op-vscode-1.0.1/dist/extension.js:53:4340)
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at /Users/thiago/.vscode/extensions/1password.op-vscode-1.0.1/dist/extension.js:53:2298
at a._executeContributedCommand (/Applications/Visual Studio Code.app/Contents/Resources/app/out/vs/workbench/api/node/extensionHostProcess.js:85:63914)
at a._executeContributedCommand (/Applications/Visual Studio Code.app/Contents/Resources/app/out/vs/workbench/api/node/extensionHostProcess.js:85:63914) _vscode_delegate_cmd_l7akmsrm undefined

Your environment

op-vscode version:
1.0.4

VS Code version:
1.84.2

CLI version:
2.23.0

OS:

Steps to reproduce

I add a secret reference in my sftp.json and when I try to connect, it does not work.

What happened?

I get this error message: All configured authentication methods failed

What did you expect to happen?

It should connect to my server.

Notes & Logs

I tried the CLI in the terminal - it works. I can save credentials from vscode to 1P or get secrets from 1P.

I tried "Preview with secrets" in vscode and the preview has the correct information. But it won´t connect.

Have spent several minutes trying to figure out how to get 1Password to work and it's very unclear from the messaging and docs. A lot of commands end up in errors and there are quick picks without any instructions.

Extension version: v0.1.1
Version: 1.68.0-insider (Universal)
Commit: 87630a9122f88f5062fe9964839a92116c274a86
Date: 2022-06-06T17:07:57.914Z
Electron: 17.4.7
Chromium: 98.0.4758.141
Node.js: 16.13.0
V8: 9.8.177.13-electron.0
OS: Darwin arm64 21.5.0

Summary

Add support for remote development

Use cases

Well support for everyone who codes in a remote environment like

• docker
• wsl
• ssh
• github codespaces
• vscode server
• ...

Proposed solution

The extension need to be loaded on the remote development container and at the client.
The remove container sends throw the client the request to the op cli

for vscode instances running on the browser at the client some other solution may be required.
A solution may be to use the browser extensions instead

Is there a workaround to accomplish this today?

Sadly i don't know a workaround

References & Prior Work

¯\_(ツ)_/¯

Summary

let say I have an .env variable like

PUBLIC_APP_URL=127.0.0.1:5000

I highlight the 127.0.0.1:5000 part and invoke 1Password: Save in 1Password. What do you want to call it? defaults to save in url, and I think thats sounds good. This process creates a standard 1Password item and does not replace the hardcoded selection. I see that not available through 1Password: Get from 1Password. Thereafter, I figure when asked for the What do you want to call it? I put in PUBLIC_APP_URL.

Proposed solution

When 1Password: Save to 1Password is invoked, regex the selection to include the key if highlighted and load that for the default in What do you want to call it? Also if the key is not highlighted change the default from url to something like UNDEFINED_KEY in order to prevent user confusion as I had as above. This change (if key highlighted) would also require the selection be changed before replacing the hardcoded secret with the 1Password replacement.

Is there a workaround to accomplish this today?

Already know url won't work (not in docs?) and manually type a new name.

In my experience, 1Password secret references (https://developer.1password.com/docs/cli/secrets-reference-syntax/) are not being recognized in the context of Jupyter notebooks by the op-vscode -- even I see the secret reference being recognized in .py files for example. For example:

In contrast:

I'm tempted to run vscode under the 1Password cli (op) directly with op run code to work around this problem, but I understand that this might be the most secure thing to do. Is that true?

Are others having the problem of secret references not working inside of a .ipynb context?

Your environment

op-vscode version: v1.0.2

VS Code version: 1.72.2

CLI version: 2.7.1

OS: Ubuntu 20.04.5 LTS

Steps to reproduce

1. Highlight an URL in a file which one wants to save (e.g. https://google.com)
2. Call the 1Password: Save in 1Password command
3. When asked input a name for the new item (e.g. my-url)
4. When asked leave the auto-detected field name url
5. Hit enter to save the URL in 1Password

What happened?

1. The command 1Password: Save in 1Password results in an error: Cannot read properties of undefined (reading 'reference').
2. The item is created in 1Password itself with the correct field name and value
3. In VSCode the now saved URL is not replaced with a reference

What did you expect to happen?

1. The saved URL should be replaced with the 1Password reference

Notes & Logs

When naming the field something other than url (e.g. be_url) it will work as expected!

[2022-10-19 09:37:08.697] [exthost] [error] TypeError: Cannot read properties of undefined (reading 'reference')
	at /home/administrator/.vscode/extensions/1password.op-vscode-1.0.2/dist/extension.js:53:6022
	at Object.edit (/usr/share/code/resources/app/out/vs/workbench/api/node/extensionHostProcess.js:90:53153)
	at Ct.insertSavedItem (/home/administrator/.vscode/extensions/1password.op-vscode-1.0.2/dist/extension.js:53:6000)
	at Ct.saveItem (/home/administrator/.vscode/extensions/1password.op-vscode-1.0.2/dist/extension.js:53:4345)
	at process.processTicksAndRejections (node:internal/process/task_queues:96:5)
	at async /home/administrator/.vscode/extensions/1password.op-vscode-1.0.2/dist/extension.js:53:2298
	at async n._executeContributedCommand (/usr/share/code/resources/app/out/vs/workbench/api/node/extensionHostProcess.js:90:111316) op-vscode.saveValueToItem {"value":"1Password.op-vscode","_lower":"1password.op-vscode"}

Summary

I've been looking to integrate the secret provision from op run -- into vscode, so I can start using it for my local development.I am using 1Password plugin for vscode that is documented here.However, there doesn't seem to be a way to integrate a tool like this (that I can think of) into vscode at the moment - specifically vscode-python.And unable to inject variables into runtime without prefix op run -- and it seems there is no option available for this.

Use cases

• I Provide the secret references in .env of the format op://<vault-name>/<item-name>[/<section-name>]/<field-name>
• The main the cause here is when Inject variables into runtime without the prefix of op run (using debugger), not able to inject the variables using debugger and it seems there is no option available for the debugger.

Prior Work

I have investigated a lot If a similar feature was implemented for another language, but nothing found on this issue.

References

• Extension 1Password page: https://developer.1password.com/docs/vscode/
• Forum of 1Password: https://1password.community/categories/cli

I'm unable to Get from 1Password

Steps:

• Open Command Palette
• Run >1Password: Get from 1Password
• Enter in Name or ID

Your environment

op-vscode version:1.0.0

VS Code version: 1.68.1

CLI version: 2.5.1

OS: MacOs

Steps to reproduce

1. Install CLI with brew
2. sign in with eval $(op signin)
3. Open new tab in a terminal, run op whoami

What happened?

When I follow the steps that I described, I get the following error:
[ERROR] 2022/06/29 08:17:29 could not find session token for account <myacount>

What did you expect to happen?

Keep session between tabs

Hi Team,

The documentation doesn't clarify how to run a script, if it has a secret reference. Every time I try to run the script with op run prefix , it fails to load the actual value of the secret at runtime

Your environment

op-vscode version: v1.0.0

VS Code version: 1.68.1

CLI version: 2.5.1

OS: macOS 12.4

Steps to reproduce

1. A VS Code window loads. Or I manually reload one.

What happened?

There's this "pop-up" (bottom right side) that says
"CLI is not installed. Please install it to use 1Password for VS Code. Source: 1Password (Extension)", with a button "Open installation documentation".

What did you expect to happen?

A prompt to choose the vault, as the documentation says? Not this pop-up, at the very least

Notes & Logs

Typing op --version in a terminal (system, or VS Code's) gets "2.5.1"

Your environment

op-vscode version: 1.0.4

VS Code version: 1.74.2

CLI version: 2.12.0

OS: Fedora Workstation 37

Steps to reproduce

1. Install VS Code extension.
2. Click "Choose account" from notification.

What happened?

Running the 1Password: Choose account command in the command palette produces this more descriptive error:

What did you expect to happen?

I should be able to select my account.

Notes & Logs

Extension log outputs:

["INFO" - 2:06:36 PM] Starting 1Password for VS Code.
["INFO" - 2:06:36 PM] Extension Version: 1.0.4.
["ERROR" - 2:07:19 PM] Error executing CLI command

1Password CLI works as expected. I'm able to sign in and access vaults. 1Password desktop client also works perfectly and with system authentication.

Connect with 1Password CLI is enabled. 1Password is installed via Yum/DNF.

Please let me know if anything else is needed, thank you!

• Issue Type: Performance
• Extension Name: op-vscode
• Extension Version: 1.0.4
• OS Version: Windows_NT x64 10.0.22621
• VS Code version: 1.74.3

⚠️ Make sure to attach this file from your home-directory:
⚠️file:///c%3A/Users/GENESI~1.BER/AppData/Local/Temp/1Password.op-vscode-unresponsive.cpuprofile.txt

Find more details here: https://github.com/microsoft/vscode/wiki/Explain-extension-causes-high-cpu-load

Summary

"1Password: Save in 1Password" does not work.

Prerequisites

• Tried on Win 11 Pro Build 22621, Win 10 Enterprise Build 19044 and WSL2 Ubuntu 22.04.1 LTS

1. Install 1Password CLI

PS C:\Users\MircoMarahrens> op --version
2.7.3

$ op --version
2.7.3

2. Install VSCode extension "1Password", v1.0.4
3. Connect CLI with app/account
4. "1Password: Choose vault"

Details

1. Mark item to store
2. "1Password: Save in 1Password"
3. Enter item name
4. Enter field name

Result

1. Nothing happens. Marked item is not replaced with secret reference. Item is not stored in vault.

When trying to build the project locally on a fresh installation, with both yarn watch and yarn compile, esbuild fails with:

esbuild Invalid option in build() call: "watch"

This project was set up with [email protected], which dependabot has upgraded to 0.17.6. The problem is that release v0.17.0 contains breaking changes in esbuild's incremental, watch, and serve APIs, so the compile.ts script is no longer valid.

The solution is to either downgrade esbuild and tell dependabot to ignore it, or update the script to use the new APIs (and probably still tell dependabot to ignore it, or tell it not to upgrade minor version if possible).

Hey I'm a co-founder at Gitpod 👋

I'm currently writing a blog post on integrating 1password within a remote development setup.
I've stumbled over this extension and would love for our users to use it. Because MS restricts access to their marketplace to only MS and GitHub products, other Vs Code based products access the https://open-vsx.org alternative.

Would it be possible to also publish to open-vsx.org? It is fairly simple https://www.gitpod.io/blog/open-vsx#publishing

Your environment

op-vscode version:

VS Code version:

CLI version:

OS:

Steps to reproduce

What happened?

What did you expect to happen?

Notes & Logs

Summary

Thank you for creating this extension! I'm excited to see future releases.

It would be outstanding to be able to retrieve secrets when scripts run from VS Code at runtime(not using the 1password connect API)

Use cases

I recently installed the 1pass CLI and wanted to integrate it to my python scripts. I'm currently bringing the cmd = "op run --env-file=/Users/home/1pass.env --no-masking -- printenv DB_USERNAME"into the script to get the secret, but using this extension instead will allow devs to get the secrets without running op run from the terminal

Currently, I can preview the secrets from this 1pass extension, but not during run time.

Example

I'll set my variable in my script:

DB_USERNAME = 'op://personal/mysql/username'
print(DB_USERNAME)

When I run this script, the 1password extension will prompt for biometrics auth, then getting the secret to print DB_USERNAME

Side note. The extension CodeRunner is very popular with over 13 millions installs. It's used to run code from many languages. I can see how this feature may be helpful to others using similar workflows.

Proposed solution

Add extension setting to evaluate all 1password syntax on current working file on runtime. Perhaps a button on the bottom status bar? Where someone can toggle on/off as needed.

Your environment

op-vscode version: v1.0.2

Steps to reproduce

Create a GitHub Workflow YML file that references a GitHub secret but has a Save trigger keyword, e.g.:

What happened?

A "Save in 1Password" prompt is appearing.

The words "API_KEY" are triggering the prompt.

What did you expect to happen?

No Save prompt. The secret is already stored in GitHub secrets.

The user could be using 1Password to store their secrets for Actions, but in some cases they will need to use GitHub secrets, and when this is necessary we should respect that by not suggesting to store in 1Password.

We should check if the value matches the regexp /\${{ secrets\.(?:.+) }}/

Summary

When choosing a value from the "Get from 1Password" you must know and enter the item's name or UUID. This isn't a great UX, and considering the CLI can return a list of items we should consider trying to display some or all of them in a searchable fashion.

Use cases

• User wants to insert a secret reference for an item's field, but doesn't remember exactly what the item is called. They invoke the "Get from 1Password" command and are able to use the dropdown input field to search and narrow down the results to the item they're looking for.

Proposed solution

Update getItem to, instead of just presenting a field for enter the item's name or ID, present a list of items scoped to the current vault. Ideally the user can type to narrow results, or also just enter their own value entirely.

Is there a workaround to accomplish this today?

No

Additional information

• The UX here is unclear, it may need to be a truncated list, in which case we could possibly display "recently used" items, "recently saved" items, or somehow we might be able to infer items based on the workspace's project. I am not sure.
• The operation to list all items can be expensive. It may be worth performing this operation separately and storing the results. There should be security considerations around this.

Your environment

op-vscode version: v1.0.4

VS Code version: October 2023 (version 1.84)

CLI version: 2.23.0

OS: Mac OS

Steps to reproduce

1. First I tried to add secret reference to settings.json

"rest-client.environmentVariables": {
    "$shared": {
      "version": "v1",
      "basicAuth": ""
    },
    "1Password test": {
      "username": "test",
      "password": "op://Vault/uns2wilfuzxoh4n7nedihyaavu/password",
    }
  },

2. Then I tried direct usage in test.http file, one single value at a time

@host = https://example.com/api
@password = "op://Vault/uns2wilfuzxoh4n7nedihyaavu/password",

### login
# @name postLogin
POST {{ host }}/oauth/v1/token
Authorization: Basic op://Vault/uns2wilfuzxoh4n7nedihyaavu/token
Content-Type: application/json

{
    "grant_type": "password",
    "username": "op://Vault/uns2wilfuzxoh4n7nedihyaavu/username",
    "password": "{{password}}"
}

REST plugin can be found here: https://marketplace.visualstudio.com/items?itemName=humao.rest-client

What happened?

The secret values were not used

What did you expect to happen?

I expected to work with the passwords from 1password

Notes & Logs

Summary

An example is much needed to show how a source file, such as a config.h header file containing secret references, could be used at build time in VS Code. As it is, secret references are compiled into the binary, not the secrets they reference. I can envision there being a set of build tasks that take a config.h.tpl file, use op inject to create the config.h file, conduct the rest of the build, and then delete the config.h file in all cases at the end.

Use cases

A need to inject secrets at build time is pretty obvious, but the ways in which it can be accomplished are murky and require more knowledge that would be ideally presented as an example with this project. There is no evidence from available documentation that this important feature is present in this project, perhaps because it cannot be solved generically without regard to the code project's specifics.

Proposed solution

A person with VS Code expertise would offer a clear and concise example of secret injection at build time in VS Code in conjunction wirth this extension.

Is there a workaround to accomplish this today?

Manual steps at a command line outside of VS Code of op inject before builds and rm after.

Summary

As of last year there is an API to provide auto-complete suggestions as the user types. It would be cool to provide some degree of auto-completion when a user is typing a secret reference syntax.

Use cases

Rather than having to manually run the "Get from 1Password" command and choose both the item name and field label the user could start typing op:// and as you type to narrow an item and field the auto-complete is auto-updated.

Proposed solution

Use the InlineCompletions API to implement completions: microsoft/vscode-discussions#26

This will require looking up and storing a list of items. Security implications should be considered as vault names should not be stored in plain text.

Is there a workaround to accomplish this today?

Currently the "Get from 1Password" command is how you get items secret references into a document.

Your environment

op-vscode version: 1.0.4

VS Code version:

CLI version: 2.13.1

Desktop app version: 1Password for Mac 8.10.2 (81002004)

Steps to reproduce

1. Open an .env file
2. Add a secret reference for an API Credential, made up of of UUIDs for vault and item
3. Command-click on the secret reference

What happened?

1Password desktop opens, but the item is not selected

What did you expect to happen?

The item is selected (made visible)