shroff/phylum
9
89
Fork
You've already forked phylum
1

Update to 0.8.0 unable to login #62

Open
opened 2026年03月02日 10:14:26 +01:00 by chamdim · 14 comments

As the title says, when truying to login i get the error:
Null check operator used on a null value

my docker yml is pretty much straight forward. i dont use a config yml neither an .env file. i employed local for testing purposes and to keep an active eye in development.
0.7.0 works ok and didnt have issues during login.

As the title says, when truying to login i get the error: Null check operator used on a null value my docker yml is pretty much straight forward. i dont use a config yml neither an .env file. i employed local for testing purposes and to keep an active eye in development. 0.7.0 works ok and didnt have issues during login.

What platform are you on? If it's Android, can you make sure your app is updated? If it's web you can try doing a force refresh to bypass the cache using ctrl+shift+r (or cmd+shift+r) on mac.

What platform are you on? If it's Android, can you make sure your app is updated? If it's web you can try doing a force refresh to bypass the cache using `ctrl+shift+r` (or `cmd+shift+r`) on mac.
Author
Copy link

I tried it on web both on brave and Firefox but I got the same error. The key combo doesn't resolve the issue.
The android app works OK. Just tried it.

Another thing thats irrelevant with the issue is that bitwarden cannot autofill my user name and pass on web but it can on android.
I don't know if this an http security restriction but I also want to mention that.

I tried it on web both on brave and Firefox but I got the same error. The key combo doesn't resolve the issue. The android app works OK. Just tried it. Another thing thats irrelevant with the issue is that bitwarden cannot autofill my user name and pass on web but it can on android. I don't know if this an http security restriction but I also want to mention that.

Do you see anything in the developer console? You can press ctrl+shift+i to open it and press Esc to bring up the console (or dismiss it). It may be showing a "What's New" tab which you will need to dismiss

Do you see anything in the developer console? You can press `ctrl+shift+i` to open it and press `Esc` to bring up the console (or dismiss it). It may be showing a "What's New" tab which you will need to dismiss

I'll look into the bitwarden issue as well.

Just so that I know, are you upgrading from a previous release or is this a fresh install?

I'll look into the bitwarden issue as well. Just so that I know, are you upgrading from a previous release or is this a fresh install?
Author
Copy link

This is the message when trying to login and get the error:

Got object store box in database [redacted]-persist.
2
main.dart.mjs:73 Got object store box in database [redacted]-remote_bookmarks.
2
main.dart.mjs:73 Got object store box in database [redacted]-remote_publinks.
2
main.dart.mjs:73 Got object store box in database [redacted]-remote_resources.
2
main.dart.mjs:73 Got object store box in database [redacted]-remote_resource_versions.
2
main.dart.mjs:73 Got object store box in database [redacted]-remote_trashed_resources.
2
main.dart.mjs:73 Got object store box in database [redacted]-remote_users.
main.dart.mjs:73 Got object store box in database [redacted]-actions.
main.dart.mjs:73 Using WasmStorageImplementation.sharedIndexedDb due to missing browser features: {MissingBrowserFeature.dedicatedWorkersInSharedWorkers, MissingBrowserFeature.fileSystemAccess, MissingBrowserFeature.sharedArrayBuffers}

Also i got this error when trying to autofill the credentials with bitwarden:
GET https://icons.bitwarden.net/null/icon.png 400 (Bad Request)

I've noticed 2 more issues:

Deprecated feature used
SharedArrayBuffer will require cross-origin isolation. See https://developer.chrome.com/blog/enabling-shared-array-buffer/ for more details.
1 source
skwasm_heavy.js:11
Learn more: This change will go into effect with milestone 106.
SharedArrayBuffer usage is restricted to cross-origin isolated sites
SharedArrayBuffers (SABs) can be used to construct high-resolution timers. High-resolution timers simplify Spectre attacks on cross-origin resources.
To mitigate security risks across browsers, SharedArrayBuffers are gated behind cross-origin isolated contexts starting with Chrome 92 (July 2021). To continue using SharedArrayBuffers, please ensure that this page opts-into cross-origin isolation by setting Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy appropriately.
Note that for each iframe, only the first issue is reported for performance reasons.
1 violation
Source Location	Trigger	Status
skwasm_heavy.js:11	Instantiation	warning
Learn more: Enabling SharedArrayBuffer

I don't know if any of the above is related to the error.
Need to mention that i can access my other services through their local addresses with no issues at all.
This is an update from 0.7.0

**This is the message when trying to login and get the error:** ``` Got object store box in database [redacted]-persist. 2 main.dart.mjs:73 Got object store box in database [redacted]-remote_bookmarks. 2 main.dart.mjs:73 Got object store box in database [redacted]-remote_publinks. 2 main.dart.mjs:73 Got object store box in database [redacted]-remote_resources. 2 main.dart.mjs:73 Got object store box in database [redacted]-remote_resource_versions. 2 main.dart.mjs:73 Got object store box in database [redacted]-remote_trashed_resources. 2 main.dart.mjs:73 Got object store box in database [redacted]-remote_users. main.dart.mjs:73 Got object store box in database [redacted]-actions. main.dart.mjs:73 Using WasmStorageImplementation.sharedIndexedDb due to missing browser features: {MissingBrowserFeature.dedicatedWorkersInSharedWorkers, MissingBrowserFeature.fileSystemAccess, MissingBrowserFeature.sharedArrayBuffers} ``` **Also i got this error when trying to autofill the credentials with bitwarden:** `GET https://icons.bitwarden.net/null/icon.png 400 (Bad Request)` **I've noticed 2 more issues:** ``` Deprecated feature used SharedArrayBuffer will require cross-origin isolation. See https://developer.chrome.com/blog/enabling-shared-array-buffer/ for more details. 1 source skwasm_heavy.js:11 Learn more: This change will go into effect with milestone 106. SharedArrayBuffer usage is restricted to cross-origin isolated sites SharedArrayBuffers (SABs) can be used to construct high-resolution timers. High-resolution timers simplify Spectre attacks on cross-origin resources. To mitigate security risks across browsers, SharedArrayBuffers are gated behind cross-origin isolated contexts starting with Chrome 92 (July 2021). To continue using SharedArrayBuffers, please ensure that this page opts-into cross-origin isolation by setting Cross-Origin-Opener-Policy and Cross-Origin-Embedder-Policy appropriately. Note that for each iframe, only the first issue is reported for performance reasons. 1 violation Source Location Trigger Status skwasm_heavy.js:11 Instantiation warning Learn more: Enabling SharedArrayBuffer ``` I don't know if any of the above is related to the error. Need to mention that i can access my other services through their local addresses with no issues at all. This is an update from 0.7.0

Same issue here.

I also tried a different browser that I never used to log into Phylum with and the same error about invalid credentials.

Also Bitwarden doesn't fill the credentials anymore, at least I can't remember it being an issue previously.

Same issue here. I also tried a different browser that I never used to log into Phylum with and the same error about invalid credentials. Also Bitwarden doesn't fill the credentials anymore, at least I can't remember it being an issue previously.

Did it just start happening all of a sudden or did something change? I'm assuming you were already on 0.8.0, but maybe you just upgraded?

The issue seems to be with something about the client expecting a certain response structure from the server that it's not getting, but I can't seem to find or repro it. Would either of you be willing to work with me to debug this?

Did it just start happening all of a sudden or did something change? I'm assuming you were already on 0.8.0, but maybe you just upgraded? The issue seems to be with something about the client expecting a certain response structure from the server that it's not getting, but I can't seem to find or repro it. Would either of you be willing to work with me to debug this?
Author
Copy link

I think i was clear enough at least for my issue. I was on 0.7.0 and everything works as expected. After upgraded to 0.8.0. The login fault appears immediately. I m willing to work with you to troubleshot this.

I think i was clear enough at least for my issue. I was on 0.7.0 and everything works as expected. After upgraded to 0.8.0. The login fault appears immediately. I m willing to work with you to troubleshot this.

If you're on matrix, can you contact me at @shroff:matrix.org? Otherwise what's a good platform to reach you?

If you're on matrix, can you contact me at @shroff:matrix.org? Otherwise what's a good platform to reach you?
Author
Copy link

I prefer simplex. Can I pm you somehow my link?

I prefer simplex. Can I pm you somehow my link?
Seems reasonably safe to send this: https://smp12.simplex.im/i#G-20Cs0i03eJ9TgAP8ezhlpotN7BK2_R/1TmHAfs02bJbuCQeu8cTqnj8yovfqzp34pcTI9yjOVw

After further investigation with @chamdim, this seems like this is happening on insecure non-http connections over a local network. The issue went away over a secure connection.

@poVoq is that the same issue for you?

I'll rake a look when I have the right setup

After further investigation with @chamdim, this seems like this is happening on insecure non-http connections over a local network. The issue went away over a secure connection. @poVoq is that the same issue for you? I'll rake a look when I have the right setup

No, unless having a reverse-proxy on another machine terminate the SSL connection is what you mean.

But I have since deleted my instance and plan to start fresh with a new install once the next release is out.

No, unless having a reverse-proxy on another machine terminate the SSL connection is what you mean. But I have since deleted my instance and plan to start fresh with a new install once the next release is out.

Just released 0.9 a couple of days ago!

Please keep in mind that there is a new compose.yml so make sure to get a fresh copy

Just released 0.9 a couple of days ago! Please keep in mind that there is a new `compose.yml` so make sure to get a fresh copy
Sign in to join this conversation.
No Branch/Tag specified
main
build
releases/v0.7
releases/v0.9.1
releases/v0.9.0
releases/v0.8.2
releases/v0.8.1
releases/v0.8.0
releases/v0.7.1
releases/v0.7.0
releases/v0.6
releases/v0.5.1
releases/v0.5
releases/v0.4.1
releases/v0.4
releases/v0.3
releases/v0.2
releases/v0.1
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
shroff/phylum#62
Reference in a new issue
shroff/phylum
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?