fastlane fails to load passwords from the keychain if they contain backslashes

[rpendleton]

New Issue Checklist

• Updated fastlane to the latest version
• I read the Contribution Guidelines
• I read docs.fastlane.tools
• I searched for existing GitHub issues

Issue Description

When fastlane reads a password from the keychain, if the password contains a character such as \, fastlane fails to read the keychain item and re-prompts the user for their password. After this, when it tries to save the password to the keychain, it shows an error indicating that the item already exists in the keychain.

Command executed

fastlane sigh download_all -b $MY_TEAM_ID --username $MY_USERNAME

Complete output when running fastlane, including the stack trace and command used

$ fastlane sigh download_all -b $MY_TEAM_ID --username $MY_USERNAME
[✔] 🚀
[20:38:58]: Starting login with user '$MY_USERNAME'
-------------------------------------------------------------------------------------
Please provide your Apple Developer Program account credentials
The login information you enter will be stored in your macOS Keychain
You can also pass the password using the `FASTLANE_PASSWORD` environment variable
See more information about it on GitHub: https://github.com/fastlane/fastlane/tree/master/credentials_manager
-------------------------------------------------------------------------------------
Password (for $MY_USERNAME):
security: SecKeychainAddInternetPassword <NULL>: The specified item already exists in the keychain.
Could not store password in keychain
[20:39:01]: Successfully logged in
...

Expected output

$ fastlane sigh download_all -b $MY_TEAM_ID --username $MY_USERNAME
[✔] 🚀
[20:41:31]: Starting login with user '$MY_USERNAME'
[20:41:32]: Successfully logged in
...

Environment

✅ fastlane environment ✅
Stack



Key
Value




OS
13.6.3


Ruby
2.7.6


Bundler?
true


Git
git version 2.43.0


Installation Source
~/.rvm/gems/ruby-2.7.6@fastlane/bin/fastlane


Host
macOS 13.6.3 (22G436)


Ruby Lib Dir
~/.rvm/rubies/ruby-2.7.6/lib


OpenSSL Version
OpenSSL 1.1.1q  5 Jul 2022


Is contained
false


Is homebrew
false


Is installed via Fabric.app
false


Xcode Path
/Applications/Xcode-15.2.0.app/Contents/Developer/


Xcode Version
15.2


Swift Version
5.9.2



System Locale



Variable
Value





LANG
en_US.UTF-8
✅


LC_ALL




LANGUAGE





fastlane files:
No Fastfile found
No Appfile found
fastlane gems



Gem
Version
Update-Status




fastlane
2.219.0
✅ Up-To-Date



Loaded fastlane plugins:
No plugins Loaded
Loaded gems



Gem
Version




did_you_mean
1.4.0


executable-hooks
1.6.1


bundler-unload
1.0.2


rubygems-bundler
1.4.5


bundler
2.1.4


rake
13.1.0


rexml
3.2.6


CFPropertyList
3.0.6


public_suffix
5.0.4


addressable
2.8.6


artifactory
3.0.15


atomos
0.1.3


aws-eventstream
1.3.0


aws-partitions
1.881.0


aws-sigv4
1.8.0


jmespath
1.6.2


aws-sdk-core
3.190.3


aws-sdk-kms
1.76.0


aws-sdk-s3
1.142.0


babosa
1.0.4


claide
1.1.0


colored
1.2


colored2
3.1.2


highline
2.0.3


commander
4.6.0


declarative
0.0.20


digest-crc
0.6.5


domain_name
0.6.20240107


dotenv
2.8.1


emoji_regex
3.2.3


excon
0.109.0


faraday-em_http
1.0.0


faraday-em_synchrony
1.0.0


faraday-excon
1.1.0


faraday-httpclient
1.0.1


multipart-post
2.3.0


faraday-multipart
1.0.4


faraday-net_http
1.0.1


faraday-net_http_persistent
1.2.0


faraday-patron
1.0.0


faraday-rack
1.0.0


faraday-retry
1.0.3


ruby2_keywords
0.0.5


faraday
1.10.3


http-cookie
1.0.5


faraday-cookie_jar
0.0.7


faraday_middleware
1.2.0


fastimage
2.3.0


gh_inspector
1.1.3


jwt
2.7.1


multi_json
1.15.0


os
1.1.4


signet
0.18.0


googleauth
1.8.1


httpclient
2.8.3


mini_mime
1.1.5


trailblazer-option
0.1.2


uber
0.1.0


representable
3.2.0


retriable
3.1.2


google-apis-core
0.11.3


google-apis-androidpublisher_v3
0.54.0


google-apis-playcustomapp_v1
0.13.0


google-cloud-env
1.6.0


google-apis-iamcredentials_v1
0.17.0


google-apis-storage_v1
0.31.0


google-cloud-errors
1.3.1


google-cloud-core
1.6.1


google-cloud-storage
1.47.0


json
2.7.1


mini_magick
4.12.0


naturally
2.2.1


optparse
0.4.0


plist
3.7.1


rubyzip
2.3.2


security
0.1.3


simctl
1.6.10


terminal-notifier
2.0.0


unicode-display_width
2.5.0


terminal-table
3.0.2


tty-screen
0.8.2


tty-cursor
0.7.1


tty-spinner
0.9.3


word_wrap
1.0.0


nanaimo
0.3.0


xcodeproj
1.23.0


rouge
2.0.7


xcpretty
0.3.0


xcpretty-travis-formatter
1.0.1




generated on: 2024-01-17

  

[rpendleton]

It looks like this issue is fixed by fastlane-community/security#2, which was released as part of version 0.1.5.

fastlane currently pins the security gem to version 0.1.3, so fixing the issue in fastlane should be as simple as just updating that gem to the latest version. As far as I can tell, it's only pinned to the older version because updates weren't expected. I don't see any obviously incompatible changes in versions 0.1.4 or 0.1.5.