This is a minimal script to remove exact duplicates from a BitWarden vault, intended to be easy to review. No dependencies except the JSON standard library.
Check that I'm not stealing all your passwords 🙃.
Because you'll restart your computer at the end.
Don't save your unencrypted vault to persistent storage (HDD/SSD), as you'd need to securely erase it, which is not as easy as some might expect.
Makes a 10MB RAM disk.
$ sudo mkdir /mnt/ramdisk
$ sudo mount --types tmpfs --options rw,size=10M tmpfs /mnt/ramdisk
Export your vault (unencrypted JSON) and save it to previously mounted RAM disk.
Replace the path values VAULT_WITH_DUPS_PATH and VAULT_DEDUPED_OUTPUT_PATH in bitwarden_dedup.py
with the appropriate ones for your RAM disk and exported vault, then do:
python3 bitwarden_dedup.py
Which writes to the file at VAULT_DEDUPED_OUTPUT_PATH.
In the current script, 'duplicate' means same JSON entry outside of creationDate, revisionDate, id, folderId and first match uri.
Feel free to edit bitwarden_dedup.py if you want to change it's behavior, excluded fields for comparison or logs detail.
Optional: Checks if the deduped json export is valid by importing it before purge (see below).
Purge your Vault and import new deduped Vault (select Bitwarden (json) as file format and import generated VAULT_DEDUPED_OUTPUT_PATH file).
We could overwrite your secrets on the RAM disk, but I can't do anything foolproof in python about the temporary memory that the script uses, which also contained your unencrypted secrets, so turn off and then on your computer now to clear your RAM.
python3 run_tests.py