Commit Graph

3191 Commits

Author SHA1 Message Date
Kyle Spearrin
92b04c24fe
new event log for 2fa recovery (#20055) 2026-04-08 11:31:45 -04:00
Jared
405c30008a
[PM-31778] Multi-step policy edit dialog (#19406)
* implement multi-step policy ui framework

* policy wip

* Refactor organization data ownership policy component to use multi-step dialog and signals. Remove deprecated dialog component and update related tests. Add organizationId input to base policy edit component and implement save logic in the new dialog structure.

* Update multi-step policy edit dialog to handle loading state and improve template initialization. Adjust button disable logic to account for loading status and modify ViewChild static property for proper change detection.

* Refactor policy confirmation logic in base policy edit component. Remove deprecated confirm method and update policy edit dialog to handle confirmation checks dynamically. Adjust organization data ownership policy component to align with new confirmation structure.

* Update apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/auto-confirm-policy.component.html

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>

* Refactor multi-step policy dialog component and remove legacy confirm method

- Deleted the multi-step policy plan documentation.
- Introduced a new `MultiStepPolicyEditDialogComponent` to handle multi-step workflows.
- Updated `BasePolicyEditComponent` to support multi-step configurations and removed the deprecated `confirm()` method.
- Enhanced `PolicyStep` type to include optional `disableSave` and `bodyContent` properties.
- Adjusted HTML templates to utilize signals for dynamic content rendering.
- Refactored existing policy components to integrate with the new multi-step dialog structure.

* Refactor AutoConfirmPolicy component constructor to use readonly modifier for firstTimeDialog parameter

* Update multi-step policy edit dialog template to ensure proper rendering of policy form before lifecycle hooks. Added comment for clarity on rendering behavior.

* Update apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/auto-confirm-policy.component.html

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>

* Add confirmation step before policy submission in dialog component

- Introduced an optional `confirm` method in `BasePolicyEditComponent` to allow components to implement a confirmation step before saving.
- Updated `PolicyEditDialogComponent` to call the `confirm` method and handle user confirmation.
- Added new test files for `AutoConfirmPolicyEditComponent` and `MultiStepPolicyEditDialogComponent` to ensure proper functionality and behavior of the new confirmation logic.

* Update apps/web/src/app/admin-console/organizations/policies/policy-edit-definitions/vnext-organization-data-ownership.component.ts

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>

* Refactor policy edit components to streamline side effects and improve save logic

- Moved side effect logic from inline definitions to dedicated methods in AutoConfirmPolicyEditComponent.
- Updated vNextOrganizationDataOwnershipPolicyComponent to remove unused template references.
- Adjusted PolicyStep type to allow for side effects returning void.
- Enhanced save button logic in MultiStepPolicyEditDialogComponent to utilize a computed signal for save state management.

* Enhance MultiStepPolicyEditDialogComponent tests and update references

- Refactored tests in multi-step policy edit dialog to improve saveDisabled logic and ensure accurate state management.
- Updated references from AutoConfirmPolicyDialogComponent to MultiStepPolicyEditDialogComponent in web-vault-prompt service tests for consistency.

* Refactor auto-confirm policy component template and update imports

- Improved readability of the auto-confirm policy component template by formatting the button element.
- Cleaned up import statements in the auto-confirm policy component test file for consistency.

* Update WebVaultPromptService tests to validate firstTimeDialog property

- Added assertion to ensure the firstTimeDialog property is correctly passed in the policy data during dialog closure in WebVaultPromptService tests.

* Refactor policy edit components to support migration to new policy steps

- Added TODO comments in BasePolicyEditComponent and PolicyEditDialogComponent to indicate the removal of the confirm method when the `MigrateMyVaultToMyItems` feature flag is deprecated.
- Updated vNextOrganizationDataOwnershipPolicyComponent to ensure proper handling of organizationId.
- Enhanced MultiStepPolicyEditDialogComponent template for improved subtitle handling and readability.

* Refactor policy edit components to utilize Angular's input function

- Replaced traditional @Input() properties with the new input() function in BasePolicyEditComponent for better reactivity.
- Updated policy edit dialog component to set inputs using the new method for improved clarity and consistency.
- Adjusted various policy components to ensure compatibility with the new input handling, enhancing overall code maintainability.

* fix(policy-edit): update policy access method to use function call syntax

Changed the way policy properties are accessed in the auto-confirm policy component template, ensuring compatibility with the updated policy structure.

* refactor(session-timeout): update policyResponse handling in component and tests

Modified the SessionTimeoutPolicyComponent to use function call syntax for accessing policyResponse. Updated corresponding unit tests to reflect this change, ensuring consistent handling of policy data across the component and its tests.

* refactor(policy-edit-dialog): simplify test structure and improve saveDisabled logic

Updated the unit tests for MultiStepPolicyEditDialogComponent to eliminate the use of fakeAsync and detectChanges, replacing them with direct state manipulation and TestBed.flushEffects(). This change enhances test clarity and reliability. Additionally, refactored the account age calculation in WebVaultExtensionPromptService to use UTC midnight for accurate day counting, addressing potential off-by-one errors.

* Fix change to prompt service which was unneeded

* refactor(policy-edit): enhance savePolicy method and inject dependencies

Updated the BasePolicyEditComponent to inject AccountService, KeyService, and PolicyApiServiceAbstraction. Refactored the savePolicy method to streamline the policy saving process, ensuring proper handling of organization keys and error management. Adjusted AutoConfirmPolicyEditComponent and vNextOrganizationDataOwnershipPolicyComponent to utilize the new savePolicy implementation.

* refactor(policy-edit): remove unused AccountService dependency

Removed the AccountService dependency from MasterPasswordPolicyComponent and ResetPasswordPolicyComponent as it was not utilized. Added a getter for autoConfirmPolicy in AutoConfirmPolicyEditComponent to enhance code clarity.

* refactor(policy-edit): update sideEffect callbacks in AutoConfirmPolicyEditComponent

Modified the sideEffect properties in the AutoConfirmPolicyEditComponent to use arrow functions, ensuring proper context binding for the savePolicy and navigateToExtensionPromptStep methods.

* refactor(policy-edit): update sideEffect to use arrow function in vNextOrganizationDataOwnershipPolicyComponent

Changed the sideEffect property in the vNextOrganizationDataOwnershipPolicyComponent to use an arrow function for the savePolicy method, ensuring proper context binding.

* Fixes tests for PR

* refactor(vault): improve account age calculation to use UTC boundaries

Updated the account age calculation in WebVaultExtensionPromptService to utilize UTC midnight boundaries, preventing issues with Daylight Saving Time skewing the day count.

* Refactor PolicyEditDialogComponent to improve signal usage for save button state management

- Changed saveDisabled property to use a private signal for better encapsulation.
- Updated template bindings to call loading() and saveDisabled() as functions for correct state handling.
- Enhanced observables management for save button disable logic to ensure proper state updates.

* Fix optional chaining in policy confirmation and add policy steps to vNext organization data ownership component

* Update tests for vNext organization data ownership component to use fixture inputs and add missing service mocks

---------

Co-authored-by: Brandon <btreston@bitwarden.com>
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
2026-04-08 11:17:14 -04:00
Jared McCannon
78626a608d
[PM-34255] - SCIM Key Fix (#20036)
* Prompt for MP when requesting SCIM key and pass to endpoint.

* Adding dialog and message

* Added some tests for the changes
2026-04-08 09:59:25 -05:00
Vicki League
e8e2e81a7b
[CL-1130] Fix storybook a11y and console errors for platform files (#19918) 2026-04-08 09:34:54 -04:00
Kyle Spearrin
be9099defb
[PM-15489] 2fa account recovery (#19894)
* claude plan

* PR feedback

* implement 2fa reset to account recovery policy

* tests

* fix locales

* PR feedback

* PR fixes

* PR feedback

* fix CI build errors
2026-04-08 09:10:31 -04:00
Bernd Schoolmann
f3aff99db5
[PM-33554] Don't log out when trust denied for sdk key rotation (#19961)
* Don't log out when trust denied

* Cleanup
2026-04-08 00:07:13 +09:00
Andreas Coroiu
26cb88bd8c
Bitwarden IPC improvements/refactor (#19935)
* fix: types after SDK change

* feat: update SDK
2026-04-07 17:05:37 +02:00
Vijay Oommen
e0a9496bd6
[PM-34230] Blumira Integration using HEC (#20008) 2026-04-07 09:29:54 -05:00
Stephon Brown
9180d75244
[PM-34685][Defect] Subscription status for organizations not updating with feature flag enabled (#20018) 2026-04-07 07:57:24 -04:00
bitwarden-devops-bot
4a13f45409
Bumped client version(s) 2026-04-06 15:59:38 +00:00
Nick Krantz
3fea195737
[PM-22890] Automatically open Extension in FireFox (#19456)
* check for open popup with polling to allow for more deviation in browser behavior

* firefox bug has been resolved, remove check for firefox

* add check for `getContexts` returning `undefined` rather than a promise in MV2 scenarios

* remove old tests

* fix merge conflict mistake
2026-04-06 09:26:32 -05:00
bw-ghapp[bot]
4497b65926
Autosync the updated translations (#19960)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2026-04-06 14:12:23 +02:00
Brad
e0c45fdd62
[PM-34556, PM-34558, PM-34557] Access Intelligence trend chart design tweaks (#19977)
Some checks failed
Scan / Check PR run (push) Has been cancelled
Testing / Run typechecking (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-browser junit:junit-browser.xml name:Browser paths:apps/browser bitwarden_license/bit-browser]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-cli junit:junit-cli.xml name:CLI paths:apps/cli bitwarden_license/bit-cli]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-desktop junit:junit-desktop.xml name:Desktop paths:apps/desktop]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-libs junit:junit-libs.xml name:Libs paths:libs bitwarden_license/bit-common]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-web junit:junit-web.xml name:Web paths:apps/web bitwarden_license/bit-web]) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
- Updates the line labels for the "applications" view in the trend chart. Now matches Figma design

- Right aligns the chart's period selector dropdown items. Now matches Figma design

- Chart wraps period selector and shrinks view selector button at small screen sizes, fixes overflow issue.
2026-04-03 16:54:21 -05:00
Leslie Tilton
4c3cf00a5a
[PM-33928] Fix: Can view MyItems Passwords in Org Vault Health Reports (#19874)
* fix(bug): Admin/Owner viewing and editing ciphers from within health reports

* Change check for unassigned ciphers to include default collection check

* Remove unnecessary typecasting
2026-04-03 12:45:48 -05:00
Vicki League
3751227752
[CL-958] Update avatar component to new styles (#18975) 2026-04-03 10:24:46 -04:00
bmbitwarden
d91328cf89
PM-33577 added email validation (#19707) 2026-04-01 21:21:14 -04:00
Vicki League
f8cd437503
[CL-1105] Ensure hover and focus states match spec (#19638) 2026-04-01 14:39:55 -04:00
Conner Turnbull
a5db8ef2d8
Remove pm-23341-milestone-2 flagged logic from user-subscription component (#19867)
Remove the enableDiscountDisplay$ feature flag observable and collapse the
ngIf/else template to always show the discount badge. The badge handles
null/no-discount gracefully.
2026-04-01 12:58:56 -05:00
Alex
b85e096b49
[PM-33067] Fix false success toast when mark/unmark critical apps API fails (#19344)
* fix(dirt): check response.error before showing success toast for critical apps

The orchestrator's catchError converts API failures into next emissions
with response.error set. The component's next handler was unconditionally
showing a success toast without checking this field.

Now checks response.error and shows an error toast when the API call
failed. Selection is preserved on error so users can retry.

Also ensures updatingCriticalApps signal is reset on all paths (success,
caught error, and uncaught error).

[PM-33067]

* test(dirt): add tests for mark/unmark critical apps error handling

Tests verify that:
- Success toast shown when response.error is null
- Error toast shown when response.error is non-null
- Selection preserved on error, cleared on success

[PM-33067]

* fix(dirt): use specific error toast for unmark critical apps failure

Replace generic "An unexpected error has occurred" with
"Failed to unmark applications as critical" for consistency
with the mark-as-critical error toast.

* fix(dirt): check response.error in Review New Applications mark critical

The AllApplicationsComponent (Review New Applications widget) had the
same false success toast bug as the All Applications tab. The next
handler ignored the response parameter entirely, showing a success
toast even when response.error was set by the orchestrator's catchError.

Now checks response.error before showing toast. On error: shows
"Failed to mark applications as critical" and preserves selection.
Also resets markingAsCritical on all paths.

Adds unit tests for mark success and error paths.

[PM-33067]

* Revert "fix(dirt): check response.error in Review New Applications mark critical"

This reverts commit b646598613.

* fix(dirt): check response.error in application review dialog before showing success toast

The saveApplicationReviewStatus$ orchestrator method uses catchError
to convert API failures into next emissions with response.error set.
The dialog used firstValueFrom inside try/catch, but since catchError
prevents the Observable from erroring, firstValueFrom resolves
successfully and the catch block never fires.

Now checks response.error on the resolved value before showing the
success toast. On error: shows "Error saving review status" and
stays on the dialog so the user can retry.

[PM-33067]
2026-03-31 14:53:36 -07:00
John Harrington
3f39b88b4c
[PM-31885] Consolidate all Send policies to a single policy (#19314) 2026-03-31 13:57:01 -07:00
Daniel James Smith
e014042087
[PM-33167] Replace img with TwoFactorIcon component (#19865)
* Replace usage of two factor images with TwoFactorIcon component

* Delete web scss and now unused two-factor images

* Remove mfaType from eslint whitelist

* Delete unused mfaType scss entries on browser and desktop

* Fix linting issue

* Remove icons from two factor setup dialogs

* Delete unused images on browser and desktop

* Remove mfaLogoSuffix

* Remove paragraph

---------

Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2026-03-31 20:22:55 +02:00
rr-bw
6a858b64f8
fix(multi-client-change-password): [Auth/PM-34199] [Extension] Change Password Routing Fix (#19794)
Makes a distinct `"settings-change-password"` route on Extension - to be used when the user initiates changing their password by navigating to Settings > Account Recovery. This route uses the `ChangePasswordPageComponent` (unlike the "change-password" route, which uses the `ExtensionAnonLayoutWrapperComponent`).

Feature flag: `pm-32413-multi-client-password-management`
2026-03-30 11:00:18 -07:00
Brandon Treston
303f242034
[PM-32096] Collection name style fix (#19809)
* fix style

* add cursor
2026-03-30 13:10:21 -04:00
Nick Krantz
30ab005da5
[PM-19168] Remove Archive Feature Flag (#19829)
* remove archive feature flag

* fix dependency within services module
2026-03-30 10:23:38 -05:00
Jared
6cdbd80057
[PM-33372] hide prompt if org does not use my items (#19475)
* Enhance policy management by adding organization input to policy edit components and dialogs. Update edit method to include organization context, enabling feature entitlements based on organization settings. Adjust templates to conditionally render options based on organization properties.

* Refactor PolicyEditDialogComponent to change access modifiers for properties. Update policyType and saveDisabled$ to protected and instance variables respectively, enhancing encapsulation and consistency in the component's structure.

* Refactor PolicyEditDialogComponent to change property access modifiers from readonly to instance variables for loading, saveDisabled$, and policyComponent, improving flexibility in component state management.

* Refactor PoliciesComponent tests to use property accessors and improve type definitions

- Updated mockPolicyResponse and mockPolicyResponsesData to include explicit type definitions.
- Changed direct property access to bracket notation for organizationId$, organization$, policies$, and policiesEnabledMap$ observables.
- Enhanced edit method calls to include organization parameter in tests.
- Added new tests for conditional behavior based on organization.useMyItems in vNextOrganizationDataOwnershipPolicyComponent.
- Implemented logic to enable/disable controls based on policy and organization state.

* Refactor PolicyEditDialogComponent to use Angular signals for state management

- Updated loading state and saveDisabled properties to use signals instead of traditional variables.
- Modified template bindings to reflect changes in loading state and save button disable logic.
- Enhanced component initialization to ensure proper handling of policy component and its state.
- Improved observables management with takeUntilDestroyed for better resource cleanup.

* Refactor Policy Edit Dialogs to use Angular signals for loading state management

- Updated loading state bindings in HTML templates to call loading() as a function.
- Refactored TypeScript components to utilize typed accessors for policy components.
- Enhanced observables for save button disable logic to ensure proper state handling.
- Improved error handling and initialization checks for policy components.

* Fix test setup for AutoConfirmPolicyDialogComponent by updating policyComponent initialization to use bracket notation for better type handling.

* Refactor policy components to remove organization ID references and utilize organization objects directly. Update related dialog components and tests to ensure consistency with the new structure. This change enhances clarity and reduces redundancy in policy management.

* Refactor policy components to improve organization handling. Update policies component to directly use organization objects instead of IDs. Adjust related components and services for consistency, enhancing clarity in policy management.

* Refactor PoliciesComponent tests to eliminate organization ID references and directly use organization objects. Update related test cases for consistency and clarity in policy management.

* Refactor policy dialog components to enhance type safety by checking component instances instead of using type assertions. This change improves code clarity and maintainability.

* Enhance unit tests for policy dialog and vault services by improving mock implementations and ensuring accurate date calculations. Update organization references to use object structures for better clarity and maintainability in policy management.

* fix(tests): Update date calculation in WebVaultExtensionPromptService tests for clarity
2026-03-30 10:35:32 -04:00
Brandon Treston
ee08880372
[PM-30190] Add validator for revoked emails when inviting users (#19815)
* add validator for revoked emails when inviting users

* remove unneeded emails propertly
2026-03-30 10:13:44 -04:00
Vicki League
66c203ea3d
[CL-1049] Make fallback autofocus approach for dialogs (#19561)
Co-authored-by: Will Martin <contact@willmartian.com>
2026-03-27 16:02:17 -04:00
Todd Martin
8896dc738a
fix(nx): [PM-33529] Update web nx serve configuration names to match CLI and docs 2026-03-27 13:05:10 -04:00
bw-ghapp[bot]
a91129852f
Autosync the updated translations (#19801)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2026-03-27 11:32:25 +01:00
Oscar Hinton
e6e821395b
[CL-1137] Remove unecessary side-nav component (#19782) 2026-03-26 18:15:41 -04:00
Nick Krantz
ad7864084f
[PM-24476] At Risk Password setting (#19557)
* add setting to toggle the visibility of at-risk password settings

* add comments surrounding why/when notification setting is applicable
2026-03-26 08:58:43 -07:00
Jared
a517b121cb
[PM-31426] add categories to policy page (#19151) 2026-03-26 10:51:49 -04:00
Brandon Treston
473929f0d8
remove feature flagged logic (#19718) 2026-03-25 14:09:55 -04:00
Will Martin
d763590ce6
[CL-1023][CL-1031] Design system refresh: Milestone 1 (#19061)
* [CL-1009] button style updates (#18301)

* add new button styles

* update disabled styles

* updated size stories

* update disabled button story names

* updated button stories

* add more explicit screenshots

* make class list a computed signal

* updated button docs

* allow unstyled button to inherit color

* use unstyled button in callouts until callout updates

* base button directive WIP

* add base button directive

* fix focus and hover styles

* fix lint error

* remove commented code that moved to base directive

* ensure buttonStype defaults correctly

* migrate legacy icon button types

* contrast button wips

* pull in latest and fix disabled with attr

* fix legacy variant

* add back nav contrast button variant

* updated icon button docs

* rename nav contrast variant and fix contrast focus

* fix button sizing

* fix product switcher button classes

* add contrast icon button story

* fix border color

* update to primaryGhost variant

* [CL-1025] icon font refresh (#18727)

* adding new icons

* migrate to new icon names

* updated icon build docs

* resolve conflicts and re-run migration

* add icons deps to uif ownership

* fix incorrect migration

* fix misnamed icon

* create filter icon and fix mapping error

* updated readme and add migration script to package.json

* fix prettier warnings

* remove browser alt from definition list

* add missing icon types

* fix image name migrated in error and update regex to not change these

* ensure icon array is updated automatically

* updated build comment

* remove unnecessary direct execution command

* remove direct run command

* allow legacy icon names to map to new icons

* [CL-1025] Icon font refresh - Temporary migration state with legacy names (#18948)

* Revert icon name migrations, preserve migration tooling

Reverted all icon name changes that were applied by the migration scripts,
while preserving:
- New icon SVG files in libs/assets/src/material-icons/
- Icon font files in libs/angular/src/scss/bwicons/
- Migration scripts in scripts/material-icons/
- NPM scripts and dependencies for icon tooling

This allows running the migration fresh when ready.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* Build icon font with bidirectional legacy/new name mapping

Ran icons:build to generate bidirectional icon mappings:
- SCSS now includes 155 icons (both Figma and legacy BWI names)
- TypeScript icon.ts updated with all 155 names
- All legacy names (e.g., bwi-question-circle, bwi-plus) point to new icon assets
- All new names (e.g., bwi-help, bwi-add) also available
- Codebase can continue using legacy names with new icon designs

This enables the temporary migration state where code uses existing
legacy icon names but displays the new refreshed icon assets.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* Fix: revert bwi-filter back to bwi-grid across codebase

bwi-grid is the correct new icon name and should not be reverted.
The changes from bwi-filter to bwi-grid were manual corrections,
not part of the automated migration.

Updated 16 files to restore bwi-grid icon references.

Addresses feedback from Bryan Cunningham on PR #18948

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

* remove duplicate key and add back dep ownership change

* fix formatting errors

---------

Co-authored-by: Will Martin <contact@willmartian.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix button variant

* [CL-1040] updated palette colors (#19401)

* [CL-973] chip component (#18798)

* wip

* WIP

* create chip filter component

* trying to get truncation to work

* fix truncation

* create chip-action component

* fix type errors

* add chip component

* add shared story args

* have chips take label input

* fix test template and imports

* fixing arg types and disabled states

* simplify disabled logic

* fix dimssis button alignment

* update menu focus color

* updated chip docs

* update chip-select usage to chip-filter

* fix full width icon layout

* remove commited code

* export chip component

* remove commented code

* expose full width

* chip component should not go full width

* use bit-icon in filter template

* remove commented code

* updated chip docs

* remove extra truncate class

* fix dupe input definitions

* move import to correct line

* read base chip values directly

* remove standlaone as it's the default

* forward size correctly

* create full width arg type

* let type be infered

* updated jsdoc comments

* use more modern angular syntax

* rename components to use kebab case

* remove redundant docs

* remove inaccurate link docs

* remove enum like types

* remove dead code

* remove unused spec

* remove host bindings

* restructure chips folders

* add max width class

* remove full width docs

* add internal comment

* bind to missing controls

* fixing docs

* replace disabled verbiage with inactive

* remove unnecessary comment

* default to primary

* do not allow end icon in action chip

* take chip action screenshots in both themes

* use selected input for base directive

* fix width error

* coerce to boolean

* fixed end icon reference

* fix code reference to endIcon

* fixing chip filter specs

* fix missing input transform

* fix docs

* fix input and add truncate

* ensure chip content truncates

* updated slot naming

* updated example to use new flow control

* fix typing for option.icon

* fix failing test, fix filter type, and support colored icons in filter options

* fix failing test

* doc updates

* change dismissed event name

* remove standalone

* fix selector

* fix docs

* remove unused fvw data property and fix docs links

* use base as host directive in chip

* fix spec button selectors

* fix duplicate class binding

* fix incorrect variant resolution

* handle undefined size

* fix signal type

* remove duplicate input

* fix failing spec

* updated styles for trailing icon spacing and font size

* padding tweaks for visual design

* make variant a writable model

* use logical text align

* update slot names

* remove dismissible input

* add back missing import

* remove ability to set chip filter to small size

* create size arg type

---------

Co-authored-by: Vicki League <vleague@bitwarden.com>

* [CL-987] Update Nav Group and Nav Item components (#18965)

* updated side nav `nav-group` and `nav-item` components

* - added focus states
- set cursor pointer for nav-item
- updated arrow orientations

* - updated `navItemIndentationPadding`
- reverted `[treeDepth]` for `nav-group`
- removed placeholder arrow

* - removed text style from starting slot container
- fixed routes in story

* created shared container classes var

* fixes from rebase, override `border-radius` for collapse arrow button

* updated `tw-theme`: reverted `--color-bg-hover` and added `--color-bg-sidenav-hover`

* removed end slot `div` styles from rebase, updated `buttonType` in `nav-group` story

* added dark mode `--color-bg-sidenav-hover`

* added `xsmall` size variant to 'Icon Button'

* - updated navs to use 'xsmall' button
- fixed container padding
- removed custom arrow button styles

* fixed type error

* fixed focus-visible state by adding `tw-outline-none` to `nav-item`

* fixed type error

* placed arrow button directly in start slot

* defined `containerClasses` in template

* renamed 'item-active-hover' to 'active-item-hover' for consistency

* missed renaming from `item-active-hover` to `active-item-hover`

* fixed 'hover' and 'active' colors, added colors for arrow hover states

* - separated buttons sizes for 'Button' and 'Icon Button' from `BaseButtonDirective` into respective components
- moved `border-radius` style from Directive into own components

* fixed/simplified focus colors, added sidenav specific focus colors

* updated 'arrow' icon size for nav group, updated 'xsmall' font size

* trigger Claude review

* removed `tw-text-2xl` in nav-group for arrow button

* removed unused `NgClass` import

* more cleanup, removed unused `Ng` imports

* converted `_isActive` to signal and `showActiveStyles` to computed

* removed instances of `variant="tree"`

* renamed color variables from `admin-sidenav` to `sidenav-secondary`

---------

Co-authored-by: Will Martin <contact@willmartian.com>

* fix lint

* [CL-1096] Fix icon button width shrinking in flex containers (#19529)

Add tw-shrink-0 to prevent icon buttons from shrinking below their
fixed size when placed inside flex containers.

* [CL-1101] Fix chip dismiss button hover style and add interaction state stories (#19530)

Use the correct bg-bg-hover token for dismiss button hover background, matching
the Figma spec. The previous hover-contrast token was invisible on light backgrounds.
Add InteractionStates story showing Default, Hover, Focus, and Inactive states
for both large and small sizes.

* [CL-1098] Fix danger icon button color in form field suffix (#19532)

* [CL] Fix danger icon button color in form field suffix

Don't apply tw-text-muted to icon button suffixes — icon buttons manage
their own text color via buttonType, so the muted class was overriding
danger/primary colors (e.g. blue icon on red background in Cipher Form).

* [CL] Fix danger icon button color in form field suffix

Don't apply tw-text-muted to icon button suffixes — icon buttons manage
their own text color via buttonType, so the muted class was overriding
danger/primary colors (e.g. blue icon on red background in Cipher Form).

Also adds a DangerButtonInputGroup story to capture this case.

* [CL-1094] Update icon button default variant to primaryGhost (#19534)

* [CL-1094] Update icon button default variant to primaryGhost

Change buttonType from input to model in BaseButtonDirective, and set
the default to primaryGhost in the icon button constructor.

* [CL-1094] Fix icon button default variant using own input + effect

Using model.set() in the constructor is overridden by Angular's input
initialization lifecycle. Instead, own buttonType as an input directly
on BitIconButtonComponent with primaryGhost as the default, and sync to
the base directive via effect.

* [CL-959] update badge component styles (#19026)

* badge wip

* dynamic truncated badge tooltip

* support legacy variants for now

* add deprecation types and remove hover styles

* updated story docs

* add default icons for badges

* fix incorrect color mapping

* add ability to hide start icon

* take snapshot in both themes

* add icon size styles

* remove tooltip code

* update at risk password to use actual buttons

* more specific badge truncation docs

* remove badge module from imports

* use chip action for link

* fix missing import

* use chip in multi-select inputs

* update org badge to use primary chip

* update premium badge to accent primary action chip

* use chip action for vault item fill

* remove unnecessary icon in badge

* update obsolete notification variant

* replace usage of bitBadge on button in stories

* remove explicit input to hide startIcon

* use berry instead of badge

* fix type error

* fixing imports and badge usage

* use logical text align

* remove dead code and update jsdoc comment

* add back ability to not truncate

* remove default icon for accent-primary

* add missing translation keys to multi select story

* allow null as default icon type

* add element selector and update stories to use it

* conditionally apply truncate class

* conditionally apply title text

* migrate badge to berry

* use correct input for content

* use berry in toggle group stories

* remove unused template reference

* remove unused import of badge

* remove unused custom color code

* remove unused service injection

* [CL-1102] Fix help icon size in bit-label (#19533)

* [CL-1102] Fix help icon size in bit-label

Target bwi icons inside bit-label with [&_.bwi]:tw-text-xl to restore
correct icon sizing after recent icon style changes.

* [CL-1102] Fix text alignment regression in bit-label

Add tw-leading-none to bwi icons to prevent the line-height from
tw-text-xl from disrupting baseline alignment.

* remove bwi-sm from label icon

---------

Co-authored-by: Bryan Cunningham <bryan.cunningham@me.com>

* [CL-964] Update Callout Component (#19424)

* updated callout component

* renamed consumer bit-callout `type` from 'default' to 'subtle'

* updated callout 'end' slot

* migrated spotlight to callout, deleted spotlight

* - updated `title` comment
- updated stories and mdx

* removed `useAlertRole`

* added `CommonModule` import and updated `buttonType` in stories

* updated 'Accessibility' guidelines

* updated 'close' button

* - updated stories for clearer code
- set `(onDismiss)` only for WithCloseButton story

* added boolean switch for `persistent` to story

* fixed tests

* prettier fix

* - updated `bit-callout` instances of `buttonType="unstyled"` to use appropriate `buttonType`
- updated story for correct usage of button styles

* fixed `type` in `vault-list`

* updated to use `bit-icon`

* - fixed vertical centering of icon and text
- updated to 'OnPush' change detection

* fixed error: added 'close' to `mockLayoutI18n`

* updated `bit-callout` jsdoc comment and mdx

* fixed `persistent` callout in `admin-settings`

* removed "interrupt" language

* reverted fix for `bit-callout` `persistent`

* fixed type error

* added `close` translation to stories utilizing `bit-callout`

* converted to JSDoc comments

* updated 'close' button to check if `dismiss` output is bound

* fix: removed `readonly` from `isDismissible`

* converted `isDismissble` to signal

* added translation to `phishing-warning' story

* added bottom margin back in to callout component

* fixed type error,  fixed `icon` values

* revert subscription-card callout icon to default if not defined

* fix: update 'bit-callout' type to 'subtle'

* updated colors in `tw-theme`

* added conditional check to compute vertical alignment class

* updated more colors, slight restructure to match design

* fixed vertical alignment with 'close button', avoid long text crowding/overflowing

* remove default icons on non-semantic variants (#19614)

* remove default icons on non-semantic variants

* add back info icon to info variant

* remove info icon again

* [CL-1095] add expanded state for disclosure button (#19637)

* add brand stronger colors

* add aria-expanded styling for primary ghost button

* make all variants aria-expanded style match hover styles

* update orage-600 color value to fix contrast

* minor spacing update to account for expanded button style

* do not show expanded state on sidenav buttons

* no expanded style on toggle width button

* remove extra letter spacing and update story copy (#19668)

* [CL-1123] fix ghost button inactive styles (#19669)

* fix ghost button inactive styles

* remove type declaration

* [CL-1119] toggle berry update (#19609)

* update toggle groups to use berry

* set berry variant based on selected state

* fix failing spec

* add spec to test berry variant set correctly

* fix import errors caused by bad merge conflict resolution

* remove unnecessary variant delaration

* update kitchen sink stories to use berry

* [CL-1122] BUG FIX: Migrated Icon Buttons with button type 'danger' to 'dangerGhost' (#19677)

* migrated `bitIconButton` with 'danger' `buttonType` to 'dangerGhost'

* reverted icon-button story

* fix button variant from merge

* [CL-1117] BUG FIX: Side nav collapse arrow is placed too far left (#19623)

* - updated spacing for side-nav collapse arrow button
- updated collapsed nav-item button spacing and dimensions
- moved individual nav-item wrapper padding into side-nav component
- added button to 'WithLongText' nav-item story

* added sidenav specific hover style to toggle collapse button

* - set horizontal padding back to 'nav-item'
- updated 'bit-divider' color to 'bg-border-brand'

* updated hover styles for interactive trailing elements

* added '4px' more end padding to trailing buttons

* updated 'bit-divider' colors for secondary and dark theme

* moved button hover styles into 'side-nav' button variant

* updated sidenav-divider color for dark theme

* removed `tw-w-10` on nav-item collapsed

* updated inline padding to `12px` for both collapse and expanded states

* [CL-1117] cleaned up, renamed, and organized sidenav color variables (#19665)

* - unified 'strong' styles and `showActiveStyles` into `[style]`
- updated 'side-nav' button variant's `aria-expanded` and `focus-visible` styles

* - inherit bg and fg from parent `sidenav`
- allow trailing buttons set own fg

* updated nav group story for trailing elements

* updated nav-logo 'focus' to nav focus style

* let toggle width arrow inherit 'aria-expanded' style from 'side-nav' buttontype

* removed danger button variants from nav group story

---------

Co-authored-by: Bryan Cunningham <bcunningham@bitwarden.com>
Co-authored-by: Vicki League <vleague@bitwarden.com>
Co-authored-by: Leslie Xiong <lxiong@livefront.com>
2026-03-25 10:55:06 -05:00
Patrick-Pimentel-Bitwarden
2b8b993324
feat(redirect): [PM-26578] Https Redirection for Cloud Users (#17873)
* feat(redirect): [PM-26578] Https Redirection for Cloud Users - Initial changes to webpack and the redirect calls.

* docs(redirect): [PM-26578] Https Redirection for Cloud Users - Added documentation.

* tests(redirect): [PM-26578] Https Redirection for Cloud Users - Fixed implementation and have lots of new tests.
2026-03-24 16:48:39 -04:00
Thomas Rittson
577bfbb231
Update all event import statements and remove re-exporting files (#19545)
Final import statement update after moving files to DIRT ownership
2026-03-24 16:00:39 -04:00
Jordan Aasen
2c0346e52a
[PM-34012] - Replace image in welcome dialog with extension prompt (#19720)
* update web vault extension prompt dialog icon

* remove old image

* add index
2026-03-24 10:46:56 -07:00
Jared Snider
ebd896f91a
Auth/PM-33261 - Multi-client Password Management (new for desktop & extension) (#19289)
* PM-32413 - Add hasPassword guard for future use.

* PM-32413 - Web - PasswordSettingsComp - add TODO for using new guard.

* PM-32413 - ChangePasswordComp - Add output emitter for when a password has been changed successfully.

* PM-32413 - Add feature flag

* PM-32413 - Desktop - implement change password component in a dialog.

* PM-32413 - Add change password to extension

* PM-32413 - Fix translations

* PM-32413 - Desktop - menu - add clean up todo

* PM-32413 - Feature flags - reset hardcoded true values

* PM-32413 - Add clean up todos

* PM-32413 - Extension Routing module - add hasPassword guard

* PM-32413 - add todo

* PM-32413 - Desktop / Extension - use  InputPasswordFlow.ChangePassword instead of  InputPasswordFlow.ChangePasswordWithOptionalUserKeyRotation

* PM-32413 - Finish last AI review items

* PM-32413 - Per PR feedback, update change-password-dialog title translation to one that we don't plan on removing.

* PM-32413 - Per PR feedback, update menu item id

* PM-32413 - Per local claud review - modify has-password to use UrlTree pattern.

* PM-32413 - ChangePassword comp - add  this.passwordChanged.emit(); in newly flagged code branch
2026-03-23 16:47:50 -04:00
Kyle Denney
87a636c9fc
[PM-30101] subscription discounts in web checkout (#19599)
* [PM-30101] subscription discounts in web checkout

fixing expired code

* fix missing parens

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>

* fix typechecking

* missing tests

* fix test

* design feedback

only show discount badges in cart summary in checkout flows

* pr feedback

---------

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
2026-03-23 13:16:33 -05:00
bmbitwarden
8a1e0fa950
PM-31767 resend feature (#19136)
* PM-31767 resend feature

* PM-31767 resolved auto send issue

* PM-31767 resolved type lint issue

* PM-31767 refactored feature to use toast instead

* PM-31787 refactored for recent change requests

* PM-31787 resolved lint issues

* PM-31767 made new translation key for lower case resend code

* PM-31767 resolved receipt redesign requests

* PM-31767 resolved pr comment

* PM-31767 changed text string

* PM-31767 resolve type error
2026-03-23 12:55:36 -04:00
bitwarden-devops-bot
7f0ebed6d0
Bumped client version(s) 2026-03-23 10:44:20 +00:00
bw-ghapp[bot]
10fcb60ef1
Autosync the updated translations (#19705)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2026-03-23 09:02:43 +01:00
Dave
8691281a7a
feat(accept-emergency): [PM-33437]: Add guid validation to AcceptEmergencyComponent
* feat(accept-emergency) [PM-33437]: Add guid boundary detection to component.

* refactor(accept-emergency) [PM-33437]: Re-group and re-name id validation for readability.
2026-03-22 12:41:00 -04:00
Jackson Engstrom
b2717f1717
[PM-29833] The "Change at-risk password" link within the web app doesn't always work. (#18958)
* adds changePasswordUrl as the href target

* passes changePasswordUrl to subcomponent

* updates href logic

* allows changePasswordUrl to be null without error

* changes banner from a link to just text if there is no http(s) uri

* removes change me link under the password field if there is no http(s) uri

* update vulnerable password copy

* changes backend services calls to only when at risk password link needs to be shown
2026-03-20 15:46:56 -07:00
bw-ghapp[bot]
246e0b8ead
Autosync the updated translations (#19542)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2026-03-20 17:21:50 +01:00
sven-bitwarden
4058f13e28
[PM-30993] More Descriptive Message on Expired Tokens (#18869)
* Show more descriptive error on expired tokens

* Separate org invitation acceptance from others

* Adjust variable names

* Account for additional invitation-accept error
2026-03-20 08:35:30 -05:00
Daniel James Smith
3c4d466f25
[PM-27125] Add cookies to fetch requests (#19588)
* feat: add full middleware pipeline support

* Retrieve cookies from storage and attach cookies using Electron session

* Register middleware to act on fetch redirect to acquire cookie for SSO

* Add missing tests

* fix: acquireCookies call

* fix: cookies not getting set

* feat: add vaultUrl to server communication config

* feat: adapt to receiving vaultUrl in acquireCookies

* fix: remove localhost connector override

* Fix requests can't be re-used

* Add small delay to ensure cookies are saved before retrying requests

* Fix vaultUrl being set twice

* Add mock clone method

* Fix sso-cookie.main tests

* Remove old FIXME

* Re-use request and fix test

* Add missing coverage checking that needsBootsrap is called

* In case the hostname can't be extracted, the response is returned

* Only check the responseType instead of also checking statuscodes for redirects

* Bump the sdk-version

* Prepend https:// if necessary before launching the connector url

* Do not retry if needsBootstrap returns false

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2026-03-20 10:19:21 +01:00
SmithThe4th
7b1ed66830
Added error message toast (#19672) 2026-03-19 17:12:37 -04:00
Stephon Brown
7e669a53bc
[PM-33787] [Defect] Enable Premium Users to Upgrade to Free Organization (#19611) 2026-03-19 16:52:10 -04:00
Mike Amirault
49e5f0a8c8
[PM-32160] Use shared Send List component in web (#19454)
* [PM-32160] Use shared Send List component in web

* Address AI review comments

* Surface errors on delete and remove password failures
2026-03-19 16:48:58 -04:00