Commit Graph

2270 Commits

Author SHA1 Message Date
Bernd Schoolmann
cc8bd71775
[PM-21033/PM-22863] User Encryption v2 (#14942)
* Add new encrypt service functions

* Undo changes

* Cleanup

* Fix build

* Fix comments

* Switch encrypt service to use SDK functions

* Move remaining functions to PureCrypto

* Tests

* Increase test coverage

* Split up userkey rotation v2 and add tests

* Fix eslint

* Fix type errors

* Fix tests

* Implement signing keys

* Fix sdk init

* Remove key rotation v2 flag

* Fix parsing when user does not have signing keys

* Clear up trusted key naming

* Split up getNewAccountKeys

* Add trim and lowercase

* Replace user.email with masterKeySalt

* Add wasTrustDenied to verifyTrust in key rotation service

* Move testable userkey rotation service code to testable class

* Fix build

* Add comments

* Undo changes

* Fix incorrect behavior on aborting key rotation and fix import

* Fix tests

* Make members of userkey rotation service protected

* Fix type error

* Cleanup and add injectable annotation

* Fix tests

* Update apps/web/src/app/key-management/key-rotation/user-key-rotation.service.ts

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>

* Remove v1 rotation request

* Add upgrade to user encryption v2

* Fix types

* Update sdk method calls

* Update request models for new server api for rotation

* Fix build

* Update userkey rotation for new server API

* Update crypto client call for new sdk changes

* Fix rotation with signing keys

* Cargo lock

* Fix userkey rotation service

* Fix types

* Undo changes to feature flag service

* Fix linting

* [PM-22863] Account security state (#15309)

* Add account security state

* Update key rotation

* Rename

* Fix build

* Cleanup

* Further cleanup

* Tests

* Increase test coverage

* Add test

* Increase test coverage

* Fix builds and update sdk

* Fix build

* Fix tests

* Reset changes to encrypt service

* Cleanup

* Add comment

* Cleanup

* Cleanup

* Rename model

* Cleanup

* Fix build

* Clean up

* Fix types

* Cleanup

* Cleanup

* Cleanup

* Add test

* Simplify request model

* Rename and add comments

* Fix tests

* Update responses to use less strict typing

* Fix response parsing for v1 users

* Update libs/common/src/key-management/keys/response/private-keys.response.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Update libs/common/src/key-management/keys/response/private-keys.response.ts

Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>

* Fix build

* Fix build

* Fix build

* Undo change

* Fix attachments not encrypting for v2 users

---------

Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
2025-10-10 23:04:47 +02:00
bw-ghapp[bot]
3ba6cfa8de
Autosync the updated translations (#16814)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-10-09 20:44:07 +00:00
Miles Blackwood
2a2a36ea70
Removes clobbering emission of empty array. (#16682)
* Removes clobbering emission of empty array.

* Additional 'startWith' removal.
2025-10-09 15:47:58 -04:00
Github Actions
6353d0e67c Bumped client version(s) 2025-10-09 19:33:25 +00:00
Jordan Aasen
2aa0ad672e
[PM-12030] - add "Edit" and "Delete" options to browser more items menu (#16764)
* add "Edit" and "Delete" options to browser more items menu

* remove redundant check
2025-10-08 14:12:45 -07:00
Oscar Hinton
095729d6fa
[PM-23189] Add client managed token provider (#15408)
* Add client managed token provider

* Change token service to accept user id

* Resolve breaking changes in the SDK

* Fix tests

* Update sdk

* Fix type

* Fix types

* Fix cli

* Fix browser

* Add optional userId to refreshIdentityToken

* Fix merge issues

* Fix tests
2025-10-08 16:47:30 -04:00
Daniel James Smith
0df7215d6e
Use Signal inputs and make files ts-strict compliant (#16778)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2025-10-08 09:00:51 -07:00
Jonathan Prusik
b0179bd105
prevent pseudo-elements from being targeted and styled by host page's global rules (#16654) 2025-10-07 15:38:49 -04:00
Dave
1e56e7b151
fix(account-switcher) [PM-21215]: Update section spacing and font weight for consistency. (#16643) 2025-10-07 14:47:48 -04:00
Shane Melton
9f0a565241
[PM-25682] Migrate CipherView and subviews to be TS strict compliant (#16463)
* [PM-25682] Remove ts-strict-ignore from Vault view models and update types to be strict

* [PM-25682] Ignore ViewEncryptableKeys error for old decrypt methods

* [PM-25682] Add null/undefined as possible types for isNull* and other helpers that include null checks internally

* [PM-25682] Use patchValue instead of setValue which does not support undefined values

* [PM-25682] Add type assertions and other misc. null checks where necessary

* [PM-25682] Fix importers specs

* [PM-25682] Cleanup card view/details

* [PM-25682] Fix cipher view hasAttachment helper

* [PM-25682] Cleanup unecessary null assignments in notification.background.spec.ts

* [PM-25682] Ensure linkedId is undefined instead of null

* [PM-25682] Cleanup misc typing errors

* [PM-25682] Make the CipherId required

* [PM-25682] Undo CipherId assertions

* [PM-25682] Undo brand initial value change

* [PM-25682] Update SshKeyView

* [PM-25682] Add constructor to Fido2CredentialView

* [PM-25682] Prettier

* [PM-25682] Fix strict type warnings after merge with main

* [PM-25682] Cleanup cipher view spec

* [PM-25682] Cleanup new type warnings after merge

* [PM-25682] Undo removed eslint-disable-next-line comment

* [PM-25682] Fix flaky test

* [PM-25682] Use satisfies instead of as for Fido2CredentialAutofillView
2025-10-07 11:40:57 -04:00
Graham Walker
801700d441
PM-26015 Datadog integration card (#16559)
* PM-26015 adding Datadog integration card

* PM-26015 removing 2 changes

* PM-26015 Removing 1 change

* PM-26015 adding datadog integration card

* PM-26015 fixing code to accept new toast owner changes

* PM-26015 fixing linting error

* PM-26015 fixing pr comment
2025-10-07 09:37:59 -05:00
Miles Blackwood
24e159250b
Streamlines change pass notification logic. (#16435)
* Streamlines change pass notification logic.

* Includes test cases for all change password behavior.

* Allows multiple cipher views to be passed to notification.

* Removes assumptions about matching passwords.

* Includes current password match for now.

* [WIP] Fixes exact login match ignore for change. Partially updates save/update methods for ciphers.

* Removes password matching.

* Preserves nullable cipherId, set only while cipher action handled

* Updates comment.
2025-10-06 18:22:07 -04:00
Jeffrey Holland
f073fde443
[PM-22454] Autofill correct login form from extension (#16680)
* [PM-22454] Autofill correct login form from extension

* Remove redundant setting of `f`

* Remove correct redundant call
2025-10-06 19:26:55 +02:00
Oscar Hinton
8cf379d997
[PM-22305] Upgrade typescript to 5.8 (#15044)
Upgrade to the latest supported typescript version in Angular.

Resolved TS errors by:
  - adding `: any` which is what the compiler previously implied and now warns about.
  - adding `toJSON` to satisfy requirement.
2025-10-06 12:39:40 -04:00
Daniel Riera
2ce194c190
[PM-14236] most recently used login is no longer moved to top of the list (#16388)
* PM-14236 add overlay background call to internal autofill

* update overlay background to handel vaultAutofillSuggestionUsed call

* update main and runtime to pass message

* add rough testing to verify calls are being made or not

* remove spacing

* reduce scope and handle update in main background

* clean type, remove cipherId which is no longer used

* when keyboard shortcut is used, update overlay ciphers to freflect new order immediately

* keep separation of concerns, put handleAutofillSuggestionUsed back in overlay, add tests

* reduced approach
2025-10-06 10:48:03 -04:00
Anders Åberg
6cbdecef43
PM-13632: Enable sign in with passkeys in the browser extension for chromium browsers (#16385)
* PM-13632: Enable sign in with passkeys in the browser extension

* Refactor component + Icon fix

This commit refactors the login-via-webauthn commit as per @JaredSnider-Bitwarden suggestions. It also fixes an existing issue where Icons are not displayed properly on the web vault.

Remove old one.

Rename the file

Working refactor

Removed the icon from the component

Fixed icons not showing. Changed layout to be 'embedded'

* Add tracking links

* Update app.module.ts

* Remove default Icons on load

* Remove login.module.ts

* Add env changer to the passkey component

* Remove leftover dependencies

* use .isChromium()
2025-10-06 09:25:51 -04:00
Github Actions
bbb49c245b Bumped client version(s) 2025-10-06 10:44:48 +00:00
bw-ghapp[bot]
f41869cbba
Autosync the updated translations (#16742)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-10-06 07:55:41 +00:00
Jeffrey Holland
0daecf4a77
Display inline autofill on Gap.com password field (#16085) 2025-10-06 09:50:49 +02:00
bw-ghapp[bot]
6c2791338e
Autosync the updated translations (#16714)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-10-03 14:12:19 +00:00
Leslie Tilton
33dc57890a
Add premium guard to phishing detection service (#16602) 2025-10-03 09:04:39 -05:00
Oscar Hinton
a1e226b598
[PM-25603] Use angular template for avatar (#15978)
We should be able to simplify the angular component by using svg element directly.
2025-10-03 11:51:25 +02:00
Andreas Coroiu
2ddf1c34b2
[PM-25488] Badge stays after lock when using pin (#16436)
* wip

* feat: add dynamic states

* feat: re-implement badge service with dynamic state functions

* feat: completely remove old static states

* feat: debounce calls to badge api per tab

* feat: use group-by to avoid re-setting all tabs on 1 tab change

* feat: simplify autofill badge updater

* feat: add hanging function test

* chore: clean up badge service

* feat: simplify private updateBadge

* feat: remove unnecessary Set usage

* fix: tests that broke after setState rename

* chore: clean up badge api
2025-10-03 09:01:49 +02:00
rr-bw
fdf47ffe3b
refactor(login-error): (Auth) [PM-22145] Improved Error State for Failed Login (#16569)
Updates the inline error message on a failed login.
2025-10-02 16:18:47 -07:00
Jordan Aasen
7a38b22667
[PM-24951] - update "My Items" icon to bwi-user (#16674)
* update "My Items" icon to bwi-user

* fix tests

* revert changse to reports. fix assign collections.

* revert remaining changes to reports
2025-10-02 14:39:13 -07:00
John Harrington
65d56ca2f3
[PM-25481] Update copy in Admin-Console export-page (#16594)
* add support for export-scope-callout.component to conditionally render organizational export message

• use config service to capture feature flag status
• use platform service and routing to determine admin console context
2025-10-02 06:20:21 -07:00
bw-ghapp[bot]
f442baeba1
Autosync the updated translations (#16693)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-10-02 09:36:09 +02:00
Danielle Flinn
087e1a6155
[CL-866] Add default callout and update styles (#16481)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
* Updated callout styles 
* Added default callout variant
* Refactored component to support icon + content variants (with no header)

---------

Co-authored-by: Vicki League <vleague@bitwarden.com>
Co-authored-by: Bryan Cunningham <bryan.cunningham@me.com>
2025-10-01 23:00:47 +00:00
rr-bw
cae58232e5
feat(new-device-verification-screen): (Auth) [PM-17489] Back Button on New Device Verification Screen (#16599)
On Web and Desktop, show back button on `NewDeviceVerificationComponent` (route `/device-verification`). Do not show it on Extension, because Extension already has a back button in the header.
2025-10-01 12:57:41 -07:00
Konrad
420b26776b
[PM-26325] Archive string - separate noun and verb (#16652)
* Separation of noun and verb
2025-10-01 15:36:02 -04:00
Nick Krantz
727689d827
[PM-24534] Archive via CLI (#16502)
* refactor `canInteract` into a component level usage.

- The default service is going to be used in the CLI which won't make use of the UI-related aspects

* all nested entities to be imported from the vault

* initial add of archive command to the cli

* add archive to oss serve

* check for deleted cipher when attempting to archive

* add searchability/list functionality for archived ciphers

* restore an archived cipher

* unarchive a cipher when a user is editing it and has lost their premium status

* add missing feature flags

* re-export only needed services from the vault

* add needed await

* add prompt when applicable for editing an archived cipher

* move cipher archive service into `common/vault`

* fix testing code
2025-09-30 10:45:04 -04:00
rr-bw
5f7e1f99bf
chore(flag-removal): [Auth/PM20439] Remove flagging logic and flag (BrowserExtensionLoginApproval) (#16568) 2025-09-29 13:29:56 -07:00
Jeffrey Holland
f9056b2711
[PM-22458] Ensure TOTP check ignores email or username fields (#16535)
* [PM-22458] Ensure TOTP check ignores email or username fields

* Resolve underlying totp error for shein.com Germany

* Remove a guard check and add an optional chain
2025-09-29 17:09:41 +02:00
bw-ghapp[bot]
b888274bd0
Autosync the updated translations (#16638)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-09-29 08:53:27 +00:00
renovate[bot]
e5c5bf63ca
[deps] Platform: Update @types/chrome to v0.1.0 (#15697)
* [deps] Platform: Update @types/chrome to v0.1.0

* Fix typing

* Fix other build errors

* Fix strict compile

* Update pkg and fix remaining type errors

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
2025-09-26 17:02:39 +02:00
bw-ghapp[bot]
610bc5b7c2
Autosync the updated translations (#16608)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-09-26 12:05:10 +02:00
Jeffrey Holland
fd98dda0a5
Autofill form that has the focus (#16499) 2025-09-26 11:17:41 +02:00
Jeffrey Holland
4a9183adc5
Allow autofilling iframes like samsclub.com (#16560)
* Allow autofilling iframes like samsclub.com

* Add back original checks

* Remove unused mock
2025-09-26 10:21:28 +02:00
Vicki League
e3a5111a35
[CL-849] Update and consolidate logo svgs (#16390) 2025-09-25 14:52:55 -04:00
Jordan Aasen
24f07dc1e1
fix css on app-root (#16588) 2025-09-25 09:15:02 -07:00
Mick Letofsky
c96a66b53f
[PM-21815] Implement component form the component library & Tailwind CSS (#16491) 2025-09-25 17:23:05 +02:00
Jordan Aasen
6024f6eef2
[PM-25879][PM-25881] - [Defect] Premium badges missing reusable component (#16461)
* clean up premium badge component

* add provider to desktop settings

* rename prop.

* add provider to send component

* fix storybook

* fix test

* move dependency to new send dropdown component

* Revert "move dependency to new send dropdown component"

This reverts commit f134526279.

* remove hasPremium
2025-09-23 09:32:45 -07:00
Jeffrey Holland
e18f3cf8c9
[PM-22417] Enable autofill overlay for siteone.com (#16457)
* [PM-22417] Enable autofill overlay for siteone.com

* Fix broken test

* Remove the magic number
2025-09-23 15:38:53 +02:00
rr-bw
3bbc6c564c
feat(SSO): (Auth/[PM-22110] Remove Alternate Login Options when SSO Required (#16340)
If a user is part of an org that has the `RequireSso` policy, when that user successfully logs in we add their email to a local `ssoRequiredCache` on their device. The next time this user goes to the `/login` screen on this device, we will use that cache to determine that for this email we should only show the "Use single sign-on" button and disable the alternate login buttons.

These changes are behind the flag: `PM22110_DisableAlternateLoginMethods`
2025-09-22 08:32:20 -07:00
Jason Ng
dbec02cf8d
[PM-24533] Initialize Archive Feature (#16226)
* [PM-19237] Add Archive Filter Type (#13852)
* Browser can archive and unarchive items
* Create Archive Cipher Service
* Add flag and premium permissions to Archive 

---------

Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
Co-authored-by: Shane <smelton@bitwarden.com>
Co-authored-by: Patrick Pimentel <ppimentel@bitwarden.com>
2025-09-22 11:06:02 -04:00
Alex
8531109081
[PM-25417] DIRT API Service Refactor (ADR-0005) (#16353)
* encode username for uri and add spec

* verify response from getHibpBreach method

* test/validate for BreachAccountResponse type and length instead of mock response

* - extract dirt api method out of global api service
- create new directory structure
- change imports accordingly
- extract breach account response
- put extracted code into new dirt dir

* codeowners and dep injection for new hibp service
2025-09-22 09:06:58 -05:00
Mick Letofsky
3a721b535c
[PM-21816] Removed unused header component (#16452)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
2025-09-22 12:20:21 +02:00
Mick Letofsky
c9501fec30
[PM-21812][PM-21813] Tech debt removal of legacy stylings no longer required nor used (#16466) 2025-09-22 11:24:32 +02:00
bw-ghapp[bot]
cdd804d232
Autosync the updated translations (#16519)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-09-21 11:39:41 +00:00
Leslie Tilton
7090547cb8
[PM-19814] Phishing Detection Warning Popup UI (#16064)
* Add PhishingDetectionService

* Add a tab listener.

* Get the known phishing domain from the server

* Get the known phishing domain from the server

* Add phishing detection content script.

* Revert "Add phishing detection content script."

This reverts commit ce64d3435a.

* Fix conflicts

* Add build configs.

* Decouple the phishing detection content script logic from the rest of the app.

* move the call to background

* Add communication between the content script and background service.

* Update code to use Log service.

* Resolve conflict

* Add changes for phishing domain report

* Fix initializer order issue.

* Fix domain error.

* Account for no responses.

* Add exit functionality for onclick.

* Wrapped phishing detection feature behind feature flag (#13915)

* push changes for alert

* Removed browser logic for checking feature flag

* move the alert as dialog

* Add functionality to navigate back in history.

* [PM-19814] Add redirect to warning page when a phishing domain is detected.

* [PM-19814] Add the phishing warning page to the Angular popup.

* [PM-19814] Add functionality to display phishing host.

* [PM-19814] Add exit button and learn more link.

* [PM-19814] Add phishing detection feature flag.

* [PM-19814] Move phishing service to phishing directory

* [PM-19814] Add UI to display phishing URL.

* [PM-19814] Disable the URL input and populate it with the phishing URL.

* [PM-19814] Add phishing icon

* [PM-19814] Temporarily remove phishing reporting feature. It can be released separately in another ticket.

* [PM-19814] Clean up

* [PM-19814] Add types to the handlers.

* [PM-19814] Remove logic for handling authentication since the endpoint will be unauthenticated.

* [PM-19814] Fixed as many type issues as possible; added @ts-strict-ignore to the remaining ones.

* [PM-19814] Fix race condition in feature flag check.

* [PM-19814] Update wording for the marketing request.

* [PM-19814] Move phishing detection check from content script to webRequest.onCompleted listener.

* [PM-19814] Use webNavigation.onCompleted for redirect to ensure that the redirect only happens when they land on the page.

* [PM-19814] Remove unused code.

* [PM-19814] Fix merge conflict and update text based on product owner’s request

* [PM-19814] Fix merge conflict

* [PM-19814] Update text

* Resolve the message catalog entries

* Update file for consistent import and exports

* Update imports

* Update another import for BrowserPopupUtils

* Update the rest of the imports for BrowserPopupUtils

* Updates messages

* Rename files

* Current phishing block changes

* Use globalthis for chrome

* Add types file

* Update browser api to include tab navigation and close tab functions

* Update phishing detection to track multiple tabs and not trust info from content script

* Change chrome to browser.

* Fixed phishing detection checking previous url instead of current on navigation. Updated def flag for testing urls.

* Move phishing icon

* Fix chrome specific issues. Add comments to where BrowserApi should be used

* Fix command errors. Typecheck messages. Added guard for phishing detection messages

* Use concat map instead of merge map

* Unformat webfonts.scss file

* Fix lint and import errors

* Move phishing blocker files to dirt folder

* Rename background folder to services

* Add code ownership for phishing blocker

* Update text to use locales on phishing blocker learn more page

* Change navigation from using webapi to browser on updated event for safari support

* Update icon usage

* Fix type issues and add test file

* Fix linting error in test

---------

Co-authored-by: Jimmy Vo <huynhmaivo82@gmail.com>
Co-authored-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Co-authored-by: Tom <144813356+ttalty@users.noreply.github.com>
2025-09-19 10:56:27 -05:00