Commit Graph

1994 Commits

Author SHA1 Message Date
Bernd Schoolmann
a942e21b22
[PM-31119] Run side-effects in sdk unlock service (#20004)
* Run side-effects in sdk unlock service

* Revert feature flag

* Tests and fix cli

* Set user ever had user key and add comment

* Update sdk

* Prettier

* Cleanup

* Only set biometric unlock when biometric enabled

* Clean up tests

* Fix DI

* Cleanup

* Cleanup

* Prettier

* Add test coverage and rename

* Cleanup tests

* Prettier

* Cleanup
2026-04-10 12:08:48 +02:00
Oscar Hinton
7c7c07e651
[PM-31875] Client changes for async sdk client get/set (#20032)
* Client changes for async sdk client get/set

* Bump sdk version
2026-04-09 14:19:27 -07:00
Jared
79c6b51599
[PM-26383] Remove feature flag to enable autoconfirm (#20015)
* Refactor: Remove ConfigService dependency from auto-confirm related components

- Eliminated ConfigService from MainBackground, AutoConfirmPolicy, UserLayoutComponent, WebVaultPromptService, and organizationPolicyGuard.
- Updated logic to directly use organization properties instead of feature flags for auto-confirm functionality.
- Adjusted tests in DefaultAutomaticUserConfirmationService to reflect the removal of feature flag checks.
- Cleaned up unused imports related to ConfigService across various files.

* Refactor: Update date handling in tests and remove unused feature flag checks

- Changed date calculation in WebVaultExtensionPromptService tests to use milliseconds for accuracy.
- Removed unused feature flag checks from WebVaultPromptService tests, simplifying the logic and improving clarity.

* Refactor: Update organizationPolicyGuard to include ConfigService in feature callback

- Modified the organizationPolicyGuard to accept ConfigService as an additional parameter in the feature callback.
- Adjusted the SendComponent route to align with the updated guard implementation.

* Fix: Adjust date calculation in WebVaultExtensionPromptService tests for accuracy

- Updated the test to set the exact date to 30 days prior using setDate method for clarity and to avoid potential issues with DST boundaries.
2026-04-09 15:36:38 -04:00
Nick Krantz
14cd2ad341
[PM-26713] Refactor Attachment Uploads to use XMLHTTPRequest (#19634)
* allow consumers of upload service to input block size

* implement progress bar for cipher attachment uploads

* refactor to use a constant for available block sizes

* rework tests to use AzureUploadBlockSize

* update cipher attachments to ensure 100% is shown for all attachments

* do not allocate real memory in test

* update file uploads to use `XMLHttpRequest` when possible to track progress

* remove unused block size

* update tests + make options optional

* fix unit tests to align with single block approach

* add optional chaining for optional parameter

* remove duplicate import

* catch error from xhr send

* remove redundant try/catch block

* use if/else syntax in attachment template

* add `applyPlatformHeaders` to consolidate header creations between methods.

* add feature flag for file upload changes for progress

* update constructor parameters

* only pass object when feature flag is enabled
2026-04-09 13:23:33 -05:00
Bernd Schoolmann
73aae34267
[PM-33101] Remove master key from uv service (#20076)
* Remove local masterkey hash

* Remove more instances of local master key hash

* remove dependence on service

* Remove master key from uv service

* Fix failing build

* Fix failing build

* Fix tests

* Fix test

* Fix

* Prettier

* Fix merge conflicts

* Fix cli
2026-04-10 01:48:13 +09:00
Dave
f3d22022e6
[PM-33524] Not able to set new Master Password in a previously TDE org (#19810)
* fix(saltForUser) [PM-33524] Update saltForUser$ for transition states

- e.g., TDE offboarding: user will have neither a master password nor
  salt during transition. This is not a failure to make unlock data, it
  is a gap in user state. A default salt should be provided to enable
  the state transition.

* test(saltForUser) [PM-33524] Add test cases for user transition states

* docs(email-to-salt) [PM-33524] Annotate emailToSalt callsites with changes planned for Stage 3.

* docs(master-password-service) [PM-33524] Reintroduce/modify comments after main merge.
2026-04-09 11:02:46 -05:00
Bernd Schoolmann
c9352c01d9
[PM-32864] Remove local masterkey hash (#19277)
* Remove local masterkey hash

* Remove more instances of local master key hash

* remove dependence on service

* Fix failing build

* Fix failing build

* Fix tests

* Fix test

* Fix

* Prettier

* Fix merge conflicts

* Fix cli

* Remove master key from uv service (#19278)

* Revert "Remove master key from uv service (#19278)" (#19697)

This reverts commit 8e53fe6a11.

* Cleanup local master key hash

* Fix test
2026-04-09 10:34:03 -04:00
Jordan Aasen
75a8fc703c
add feature flag (#20019) 2026-04-08 09:27:32 -07:00
Kyle Spearrin
92b04c24fe
new event log for 2fa recovery (#20055) 2026-04-08 11:31:45 -04:00
Kyle Spearrin
be9099defb
[PM-15489] 2fa account recovery (#19894)
* claude plan

* PR feedback

* implement 2fa reset to account recovery policy

* tests

* fix locales

* PR feedback

* PR fixes

* PR feedback

* fix CI build errors
2026-04-08 09:10:31 -04:00
Rui Tomé
b10e9482cb
[PM-34177] Fix feature flag key value for Organization Invite Links (#20039)
* [PM-34177] Fix feature flag key value for Organization Invite Links

* Rename feature flag key from OrganizationInviteLinks to GenerateInviteLink for clarity and consistency.
2026-04-07 19:21:24 +01:00
Rui Tomé
5e0a6845ea
[PM-34177] Add feature flag for Organization Invite Links (#20033) 2026-04-07 18:12:21 +01:00
Andreas Coroiu
26cb88bd8c
Bitwarden IPC improvements/refactor (#19935)
* fix: types after SDK change

* feat: update SDK
2026-04-07 17:05:37 +02:00
Vijay Oommen
e0a9496bd6
[PM-34230] Blumira Integration using HEC (#20008) 2026-04-07 09:29:54 -05:00
Nik Gilmore
ca0e443592
[PM-34500] Add PM-34500-strict-cipher-decryption feature flag (#19973)
* Add PM-34500-strict-cipher-decryption feature flag
2026-04-06 16:38:58 -07:00
Shane Melton
69f9c7d30d
[PM-25688] Migrate Folder API request model to TS strict (#17269)
* [PM-25688] Migrate folder.request.ts to TS strict

* [PM-25688] Remove ts-strict-ignore from FolderWithIdRequest and update importer service to use FolderRequest instead

* [PM-25688] Add unit test to ensure Folder Id is never set for import request

* [PM-25688] Introduce FolderWithOptionalIdRequest for Import service
2026-04-06 13:24:40 -07:00
Daniel García
767a979314
[PM-32783] Cached electron storage (#19590)
* [PM-32783] Cached electron storage

* Fix strict types

* Fix has bug

* Revert accidental change

* Revert import

* Fix review comments

* Add flag
2026-04-06 16:32:37 +02:00
renovate[bot]
83fbaec0f7
[deps] Architecture: Update Minor and patch linting updates (#17491)
* [deps] Architecture: Update Minor and patch linting updates

* Fix npm conflicts

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hinton <hinton@users.noreply.github.com>
2026-04-06 08:20:58 -04:00
Jordan Aasen
d22a5a82c9
migrate cipher export and sub-models (#19050) 2026-04-03 11:29:02 -07:00
Bernd Schoolmann
97329383a1
[PM-33173] Use unlock service for password login strategy (#19371)
Some checks failed
Scan / Check PR run (push) Has been cancelled
Testing / Run typechecking (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-browser junit:junit-browser.xml name:Browser paths:apps/browser bitwarden_license/bit-browser]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-cli junit:junit-cli.xml name:CLI paths:apps/cli bitwarden_license/bit-cli]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-desktop junit:junit-desktop.xml name:Desktop paths:apps/desktop]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-libs junit:junit-libs.xml name:Libs paths:libs bitwarden_license/bit-common]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-web junit:junit-web.xml name:Web paths:apps/web bitwarden_license/bit-web]) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
* Use unlock service for login

* Fix build

* Apply feedback to move more logic behind feature flag, and use newer unlock service

* Fix types

* Fix type

* Fix test

* Fix dependencies on cli

* Cleanup

* Fix types

* Fix imports

* Fix eslint

* Prettier

* Address feedback

* Eslint

* Move unlockServiceForPasswordLogin to passwordloginstrategydata

* Eslint
2026-04-03 12:42:17 +09:00
Maciej Zieniuk
27efcdb9a0
[PM-32761] Lock causes log out on TDE account with PIN (#19594)
* switch back to default (Lock) session timeout action when PIN is enabled in master password less accounts.

* always reset to null (default) when only one action is available.

* unnecessary additional keys refresh on token storage migration
2026-04-02 18:48:53 +02:00
Conner Turnbull
037fff6e3a
[PM-31899] Remove m2 flag definition (#19869)
* Remove pm-23341-milestone-2 flagged logic from user-subscription component

Remove the enableDiscountDisplay$ feature flag observable and collapse the
ngIf/else template to always show the discount badge. The badge handles
null/no-discount gracefully.

* Remove PM23341_Milestone_2 flag definition from feature-flag enum
2026-04-02 09:07:31 -05:00
Alex Morask
7d43c72a82
fix(billing): map cart-level discount into discounts array in CartResponse (#19925) 2026-04-01 14:53:52 -05:00
John Harrington
650962aeb3
bump sendcontrols policy enum value (#19903) 2026-04-01 08:04:08 -07:00
John Harrington
3f39b88b4c
[PM-31885] Consolidate all Send policies to a single policy (#19314) 2026-03-31 13:57:01 -07:00
Jackson Engstrom
a26188fd36
[PM-32747] Empty TOTP secrets are being saved to ciphers in web based clients (#19645) 2026-03-31 09:19:33 -07:00
Jordan Aasen
9b7452e8e2
set viewPassword in cipher encrypt (#19601) 2026-03-30 16:46:47 -07:00
Nik Gilmore
ab088536bb
[PM-33952] Fix cipher key encryption logic when editing ciphers (#19695) 2026-03-30 15:23:17 -07:00
Vicki League
eff884be5f
[CL-941] Remove router focus flag from client (#19812) 2026-03-30 16:23:02 -04:00
Nick Krantz
30ab005da5
[PM-19168] Remove Archive Feature Flag (#19829)
* remove archive feature flag

* fix dependency within services module
2026-03-30 10:23:38 -05:00
Jared McCannon
2c011fcf69
[PM-30614] - Fix double event log in browser ext popup (#19657)
* Moved the task scheduler registration to the init method to ensure we're not re-registering it. Also made a no-op upload service for when the extension is popped out so we don't push events from both threads.
2026-03-30 09:33:54 -05:00
Addison Beck
02fe70eaeb
refactor(scheduling): extract @bitwarden/scheduling Nx leaf library (#19771) 2026-03-27 11:23:22 +00:00
Nick Krantz
ad7864084f
[PM-24476] At Risk Password setting (#19557)
* add setting to toggle the visibility of at-risk password settings

* add comments surrounding why/when notification setting is applicable
2026-03-26 08:58:43 -07:00
Brandon Treston
473929f0d8
remove feature flagged logic (#19718) 2026-03-25 14:09:55 -04:00
Jared Snider
8c35c781a8
Auth/PM-33353 - Password Login - refine prefetching of password prelogin data (#19510)
* PM-33353 - LoginStrategyService tests - add test to capture the bad behavior.

* PM-33353 - Extract Password Prelogin API logic to own service out of API service.

* PM-33353 - Rename prelogin request / response models to have password prefix for clarity

* PM-33353 - Build PasswordPrelogin domain service and domain model + tests

* PM-33353 - PasswordPrelogin - add barrel file

* PM-33353 - PasswordPreloginData - fromResponse - add validateKdfConfigForPrelogin so domain model is always valid.

* PM-33353 - Register PasswordPreloginApiService and PasswordPreloginService.

* PM-33353 - LoginComponent - wire up PasswordPreloginService

* PM-33353 - LoginStrategy updates - (1) Remove all password prelogin code from top level strategy service (2) Inject new PasswordPreloginService for use in the PasswordLoginStrategy.

* PM-33353 - Update Password Prelogin tests to use defaults

* PM-33353 - PasswordPreloginData model tests - update to use mins

* PM-33353 - Fix login strategy tests + get TS strict warnings fixed

* PM-33353 - Remove login component tests

* PM-33353 - Fix CLI

* PM-33353 - Password Login Strategy - add additional tests + fix misc issues + re-organized tests.

* PM-33353 - LoginComp - local AI review feedback - clean up prefetchPasswordPreloginData

* PM-33353 - Remove PM23801_PrefetchPasswordPrelogin feature flag

* PM-33353 - DefaultPasswordPreloginService - getPreloginData$ - fix shareReplay error bug state.

* PM-33353  - login-strategy.state.spec.ts - Remove incorrect todo and fix ts strict issues

* PM-33353 - Per PR feedback, Update PasswordPreloginService to add a cache clear mechanism to just tightly bound the service's memory to the lifetime of the key making process
2026-03-24 17:11:08 -04:00
Thomas Rittson
577bfbb231
Update all event import statements and remove re-exporting files (#19545)
Final import statement update after moving files to DIRT ownership
2026-03-24 16:00:39 -04:00
Jonathan Prusik
a966e75576
[PM-27368] Injected Autofill experiences should respect the user's "show animations" setting (#19622)
* toggle autofill animation based on user setting

* toggle inline-menu animation based on user setting

* toggle notification animation based on user setting

* review feedback changes

* add tests

* reformat comments
2026-03-24 15:48:17 -04:00
Jared Snider
ebd896f91a
Auth/PM-33261 - Multi-client Password Management (new for desktop & extension) (#19289)
* PM-32413 - Add hasPassword guard for future use.

* PM-32413 - Web - PasswordSettingsComp - add TODO for using new guard.

* PM-32413 - ChangePasswordComp - Add output emitter for when a password has been changed successfully.

* PM-32413 - Add feature flag

* PM-32413 - Desktop - implement change password component in a dialog.

* PM-32413 - Add change password to extension

* PM-32413 - Fix translations

* PM-32413 - Desktop - menu - add clean up todo

* PM-32413 - Feature flags - reset hardcoded true values

* PM-32413 - Add clean up todos

* PM-32413 - Extension Routing module - add hasPassword guard

* PM-32413 - add todo

* PM-32413 - Desktop / Extension - use  InputPasswordFlow.ChangePassword instead of  InputPasswordFlow.ChangePasswordWithOptionalUserKeyRotation

* PM-32413 - Finish last AI review items

* PM-32413 - Per PR feedback, update change-password-dialog title translation to one that we don't plan on removing.

* PM-32413 - Per PR feedback, update menu item id

* PM-32413 - Per local claud review - modify has-password to use UrlTree pattern.

* PM-32413 - ChangePassword comp - add  this.passwordChanged.emit(); in newly flagged code branch
2026-03-23 16:47:50 -04:00
Kyle Denney
87a636c9fc
[PM-30101] subscription discounts in web checkout (#19599)
* [PM-30101] subscription discounts in web checkout

fixing expired code

* fix missing parens

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>

* fix typechecking

* missing tests

* fix test

* design feedback

only show discount badges in cart summary in checkout flows

* pr feedback

---------

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
2026-03-23 13:16:33 -05:00
Jordan Aasen
d20e33c431
handle and parse errors messages for server errors in the browser (#19667) 2026-03-20 16:42:22 -07:00
Maciej Zieniuk
1b63466144
prevent the KM state used in SDK from caching and rxjs observable becoming hot observable (#19685) 2026-03-20 23:46:03 +01:00
Daniel James Smith
257b32aa7d
[PM-29480] Add dialog to cookie acquisition (#19655)
* feat: add full middleware pipeline support

* Retrieve cookies from storage and attach cookies using Electron session

* Register middleware to act on fetch redirect to acquire cookie for SSO

* Add missing tests

* fix: acquireCookies call

* fix: cookies not getting set

* feat: add vaultUrl to server communication config

* feat: adapt to receiving vaultUrl in acquireCookies

* fix: remove localhost connector override

* Fix requests can't be re-used

* Add small delay to ensure cookies are saved before retrying requests

* Fix vaultUrl being set twice

* Add mock clone method

* Fix sso-cookie.main tests

* Remove old FIXME

* Re-use request and fix test

* Add missing coverage checking that needsBootsrap is called

* In case the hostname can't be extracted, the response is returned

* Only check the responseType instead of also checking statuscodes for redirects

* Bump the sdk-version

* Prepend https:// if necessary before launching the connector url

* Add dialog to cookie acquisition

* Fix tests

* Add handling the user choosing cancel, which will now cancel the cookie acquisition

* Do not retry if needsBootstrap returns false

* Fix tests that hadn't been updated seen https:// was appended

* Move the sso cookie feature fully into desktop

* Move prompt to acquire cookie into ServerCommunicationConfigPlatformApiService and ensures that concurrent calls are dedupes during the callback await and when the dialog is open but no option has been chosen yet

* Fix broken import on sso-cookie.main.spec

* Update test suite, due to moving the dialog into the ServerCommunicationConfigPlatformApiService

* Fix import, that I missed from the move

* feat: move subscription into init function

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2026-03-20 15:34:50 +00:00
Daniel James Smith
3c4d466f25
[PM-27125] Add cookies to fetch requests (#19588)
* feat: add full middleware pipeline support

* Retrieve cookies from storage and attach cookies using Electron session

* Register middleware to act on fetch redirect to acquire cookie for SSO

* Add missing tests

* fix: acquireCookies call

* fix: cookies not getting set

* feat: add vaultUrl to server communication config

* feat: adapt to receiving vaultUrl in acquireCookies

* fix: remove localhost connector override

* Fix requests can't be re-used

* Add small delay to ensure cookies are saved before retrying requests

* Fix vaultUrl being set twice

* Add mock clone method

* Fix sso-cookie.main tests

* Remove old FIXME

* Re-use request and fix test

* Add missing coverage checking that needsBootsrap is called

* In case the hostname can't be extracted, the response is returned

* Only check the responseType instead of also checking statuscodes for redirects

* Bump the sdk-version

* Prepend https:// if necessary before launching the connector url

* Do not retry if needsBootstrap returns false

---------

Co-authored-by: Andreas Coroiu <andreas.coroiu@gmail.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
2026-03-20 10:19:21 +01:00
Bernd Schoolmann
5b4e8c10f0
[PM-33345] Bump typescript to 5.9 (#19461)
* Bump typescript to 5.9

* Fix km types

* Fix auth types

* Fix remaining types

* Fix spec files eslint

* Fix eslint

* Prettier

* Make SendHashedPassword Uint8Array<ArrayBuffer>

* Update rul tester

* Fix tests

* Fix tests
2026-03-19 23:13:06 +01:00
John Harrington
4c9965a75f
[PM-33232] Update UX implemented in PM-33219 to resolve VULN-458 (#19514)
* send AuthType in request payload and allow empty email field

* re-introduce validation enforcing non-empty email field
2026-03-19 13:36:32 -07:00
rr-bw
411156aeaa
refactor(input-password-flows): [Auth/PM-27086] Use new KM Data Types in InputPasswordComponent flows - Change Password (#18507)
Updates the `ChangePasswordService` (`changePassword()` and `changePasswordForAccountRecovery()`) to use the new KM data types :
- `MasterPasswordAuthenticationData`
- `MasterPasswordUnlockData`

This allows us to move away from the deprecated `makeMasterKey()` method (which takes email as salt) as we seek to eventually separate the email from the salt.

Also moves current password validation into the default and web change password services.

Behind feature flag: `pm-27086-update-authentication-apis-for-input-password`
2026-03-19 10:40:14 -07:00
Jordan Aasen
c117c20755
Revert "handle and parse errors messages for server errors in the browser (#19566)" (#19662)
This reverts commit 7318376528.
2026-03-19 10:01:38 -07:00
Maciej Zieniuk
17ddfd2e20
remove pm-28813-data-recovery-tool feature flag (#19635) 2026-03-19 16:45:46 +01:00
Leslie Tilton
bfb47cc9da
Add TrendWidget Feature Work (#19639)
* [PM-27772] Add TrendWidget component with Chart.js implementation (#19078)

Add reusable TrendWidget component with Chart.js line chart for displaying risk trends over time in Access Intelligence.

- Configurable datetime/linear x-axis scales
- Theme-aware colors from design system (brand-700/400, gray-200/600)
- Full i18n support (10 new translation keys)
- Loading spinner and error state handling
- Proper Chart.js lifecycle management

* [PM-28530] Implement period selector UI component (#19162)

* feat(dirt): define TimePeriod type for risk-over-time period selector

Add const object type for 5 time periods (month, 3mo, 6mo, 12mo, all)
following ADR-0025 no-enum pattern. Includes PeriodOption interface
and PERIOD_OPTIONS config for rendering.

[PM-28530]

* feat(dirt): create PeriodSelectorComponent using bit-menu

Custom trigger button with bit-menu dropdown for risk-over-time
time period selection. No clear button, neutral styling matching
Figma design. Check icon marks current selection.

[PM-28530]

* feat(dirt): add barrel export for period selector

[PM-28530]

* feat(dirt): add i18n strings for period selector options

Add translation keys for time period labels: pastMonth, last3Months,
last6Months, last12Months, and timePeriod placeholder.

[PM-28530]

* feat(dirt): add Storybook stories for PeriodSelectorComponent

Stories for default state, pre-selected 3 months, and disabled state.

[PM-28530]

* test(dirt): add unit tests for PeriodSelectorComponent

Tests cover default state, period options with pre-translated labels,
selection changes, and selected label reactivity.

[PM-28530]

* feat(dirt): integrate PeriodSelector into TrendWidget component

Replace placeholder with dirt-period-selector dropdown. Add TimePeriod
to TrendWidgetTimespan mapping layer to bridge the two type systems.
Remove standalone Storybook story and disabled input per review feedback
— component now lives inside TrendWidget, not standalone.

[PM-28530]

* refactor(dirt): replace model() with signal() + output() for PeriodSelector

Switch from Angular's model() API to the signal() + output() pattern
used throughout the Access Intelligence module. This matches the
existing convention in TrendWidget (selectedTimespan/timespanChanged),
app-table-row-scrollable (checkboxChange/selectAllChange), and
review-applications-view (onToggleSelection/onToggleAll).

Changes:
- Replace model<TimePeriod>() with signal<TimePeriod>() for internal state
- Add explicit selectedPeriodChange output for parent notification
- Manual .emit() in selectPeriod() to match module convention
- Update test to verify output emission via subscribe spy

No functional change — both patterns emit selectedPeriodChange events.
The template binding (selectedPeriodChange)="..." is unchanged.

* refactor(dirt): update labels to match Figma and unify type system

Update period selector labels per Figma design:
- "Last 3 months" → "Past 3 months" (past3Months)
- "Last 6 months" → "Past 6 months" (past6Months)
- "Last 12 months" → "Past year" (pastYear)
- "All" → "All time" (allTime, new key — pre-existing "all" key untouched)

Rename TimePeriod const keys to match labels:
- Last3Months → Past3Months
- Last6Months → Past6Months
- Last12Months → PastYear
- All → AllTime
Wire values unchanged ("month", "3mo", "6mo", "12mo", "all") to
preserve server API compatibility.

Remove TrendWidgetTimespan entirely — TrendWidget now uses TimePeriod
directly for signals, outputs, and data model. Eliminates the temporary
mapping layer (timePeriodMap + onPeriodSelectorChange). Period selector
wires directly to onTimespanChange().

[PM-28530]

* [PM-28533] Add view selector to TrendWidget component (#19163)

Adds the view selector button group to the TrendWidget component. Hooks up to existing signal and emits events when the view mode is changed. In future development, the parent component of TrendWidget will need to handle these events to fetch updated chart data from the API.

View options are:

Applications
Passwords
Members

* Fix TimePeriod type errors in TrendWidget stories (#19239)

Replace invalid "past-month" string literals with TimePeriod.PastMonth
constant to match the TimePeriod type definition. The TimePeriod const
object uses "month" as the value for PastMonth, not "past-month".

* [PM-32056] Add feature flag for access intelligence trend chart (#19164)

* feat(dirt): add feature flag for access intelligence trend chart

Register the `pm-26961-access-intelligence-trend-chart` feature flag
to gate the upcoming TrendChart widget in the Activity tab. Default
is FALSE (disabled). PM-32057 will consume this flag when wiring up
the widget component.

[PM-32056]

* feat(dirt): read trend chart feature flag in activity component

Inject ConfigService into AllActivityComponent and read the
AccessIntelligenceTrendChart flag on init. This prepares the
component for the TrendChart widget to be conditionally rendered.

[PM-32056]

* feat(dirt): add conditional wrapper for trend chart widget

Add an @if block gated by the AccessIntelligenceTrendChart feature
flag in the Activity tab template. The TrendChart widget will be
placed inside this block when wired up.

[PM-32056]

* reset package files to main

* install chartjs using node v22

* add chartjs to dirt team deps (#19244)

* [PM-32055] Download TrendWidget chart to PNG and CSV (#19245)

This PR adds a download button to the TrendWidget component that supports downloading the "Risk over time" chart data as a PNG or in CSV format.

Logic to dynamically add a chart title and x/y axis labels is included. This required creating a service that recreates a copy of the chart with title and axis labels applied, in an off screen canvas element, and then exporting to blob for file download. This logic is owned by the ChartExportService.

* Fix readonly variables. Update chart variable to use signal

* Fix any type in test file

---------

Co-authored-by: Brad <44413459+lastbestdev@users.noreply.github.com>
Co-authored-by: Alex <55413326+AlexRubik@users.noreply.github.com>
Co-authored-by: Brad Deibert <bdeibert@bitwarden.com>
2026-03-18 16:04:04 -05:00
Jordan Aasen
7318376528
handle and parse errors messages for server errors in the browser (#19566) 2026-03-18 10:26:25 -07:00