Convert mutable class properties to readonly, using signals for
buttonLabel and generatedValue to satisfy the enforce-readonly-angular-properties rule.
* PM-24047: Make popout windows respect vault timeout when unfocused
Replace the heartbeat message-passing mechanism for popup detection
with direct browser API queries (getContexts on MV3, getExtensionViews
on MV2/Safari) that can distinguish focused from unfocused popout
windows. Unfocused popout windows no longer prevent vault timeout.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
* PM-24047: Add isAnyViewFocused(), revert isPopupOpen() to simple popup detection
Addresses PR review feedback by separating focus-aware logic from the
isPopupOpen() semantics, which other callers depend on for simple
popup detection:
- BrowserApi.isPopupOpen(): reverted to return views.length > 0 for
popup-type views only (original behavior)
- BrowserApi.isAnyViewFocused(): new method that checks popup views
(always focused), sidebar tab views (always focused), and popout
tab views (focused only if document.hasFocus() is true)
- BrowserPlatformUtilsService.isPopupOpen(): simplified MV3 path
uses getContexts({ contextTypes: ['POPUP'] })
- BrowserPlatformUtilsService.isAnyViewFocused(): new method with
MV3 (POPUP/SIDE_PANEL/focused TAB) and MV2/Safari paths
- PlatformUtilsService: adds isAnyViewFocused() to the interface
- Web/Desktop/CLI stubs return false (no popout windows)
- VaultTimeoutService now calls isAnyViewFocused() instead of
isPopupOpen() so unfocused popouts don't block vault timeout
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Move MV3/MV2 routing into BrowserApi
isPopupOpen() and isAnyViewFocused() now use feature detection for
chrome.runtime.getContexts to select the right API internally,
rather than having the routing in BrowserPlatformUtilsService.
This means BrowserApi is the single owner of view-detection logic,
and the service methods are simple one-line delegations.
Using typeof getContexts === "function" rather than isManifestVersion()
handles Safari naturally: if Safari doesn't support getContexts it
falls back to getExtensionViews, without needing an explicit isSafari()
exclusion.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Scope MV3/MV2 routing refactor to isAnyViewFocused only
isPopupOpen() keeps its existing pattern (MV3/MV2 routing in the
service, simple getExtensionViews in BrowserApi) to avoid touching
unrelated code. Only isAnyViewFocused() has its routing moved into
BrowserApi via feature detection.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Restore isPopupOpen to main branch implementation
isPopupOpen() and its tests are restored exactly to the main branch
version (heartbeat-based approach). Only isAnyViewFocused is new code.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Refactor isPopupOpen() to use getContexts/getViews instead of heartbeat
Replaces the message-passing heartbeat approach with the same
chrome.runtime.getContexts() (MV3) / chrome.extension.getViews() (MV2/Safari)
introspection pattern used by isAnyViewFocused(). This eliminates the need
for a heartbeat listener in the popup and makes both methods consistent.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Simplify isAnyViewFocused() using Array.some()
Collapse the two separate POPUP/SIDE_PANEL checks into a single .some()
call, and replace the synchronous MV2/Safari tab view loop with .some().
The async TAB/popout window check stays as a for loop.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: improve tabs loop readability somewhat
* PM-24047: Fix MV3 popout focus check using wrong uilocation filter
The TAB context filter was checking for `uilocation=sidebar` instead of
`uilocation=popout`. In MV3, sidebars are SIDE_PANEL contexts (already
handled above), so this filter never matched, causing focused popout
windows to be silently ignored and the vault to timeout while a user was
actively viewing one.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-24047: Rename isViewOpen to isViewFocused for semantic accuracy
The variable and parameter previously named isViewOpen reflected
the old "is any view open?" semantics. After the refactor to
isAnyViewFocused(), the naming is updated to match the actual
behavior: checking whether a view is focused, not merely open.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
* Remove the hostname from serverCommunicationConfig as the cookieDomain can be used
* Fix types issue
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Add tests to verify behavior when organizations do not use policies and when users are exempt as owners.
* Update service logic to correctly handle policy retrieval based on user type and organization settings.
* Add state- and key-definitions for persisting serverCommunicationConfig(s)
* Add implementation of the SDK-defined ServerCommunicationConfigRepository
* Add ServerCommunicationConfigService
* Add state- and key-definitions for persisting serverCommunicationConfig(s)
* Add implementation of the SDK-defined ServerCommunicationConfigRepository
* Add ServerCommunicationConfigService
* Fix instantiation of ServerCommunicationConfigClient due to additional dependency on ServerCommunicationConfigPlatformApi
* Fix broken tests
* Fix ts-strict error
* Call setCommunicationType when ConfigService.serverCommunicationConfig$ emits (#19218)
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Move service instantiation to desktop's service.module
* Deleted unused tests
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* fix(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Initial change to try and fix issue.
* fix(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Added back in change that broke it.
* fix(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Fixed.
* fix(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Added tests and updated comment.
* docs(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Moved comment.
* test(sso): [PM-33190] SSO Fails on Callback from Successful IdP Login - Accepted feedback.
* Migrate create and edit operations to use SDK for ciphers
* WIP: Adds admin call to edit ciphers with SDK
* Add client version to SDK intialization settings
* Remove console.log statements
* Adds originalCipherId and collectionIds to updateCipher
* Update tests for new cipehrService interfaces
* Rename SdkCipherOperations feature flag
* Add call to Admin edit SDK if flag is passed
* Add tests for SDK path
* Revert changes to .npmrc
* Remove outdated comments
* Fix feature flag name
* Fix UUID format in cipher.service.spec.ts
* Update calls to cipherService.updateWithServer and .createWithServer to new interface
* Update CLI and Desktop to use new cipherSErvice interfaces
* Fix tests for new cipherService interface change
* Bump sdk-internal and commercial-sdk-internal versions to 0.2.0-main.439
* Fix linting errors
* Fix typescript errors impacted by this chnage
* Fix caching issue on browser extension when using SDK cipher ops.
* Remove commented code
* Implement deleteWithServer and deleteManyWithSErver using SDK
* Implement restoreWithServer and restoreManyWithServer using SDK
* Add softDeleteWithServer and softDeleteManyWithServer impl using SDK
* Wrap SDK functions in firstValueFrom
* Fix bug causing race condition due to not consuming / awaiting observable.
* Add orgId to interface for admin deleteMany calls
* Use cipherService to deleteManyWithServer as admin, instead of API directly
* Bump SDK version to main.460
* Add tests for delete ops
* Remove unsetting archive date on delete, which was introduced by mistake
* Move getAllFromApiForOrganization to use SDK
* Implement getAllDecrypted and getAllFromApiForOrganization for SDK
* Fix broken CipherView conversion functions
* Fix CipherView type conversions from SDK
* Add missing 'await' to decrypt call
* Clean up unnecessary else statements and fix function naming
* Add comments for this.clearCache
* Add tests for SDK CipherView conversion functions
* Replace sdkservice with cipher-sdk.service
* Fix import issues in browser
* Fix import issues in cli
* Fix type issues
* Fix type issues
* Fix type issues
* Move delete/restore functions to cipher-sdk.service.ts when using SDK flag
* Move getCipher functions to cipher-sdk.service.ts when using SDK flag
* Address PR feedback
* Fix test that fails sporadically due to timing issue
* Simplifications from PR feedback
* UPdate tests
* Remove unnecessary type logic to use returned enum
* Revert changes to cipher.view.ts converting CipherListView to CipherView
* updated changes to match SDK changes
* Updated sdk package
---------
Co-authored-by: gbubemismith <gsmithwalter@gmail.com>
Co-authored-by: SmithThe4th <gsmith@bitwarden.com>
With the replacement of the vault cipher view and add-edit views on the desktop client, we no longer require the ColorPasswordCountPipe or the ColorPasswordPipe, as these are now handled by the ColorPasswordComponent from the Bitwarden component library
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* fix: add TypeScript 5.9 type compatibility fixes for auth-owned code
Add explicit `as BufferSource` casts and `Uint8Array` wrapping to satisfy
stricter type checking in TypeScript 5.9. Non-functional changes.
* Fix type errors
* Fix test
* Fix tests
* Fix typing in auth tests
* Also change unlock service to uint8array<arraybuffer>
* Fix types
* Prettier
* Apply fixes for jest spy type
* [PM-32744] Default import destination to My Items when org data ownership policy is enforced
* remove feature flag gating, simplify collection selector logic
* additional code comments to explain import form behavior
---------
Co-authored-by: vlad-trofimov <vlad@Vlads-MacBook-Pro.local>
Co-authored-by: John Harrington <84741727+harr1424@users.noreply.github.com>
* removed feature flag for default user collection being created for restored users.
* leaving the url as we'll need it in case we have to revert a release
* moved account switcher into page header
* Added 'header-actions' slot for AnonLayout
* removed 'standalone: true'
* cleanup
* more cleanup
* fixed lint error
* use 'app-avatar' in dropdown
* fixed account avatar vertical centering
* revert back to `standalone: false`
* moved new account switcher behind 'desktop-ui-migration-milestone-4' FF
* - added to default FF
- fixed template formatting
- removed type of 'configService'
- renamed to 'account-switcher-v2'
* fixed test
* moved 'account-switcher-v2' into '/auth'
* updated class and style from 'v3' to 'v2'
* removed ts-strict-ignore
* added back `ts-strict-ignore`
* added `aria-label` to `bit-avatar`
* fixed page load issue after clearing local session data
* fixed 'Access denied' toast appearing when milestone4 FF is false
* fixed new account switcher missing from 'locked vaults' and other 'AnonLayouts'
* fixed styles for non-logged in account-switcher button
* fixed duplicate account switcher bug
* lint fix
* updated 'account switcher' anon layout styles/colors
* fixed color from `bg-brand-strong` to `bg-brand`
---------
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
* fix: TypeScript 5.9 type compatibility fixes for tools-owned code
Add explicit `as BufferSource` casts and `Uint8Array` wrapping to satisfy
stricter type checking in TypeScript 5.9. Non-functional changes.
* Fix type errors
* fix: TypeScript 5.9 type compatibility fixes for platform-owned code
Add explicit `as BufferSource` casts and `Uint8Array` wrapping to satisfy
stricter type checking in TypeScript 5.9. Non-functional changes.
* Fix fido2 issues
* Fix another type error
* Fix another type error
* migrated vault cipher list
* added back `rounded` prop to `bit-layout`
* moved account switcher to right corner
* moved username below cipher item name
* fixed spacing to align with send pages
* removed commented out
* fixed options buttons overflowing if has launch
* fixed "options" label disappearing when width is insufficient
* reverted search component, added search directly to vault-list
* placed new vault cipher list work behind 'desktop-ui-migration-milestone-3' feature flag
* reverted scss changes
* added back search bar when FF not enabled
* fixed owner column responsiveness (set to table width instead of screen)
* fixed 'owner' column responsiveness
* hide 'owner' column at 'md' breakpoint
* Remove duplicate badge component and org name pipe
* Convert to standalone
* Added back translations
* used correct 'tw' variants for 'px'
* extended existing `item-footer` component
* removed unused `showGroups()` from `vault-cipher-row`
* removed 'addAccess' from `vault-list.component`
* removed more unused, separated 'cipher collections' from 'filter collections'
* converted `vault-wrapper` to use signal
* updated original 'vault.component' to reflect main
* fixed `templateUrl`, merge fix
* changed to `getFeatureFlag$`
* fixes for `item-footer` and `vault-collection-row`
* fixed lint error
* - replaced using global css with tailwind
- added functionality and ui for empty states
- moved search and vault header from 'vault-list' to 'vault component'
* fixed accessing `this.userCanArchive$`
* converted more to tailwind in vault component
* removed unused 'selection' from `vault-list`
* Fix flashing vault list
* Move app-header title to routing module
* Remove broken half-migrated new form
* removed unnecessary `this.organizations$` block
* removed `firstSetup$`, cleaned up unused, separated 'delete' and 'restore' handling for footer and cipher menu
* used desktop 'launch' functionality
* moved 'bit-no-items' into `vault-list`
* removed unused locales
* aligned `handleDelete` and `handleRestore` with original desktop functionality
* Fix linting and tests
* Move no-items out of table similar to send.
* Re-add newline end of messges.json
* Remove events
* Hide copy buttons if there is nothing to copy. Simplify
* fix
* Get rid of unused copyField
* Use dropdown button in vault list instead
* Fix linting
* removed unused imports
* updated `vault-orig` to current in main
* fixed `vault-orig` templateUrl
* fixed import order, removed unused `combineLatest` block
* fixed `onVaultItemsEvent` "delete"
* removed duplicate rendering of logo
* preserve cipher view after 'cancel'
* filter from `allCiphers`
* moved `enforceOrganizationDataOwnership` call inside "syncCompleted" block
* converted `showAddCipherBtn` to observable
* removed unused
* added `submitButtonText` to `app-vault-item-footer`
* removed filtering restricted item types
* fixed `cancelCipher` pass in and set `cipherId`
* updated `submitButtonText`
* updated `vault-orig` to current `vault` in main
---------
Co-authored-by: Hinton <hinton@users.noreply.github.com>
Updates the `setInitialPasswordTdeOffboarding` path to use new KM data types:
- `MasterPasswordAuthenticationData`
- `MasterPasswordUnlockData`
This allows us to move away from the deprecated `makeMasterKey()` method (which takes email as salt) as we seek to eventually separate the email from the salt.
Behind feature flag: `pm-27086-update-authentication-apis-for-input-password`