Commit Graph

2666 Commits

Author SHA1 Message Date
Jackson Engstrom
8f6cf67f8d
[PM-29116] UI Text cut off on default size extension for Download Bitwarden (#18789)
* updates settings buttons to wrap instead of truncate

* adds new download copy
2026-02-10 15:32:36 -08:00
Jordan Aasen
cc03df4950
[PM-17735] - remove v2 suffix from browser vault components (#18108)
* remove v2 suffix

* fix test

* fix path

* fix test

* Fix missed -v2 import path

* fix test

---------

Co-authored-by: Shane <smelton@bitwarden.com>
2026-02-10 13:39:53 -08:00
Andreas Coroiu
b3cb990037
[PM-29313] [Defect] TDE JIT Provisioning - Extension showing locked icon even if user already logged in (#18672)
* fix: add better error handling to badge service

* fix: lint
2026-02-10 15:11:12 +01:00
Jason Ng
322ff6b70b
[PM-31675] remove archive from web edit (#18764)
* refactor default cipher archive service, update archive/unarchive in vault-item-dialog, remove archive/unarchive items in edit form
2026-02-09 16:17:46 -05:00
Daniel Riera
e92817011b
[PM 29531]Remove ts strict ignore in list autofill inline menu list ts (#18738)
* fix(autofill): type throttle to preserve handler this/args and return void

* fix(autofill): strict TS and defaults for inline menu list, throttle typing, TOTP interval

* update snapshots

* swap mouse event for event

* prevent default does nothing on event
2026-02-09 15:05:19 -06:00
Alex Dragovich
e485623ed8
[PM-31685] Removing email hashes (#18744)
* [PM-31685] Removing email hashes

* [PM-31685] fixing tests, which are now passing

* [PM-31685] removing anon access emails field and reusing emails field

* [PM-31685] fixing missed tests

* [PM-31685] fixing missed tests

* [PM-31685] code review changes

* [PM-31685] do not encrypt emails by use of domain functionality

* [PM-31685] test fixes
2026-02-09 12:59:17 -08:00
Jonathan Prusik
62f5929ebb
fix processMutations debouncing (#18615) 2026-02-09 09:21:33 -05:00
Bernd Schoolmann
f7a5ad712f
[PM-29208] Remove individual cryptographic-key states & migrate key service (#18164)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run typechecking (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-browser junit:junit-browser.xml name:Browser paths:apps/browser bitwarden_license/bit-browser]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-cli junit:junit-cli.xml name:CLI paths:apps/cli bitwarden_license/bit-cli]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-desktop junit:junit-desktop.xml name:Desktop paths:apps/desktop]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-libs junit:junit-libs.xml name:Libs paths:libs bitwarden_license/bit-common]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-web junit:junit-web.xml name:Web paths:apps/web bitwarden_license/bit-web]) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
* Remove inividual user key states and migrate to account cryptographic state

* Fix browser

* Fix tests

* Clean up migration

* Remove key-pair creation from login strategy

* Add clearing for the account cryptographic state

* Add migration

* Cleanup

* Fix linting
2026-02-09 12:39:55 +01:00
bw-ghapp[bot]
2807bb089b
Autosync the updated translations (#18836)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2026-02-09 11:26:10 +00:00
Mike Amirault
eb402a7ee8
[PM-30881] Add lock icon to browser Sends list for protected Sends (#18635)
* [PM-30881] Add lock icon to browser Sends list for protected Sends

* Trigger AI PR review

* [PM-30881] Add missing i18n key to browser file
2026-02-06 10:42:16 -05:00
bw-ghapp[bot]
60f75062b0
Autosync the updated translations (#18804)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run typechecking (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-browser junit:junit-browser.xml name:Browser paths:apps/browser bitwarden_license/bit-browser]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-cli junit:junit-cli.xml name:CLI paths:apps/cli bitwarden_license/bit-cli]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-desktop junit:junit-desktop.xml name:Desktop paths:apps/desktop]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-libs junit:junit-libs.xml name:Libs paths:libs bitwarden_license/bit-common]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-web junit:junit-web.xml name:Web paths:apps/web bitwarden_license/bit-web]) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2026-02-06 11:01:26 +01:00
Andreas Coroiu
1898c27ad3
[PM-30404] Exclude .wasm.js from babel (#18555)
* feat: exclude .wasm.js from babel

* feat: exclude from browser and desktop too
2026-02-06 08:42:08 +01:00
Alex Dragovich
1b812d2274
Revert "Remove feature flag check from password generation (#18003)" (#18794)
This reverts commit 7c6d98b50e.
2026-02-05 13:33:44 -08:00
John Harrington
d88cb89618
PM-23851 False requirement to pop out extension when using send files (#17950)
* follow existing popout guard pattern to force popout on firefox when filepicker is exposed

* move firefox guard to tools ownership & revert changes to auth owned file

* initial refactor to consolidate logic  using file-picker-popout.guard

* remove safari from guard & disable forced popout in vault import

* enforce popout on Safari with test coverage

* use userAgent and consistent detection for platform detection

* refactor guard tests involving routes

* replace imports lost during merge

* remove text sends from popout requirement and update tests

* add tooltip and screen-reader text describing popout behavior
2026-02-05 08:41:03 -07:00
adudek-bw
7c6d98b50e
Remove feature flag check from password generation (#18003)
* Remove feature flag check from password generation
2026-02-05 09:46:31 -05:00
Jackson Engstrom
a686ea1640
[PM-26706] Update search results header for extension (#18676)
* dynamically changes the allItems title from 'All items' to 'Search results' based on search text length

* updates logic and copy for changing the allItems header text

* changes how ciphers are displayed when a user has a search term and/or filters applied

* Update apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.html

Co-authored-by: Nick Krantz <125900171+nick-livefront@users.noreply.github.com>

* refactors tests

---------

Co-authored-by: Nick Krantz <125900171+nick-livefront@users.noreply.github.com>
2026-02-04 11:21:20 -08:00
Bryan Cunningham
a07c9ebf6b
[CL-637] icon api buttons links (#18388)
* update button api to accept icons

* use template outlet in button

* add link component

* create link component to handle anchors and buttons

* remove unnecessary let variables

* fix link focus state styling

* update link underline style

* fix broken skip link focus

* add focus method to link component

* fix typo

* fix off center loading state

* move flex styles to template to fix some minor style overrides

* remove unnecessary variables

* fix interaction states and add styles for test class to work properly

* refactor classes and make variable sreadonly

* fix classes not being applied correctly

* fix bad merge conflict resolution

* simplified button template
2026-02-04 14:20:44 -05:00
Jordan Aasen
2876ef15ae
[PM-31606] - Clone should not be an option for archived item for non-premium user (#18726)
* do not allow cloning of archived items for non-premium users

* add tests
2026-02-04 09:31:23 -08:00
Jonathan Prusik
b044427f41
[PM-31281] Add teardown of listeners/observers (#18593)
* add teardown of listeners/observers

* add tests
2026-02-04 11:12:25 -05:00
Mike Amirault
51a99fecd8 [PM-31429] Add missing helper text for password protected Sends, remove unused one (#18694)
* [PM-31429] Add missing helper text for password protected Sends, remove unused one

* Put one UI change behind feature flag, add back required translations

* Reorder translation

* Add spaces

* Come full circle, remove last couple of committed changes
2026-02-03 15:18:23 -05:00
Daniel Riera
557d417ed1
- Clear pending auth requests for both HTTP and HTTPS (#18661)
- Add null-safe checks before returning auth credentials
- Align callback typing and optional arguments
2026-02-03 14:10:05 -06:00
Jonathan Prusik
fe0d7df538
when only password and new password fields have values and do not match any vault ciphers, trigger a new cipher notification (#18729) 2026-02-03 11:05:02 -05:00
tbmc
8fb84a4670
Fix layout of download Bitwarden link in settings popup (#18309)
Co-authored-by: John Harrington <84741727+harr1424@users.noreply.github.com>
2026-02-03 09:01:10 -07:00
Jonathan Prusik
5a397fb44e
[PM-29236] Refactor of post-submit notification triggering logic (#18395)
* refactor triggerChangedPasswordNotification logic

* improve triggerChangedPasswordNotification and test coverage to handle scenarios more comprehensively

* restore triggerChangedPasswordNotification logic and move new logic and testing to triggerCipherNotification

* add branching qualification logic for cipher notifications

* add and implement undetermined-cipher-scenario-logic feature flag

* add optional chaining to username comparison of existing login ciphers

* cleanup

* update tests

* prefer explicit length comparisons
2026-02-02 15:01:24 -05:00
Jordan Aasen
5d17d9ee71
Revert "[PM-26703]- Browser - Update autofill Behavior (#18467)" (#18723)
This reverts commit 7b583aa0ec.
2026-02-02 09:37:02 -08:00
Jackson Engstrom
a1bf6afad6
[PM-21564] Hide buttons when user has View access to an item
* Changes attachment modal to remove choose file button and changes upload button to close button if the user doesn't have edit rights to the cipher.
2026-01-30 14:01:10 -08:00
bw-ghapp[bot]
122203f589
Autosync the updated translations (#18671)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2026-01-30 15:58:19 +00:00
bw-ghapp[bot]
092a5a159f
Autosync the updated translations (#18666)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2026-01-30 15:30:36 +01:00
Andy Pixley
c3c6346f06
[BRE-1527] Renewing Apple app certs (#18668) 2026-01-30 10:14:22 +01:00
Ben Brooks
3ca35e19dc
[PM-28613] Hardcode min-height to fix vertical squish (#18461)
* [pm-28613] Hardcode min-height
* [pm-28613] Hardcode icon max-height for Safari
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
2026-01-29 12:56:34 -08:00
Daniel Riera
ac907b9044
[PM-29522] Remove @ts-strict-ignore in background/auto-submit-login.background.ts (#18333)
* add explicit checks and change remove listener to any in order to match add listener and chrome api

* address feedback

* when requestInitiator is falsy but active auto submit exists, cleanup should still occur

* add documentation to remove listener
2026-01-29 11:52:26 -06:00
Jordan Aasen
7b0957ab5e
[PM-29262] - improve performance of premium spotlight observable (#18490)
* improve performance of premium spotlight observable

* re-add comment

* fix test. remove unused service
2026-01-29 09:33:08 -08:00
Nick Krantz
544dcc6757
remove unarchive button when a cipher is deleted (#18575) 2026-01-29 09:58:57 -06:00
Nick Krantz
b51d3bf9da
[PM-29271] Add referrer checking for vault messages (#18346)
* update message from vault handling to check against accounts or message sender

* update valid vault referrer logic to check all configured environments
2026-01-29 09:58:31 -06:00
Maciej Zieniuk
96ce13760b
[PM-30307] Session key retrieval redesign for the local backed session storage (#18493)
* session key retrieval redesign for the local backed session storage

* typo

* incorrect substring

* get cache edge cases incorrectly handling to null values after removal

* test coverage

* internal `SessionKeyResolveService`
2026-01-29 16:14:41 +01:00
John Harrington
0740c037a6
[PM-30922] Client changes to encrypt send access email list (#18486) 2026-01-28 14:31:48 -07:00
Alex
3a232c9296
[PM-31348] phish cleanup - Address code review feedback from PR #18561 (Cursor-based phishing URL search) (#18638) 2026-01-28 16:16:06 -05:00
Addison Beck
fa5f62e1bd
Revert "[PM-26821] Improve macOS fullscreen ux (#16838)" (#18606)
This reverts commit 05ca57d538.
2026-01-28 21:00:56 +00:00
Jeffrey Holland
3632afd26e
Remove ts-strict-ignore from fido2 page (#18146)
* Remove `ts-strict-ignore` from fido2 page

* Update typing issue

* Fix AssertCredentialResult type issue

* Remove non null assertions and add type guard

* Addresses topWindow non null assertion

* remove redundant check and remove ts strict from messenger

---------

Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
Co-authored-by: Daniel Riera <driera@livefront.com>
2026-01-28 18:48:58 +00:00
Will Martin
5dc49f21d2
[CL-82] rename bit-icon to bit-svg; create new bit-icon component for font icons (#18584)
* rename bit-icon to bit-svg; create new bit-icon for font icons

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* find and replace current usage

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* add custom eslint warning

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix incorrect usage

* fix tests

* fix tests

* Update libs/components/src/svg/index.ts

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>

* Update libs/eslint/components/no-bwi-class-usage.spec.mjs

Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>

* update component api

* update class name

* use icon type in iconButton component

* update type Icon --> BitSvg

* fix bad renames

* fix more renames

* fix bad input

* revert iconButton type

* fix lint

* fix more inputs

* misc fixes

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>

* fix test

* add eslint ignore

* fix lint

* add comparison story

---------

Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
2026-01-28 11:36:27 -05:00
bmbitwarden
0138abf373
PM-29919 email verification on sends (#18260)
* PM-29919 email verification on sends

* PM-29919 resolved build issue

* PM-29919 refined who can view fields

* PM-29919 resolved lint issues

* PM-29919 resolved lint issues

* PM-29919 resolved unit tests

* PM-29919 resolved lint issues

* PM-29919 resolved unit test issue

* PM-29919 resolved pr comments

* PM-29919 resolved pr comments

* PM-29919 resolved unneeded label

* PM-29919 refactored to hide instead of disable

* PM-29919 resolved pr comments

* PM-29919 resolved no auth string in PM-31200

* PM-29919 resolved bugs
2026-01-28 09:39:37 -05:00
Todd Martin
a04566ae11
chore(flags): [PM-31326] Rename ipc-channel-framework feature flag
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
* Rename feature flag

* Not sure what happened here.  Renaming the class.
2026-01-28 08:25:10 -05:00
Jordan Aasen
7b583aa0ec
[PM-26703]- Browser - Update autofill Behavior (#18467)
* apply changes to autofill

* fix tests

* fix and simplify logic
2026-01-27 12:41:33 -08:00
Dave
c82ac0f574
feat(account-switching) [PM-5594]: Enabling account switching causes performance issues on safari (#18339)
* refactor(account-switching) [PM-5594]: Move account switching enabled flag to AccountSwitcherService to accommodate server-side feature flag.

* test(account-switching) [PM-5594]: Update tests to include ConfigService dependency for feature flag.

* refactor(account-switching) [PM-5594]: Remove compile-time account switching flags from browser.

* refactor(account-switching) [PM-5594]: Move initialization to ctor for strict.
2026-01-27 14:27:13 -05:00
Jeffrey Holland
00cf24972d
[PM-28079] Add attributes to filter for the mutationObserver (#17832)
* [PM-28079] Add attributes to filter for the mutationObserver

* Update attributes based on Claude suggestions

* Updated remaining attributes

* Adjust placeholder check in `updateAutofillFieldElementData`

* Update ordering of constants and add comment

* Remove `tagName` and `value` from mutation logic

* Add new autocomplete and aria attributes to `updateActions`

* Fix autocomplete handlers

* Fix broken test for `updateAttributes`

* Order attributes for readability in `updateActions`

* Fix tests

---------

Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
2026-01-27 11:28:02 -05:00
Maciej Zieniuk
9454189df5
[PM-27283] [BEEEP] Reactive availableVaultTimeoutActions$ in vault timeout settings (#17731)
* reactive `availableVaultTimeoutActions$` in vault timeout settings

* cleanup

* deprecation docs

* explicitly provided user id

* clearer mocking

* better docs
2026-01-27 10:28:13 +00:00
Leslie Tilton
60c28dd182
[PM-31203] Change Phishing Url Check to use a Cursor Based Search (#18561)
* Initial changes to look at phishing indexeddb service and removal of obsolete compression code

* Convert background update to rxjs format and trigger via subject. Update test cases

* Added addUrls function to use instead of saveUrls so appending daily does not clear all urls

* Added debug logs to phishing-indexeddb service

* Added a fallback url when downloading phishing url list

* Remove obsolete comments

* Fix testUrl default, false scenario and test cases

* Add default return on isPhishingWebAddress

* Added log statement

* Change hostname to href in hasUrl check

* Save fallback response

* Fix matching subpaths in links. Update test cases

* Fix meta data updates storing last checked instead of last updated

* Update QA phishing url to be normalized

* Filter web addresses

* Return previous meta to keep subscription alive

* Change indexeddb lookup from loading all to cursor search

* fix(phishing): improve performance and fix URL matching in phishing detection

Problem:
The cursor-based search takes ~25 seconds to scan the entire phishing database.
For non-phishing URLs (99% of cases), this full scan runs to completion every time.

Before these fixes, opening a new tab triggered this sequence:
1. chrome://newtab/ fires a phishing check
2. Sequential concatMap blocks while cursor scans all 500k+ URLs (~25 sec)
3. User pastes actual URL and hits enter
4. That URL's check waits in queue behind the chrome:// check
5. Total delay: ~50+ seconds for a simple "open tab, paste link" workflow

Even for legitimate phishing checks, the cursor search could take up to 25 seconds
per URL when the fast hasUrl lookup misses due to trailing slash mismatches.

Changes:

phishing-data.service.ts:
- Add protocol filter to early-return for non-http(s) URLs, avoiding
  expensive IndexedDB operations for chrome://, about:, file:// URLs
- Add trailing slash normalization for hasUrl lookup - browsers add
  trailing slashes but DB entries may not have them, causing O(1) lookups
  to miss and fall back to O(n) cursor search unnecessarily
- Add debug logging for hasUrl checks and timing metrics for cursor-based
  search to aid performance debugging

phishing-detection.service.ts:
- Replace concatMap with mergeMap for parallel tab processing - each tab
  check now runs independently instead of sequentially
- Add concurrency limit of 5 to prevent overwhelming IndexedDB while still
  allowing parallel execution

Result:
- New tabs are instant (no IndexedDB calls for non-web URLs)
- One slow phishing check doesn't block other tabs
- Common URL patterns hit the fast O(1) path instead of O(n) cursor scan

* performance debug logs

* disable custom match because too slow

* spec fix

---------

Co-authored-by: Alex <adewitt@bitwarden.com>
2026-01-26 17:05:42 -06:00
Nick Krantz
ad577860be
[PM-28060] Remove Skeleton Feature Flag (#18456)
* remove skeleton ff

* remove unneeded templates
2026-01-26 14:01:53 -06:00
Jordan Aasen
5e8801f7ff
[PM-29244] - don't use filename for download attachment label (#18444)
* don't use filename for download attachment label

* fix scroll position in browser vault

* Revert "fix scroll position in browser vault"

This reverts commit 8e415f2c89.

* fix test
2026-01-26 12:00:03 -08:00
Nik Gilmore
06c8c7316d
[PM-30301][PM-30302] Use SDK for Create and Update cipher operations (#18149)
* Migrate create and edit operations to use SDK for ciphers

* WIP: Adds admin call to edit ciphers with SDK

* Add client version to SDK intialization settings

* Remove console.log statements

* Adds originalCipherId and collectionIds to updateCipher

* Update tests for new cipehrService interfaces

* Rename SdkCipherOperations feature flag

* Add call to Admin edit SDK if flag is passed

* Add tests for SDK path

* Revert changes to .npmrc

* Remove outdated comments

* Fix feature flag name

* Fix UUID format in cipher.service.spec.ts

* Update calls to cipherService.updateWithServer and .createWithServer to new interface

* Update CLI and Desktop to use new cipherSErvice interfaces

* Fix tests for new cipherService interface change

* Bump sdk-internal and commercial-sdk-internal versions to 0.2.0-main.439

* Fix linting errors

* Fix typescript errors impacted by this chnage

* Fix caching issue on browser extension when using SDK cipher ops.

* Remove commented code

* Fix bug causing race condition due to not consuming / awaiting observable.

* Add missing 'await' to decrypt call

* Clean up unnecessary else statements and fix function naming

* Add comments for this.clearCache

* Add tests for SDK CipherView conversion functions

* Replace sdkservice with cipher-sdk.service

* Fix import issues in browser

* Fix import issues in cli

* Fix type issues

* Fix type issues

* Fix type issues

* Fix test that fails sporadically due to timing issue
2026-01-26 11:43:35 -08:00