mirror of
https://github.com/bitwarden/clients.git
synced 2026-06-04 21:04:29 +08:00
Bitwarden client apps (web, browser extension, desktop, and cli).
bitwarden.com
06629dc3b8
Some checks failed
Testing / Run typechecking (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-browser junit:junit-browser.xml name:Browser paths:apps/browser bitwarden_license/bit-browser]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-cli junit:junit-cli.xml name:CLI paths:apps/cli bitwarden_license/bit-cli]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-desktop junit:junit-desktop.xml name:Desktop paths:apps/desktop]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-libs junit:junit-libs.xml name:Libs paths:libs bitwarden_license/bit-common]) (push) Has been cancelled
Testing / Run tests - ${{ matrix.test-group.name }} (map[artifact:jest-coverage-web junit:junit-web.xml name:Web paths:apps/web bitwarden_license/bit-web]) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
* pass addedElements to checkForNewShadowRoots
* Fix checkForNewShadowRoots latch and nested-shadow traversal
Two bugs in checkForNewShadowRoots, addressed together because they share
the function and the test surface:
1. pageContainsShadowDom resolved at init() and never re-evaluated. On
sites that attach shadow DOM after init (e.g., hbomax.com — SPAs that
boot their custom-element renderers post-LOAD), the short-circuit
blocked all detection for the rest of the session.
2. The narrow scan used el.querySelectorAll("*"), which does not pierce
shadow boundaries. A shadow host nested inside another shadow root was
invisible to the scan even when the latch was on.
Changes:
- Narrow the latch short-circuit: fires only when both
pageContainsShadowDom is false AND addedElements is empty.
- markShadowDomPresent: a named, one-way sticky-ratchet transition that
flips the latch when the narrow scan finds a root post-init.
- scanForNewShadowRootInSubtree: a depth-bounded recursive helper that
pierces nested shadow boundaries (MAX_DEEP_QUERY_RECURSION_DEPTH = 4).
- pendingMutationAddedElements: now Set<Element>; isConnected filter at
the debounced flush skips dead trees.
* Ancestor suppression and set management.
* Swap MutationRecord[][] for el->set<attr>; swap-on-drain, clear maps, clear shadow-root candidate on overflow and expose stats.
* Short-circuit checkMutationsInShadowRoots when pageContainsShadowDom is false
* Narrow requirePageDetailsUpdate to flag-only; schedule in debounce wrapper
* Collapse observedShadowRoots WeakSet into knownShadowRoots Set
* Gate new-shadow-root detection on addedNodes.length > 0
* Reap detached shadow roots from knownShadowRoots in the drain
* Instrument observer hot paths with stopwatch and fieldsReaped counter
* Remove autofill observer instrumentation.
* Reap unconditionally since shadow hosts may obscure mutated nodes.
* De-abbreviate; reap->purge; explanatory comment on cap.
* Revert "Reap unconditionally since shadow hosts may obscure mutated nodes."
This reverts commit
|
||
|---|---|---|
| .checkmarx | ||
| .claude | ||
| .codescene | ||
| .devcontainer | ||
| .github | ||
| .husky | ||
| .storybook | ||
| .vscode | ||
| apps | ||
| bitwarden_license | ||
| docs | ||
| libs | ||
| scripts | ||
| .browserslistrc | ||
| .editorconfig | ||
| .git-blame-ignore-revs | ||
| .gitattributes | ||
| .gitignore | ||
| .npmrc | ||
| .nvmrc | ||
| .nxignore | ||
| .prettierignore | ||
| .prettierrc.json | ||
| angular.json | ||
| babel.config.json | ||
| clients.code-workspace | ||
| CONTRIBUTING.md | ||
| eslint.config.mjs | ||
| jest.config.js | ||
| jest.preset.js | ||
| LICENSE_BITWARDEN.txt | ||
| LICENSE_GPL.txt | ||
| LICENSE.txt | ||
| lint-staged.config.mjs | ||
| nx.json | ||
| package-lock.json | ||
| package.json | ||
| README.md | ||
| SECURITY.md | ||
| tailwind.config.js | ||
| tsconfig.base.json | ||
| tsconfig.eslint.json | ||
| tsconfig.json | ||
Bitwarden Client Applications
This repository houses all Bitwarden client applications except the mobile applications (iOS | android).
Please refer to the Clients section of the Contributing Documentation for build instructions, recommended tooling, code style tips, and lots of other great information to get you started.
Related projects:
- bitwarden/server: The core infrastructure backend (API, database, Docker, etc).
- bitwarden/ios: Bitwarden iOS Password Manager & Authenticator apps.
- bitwarden/android: Bitwarden Android Password Manager & Authenticator apps.
- bitwarden/directory-connector: A tool for syncing a directory (AD, LDAP, Azure, G Suite, Okta) to an organization.
We're Hiring!
Interested in contributing in a big way? Consider joining our team! We're hiring for many positions. Please take a look at our Careers page to see what opportunities are currently open as well as what it's like to work at Bitwarden.
Contribute
Code contributions are welcome! Please commit any pull requests against the main branch. Learn more about how to contribute by reading the Contributing Guidelines. Check out the Contributing Documentation for how to get started with your first contribution.
Security audits and feedback are welcome. Please open an issue or email us privately if the report is sensitive in nature. You can read our security policy in the SECURITY.md file.