From e8b0803c97ee862e0e95ca6f7b9361935fb68947 Mon Sep 17 00:00:00 2001
From: SmithThe4th <gsmith@bitwarden.com>
Date: Tue, 20 Jan 2026 09:43:29 -0500
Subject: [PATCH 1/7] Set error cannot decrypt when collection name cannot be
 decrypted (#18443)

---
 .../models/collections/collection-admin.view.ts          | 2 +-
 .../admin-console/models/collections/collection.view.ts  | 9 ++++++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/libs/common/src/admin-console/models/collections/collection-admin.view.ts b/libs/common/src/admin-console/models/collections/collection-admin.view.ts
index 65486136922..5ae901d5089 100644
--- a/libs/common/src/admin-console/models/collections/collection-admin.view.ts
+++ b/libs/common/src/admin-console/models/collections/collection-admin.view.ts
@@ -121,13 +121,13 @@ export class CollectionAdminView extends CollectionView {
     try {
       view.name = await encryptService.decryptString(new EncString(view.name), orgKey);
     } catch (e) {
+      view.name = "[error: cannot decrypt]";
       // Note: This should be replaced by the owning team with appropriate, domain-specific behavior.
       // eslint-disable-next-line no-console
       console.error(
         "[CollectionAdminView/fromCollectionAccessDetails] Error decrypting collection name",
         e,
       );
-      throw e;
     }
     view.assigned = collection.assigned;
     view.readOnly = collection.readOnly;
diff --git a/libs/common/src/admin-console/models/collections/collection.view.ts b/libs/common/src/admin-console/models/collections/collection.view.ts
index 2991e8bb171..eabd4dc7b36 100644
--- a/libs/common/src/admin-console/models/collections/collection.view.ts
+++ b/libs/common/src/admin-console/models/collections/collection.view.ts
@@ -126,7 +126,14 @@ export class CollectionView implements View, ITreeNodeObject {
   ): Promise<CollectionView> {
     const view = new CollectionView({ ...collection, name: "" });
 
-    view.name = await encryptService.decryptString(collection.name, key);
+    try {
+      view.name = await encryptService.decryptString(collection.name, key);
+    } catch (e) {
+      view.name = "[error: cannot decrypt]";
+      // eslint-disable-next-line no-console
+      console.error("[CollectionView] Error decrypting collection name", e);
+    }
+
     view.assigned = true;
     view.externalId = collection.externalId;
     view.readOnly = collection.readOnly;

From 1226de16bce22d563139cf75eedc6e378cfce771 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 20 Jan 2026 08:58:03 -0700
Subject: [PATCH 2/7] [deps]: Update Rust crate serial_test to v3.3.1 (#18435)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: neuronull <9162534+neuronull@users.noreply.github.com>
---
 apps/desktop/desktop_native/Cargo.lock          | 11 ++++++-----
 apps/desktop/desktop_native/autotype/Cargo.toml |  2 +-
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/apps/desktop/desktop_native/Cargo.lock b/apps/desktop/desktop_native/Cargo.lock
index b75275107eb..3e5225d4b5a 100644
--- a/apps/desktop/desktop_native/Cargo.lock
+++ b/apps/desktop/desktop_native/Cargo.lock
@@ -2913,11 +2913,12 @@ dependencies = [
 
 [[package]]
 name = "serial_test"
-version = "3.2.0"
+version = "3.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1b258109f244e1d6891bf1053a55d63a5cd4f8f4c30cf9a1280989f80e7a1fa9"
+checksum = "0d0b343e184fc3b7bb44dff0705fffcf4b3756ba6aff420dddd8b24ca145e555"
 dependencies = [
- "futures",
+ "futures-executor",
+ "futures-util",
  "log",
  "once_cell",
  "parking_lot",
@@ -2927,9 +2928,9 @@ dependencies = [
 
 [[package]]
 name = "serial_test_derive"
-version = "3.2.0"
+version = "3.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5d69265a08751de7844521fd15003ae0a888e035773ba05695c5c759a6f89eef"
+checksum = "6f50427f258fb77356e4cd4aa0e87e2bd2c66dbcee41dc405282cae2bfc26c83"
 dependencies = [
  "proc-macro2",
  "quote",
diff --git a/apps/desktop/desktop_native/autotype/Cargo.toml b/apps/desktop/desktop_native/autotype/Cargo.toml
index b0f78ca2f20..a9c826af57d 100644
--- a/apps/desktop/desktop_native/autotype/Cargo.toml
+++ b/apps/desktop/desktop_native/autotype/Cargo.toml
@@ -8,7 +8,7 @@ publish.workspace = true
 [target.'cfg(windows)'.dependencies]
 itertools.workspace = true
 mockall = "=0.14.0"
-serial_test = "=3.2.0"
+serial_test = "=3.3.1"
 tracing.workspace = true
 windows = { workspace = true, features = [
     "Win32_UI_Input_KeyboardAndMouse",

From cb162c12dcf37189f715d93d8ed7752f87a56dac Mon Sep 17 00:00:00 2001
From: Jason Ng <jng@bitwarden.com>
Date: Tue, 20 Jan 2026 10:58:12 -0500
Subject: [PATCH 3/7] [PM-30794] Desktop Archive Filter Remove Truncate
 (#18405)

---
 .../vault/vault-filter/filters/status-filter.component.html   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/apps/desktop/src/vault/app/vault/vault-filter/filters/status-filter.component.html b/apps/desktop/src/vault/app/vault/vault-filter/filters/status-filter.component.html
index 8b064778444..80beae8407d 100644
--- a/apps/desktop/src/vault/app/vault/vault-filter/filters/status-filter.component.html
+++ b/apps/desktop/src/vault/app/vault/vault-filter/filters/status-filter.component.html
@@ -30,14 +30,14 @@
       </span>
     </li>
     <li
-      class="filter-option tw-flex tw-items-center tw-gap-2 [&>span]:tw-w-min"
+      class="filter-option tw-flex tw-items-center tw-gap-2 [&>span]:tw-w-fit"
       [ngClass]="{ active: activeFilter.status === 'archive' }"
       *ngIf="!hideArchive"
     >
       <span class="filter-buttons">
         <button
           type="button"
-          class="filter-button"
+          class="filter-button !tw-max-w-none"
           (click)="handleArchiveFilter($event)"
           [attr.aria-pressed]="activeFilter.status === 'archive'"
         >

From 7de4119d7d8ea961003df7faa801a6320e921833 Mon Sep 17 00:00:00 2001
From: Jordan Aasen <166539328+jaasen-livefront@users.noreply.github.com>
Date: Tue, 20 Jan 2026 10:12:53 -0800
Subject: [PATCH 4/7] add prefillNameAndUriFromTab to new login button (#18305)

---
 .../popup/components/vault-v2/vault-v2.component.html     | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.html b/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.html
index 6382b5fee0e..34454371f21 100644
--- a/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.html
+++ b/apps/browser/src/vault/popup/components/vault-v2/vault-v2.component.html
@@ -20,7 +20,13 @@
             {{ "emptyVaultDescription" | i18n }}
           </p>
         </ng-container>
-        <a slot="button" bitButton buttonType="secondary" [routerLink]="['/add-cipher']">
+        <a
+          slot="button"
+          bitButton
+          buttonType="secondary"
+          [routerLink]="['/add-cipher']"
+          [queryParams]="{ prefillNameAndURIFromTab: true }"
+        >
           {{ "newLogin" | i18n }}
         </a>
       </bit-no-items>

From ccb59c6544ea441f62cd21800882010a5cbbbc4c Mon Sep 17 00:00:00 2001
From: Jordan Aasen <166539328+jaasen-livefront@users.noreply.github.com>
Date: Tue, 20 Jan 2026 10:14:09 -0800
Subject: [PATCH 5/7] [PM-30742] - do not show archive button in AC (#18345)

* do not show archive button in AC

* do not show archive button in AC
---
 .../vault-item-dialog/vault-item-dialog.component.html   | 2 +-
 .../vault-item-dialog.component.spec.ts                  | 9 +++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.html b/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.html
index 640febf41d2..e4030a7ab18 100644
--- a/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.html
+++ b/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.html
@@ -86,7 +86,7 @@
 
     @if (showActionButtons) {
       <div class="tw-ml-auto">
-        @if (userCanArchive$ | async) {
+        @if ((userCanArchive$ | async) && !params.isAdminConsoleAction) {
           @if (isCipherArchived) {
             <button
               type="button"
diff --git a/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.spec.ts b/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.spec.ts
index 1f430fea72e..63b5071d1f5 100644
--- a/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.spec.ts
+++ b/apps/web/src/app/vault/components/vault-item-dialog/vault-item-dialog.component.spec.ts
@@ -249,6 +249,15 @@ describe("VaultItemDialogComponent", () => {
   });
 
   describe("archive button", () => {
+    it("should not show archive button in admin console", () => {
+      (component as any).userCanArchive$ = of(true);
+      component.setTestCipher({ canBeArchived: true });
+      component.setTestParams({ mode: "form", isAdminConsoleAction: true });
+      fixture.detectChanges();
+      const archiveButton = fixture.debugElement.query(By.css("[biticonbutton='bwi-archive']"));
+      expect(archiveButton).toBeFalsy();
+    });
+
     it("should show archive button when the user can archive the item and the item can be archived", () => {
       component.setTestCipher({ canBeArchived: true });
       (component as any).userCanArchive$ = of(true);

From a005921c40ec6f90b4e8fa87b5d0777dfd84c3c2 Mon Sep 17 00:00:00 2001
From: Robyn MacCallum <robyntmaccallum@gmail.com>
Date: Tue, 20 Jan 2026 14:35:32 -0500
Subject: [PATCH 6/7] Fix DDG Native Messaging Test Runner Errors (#18355)

* Fix TS errors

* sdk loader mock

* Downgrade packages to be CommonJS-compatible

* Fix formattinmg

* Move logs to service

* package lock fixes
---
 .../package-lock.json                         | 240 ++++++++++--------
 .../native-messaging-test-runner/package.json |  12 +-
 .../src/commands/bw-credential-create.ts      |  10 +-
 .../src/commands/bw-credential-retrieval.ts   |   5 +
 .../src/commands/bw-credential-update.ts      |  10 +-
 .../src/commands/bw-generate-password.ts      |   5 +
 .../src/commands/bw-handshake.ts              |   5 +
 .../src/commands/bw-status.ts                 |   5 +
 .../src/deferred.ts                           |   4 +-
 .../src/ipc.service.ts                        |   2 +-
 .../native-messaging-test-runner/src/race.ts  |   8 +-
 .../src/sdk-load.service.ts                   |  22 ++
 .../tsconfig.json                             |  12 +-
 13 files changed, 218 insertions(+), 122 deletions(-)
 create mode 100644 apps/desktop/native-messaging-test-runner/src/sdk-load.service.ts

diff --git a/apps/desktop/native-messaging-test-runner/package-lock.json b/apps/desktop/native-messaging-test-runner/package-lock.json
index 9e3b6ba23e0..f3650b3aaf6 100644
--- a/apps/desktop/native-messaging-test-runner/package-lock.json
+++ b/apps/desktop/native-messaging-test-runner/package-lock.json
@@ -15,8 +15,8 @@
         "@bitwarden/storage-core": "file:../../../libs/storage-core",
         "module-alias": "2.2.3",
         "ts-node": "10.9.2",
-        "uuid": "13.0.0",
-        "yargs": "18.0.0"
+        "uuid": "9.0.1",
+        "yargs": "17.7.2"
       },
       "devDependencies": {
         "@types/node": "22.19.3",
@@ -121,7 +121,6 @@
       "resolved": "https://registry.npmjs.org/@types/node/-/node-22.19.3.tgz",
       "integrity": "sha512-1N9SBnWYOJTrNZCdh/yJE+t910Y128BoyY+zBLWhL3r0TYzlTmFdXrPwHL9DyFZmlEXNQQolTZh3KHV31QDhyA==",
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "undici-types": "~6.21.0"
       }
@@ -150,30 +149,6 @@
         "node": ">=0.4.0"
       }
     },
-    "node_modules/ansi-regex": {
-      "version": "6.1.0",
-      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.1.0.tgz",
-      "integrity": "sha512-7HSX4QQb4CspciLpVFwyRe79O3xsIZDDLER21kERQ71oaPodF8jL725AgJMFAYbooIqolJoRLuM81SpeUkpkvA==",
-      "license": "MIT",
-      "engines": {
-        "node": ">=12"
-      },
-      "funding": {
-        "url": "https://github.com/chalk/ansi-regex?sponsor=1"
-      }
-    },
-    "node_modules/ansi-styles": {
-      "version": "6.2.1",
-      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz",
-      "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug==",
-      "license": "MIT",
-      "engines": {
-        "node": ">=12"
-      },
-      "funding": {
-        "url": "https://github.com/chalk/ansi-styles?sponsor=1"
-      }
-    },
     "node_modules/arg": {
       "version": "4.1.3",
       "resolved": "https://registry.npmjs.org/arg/-/arg-4.1.3.tgz",
@@ -181,19 +156,83 @@
       "license": "MIT"
     },
     "node_modules/cliui": {
-      "version": "9.0.1",
-      "resolved": "https://registry.npmjs.org/cliui/-/cliui-9.0.1.tgz",
-      "integrity": "sha512-k7ndgKhwoQveBL+/1tqGJYNz097I7WOvwbmmU2AR5+magtbjPWQTS1C5vzGkBC8Ym8UWRzfKUzUUqFLypY4Q+w==",
-      "license": "ISC",
+      "version": "8.0.1",
+      "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz",
+      "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==",
       "dependencies": {
-        "string-width": "^7.2.0",
-        "strip-ansi": "^7.1.0",
-        "wrap-ansi": "^9.0.0"
+        "string-width": "^4.2.0",
+        "strip-ansi": "^6.0.1",
+        "wrap-ansi": "^7.0.0"
       },
       "engines": {
-        "node": ">=20"
+        "node": ">=12"
       }
     },
+    "node_modules/cliui/node_modules/ansi-regex": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz",
+      "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/cliui/node_modules/ansi-styles": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
+      "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
+      "dependencies": {
+        "color-convert": "^2.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/ansi-styles?sponsor=1"
+      }
+    },
+    "node_modules/cliui/node_modules/strip-ansi": {
+      "version": "6.0.1",
+      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
+      "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
+      "dependencies": {
+        "ansi-regex": "^5.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/cliui/node_modules/wrap-ansi": {
+      "version": "7.0.0",
+      "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz",
+      "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==",
+      "dependencies": {
+        "ansi-styles": "^4.0.0",
+        "string-width": "^4.1.0",
+        "strip-ansi": "^6.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/chalk/wrap-ansi?sponsor=1"
+      }
+    },
+    "node_modules/color-convert": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
+      "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
+      "dependencies": {
+        "color-name": "~1.1.4"
+      },
+      "engines": {
+        "node": ">=7.0.0"
+      }
+    },
+    "node_modules/color-name": {
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
+      "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="
+    },
     "node_modules/create-require": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/create-require/-/create-require-1.1.1.tgz",
@@ -209,12 +248,6 @@
         "node": ">=0.3.1"
       }
     },
-    "node_modules/emoji-regex": {
-      "version": "10.4.0",
-      "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-10.4.0.tgz",
-      "integrity": "sha512-EC+0oUMY1Rqm4O6LLrgjtYDvcVYTy7chDnM4Q7030tP4Kwj3u/pR6gP9ygnp2CJMK5Gq+9Q2oqmrFJAz01DXjw==",
-      "license": "MIT"
-    },
     "node_modules/escalade": {
       "version": "3.2.0",
       "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz",
@@ -233,16 +266,12 @@
         "node": "6.* || 8.* || >= 10.*"
       }
     },
-    "node_modules/get-east-asian-width": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/get-east-asian-width/-/get-east-asian-width-1.3.0.tgz",
-      "integrity": "sha512-vpeMIQKxczTD/0s2CdEWHcb0eeJe6TFjxb+J5xgX7hScxqrGuyjmv4c1D4A/gelKfyox0gJJwIHF+fLjeaM8kQ==",
-      "license": "MIT",
+    "node_modules/is-fullwidth-code-point": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz",
+      "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg==",
       "engines": {
-        "node": ">=18"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/sindresorhus"
+        "node": ">=8"
       }
     },
     "node_modules/make-error": {
@@ -257,36 +286,49 @@
       "integrity": "sha512-23g5BFj4zdQL/b6tor7Ji+QY4pEfNH784BMslY9Qb0UnJWRAt+lQGLYmRaM0KDBwIG23ffEBELhZDP2rhi9f/Q==",
       "license": "MIT"
     },
-    "node_modules/string-width": {
-      "version": "7.2.0",
-      "resolved": "https://registry.npmjs.org/string-width/-/string-width-7.2.0.tgz",
-      "integrity": "sha512-tsaTIkKW9b4N+AEj+SVA+WhJzV7/zMhcSu78mLKWSk7cXMOSHsBKFWUs0fWwq8QyK3MgJBQRX6Gbi4kYbdvGkQ==",
-      "license": "MIT",
-      "dependencies": {
-        "emoji-regex": "^10.3.0",
-        "get-east-asian-width": "^1.0.0",
-        "strip-ansi": "^7.1.0"
-      },
+    "node_modules/require-directory": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz",
+      "integrity": "sha512-fGxEI7+wsG9xrvdjsrlmL22OMTTiHRwAMroiEeMgq8gzoLC/PQr7RsRDSTLUg/bZAZtF+TVIkHc6/4RIKrui+Q==",
       "engines": {
-        "node": ">=18"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/sindresorhus"
+        "node": ">=0.10.0"
       }
     },
-    "node_modules/strip-ansi": {
-      "version": "7.1.0",
-      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz",
-      "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==",
-      "license": "MIT",
+    "node_modules/string-width": {
+      "version": "4.2.3",
+      "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz",
+      "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==",
       "dependencies": {
-        "ansi-regex": "^6.0.1"
+        "emoji-regex": "^8.0.0",
+        "is-fullwidth-code-point": "^3.0.0",
+        "strip-ansi": "^6.0.1"
       },
       "engines": {
-        "node": ">=12"
+        "node": ">=8"
+      }
+    },
+    "node_modules/string-width/node_modules/ansi-regex": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz",
+      "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ==",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/string-width/node_modules/emoji-regex": {
+      "version": "8.0.0",
+      "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
+      "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A=="
+    },
+    "node_modules/string-width/node_modules/strip-ansi": {
+      "version": "6.0.1",
+      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
+      "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
+      "dependencies": {
+        "ansi-regex": "^5.0.1"
       },
-      "funding": {
-        "url": "https://github.com/chalk/strip-ansi?sponsor=1"
+      "engines": {
+        "node": ">=8"
       }
     },
     "node_modules/ts-node": {
@@ -337,7 +379,6 @@
       "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.4.2.tgz",
       "integrity": "sha512-+2/g0Fds1ERlP6JsakQQDXjZdZMM+rqpamFZJEKh4kwTIn3iDkgKtby0CeNd5ATNZ4Ry1ax15TMx0W2V+miizQ==",
       "license": "Apache-2.0",
-      "peer": true,
       "bin": {
         "tsc": "bin/tsc",
         "tsserver": "bin/tsserver"
@@ -353,16 +394,15 @@
       "license": "MIT"
     },
     "node_modules/uuid": {
-      "version": "13.0.0",
-      "resolved": "https://registry.npmjs.org/uuid/-/uuid-13.0.0.tgz",
-      "integrity": "sha512-XQegIaBTVUjSHliKqcnFqYypAd4S+WCYt5NIeRs6w/UAry7z8Y9j5ZwRRL4kzq9U3sD6v+85er9FvkEaBpji2w==",
+      "version": "9.0.1",
+      "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz",
+      "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==",
       "funding": [
         "https://github.com/sponsors/broofa",
         "https://github.com/sponsors/ctavan"
       ],
-      "license": "MIT",
       "bin": {
-        "uuid": "dist-node/bin/uuid"
+        "uuid": "dist/bin/uuid"
       }
     },
     "node_modules/v8-compile-cache-lib": {
@@ -371,23 +411,6 @@
       "integrity": "sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==",
       "license": "MIT"
     },
-    "node_modules/wrap-ansi": {
-      "version": "9.0.0",
-      "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-9.0.0.tgz",
-      "integrity": "sha512-G8ura3S+3Z2G+mkgNRq8dqaFZAuxfsxpBB8OCTGRTCtp+l/v9nbFNmCUP1BZMts3G1142MsZfn6eeUKrr4PD1Q==",
-      "license": "MIT",
-      "dependencies": {
-        "ansi-styles": "^6.2.1",
-        "string-width": "^7.0.0",
-        "strip-ansi": "^7.1.0"
-      },
-      "engines": {
-        "node": ">=18"
-      },
-      "funding": {
-        "url": "https://github.com/chalk/wrap-ansi?sponsor=1"
-      }
-    },
     "node_modules/y18n": {
       "version": "5.0.8",
       "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz",
@@ -398,29 +421,28 @@
       }
     },
     "node_modules/yargs": {
-      "version": "18.0.0",
-      "resolved": "https://registry.npmjs.org/yargs/-/yargs-18.0.0.tgz",
-      "integrity": "sha512-4UEqdc2RYGHZc7Doyqkrqiln3p9X2DZVxaGbwhn2pi7MrRagKaOcIKe8L3OxYcbhXLgLFUS3zAYuQjKBQgmuNg==",
-      "license": "MIT",
+      "version": "17.7.2",
+      "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz",
+      "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==",
       "dependencies": {
-        "cliui": "^9.0.1",
+        "cliui": "^8.0.1",
         "escalade": "^3.1.1",
         "get-caller-file": "^2.0.5",
-        "string-width": "^7.2.0",
+        "require-directory": "^2.1.1",
+        "string-width": "^4.2.3",
         "y18n": "^5.0.5",
-        "yargs-parser": "^22.0.0"
+        "yargs-parser": "^21.1.1"
       },
       "engines": {
-        "node": "^20.19.0 || ^22.12.0 || >=23"
+        "node": ">=12"
       }
     },
     "node_modules/yargs-parser": {
-      "version": "22.0.0",
-      "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-22.0.0.tgz",
-      "integrity": "sha512-rwu/ClNdSMpkSrUb+d6BRsSkLUq1fmfsY6TOpYzTwvwkg1/NRG85KBy3kq++A8LKQwX6lsu+aWad+2khvuXrqw==",
-      "license": "ISC",
+      "version": "21.1.1",
+      "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz",
+      "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==",
       "engines": {
-        "node": "^20.19.0 || ^22.12.0 || >=23"
+        "node": ">=12"
       }
     },
     "node_modules/yn": {
diff --git a/apps/desktop/native-messaging-test-runner/package.json b/apps/desktop/native-messaging-test-runner/package.json
index 050bb653445..cdc9158bdca 100644
--- a/apps/desktop/native-messaging-test-runner/package.json
+++ b/apps/desktop/native-messaging-test-runner/package.json
@@ -20,8 +20,8 @@
     "@bitwarden/logging": "dist/libs/logging/src",
     "module-alias": "2.2.3",
     "ts-node": "10.9.2",
-    "uuid": "13.0.0",
-    "yargs": "18.0.0"
+    "uuid": "9.0.1",
+    "yargs": "17.7.2"
   },
   "devDependencies": {
     "@types/node": "22.19.3",
@@ -31,6 +31,12 @@
     "@bitwarden/common": "dist/libs/common/src",
     "@bitwarden/node/services/node-crypto-function.service": "dist/libs/node/src/services/node-crypto-function.service",
     "@bitwarden/storage-core": "dist/libs/storage-core/src",
-    "@bitwarden/logging": "dist/libs/logging/src"
+    "@bitwarden/logging": "dist/libs/logging/src",
+    "@bitwarden/client-type": "dist/libs/client-type/src",
+    "@bitwarden/state": "dist/libs/state/src",
+    "@bitwarden/state-internal": "dist/libs/state-internal/src",
+    "@bitwarden/messaging": "dist/libs/messaging/src",
+    "@bitwarden/guid": "dist/libs/guid/src",
+    "@bitwarden/serialization": "dist/libs/serialization/src"
   }
 }
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-create.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-create.ts
index 8d2d734677a..46021eb72ca 100644
--- a/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-create.ts
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-create.ts
@@ -11,6 +11,7 @@ import { NativeMessagingVersion } from "@bitwarden/common/enums";
 import { CredentialCreatePayload } from "../../../src/models/native-messaging/encrypted-message-payloads/credential-create-payload";
 import { LogUtils } from "../log-utils";
 import NativeMessageService from "../native-message.service";
+import { TestRunnerSdkLoadService } from "../sdk-load.service";
 import * as config from "../variables";
 
 const argv: any = yargs(hideBin(process.argv)).option("name", {
@@ -25,6 +26,10 @@ const { name } = argv;
 // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
 // eslint-disable-next-line @typescript-eslint/no-floating-promises
 (async () => {
+  // Initialize SDK before using crypto functions
+  const sdkLoadService = new TestRunnerSdkLoadService();
+  await sdkLoadService.loadAndInit();
+
   const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
   // Handshake
   LogUtils.logInfo("Sending Handshake");
@@ -42,7 +47,10 @@ const { name } = argv;
   // Get active account userId
   const status = await nativeMessageService.checkStatus(handshakeResponse.sharedKey);
 
-  const activeUser = status.payload.filter((a) => a.active === true && a.status === "unlocked")[0];
+  const activeUser = status.payload.filter(
+    (a: { active: boolean; status: string; id: string }) =>
+      a.active === true && a.status === "unlocked",
+  )[0];
   if (activeUser === undefined) {
     LogUtils.logError("No active or unlocked user");
   }
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-retrieval.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-retrieval.ts
index 2e55afbb36f..70b0bad9d66 100644
--- a/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-retrieval.ts
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-retrieval.ts
@@ -7,6 +7,7 @@ import { NativeMessagingVersion } from "@bitwarden/common/enums";
 
 import { LogUtils } from "../log-utils";
 import NativeMessageService from "../native-message.service";
+import { TestRunnerSdkLoadService } from "../sdk-load.service";
 import * as config from "../variables";
 
 const argv: any = yargs(hideBin(process.argv)).option("uri", {
@@ -21,6 +22,10 @@ const { uri } = argv;
 // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
 // eslint-disable-next-line @typescript-eslint/no-floating-promises
 (async () => {
+  // Initialize SDK before using crypto functions
+  const sdkLoadService = new TestRunnerSdkLoadService();
+  await sdkLoadService.loadAndInit();
+
   const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
   // Handshake
   LogUtils.logInfo("Sending Handshake");
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-update.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-update.ts
index 93598bf9eef..7ba5eef143a 100644
--- a/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-update.ts
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-credential-update.ts
@@ -11,6 +11,7 @@ import { NativeMessagingVersion } from "@bitwarden/common/enums";
 import { CredentialUpdatePayload } from "../../../src/models/native-messaging/encrypted-message-payloads/credential-update-payload";
 import { LogUtils } from "../log-utils";
 import NativeMessageService from "../native-message.service";
+import { TestRunnerSdkLoadService } from "../sdk-load.service";
 import * as config from "../variables";
 
 // Command line arguments
@@ -49,6 +50,10 @@ const { name, username, password, uri, credentialId } = argv;
 // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
 // eslint-disable-next-line @typescript-eslint/no-floating-promises
 (async () => {
+  // Initialize SDK before using crypto functions
+  const sdkLoadService = new TestRunnerSdkLoadService();
+  await sdkLoadService.loadAndInit();
+
   const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
   // Handshake
   LogUtils.logInfo("Sending Handshake");
@@ -67,7 +72,10 @@ const { name, username, password, uri, credentialId } = argv;
   // Get active account userId
   const status = await nativeMessageService.checkStatus(handshakeResponse.sharedKey);
 
-  const activeUser = status.payload.filter((a) => a.active === true && a.status === "unlocked")[0];
+  const activeUser = status.payload.filter(
+    (a: { active: boolean; status: string; id: string }) =>
+      a.active === true && a.status === "unlocked",
+  )[0];
   if (activeUser === undefined) {
     LogUtils.logError("No active or unlocked user");
   }
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-generate-password.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-generate-password.ts
index da914c67b4a..a0b449b02c7 100644
--- a/apps/desktop/native-messaging-test-runner/src/commands/bw-generate-password.ts
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-generate-password.ts
@@ -7,6 +7,7 @@ import { NativeMessagingVersion } from "@bitwarden/common/enums";
 
 import { LogUtils } from "../log-utils";
 import NativeMessageService from "../native-message.service";
+import { TestRunnerSdkLoadService } from "../sdk-load.service";
 import * as config from "../variables";
 
 const argv: any = yargs(hideBin(process.argv)).option("userId", {
@@ -21,6 +22,10 @@ const { userId } = argv;
 // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
 // eslint-disable-next-line @typescript-eslint/no-floating-promises
 (async () => {
+  // Initialize SDK before using crypto functions
+  const sdkLoadService = new TestRunnerSdkLoadService();
+  await sdkLoadService.loadAndInit();
+
   const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
   // Handshake
   LogUtils.logInfo("Sending Handshake");
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-handshake.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-handshake.ts
index 2ba5d469aaa..77a6ac652ad 100644
--- a/apps/desktop/native-messaging-test-runner/src/commands/bw-handshake.ts
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-handshake.ts
@@ -4,11 +4,16 @@ import { NativeMessagingVersion } from "@bitwarden/common/enums";
 
 import { LogUtils } from "../log-utils";
 import NativeMessageService from "../native-message.service";
+import { TestRunnerSdkLoadService } from "../sdk-load.service";
 import * as config from "../variables";
 
 // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
 // eslint-disable-next-line @typescript-eslint/no-floating-promises
 (async () => {
+  // Initialize SDK before using crypto functions
+  const sdkLoadService = new TestRunnerSdkLoadService();
+  await sdkLoadService.loadAndInit();
+
   const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
 
   const response = await nativeMessageService.sendHandshake(
diff --git a/apps/desktop/native-messaging-test-runner/src/commands/bw-status.ts b/apps/desktop/native-messaging-test-runner/src/commands/bw-status.ts
index 466e3fca52b..7014c4713c2 100644
--- a/apps/desktop/native-messaging-test-runner/src/commands/bw-status.ts
+++ b/apps/desktop/native-messaging-test-runner/src/commands/bw-status.ts
@@ -4,11 +4,16 @@ import { NativeMessagingVersion } from "@bitwarden/common/enums";
 
 import { LogUtils } from "../log-utils";
 import NativeMessageService from "../native-message.service";
+import { TestRunnerSdkLoadService } from "../sdk-load.service";
 import * as config from "../variables";
 
 // FIXME: Verify that this floating promise is intentional. If it is, add an explanatory comment and ensure there is proper error handling.
 // eslint-disable-next-line @typescript-eslint/no-floating-promises
 (async () => {
+  // Initialize SDK before using crypto functions
+  const sdkLoadService = new TestRunnerSdkLoadService();
+  await sdkLoadService.loadAndInit();
+
   const nativeMessageService = new NativeMessageService(NativeMessagingVersion.One);
 
   LogUtils.logInfo("Sending Handshake");
diff --git a/apps/desktop/native-messaging-test-runner/src/deferred.ts b/apps/desktop/native-messaging-test-runner/src/deferred.ts
index da34d80ebb2..d3350ade5a4 100644
--- a/apps/desktop/native-messaging-test-runner/src/deferred.ts
+++ b/apps/desktop/native-messaging-test-runner/src/deferred.ts
@@ -4,8 +4,8 @@
 // while allowing an unrelated event to fulfill it elsewhere.
 export default class Deferred<T> {
   private promise: Promise<T>;
-  private resolver: (T?) => void;
-  private rejecter: (Error?) => void;
+  private resolver!: (value?: T) => void;
+  private rejecter!: (reason?: Error) => void;
 
   constructor() {
     this.promise = new Promise<T>((resolve, reject) => {
diff --git a/apps/desktop/native-messaging-test-runner/src/ipc.service.ts b/apps/desktop/native-messaging-test-runner/src/ipc.service.ts
index d8616e9757a..adb1e693d24 100644
--- a/apps/desktop/native-messaging-test-runner/src/ipc.service.ts
+++ b/apps/desktop/native-messaging-test-runner/src/ipc.service.ts
@@ -13,7 +13,7 @@ import { race } from "./race";
 
 const DEFAULT_MESSAGE_TIMEOUT = 10 * 1000; // 10 seconds
 
-export type MessageHandler = (MessageCommon) => void;
+export type MessageHandler = (message: MessageCommon) => void;
 
 // FIXME: update to use a const object instead of a typescript enum
 // eslint-disable-next-line @bitwarden/platform/no-enums
diff --git a/apps/desktop/native-messaging-test-runner/src/race.ts b/apps/desktop/native-messaging-test-runner/src/race.ts
index 5ed778aa35b..a1c6cb04c5f 100644
--- a/apps/desktop/native-messaging-test-runner/src/race.ts
+++ b/apps/desktop/native-messaging-test-runner/src/race.ts
@@ -8,8 +8,8 @@ export const race = <T>({
   promise: Promise<T>;
   timeout: number;
   error?: Error;
-}) => {
-  let timer = null;
+}): Promise<T> => {
+  let timer: NodeJS.Timeout | null = null;
 
   // Similar to Promise.all, but instead of waiting for all, it resolves once one promise finishes.
   // Using this so we can reject if the timeout threshold is hit
@@ -20,7 +20,9 @@ export const race = <T>({
     }),
 
     promise.then((value) => {
-      clearTimeout(timer);
+      if (timer != null) {
+        clearTimeout(timer);
+      }
       return value;
     }),
   ]);
diff --git a/apps/desktop/native-messaging-test-runner/src/sdk-load.service.ts b/apps/desktop/native-messaging-test-runner/src/sdk-load.service.ts
new file mode 100644
index 00000000000..d3f8289dffb
--- /dev/null
+++ b/apps/desktop/native-messaging-test-runner/src/sdk-load.service.ts
@@ -0,0 +1,22 @@
+import { SdkLoadService } from "@bitwarden/common/platform/abstractions/sdk/sdk-load.service";
+
+import { LogUtils } from "./log-utils";
+
+/**
+ * SDK Load Service for the native messaging test runner.
+ * For Node.js environments, the SDK's Node.js build automatically loads WASM from the filesystem.
+ * No additional initialization is needed.
+ */
+export class TestRunnerSdkLoadService extends SdkLoadService {
+  async load(): Promise<void> {
+    // In Node.js, @bitwarden/sdk-internal automatically loads the WASM file
+    // from node/bitwarden_wasm_internal_bg.wasm using fs.readFileSync.
+    // No explicit loading is required.
+  }
+
+  override async loadAndInit(): Promise<void> {
+    LogUtils.logInfo("Initializing SDK");
+    await super.loadAndInit();
+    LogUtils.logSuccess("SDK initialized");
+  }
+}
diff --git a/apps/desktop/native-messaging-test-runner/tsconfig.json b/apps/desktop/native-messaging-test-runner/tsconfig.json
index dcdf992f986..708559efc07 100644
--- a/apps/desktop/native-messaging-test-runner/tsconfig.json
+++ b/apps/desktop/native-messaging-test-runner/tsconfig.json
@@ -1,4 +1,5 @@
 {
+  "extends": "../../../tsconfig.base.json",
   "compilerOptions": {
     "baseUrl": "./",
     "outDir": "dist",
@@ -18,7 +19,13 @@
       "@bitwarden/auth/*": ["../../../libs/auth/src/*"],
       "@bitwarden/common/*": ["../../../libs/common/src/*"],
       "@bitwarden/key-management": ["../../../libs/key-management/src/"],
-      "@bitwarden/node/*": ["../../../libs/node/src/*"]
+      "@bitwarden/node/*": ["../../../libs/node/src/*"],
+      "@bitwarden/state": ["../../../libs/state/src/index.ts"],
+      "@bitwarden/state-internal": ["../../../libs/state-internal/src/index.ts"],
+      "@bitwarden/client-type": ["../../../libs/client-type/src/index.ts"],
+      "@bitwarden/messaging": ["../../../libs/messaging/src/index.ts"],
+      "@bitwarden/guid": ["../../../libs/guid/src/index.ts"],
+      "@bitwarden/serialization": ["../../../libs/serialization/src/index.ts"]
     },
     "plugins": [
       {
@@ -26,5 +33,6 @@
       }
     ]
   },
-  "exclude": ["node_modules"]
+  "include": ["src/**/*"],
+  "exclude": ["node_modules", "dist"]
 }

From b71ca1a2c03fe7a2ccb3a843d3d9087924d294dc Mon Sep 17 00:00:00 2001
From: aj-bw <81774843+aj-bw@users.noreply.github.com>
Date: Tue, 20 Jan 2026 16:32:34 -0500
Subject: [PATCH 7/7] test renaming image as it was duplicating the selfhost
 commercial name (#18418)

---
 .github/workflows/build-web.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build-web.yml b/.github/workflows/build-web.yml
index 24a8df084a2..e626b629f5c 100644
--- a/.github/workflows/build-web.yml
+++ b/.github/workflows/build-web.yml
@@ -112,7 +112,7 @@ jobs:
             npm_command: dist:bit:selfhost
           - artifact_name: selfhosted-DEV
             license_type: "commercial"
-            image_name: web
+            image_name: web-dev
             npm_command: build:bit:selfhost:dev
             git_metadata: true
           - artifact_name: cloud-QA