* use type safe generics for throttle and debounce, account for the change were event isn't passed
* read gloabl once
* check for styles before setting
* narrow keywords index
* narrow bitwardenAutofillInit for callback
* nullish coalescing operator on value for prop attributes
* Front end changes to disable SM ads for users
* fixing failing tests
* Update libs/common/src/admin-console/models/response/organization.response.ts
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* fixing merge conflicts
* claude suggestion
* adding feature flag for disable sm ads on clients
* fixing tests
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* add callout to vault-items for non premium users, add upgrade premium flow
* add archive badge to item details only for desktop
* update desktop edit item save for unarchive
* updated success toast for edited archive item non premium
This PR moves the Desktop Send list UI into a shared library component and updates the Desktop Send v2 component to use modern Angular patterns (Signals, OnPush, no manual subscriptions)
* Change domain terminology to web addresses
* Added phishing resource file
* Finish renaming and adding runtime configuration for domains vs links setting
* Update reference
* Add matching functions per resource
* correct URL matching logic for links-based detection
Problem:
The phishing link matcher was failing to detect known phishing URLs due to
two issues:
1. Protocol mismatch: Entries in the phishing list use `http://` but users
typically visit `https://` versions. The matcher was comparing full URLs
including protocol, causing legitimate matches to fail.
- List entry: `http://smartdapptradxx.pages.dev`
- User visits: `https://smartdapptradxx.pages.dev/`
- Result: No match (incorrect)
2. Hostname-only matching would have caused false positives: An earlier
attempt to fix#1 included hostname-only comparison, which defeats the
purpose of links-based detection. The goal of PM-28548 is precise URL
matching to avoid blocking entire domains (like pages.dev, github.io)
when only specific paths are malicious.
Solution:
- Always strip protocol (http:// or https://) from both entry and URL
before comparison, treating them as equivalent
- Remove hostname-only matching to maintain precision
- Keep prefix matching for subpaths, query strings, and fragments
---------
Co-authored-by: Alex <adewitt@bitwarden.com>
* [pm-28077] Add input types to ignoredInputTypes
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Merge branch 'main' of github.com:bitwarden/clients into pm-28077-more-ignoredInputTypes-in-CollectAutofillContentService
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* [pm-28077] Remove month input type from ignored types
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* [pm-28077] Remove month radio and checkbox types from ignored types
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Merge branch 'main' of github.com:bitwarden/clients into pm-28077-more-ignoredInputTypes-in-CollectAutofillContentService
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* [pm-28077] Fix prettier issues/conflicts
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* [pm-28077] Add comment regarding datetime depcrecation
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
---------
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* use optional chaining and make portkey optional to match the AutofillInlineMenuIframeExtensionMessage
* make ariaAlertElement optional
* tiemouts are set to null for clearing, updated type to match this
* border color is conditionally applied, undefined is acceptable here
* check if aria alerts exist before calling
* return early if no styles exist for updateElementStyles or no position for updateIframePosition
* initilaize timers to null
* non null assert iframe since it is initialized in initMenuIframe which makes it safe to assert non null by lifecycle
* remove optional chainning
* [PM-29209] Introduce new autofill nudge service specific to the Browser client
* [PM-29209] Cleanup redundant browser setting checks
* [PM-29209] Ensure nudge is dismissed on nudge button click
* [PM-29209] Add spec file for browser autofill nudge service
* [PM-29209] Cleanup settings-v2 spec file
* early return on typedata if it is not present
* use optional chaining on null checks
* nullish coallescing operator on potentially undefined type
* optional chaining to check both that the element exists and that contentWindow is not null before calling postMessage
* add null check for this.currentNotificationBarType before calling
* add a null check before appending notificationBarRootElement, ts cant track we set the iframe across method calls
* added null checks before calling setElementStyles
