Make newApplications optional in OrganizationReportSummary type definition
to match the validation logic. This resolves the type safety violation where
compile-time type checking required the field but runtime validation treated
it as optional.
The field is optional because legacy encrypted data predates this field's
introduction, and making it required would break decryption of existing data.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
The validation functions required the newApplications field to be present,
but this field is not in the type definition and old encrypted data doesn't
have it. This was causing decryption failures with the error:
"Invalid OrganizationReportSummary: missing or invalid fields: newApplications (string[])"
Changes:
- Updated isOrganizationReportSummary() to allow newApplications to be undefined
- Updated validateOrganizationReportSummary() to only validate newApplications if present
- Added comments explaining backward compatibility requirement
This provides backward compatibility with existing encrypted data while still
validating the field when it is present.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* new drawer functions for crit apps
* logic for triggering the drawer functions in components
* cleanup unused logic and rename "navigation" to "action"
- ... since the click is now triggering the drawer instead of navigating to another tab/page
* null check for reportData in drawer methods
* use criticalReportResults$ to avoid duplicating logic
* use criticalReportResults$ to avoid dupe logic
* remove unused code
* Add runtime type guards for decrypted JSON data
- Create risk-insights-type-guards.ts with validation functions
- Replace unsafe type assertions with runtime validation in encryption service
- Validate ApplicationHealthReportDetail, OrganizationReportSummary, and OrganizationReportApplication
- Add detailed error messages for validation failures
- Remove TODO comments for type guard implementation
Improves security by preventing malformed data from bypassing type safety and ensures data integrity for decrypted report structures.
* test file fix
* date validation
* add runtime type guards and validation failure tests
Issue 1: Missing Test Coverage for Type Guard Validation Failures
- Create comprehensive test suite with 17 tests covering all validation scenarios
- Test invalid structures, missing fields, wrong types, and edge cases
- Verify proper error messages and validation logic for all data types
Issue 2: Silent Failure on Validation Errors (Security Concern)
- Re-throw validation errors instead of silently returning empty/default data
- Add descriptive error messages indicating potential data corruption or tampering
- Ensure all validation failures are surfaced as security issues, not swallowed
Additional Fix: Date Validation Vulnerability
- Validate date strings before creating Date objects to prevent Invalid Date (NaN)
- Throw explicit errors for unparseable date strings
- Update error handling to catch and properly surface date validation failures
* add empty string validation and sanitize error messages
- Validate array elements are non-empty strings (atRiskCipherIds, cipherIds, newApplications)
- Sanitize validation error messages to prevent information disclosure
- Log detailed errors for debugging, re-throw generic messages
- Add tests for empty string validation and error message sanitization
* add comprehensive validation for scalar strings and numeric ranges
- Validate all scalar string fields are non-empty (applicationName, userName, email, cipherId, userGuid)
- Add numeric range validation (finite, non-negative) for all count fields
- Export type guard functions for testability and reusability
- Add 19 new tests covering edge cases (empty strings, NaN, Infinity, negative numbers)
* prevent prototype pollution and unexpected property injection in type guards
- Validate object prototype is Object.prototype (prevents __proto__ attacks)
- Check for dangerous own properties (constructor, prototype)
- Strict property enumeration - reject objects with unexpected properties
- Add comprehensive security tests (prototype pollution, unexpected props)
- Protects against data tampering and information leakage
* security: always sanitize error messages to prevent information disclosure
- Remove fragile pattern matching in error handlers
- Always throw generic error messages by default
- Log detailed errors for debugging, never expose to callers
- Future-proof against validation error message changes
- Prevents disclosure of internal data structure details
Applies to all decryption/validation methods in encryption service
* security: comprehensive hardening of type validation system
CRITICAL FIXES:
- Add __proto__ to prototype pollution checks (loop-based)
- Remove conditional error sanitization (always sanitize)
SECURITY ENHANCEMENTS:
- Add integer overflow protection (Number.isSafeInteger)
- Add DoS prevention (array/string length limits: 50K/1K)
- Strengthen all 4 type guards with 10-layer validation
LIMITS:
- Max string length: 1,000 characters
- Max array length: 50,000 elements
- Max safe integer: 2^53 - 1
DOCUMENTATION:
- Update code-review-methodology.md with patterns
- Update .cursorrules with security best practices
- Create comprehensive security audit document
All 57 tests passing. No linting errors.
Defense-in-depth complete - production ready.
* fix: consolidate security constants and add upper bound validation
CRITICAL FIXES:
- Consolidate MAX_STRING_LENGTH and MAX_ARRAY_LENGTH to file level (DRY)
- Add MAX_COUNT constant (10M) for upper bound validation
- Apply upper bound checks to all 12 count fields
BENEFITS:
- Single source of truth for security limits
- Prevents business logic issues from extreme values
- Easier maintenance and updates
* filter at risk passwords count to only critical apps
* PM-26929 assign tasks to those apps that are marked as critical
---------
Co-authored-by: voommen-livefront <voommen@livefront.com>
* Move files to folders. Delete unused component. Move model to file
* Move risk insights services to folder structure capturing domains, api, and view organization. Move mock data
* Remove legacy risk insight report code
* Move api model to file
* Separate data service and orchestration of data to make the data service a facade
* Add orchestration updates for fetching applications as well as migrating data.
* Updated migration of critical applications and merged old saved data to new critical applications on report object
* Update test cases
* Fixed test case after merge. Cleaned up per comments on review
* Fixed decryption and encryption issue when not using existing content key
* Fix type errors
* Fix test update
* Fixe remove critical applications
* Fix report generating flag not being reset
* Removed extra logs
* [PM-27024] Fix password change progress card to track only critical apps and detect new at-risk passwords
- Filter at-risk password count to critical applications only
- Update state logic to transition back to assign tasks when new at-risk passwords detected
- Only create security tasks for critical applications with at-risk passwords
- Show 'X new passwords at-risk' message when tasks exist and new at-risk passwords appear
* spec
* [PM-25682] Remove ts-strict-ignore from Vault view models and update types to be strict
* [PM-25682] Ignore ViewEncryptableKeys error for old decrypt methods
* [PM-25682] Add null/undefined as possible types for isNull* and other helpers that include null checks internally
* [PM-25682] Use patchValue instead of setValue which does not support undefined values
* [PM-25682] Add type assertions and other misc. null checks where necessary
* [PM-25682] Fix importers specs
* [PM-25682] Cleanup card view/details
* [PM-25682] Fix cipher view hasAttachment helper
* [PM-25682] Cleanup unecessary null assignments in notification.background.spec.ts
* [PM-25682] Ensure linkedId is undefined instead of null
* [PM-25682] Cleanup misc typing errors
* [PM-25682] Make the CipherId required
* [PM-25682] Undo CipherId assertions
* [PM-25682] Undo brand initial value change
* [PM-25682] Update SshKeyView
* [PM-25682] Add constructor to Fido2CredentialView
* [PM-25682] Prettier
* [PM-25682] Fix strict type warnings after merge with main
* [PM-25682] Cleanup cipher view spec
* [PM-25682] Cleanup new type warnings after merge
* [PM-25682] Undo removed eslint-disable-next-line comment
* [PM-25682] Fix flaky test
* [PM-25682] Use satisfies instead of as for Fido2CredentialAutofillView
* new messages.json keys
* button changes for dirt activity card
* dummy data
* newApplicationsCount and temp toast
* Added third dirt-activity-card component after the existing two cards
* added newApplications to setAllAppsReportSummary
* make button smaller
* cleanup/nice-to-haves
* remove comment
* simplify activity card icon logic to use nullable iconClass
* use buttonText presence to determine button display in activity card
* apps needing review card
- I think accidentally deleted when resolving merge conflicts
* buttonClick.observed && buttonText
* Add password trigger logic to report service. Also updated api to use classes that properly handle encstring with placeholders for upcoming usage
* Fix merged test case conflict
* Fix type errors and test cases. Make create data functions for report and summary
* Update Risk Insights Report Data Type
* Update encryption usage and test cases. Moved mock data
* Remove unused variable
* Move all-application constructor
* Update all applications and risk insights to look at fetched logic
* Fix name of variable. Fetch last report run
* Cleanup all and critical application tabs drawer dependencies
* Rename components from tool to dirt. Hook up all applications to use reportResult summary
* Critical application cleanup. Trigger refetch of report for enriching when critical applications change
* Fix type errors
* Rename loader from tools to dirt. Cleanup
* Add activity tab updates using data service
* Use safeProviders in access intelligence
* Fix refresh button not appearing. Change "refresh" to "run report"
* Remove multiple async calls for isRunningReport
* Fix report button not showing
* Add no report ran message
* Fix password change on critical applications
* Add password trigger logic to report service. Also updated api to use classes that properly handle encstring with placeholders for upcoming usage
* Fix merged test case conflict
* Fix type errors and test cases. Make create data functions for report and summary
* refactor(risk-insights-data.service): unify drawer state management with BehaviorSubject
- Replace individual drawer properties with unified drawerDetailsSubject
- Add reactive Observable getters for drawer state checking
- Update all drawer methods to use centralized state management
* risk-insights.component: add special case drawer state sync in component
- Add private _isDrawerOpen property for internal state tracking
- Subscribe to drawerDetails$ changes with takeUntilDestroyed cleanup
- Implement getter/setter for isDrawerOpen to sync component <-> service
- Enable two-way binding while maintaining reactive patterns
* risk-insights.component.html: replace drawer template with unified observable patterns
- Replace dataService.openDrawer with isDrawerOpen special case getter
- Wrap drawer in @if block with drawerDetails$ | async for single subscription
- Update isActiveDrawerType() calls to reactive isActiveDrawerType$() | async
- Replace direct property access with unified drawerDetails object
- Use modern @if control flow syntax for better performance
* all-applications.component.html: replace drawer state with reactive observable patterns
- Replace dataService.drawerInvokerId with drawerDetails$ | async in card highlighting
- Update app-table-row-scrollable input from isDrawerIsOpenForThisRecord function to openApplication string
* critical-applications.component.html: replace drawer state with reactive observable patterns
- Replace dataService.drawerInvokerId with drawerDetails$ | async in card highlighting
- Update table component binding from isDrawerIsOpenForThisRecord to openApplication
- Use reactive drawer state checking for consistent behavior with all-applications
* all-applications.component.ts: remove deprecated drawer state functions
- Remove unused trackByFunction that's no longer needed in template
- Remove getSelectedUrls function that's not used anywhere
- Remove isDrawerOpenForTableRow replaced by reactive openApplication binding
- Clean up unused ApplicationHealthReportDetail import
- Simplifies component interface following reactive pattern migration
* critical-applications.component.ts: remove deprecated drawer state functions
- Remove unused trackByFunction that's no longer needed in template
- Remove isDrawerOpenForTableRow replaced by reactive openApplication binding
* app-table-row-scrollable.component.html: replace drawer function calls with string comparison
- Replace isDrawerIsOpenForThisRecord(row.applicationName) with row.applicationName === openApplication
- Use direct string comparison instead of function calls for better performance
- Matches updated component input from function to string property
- Simplifies template logic following reactive pattern migration
* fix(risk-insights-data.service.ts): restore drawer toggle behavior in setter methods
- Add toggle logic to check if same drawer type and invoker are already open
- Close drawer when clicking same button twice (preserves original UX)
- Switch drawer content when clicking different button
- Maintains reactive patterns while restoring expected behavior
* revert to drawer state functions to maintain scope of task
- the logic replacing these functions will be in pr16523
* fix(risk-insights-data.service.ts): restore boolean isActiveDrawerType function per review feedback
- Keep original isActiveDrawerType() as boolean function using drawerDetailsSubject.value
- Maintain isActiveDrawerType$() as Observable version for reactive templates
- Apply same pattern to isDrawerOpenForInvoker() for consistency
- Addresses review feedback to preserve existing function signatures
* refactor(risk-insights-data.service.ts): use destructuring in drawer setter methods per review feedback
* refactor(all-applications.component.html): optimize single subscription for drawer state per review feedback
* refactor(critical-applications.component.html): optimize single subscription for drawer state per review feedback
* refactor(risk-insights.component.html): use boolean drawer type functions per review feedback
* fix(browser-system-notification.service.ts): restore eslint disable comment removed by prettier
---------
Co-authored-by: Tom <144813356+ttalty@users.noreply.github.com>
* isValidCipher and findWeakPasswordDetails
* auditPasswordLeaks$
* missing deps fix
* refactor: remove unused dependencies from RiskInsightsReportService
- Remove PasswordStrengthServiceAbstraction and AuditService from constructor
- Update module dependency injection to only provide these services to PasswordHealthService
- Remove unused imports and mock services from test file
- Ensure proper separation of concerns where password health logic is centralized in PasswordHealthService
* organize password-health.ts contents into new model files
* revert naming
* revert to state of use save service pr draft
* LEGACY_MemberDetailsFlat
* legacy updates to password health file
* update imports
* fix import errors
* - revert unnecessary encrypteddatamodel changes
-add it back to password-health.ts
- revert the type changes of variables in EncryptedDataWithKey
* quick fix
* PM-20578 Added api to fetch and save data (#15334)
* [PM-20579] Update risk-insights report service to use api service with encryption (#15357)
* Fix type error
* Fix paths for changed key generation service
* Finalize the api services
* Fixing test case for summary date range
* Fixing report service tests. Encryption will be modified in the future
* Fixing encryption service tests
* fixing linting issues
---------
Co-authored-by: Vijay Oommen <voommen@livefront.com>
Co-authored-by: Tom <ttalty@bitwarden.com>
* Switching to use the orgKeys$ from the key service instead of getOrgKey
* Using account service instead of state provider
* First try for fixing test cases
* fixing test cases
* PM-24101 fix identified by failing test
* Error checking on the orgId
* Private method did not need error check
* Setting OrganizationId type
* Fixing test cases for setting org id
* Moving the get of critical apps to the init
* The critical apps component was being set again
---------
Co-authored-by: voommen-livefront <voommen@livefront.com>
* Adding the organization integration api service and test cases
* Adding configuration api files and test cases. Fixing the id guids and integration type and event type nullable
* Adding get endpoint methods to the integration and config service and test cases
* fixing type check issues
* lowercase directory name
* fix(enums-eslint): Enum Rule for ESLint - Added enums in the warnings for eslint.
* fix(enums-eslint): Enum Rule for ESLint - Updated to error in both places for enums.
* fix(enums-eslint): Enum Rule for ESLint - Added new eslint plugin for warning on enums.
* fix(enums-eslint): Enum Rule for ESLint - Changed based on suggestion.
Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
* refactor(browser-platform-utils): Remove Deprecation and Fix Code - Changed usages of firefox to private and moved the usages to the preferred public method and removed the deprecations.
* fix(enums-eslint): Enum Rule for ESLint - Updated to error and added disable rules for all other places.
* fix(enums-eslint): Enum Rule for ESLint - Undid other changes by accident
