bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-06 00:13:28 +00:00
Code Issues Releases Wiki Activity
20,092 Commits 1,216 Branches 567 Tags
2bf9e3f6df4be7514198f3ea1bcb5669872a340e
Commit Graph

20092 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
rr-bw
9e6d0cce35 feat(marketing-initiated-premium): Auth [PM-27542] Write fromMarketing value to state (#17470) 2025-11-19 19:00:18 -08:00
Bernd Schoolmann
5f27452ac2 Fix desktop not launching (#17485) 2025-11-20 02:41:59 +01:00
Jonathan Prusik
7c4db701b9 [PM-27797] Prevent host page manipulation of inline menu popover attribute (#17400) 
* turn off inline experience if host page aggressively competes for top of top-layer

* add alert message for top-layer hijack scenarios

* widen the backoff threshold

* refactor backoff logic to include popover attribute mutations

* improve getPageIsOpaque check

* do not attempt inline menu insertion if it has been disabled for security concerns

* fix typo

* cleanup

* add tests
 2025-11-19 19:14:05 -05:00
Andy Pixley
d86c918e71 [BRE-1303] Providing method for pinning Chrome extension ID for dev (#17432) 2025-11-19 16:11:51 -05:00
Addison Beck
6d1c474fc5 fix: add world: MAIN to Firefox page script registration (#17466) 
* chore: update @types/firefox-webext-browser

* fix: add world: MAIN to Firefox page script registration

* review: add world property to registration type
 2025-11-19 20:13:41 +00:00
Addison Beck
e44ab1b411 fix: enable dynamic URLs for Chrome web accessible resources (#17429) 
This commit adds use_dynamic_url: true to the extension's web_accessible_resources configuration. When enabled, Chrome generates random session-based GUIDs for extension resource URLs instead of using the predictable static extension ID. This enhances privacy by making extension resource URLs unpredictable and prevents third-party enumeration of installed extensions.

The feature is supported in Chrome 102+ and changes resource URLs from chrome-extension://[static-id]/resource to chrome-extension://[random-guid]/resource, with GUIDs regenerating each browser session while maintaining all existing extension functionality.

Addresses: https://bitwarden.atlassian.net/browse/PM-28344
 2025-11-19 14:57:59 -05:00
Matt Andreko
9ee4fd0e44 Workflow corrections (#17392) 
Co-authored-by: Amy Galles <9685081+AmyLGalles@users.noreply.github.com>
 2025-11-19 14:15:12 -05:00
Alex Morask
de42cf303f [PM-27925] Refactor StripeService to allow more than one instance (#17467) 
* Refactor StripeService to allow more than one instance per scope

* Fix linting issue

* Claude's feedback
 2025-11-19 12:57:00 -06:00
renovate[bot]
9ec05a96b9 [deps]: Update GitHub Artifact Actions (#17305) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
 2025-11-19 18:44:01 +00:00
Brandon Treston
28dc244fd3 fix error in console (#17468) 2025-11-19 13:32:50 -05:00
bw-ghapp[bot]
0912d1abe8 Autosync the updated translations (#17462) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2025-11-19 18:31:02 +01:00
neuronull
db16c201b8 Align Desktop Native's Rust CI checks with SDK (#17261) 
* clean crate deps

* update lint workflow

* add rustfmt.toml

* apply rust fmt

* missed one

* fix lint of lint lol

* more deps platform fixes

* fix macos_provider

* some more deps clean

* more cleanup

* add --all-targets

* remove another unused dep

* generate index.d.ts

* fix whitespace

* fix split comment in biometric

* formatting comment in biometric_v2

* apply fmt
 2025-11-19 15:07:57 +00:00
renovate[bot]
90ca6bf2cd [deps]: Update codecov/test-results-action action to v1.1.1 (#17493) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-19 12:00:49 +00:00
renovate[bot]
58727e8843 [deps] Platform: Update @types/chrome to v0.1.28 (#17489) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-19 05:39:33 -06:00
renovate[bot]
e32309260c [deps] Platform: Update @types/node-forge to v1.3.14 (#17490) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-19 05:39:11 -06:00
Github Actions
64bfbf274a Bumped client version(s) 2025-11-19 00:18:10 +00:00
Alex
84ce21643d text and style (#17439) 2025-11-18 17:27:40 -05:00
Kyle Denney
fde1e26ad9 [PM-28370] fix defect for self-hosted metadata (#17464) 2025-11-18 15:24:36 -06:00
gitclonebrian
bf8976ca66 [BRE-1333] Added permissions to token generation (#17471) 2025-11-18 15:27:21 -05:00
Jonathan Prusik
df03664827 [PM-27915] Add additional global styling collision defenses for pseudo-elements (#17340) 
* add additional global styling collision defenses for pseudo-elements

* move internal stylesheet into closed shadow root
 2025-11-18 14:49:12 -05:00
Will Martin
b952e6ea44 [PM-28071] add prod test domain for phishing detection (#17450) 2025-11-18 13:08:21 -05:00
Github Actions
02ef4e72de Bumped Desktop client to 2025.11.2 2025-11-18 17:54:35 +00:00
Jason Ng
fd1155ae58 [PM-27103] Add URL Check to Send (#17056) 
* add dangerousPatters check to api service
 2025-11-18 12:38:18 -05:00
bw-ghapp[bot]
bbb42d9b17 Autosync the updated translations (#17461) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2025-11-18 18:36:24 +01:00
bw-ghapp[bot]
0d14060e9d Autosync the updated translations (#17460) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2025-11-18 18:33:12 +01:00
Vince Grassia
fa563641b2 BRE-1355 - Rename Bitwarden Unified to Bitwarden Lite (#17456) 2025-11-18 12:23:39 -05:00
Daniel Riera
b1acff7f5c Pm 27900 add additional hardening in extension frame validation (#17265) 
* PM-27900 harden iframe, origin route tightening and test updates

* reduce comments to make more legible

* Removes referrer check in favor of PM-27822 #17313 bitwarden/clients@4206447cfe

* nake token optional since it is later set

* whitelist -> allowlist

* improve notes on unsafe

* improve content handler notes

* order allowlist

* improve jsdoc on ismessagefromextension method

* cover additional test cases

* rename verifytoken and document more clear, update referrer

---------

Co-authored-by: Miles Blackwood <mrobinson@bitwarden.com>
 2025-11-18 12:22:13 -05:00
renovate[bot]
3b84da60ca [deps] Platform: Update @types/chrome to v0.1.27 (#17453) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-18 17:01:53 +00:00
renovate[bot]
82a0b3aa70 [deps] Platform: Update semver to v7.7.3 (#17457) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
 2025-11-18 17:48:52 +01:00
renovate[bot]
60977b0277 [deps] Platform: Update electron-log to v5.4.3 (#17455) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-18 17:46:55 +01:00
renovate[bot]
9d15ae80ca [deps] Tools: Update @types/papaparse to v5.5.0 (#17454) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-18 10:30:27 -06:00
Vicki League
96ffb56771 [CL-928] Set link component to semibold weight (#17395) 2025-11-18 11:25:48 -05:00
Leslie Tilton
20d44b5136 [PM-27739] Fix bug for icons not showing on application tables (#17373) 
* Added function to get a cipher icon for application tables. Update all application component to use signal properties

* Fix type

* Handle no ciphers on application
 2025-11-18 09:03:05 -06:00
renovate[bot]
bd2f6e7566 [deps]: Update anchore/scan-action action to v7 (#16635) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-18 15:49:45 +01:00
renovate[bot]
2bf734bd43 [deps] Platform: Update @types/node to v22.19.1 (#17448) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-11-18 08:48:29 -06:00
Oscar Hinton
9efc31534b [PM-28231] Enable component-class-suffix (#17384) 
* Enable component-class-suffix

* Rename file
 2025-11-18 13:26:38 +01:00
Maximilian Power
8f04f25818 Fix Firefox phishing blocker continue button by awaiting tab navigation promises (#17436) 2025-11-18 09:37:31 +01:00
aj-bw
413a024e61 removal of freebsd build, upload, release and other references (#17354) 2025-11-17 16:33:12 -05:00
Jordan Aasen
670f3514ba [PM-23384] - Browser extension spotlight directing to Premium signup in web (#17343) 
* premium upgrade nudge

* add specs

* clean up vault template and specs

* fix date comparison. add more specs for date

* fix spec

* fix specs

* make prop private
 2025-11-17 12:36:37 -08:00
Nick Krantz
610537535a persist archive date when cloning a cipher (#16986) 2025-11-17 14:14:03 -06:00
SmithThe4th
de17b33dd5 handle empty strings in identity view for sdk cipher encryption (#17423) 2025-11-17 15:10:50 -05:00
Maximilian Power
4e2d8988f2 Update at-risk cards with accessibility improvements (#17427) 2025-11-17 11:08:15 -08:00
Github Actions
b296750bcb Bumped client version(s) 2025-11-17 19:07:49 +00:00
Vince Grassia
1fa10f24f7 Fix beta artifact name (#17425) 2025-11-17 17:31:54 +00:00
Maximilian Power
16e4eb1dd0 updates strings (#17422) 
* updated strings
 2025-11-17 17:50:39 +01:00
neuronull
a2abbd09bf Desktop Native compile debug builds with debug log level (#17357) 
* Desktop Native compile debug builds with debug log level

* typo in code comment
 2025-11-17 09:14:50 -07:00
Matt Gibson
c67715ea29 [PM-28038][PM-28276] Ignore url case for origin matching (#17355) 
* ignore url case for origin matching

* Fixup typo

* Inject log services
 2025-11-17 07:37:36 -08:00
Alex Dragovich
a4d773537e [PM-27465] Fixing cancel button on Send and Vault export (#17138) 2025-11-14 16:07:10 -08:00
Jared Snider
9cd73b8738 Auth/PM-22661 - SendTokenService - improve expired token scenario docs on abstraction (#17371) 
* PM-22661 - SendTokenService - improve expired token scenario docs on abstraction

* PM-22661 - SendTokenService - further clarification
 2025-11-14 16:28:05 -05:00
Jason Ng
8a3f1ee1a4 [PM-26687] send skeleton (#17333) 
* adding skeleton to send
 2025-11-14 16:16:08 -05:00