* Move clearCache calls before SDK calls, to prevent race conditions from firing.
* Swap calls to clearCache and restoreWithServer/restoreManyWithServer to fix race condition
* update responsive behavior of three panel layout; give sidenav extra top padding on electron; add stories that show mix of drawer and sidenav states
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* PM-31804 - WIP
* PM-31804 - Profile Component - fix missing translation
* PM-31804 - Web - Emergency Access Takeover Dialog Comp - remove screen reader only span as arialabel on spinner should be sufficient
* PM-31804 - Web - EmergencyAccessViewComp - remove redundant span as aria label handles accessibility.
* PM-31804 - Web - EmergencyAccessViewComp - Remove redundant sr only span - replaced w/ aria label
* PM-31804 - Web - EmergencyAccessViewComp - Remove redundant sr only span - replaced w/ aria label
* PM-31804 - EmergencyAccessComp - Replace redundant sr only span with aria label
* PM-31804 - two-factor-setup.component.html - Replace redundant sr only spans with aria labels
* PM-31804 - WebauthnLoginSettingsModule - remove unnecessary IconModule - it's imported via SharedModule
* PM-31804 - web - emergency-access.component.html - Replace redundant sr only span with aria label
* PM-31804 - LoginDecryptionOptionsComponent - Replace redundant sr only span with aria label
* PM-31804 - ChangePasswordComp - Replace redundant sr only span with aria label
* PM-31804 - AccountComponent - add BitwardenIcon type to satisfy template type requirements for name property.
* PM-31804 - Browser Account Security Component - replace nonexistent chevron icon with existing angle right icon.
* PM-31804 - Fix A11y issues with missing aria labels
* PM-31804 - Remove remaining redundant sr only spans since we now have aria labels
* adds autofill button for cipher view
* adds tests
* changes autofill function for non login types
* adds top margin to autofill button
* adds more top margin to autofill button
* only shows autofill button when autofill is allowed (not in a popout)
* add button type
* updates _domainMatched to take a tab param, updates how the component is passed through to slot
* fixes tests from rename
* adds comment about autofill tab checking behavior
* removes diff markers
* add welcome prompt when extension is not installed
* add feature flag
* move prompt logic to internal service and add day prompt
* rename dialog component
* remove feature flag hardcode and add documentation
* use i18n for image alt
* move state into service
* be more explicit when the account or creation date is not available
* remove spaces
* fix types caused by introducing a numeric feature flag type
* add `typeof` for feature flag typing
* refactor(billing): remove PM-26793 feature flag from subscription pricing service
* test(billing): update subscription pricing tests for PM-26793 feature flag removal
* chore: remove PM-26793 feature flag from keys
* add notification handler for auto confirm
* add missing state check
* fix test
* isolate angular specific code from shared lib code
* clean up
* use autoconfirm method
* add event logging for auto confirm
* update copy
Adds urlOriginsMatch to @bitwarden/platform, which compares two URLs by
scheme, host, and port. Uses `protocol + "//" + host` rather than
`URL.origin` because non-special schemes (e.g. chrome-extension://)
return the opaque string "null" from .origin, making equality comparison
unreliable. URLs without a host (file:, data:) are explicitly rejected
to prevent hostless schemes from comparing equal.
Refactors senderIsInternal to delegate to urlOriginsMatch and to derive
the extension URL via BrowserApi.getRuntimeURL("") rather than inline
chrome/browser API detection. Adds full test coverage for
senderIsInternal.
The previous string-based comparison used startsWith after stripping
trailing slashes, which was safe in senderIsInternal where inputs are
tightly constrained. As a general utility accepting arbitrary URLs,
startsWith can produce false positives (e.g. "https://example.com"
matching "https://example.com.evil.com"). Structural host comparison
is the correct contract for unrestricted input.
Remove the fully-enabled feature flag and simplify the billing metadata
API to always use the vNext endpoints. The legacy API path is removed
since the server will no longer serve it.
- Remove FeatureFlag.PM25379_UseNewOrganizationMetadataStructure enum and default
- Delete legacy getOrganizationBillingMetadata() API method (old /billing/metadata path)
- Rename vNext methods to remove VNext suffix
- Simplify OrganizationMetadataService to always use cached vNext path
- Remove ConfigService dependency from OrganizationMetadataService
- Update tests to remove feature flag branching
* feat(salt-for-user) [PM-31088]: Add feature flag for saltForUser.
* feat(salt-for-user) [PM-31088]: Flag saltForUser logic to return unlockdata.salt or emailToSalt.
* test(salt-for-user) [PM-31088]: Update tests to include coverage for new behavior.
Updates the SetInitialPasswordService TDE + Permission user flow to use the new KM data types:
- `MasterPasswordAuthenticationData`
- `MasterPasswordUnlockData`
This allows us to move away from the deprecated `makeMasterKey()` method (which takes email as salt) as we seek to eventually separate the email from the salt.
The new `setInitialPasswordTdeUserWithPermission()` method essentially takes the existing deprecated `setInitialPassword()` method and:
- Removes logic that is specific to a `JIT_PROVISIONED_MP_ORG_USER` case. This way the method only handles `TDE_ORG_USER_RESET_PASSWORD_PERMISSION_REQUIRES_MP` cases.
- Updates the logic to use `MasterPasswordAuthenticationData` and `MasterPasswordUnlockData`
Behind feature flag: `pm-27086-update-authentication-apis-for-input-password`
* PM-18607 reimplemented errorOnUnknownProperties
* claude review
* claude review
---------
Co-authored-by: John Harrington <84741727+harr1424@users.noreply.github.com>
* Refactored the search index to index with the cipherlistview
* Fixed comment
* clear encrypted cipher state to prevent stale emissions during sync
* skip decrypt call when cipher arry is emoty during sync
* add notification handler for auto confirm
* add missing state check
* fix test
* isolate angular specific code from shared lib code
* clean up
* use autoconfirm method
* fix test
* Implement the required changes
* Fix the family plan creation for expired sub
* Resolve the pr comments
* resolve the resubscribe issue
* Removed redirectOnCompletion: true from the resubscribe
* Display the Change payment method dialog on the subscription page
* adjust the page reload time
* revert payment method open in subscription page
* Enable cancel premium see the subscription page
* Revert the removal of hasPremiumPersonally
* remove extra space
* Add can view subscription
* Use the canViewSubscription
* Resolve the tab default to premium
* use the subscription Instead of hasPremium
* Revert the changes on user-subscription
* Use the flag to redirect to subscription page
* revert the canViewSubscription change
* resolve the route issue with premium
* Change the path to
* Revert the previous iteration changes
* Fix the build error
* [PM-31750] Refactor members routing and user confirmation logic
* Simplified user confirmation process by removing feature flag checks.
* Updated routing to directly use the new members component without feature flagging.
* Removed deprecated members component references from routing modules.
* Cleaned up feature flag enum by removing unused entries.
* trigger claude
* [PM-31750] Refactor members component and remove deprecated files
* Renamed vNextMembersComponent to MembersComponent for consistency.
* Removed deprecated_members.component.ts and associated HTML files.
* Updated routing and references to use the new MembersComponent.
* Cleaned up related tests to reflect the component name change.
* Refactor import statements in security-tasks.service.ts for improved readability
* Update apps/web/src/app/admin-console/organizations/manage/user-confirm.component.ts
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* Remove BaseMembersComponent and related imports from the admin console, streamlining member management functionality.
* Remove unused ConfigService import from UserConfirmComponent to clean up code.
* Implement feature flag logic for user restoration in MemberDialogComponent, allowing conditional restoration based on DefaultUserCollectionRestore flag.
---------
Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* enforce strict types on folders
* fix folder api service
* fix tests
* fix test
* fix type issue
* fix test
* add extra checks for folders. add specs
* fix folder.id checks
* fix id logic
* remove unecessary check
* name name and id optional in folder model
* fix tests
* Update folder and folderview
* fix folder with id export
* fix tests
* fix tests
* more defensive typing
* fix tests
* no need to check for presence
* check for empty name in folder toDomain
* fixes to folder
* initialize id in folder constructor. fix failing tests
* remove optional param to folder constructor
* fix folder
* fix test
* remove remaining checks for null folder id
* fix logic
* pass null for empty folder ids
* make id more explicit
* fix failing test
* fix failing test
* fix "No Folder" filter
* created 'berry' component
* added 'bit-berry' to 'popup-tab-navigation'
* simplified - removed null checks
* changed 'effectiveSize' to 'computedSize'
* fixed 'accentPrimary' color
* updated to not render berry if 'count' is 0 or negative number
* simplified checking count undefined
* updated computed padding
* switched from `[ngClass]` to `[class]`
* updated 'popup-tab-navigation' berry to use 'danger' variant
* fixed berry positioning in popup-tab-navigation
* updated content logic
* cleanup unused 'ngClass'
* updated conditional rendering of berry
* updated story 'Usage'
* updates with adding berry 'type'
* added type "status" to popup-tab-navigation
* fixed type error
* updated 'Count Behavior' description
