* enforce session timeout policy
* better angular validation
* lint fix
* missing switch break
* fallback when timeout not supported with highest available timeout
* failing unit tests
* incorrect policy message
* vault timeout type adjustments
* fallback to "on browser refresh" for browser, when policy is set to "on system locked", but not available (Safari)
* docs, naming improvements
* fallback for current user session timeout to "on refresh", when policy is set to "on system locked", but not available.
* don't display policy message when the policy does not affect available timeout options
* 8 hours default when changing from non-numeric timeout to Custom.
* failing unit test
* missing locales, changing functions access to private, docs
* removal of redundant magic number
* missing await
* await once for available timeout options
* adjusted messaging
* unit test coverage
* vault timeout numeric module exports
* unit test coverage
* consolidated session timeout settings component
* rename preferences to appearance
* race condition bug on computed signal
* outdated header for browser
* unnecessary padding
* remove required on action, fix build
* rename localization key
* missing user id
* required
* cleanup task
* eslint fix signals rollback
* takeUntilDestroyed, null checks
* move browser specific logic outside shared component
* explicit input type
* input name
* takeUntilDestroyed, no toast
* unit tests
* cleanup
* cleanup, correct link to deprecation jira
* tech debt todo with jira
* missing web localization key when policy is on
* relative import
* extracting timeout options to component service
* duplicate localization key
* fix failing test
* subsequent timeout action selecting opening without dialog on first dialog cancellation
* default locale can be null
* unit tests failing
* rename, simplifications
* one if else feature flag
* timeout input component rendering before async pipe completion
* do not show organization error message for any invalid timeout
* use newValue rather than the current form value when early return
* add missing error message
* migrate change login password service to use bitwarden server rather than fetch directly
- avoids CSP entirely
* add `HelpUsersUpdatePasswords` policy to policy type
* add `HelpUsersUpdatePasswordsPolicy` components
* allow list description override for policy description
* add `HelpUsersUpdatePasswordsPolicy` when the feature flag is enabled
* apply `HelpUsersUpdatePasswords` to everyone in an org
* use policy to guard the well known password API
* fix tests
* refactor to use `policyAppliesToUser$`
* remove policy work for change password - this was removed from scope
* update copy for show favicon setting - it now handles both favicons and change password urls
* remove favicon setting description - no longer needed
* only call change password service when the setting is enabled
* add popover for permitting cipher details
* import permit popover directly into the settings component
* replace `nativeFetch` with `fetch`
* use string literal to construct URL rather than `URL` class
- The `getIconsUrl` can return with an appended path which the new URL constructor will strip when passed as the base parameter
* use string literal to construct URL rather than `URL` class instance (#16045)
- The `getIconsUrl` can return with an appended path which the new URL constructor will strip when passed as the base parameter
* [PM-24716] UI changes for Change URI work (#16043)
* use platform service to launch the URI
- this allows desktop to open a separate browser instance rather than use electron
* fix spacing on web app
* add bitLink for focus/hover states
* remove spacing around links
* Move pin service to km ownership
* Run format
* Eslint
* Fix tsconfig
* Fix imports and test
* Clean up imports
* Remove unused dependency on PinService
* Fix comments
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* Remove unused old vault timeout component
* Drop desktop specific vault timeout component and replace it with shared CL implementation
* Fix tests
* Fix test
* Fix build on desktop
* Fix tests
* Fix margin
* Chrome extension biometric unlock not functioning correctly with Windows Hello.
When unlocking via Windows Hello prompt, the popup have to be in the foreground. If it is not, even for short amount of time (few seconds), if later prompt confirmed, it won't return success when returning signed os key half.
* unit test coverage
* unit test coverage
* exclude test files from build
* use electron `setAlwaysOnTop` instead of toggle
* remove Windows os key half created with derive_key_material biometric function, that prompted Windows Hello.
Moves Windows hello prompt into getBiometricKey.
Witness key no longer needed.
* windows crate formatting
* remove biometric on app start for windows
* failing os biometrics windows unit tests
* cleanup of os biometrics windows unit tests
* increased coverage of os biometrics windows unit tests
* open Windows Hello prompt in the currently focused window, instead of always desktop app
* conflict resolution after merge, typescript lint issues, increased test coverage.
* backwards compatibility when require password on start was disabled
* biometric unlock cancellation and error handling
* biometric settings simplifications
* [PM-22783] Add initial feature flag and settings toggle for autotype MVP
* [PM-22783] Undo Cargo.lock changes
* [PM-22783] Disable console.log block
* [PM-22783] Lint fix
* [PM-22783] Small updates
* [PM-22783] Build fix
* [PM-22783] Use combineLatest in updating the desktop autotype service
* [PM-22783] Check if the user is on Windows
* [PM-22783] Undo access selector html change, linting keeps removing this
* [PM-22783] Fix failing test
* [PM-22783] Update autotypeEnabled to be stored in service
* [PM-22783] Add todo comments
* [PM-22783] Add SlimConfigService and MainDesktopAutotypeService
* [PM-22783] Small fixes
* move vault timeout and vault timeout settings to km
* move browser vault timeout service to km
* fix cli import
* fix imports
* fix some relative imports
* use relative imports within common
* fix imports
* fix new imports
* Fix new imports
* fix spec imports
* Remove policy with PIN in Web Vault
* Remove policy with PIN in Browser Extension
* Remove policy with PIN in Desktop
* Remove policy with PIN in Desktop
* unit tests coverage
* unit tests coverage
* unit tests coverage
* private access method error
* private access method error
* private access method error
* PM-18498: Unlock Options Padding Off When PIN Is Removed
* PM-18498: Unlock Options Padding Off When PIN Is Removed
* Use typescript-strict-plugin to iteratively turn on strict
* Add strict testing to pipeline
Can be executed locally through either `npm run test:types` for full type checking including spec files, or `npx tsc-strict` for only tsconfig.json included files.
* turn on strict for scripts directory
* Use plugin for all tsconfigs in monorepo
vscode is capable of executing tsc with plugins, but uses the most relevant tsconfig to do so. If the plugin is not a part of that config, it is skipped and developers get no feedback of strict compile time issues. These updates remedy that at the cost of slightly more complex removal of the plugin when the time comes.
* remove plugin from configs that extend one that already has it
* Update workspace settings to honor strict plugin
* Apply strict-plugin to native message test runner
* Update vscode workspace to use root tsc version
* `./node_modules/.bin/update-strict-comments` 🤖
This is a one-time operation. All future files should adhere to strict type checking.
* Add fixme to `ts-strict-ignore` comments
* `update-strict-comments` 🤖
repeated for new merge files
* Move ownership of biometrics to key-management
* Move biometrics ipc ownership to km
* Move further files to km; split off preload / ipc to km
* Fix linting
* Fix linting
* Fix tests
* Fix tests
* Update .github/CODEOWNERS
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update .github/CODEOWNERS
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Change ownership of native messaging to key-management
* Move biometrics to libs/key-management
* Add README to capital whitelist
* Update package-lock.json
* Move km to key-management
* Move km to key-management
* Fix build for cli
* Import fixes
* Apply prettier fix
* Fix test
* Import fixes
* Import fixes
* Update libs/key-management/README.md
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update libs/key-management/package.json
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
* Update lock file
* Change imports to top level km package
---------
Co-authored-by: Maciej Zieniuk <167752252+mzieniukbw@users.noreply.github.com>
