* bypass cipher edit permissions for individual vault
* replace bypassCipherEditPermission with form configuration mode
* allow partial edit to view cipher form
* remove old comment
* fix(billing): only show Subscription menu option when premium user has subscription
* fix(billing): missed state service invocation changes
(cherry picked from commit b964cfc8e4)
* update responsive behavior of three panel layout; give sidenav extra top padding on electron; add stories that show mix of drawer and sidenav states
---------
Co-authored-by: Will Martin <contact@willmartian.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
* Added v2 version of member access reports that aggregate data client side instead of using endpoint that times out. Added feature flag.
* Remove feature flag
* Added avatar color to the member access report
* Update icon usage
* Add story book for member access report
* Add icon module to member access report component
* Fix test case
* Update member access report service to match export of v1 version. Update test cases
* Fix billing error in member access report
* Add timeout to fetch organization ciphers
* Handle group naming
* Add cached permission text
* Add memberAccessReportLoadError message
* Fix member cipher mapping to deduplicate data in memory
* Update log
* Update storybook with deterministic data and test type
* Fix avatar color default
* Fix types
* Address timeout cleanup
(cherry picked from commit 74aec0b80c)
Biometric authentication was failing in Flatpak with the error "Unix process
subject does not have uid set". This occurred because polkit could not validate
the sandboxed PID against the host PID namespace.
Use polkit's system-bus-name subject type instead of unix-process. This allows
polkit to query D-Bus for the connection owner's host PID and credentials,
bypassing the PID namespace issue. Includes fallback to unix-process for edge
cases where D-Bus unique name is unavailable.
* adds autofill button for cipher view
* adds tests
* changes autofill function for non login types
* adds top margin to autofill button
* adds more top margin to autofill button
* only shows autofill button when autofill is allowed (not in a popout)
* add button type
* updates _domainMatched to take a tab param, updates how the component is passed through to slot
* fixes tests from rename
* adds comment about autofill tab checking behavior
* removes diff markers
* add welcome prompt when extension is not installed
* add feature flag
* move prompt logic to internal service and add day prompt
* rename dialog component
* remove feature flag hardcode and add documentation
* use i18n for image alt
* move state into service
* be more explicit when the account or creation date is not available
* remove spaces
* fix types caused by introducing a numeric feature flag type
* add `typeof` for feature flag typing
* place back button fixed at bottom right
* fix type errors
* add the new button logic to org reports also
* fix: restore keyboard focus for reports back button in CDK overlay
The CDK Overlay renders outside the cdkTrapFocus boundary, making the
floating "Back to reports" button unreachable via Tab. Add a focus bridge
element that intercepts Tab and programmatically redirects focus to the
overlay button, with a return handler to cycle focus back into the page.
* add back functionality to OTP auth flow
* respond to review comments
* hoist email value to parent component
---------
Co-authored-by: Alex Dragovich <46065570+itsadrago@users.noreply.github.com>
* add notification handler for auto confirm
* add missing state check
* fix test
* isolate angular specific code from shared lib code
* clean up
* use autoconfirm method
* add event logging for auto confirm
* update copy
Adds urlOriginsMatch to @bitwarden/platform, which compares two URLs by
scheme, host, and port. Uses `protocol + "//" + host` rather than
`URL.origin` because non-special schemes (e.g. chrome-extension://)
return the opaque string "null" from .origin, making equality comparison
unreliable. URLs without a host (file:, data:) are explicitly rejected
to prevent hostless schemes from comparing equal.
Refactors senderIsInternal to delegate to urlOriginsMatch and to derive
the extension URL via BrowserApi.getRuntimeURL("") rather than inline
chrome/browser API detection. Adds full test coverage for
senderIsInternal.
The previous string-based comparison used startsWith after stripping
trailing slashes, which was safe in senderIsInternal where inputs are
tightly constrained. As a general utility accepting arbitrary URLs,
startsWith can produce false positives (e.g. "https://example.com"
matching "https://example.com.evil.com"). Structural host comparison
is the correct contract for unrestricted input.
* shows all/filtered ciphers in allItems instead of the ones that haven't been bubbled up into autofill or favorites
* removes remainingCiphers$ remnants
* updates loading$ observable logic
* updates loading$ test
* refactor: Remove direct self-hosted org creation from OrganizationPlansComponent
* tests: Add comprehensive test suite for OrganizationPlansComponent
