* ci: add SDK breaking change detection workflow
Introduces GitHub Actions workflow that detects TypeScript breaking changes when SDK artifacts are updated. Workflow is triggered via repository_dispatch from SDK repository and runs npm test:types with newly built SDK artifacts.
The workflow downloads SDK build artifacts, installs them locally, and executes the existing TypeScript type checking process. Exit codes determine success/failure for SDK repository monitoring via gh run watch.
Addresses issue where breaking changes in SDK are discovered only when clients attempt SDK version updates, rather than during SDK development.
* review: add input validation for client payload fields
Add validation step early in the workflow to check for required
client_payload fields and prevent failures from malformed payloads.
This improvement was requested during code review to provide better
error handling and debugging information when the SDK workflow sends
incomplete data.
Validates SOURCE_REPO, SDK_VERSION, ARTIFACTS_RUN_ID, and ARTIFACT_NAME
before proceeding with artifact download and type checking.
* review: update action versions to match repository standards
Update GitHub Actions to consistent versions used across the clients
repository for better security and compatibility. This change was
requested during code review to align with existing patterns.
- actions/checkout: v4.2.2 → v5.0.0 with specific SHA hash
- actions/setup-node: v4.2.0 → v5.0.0 with specific SHA hash
- actions/create-github-app-token: v2.1.1 → v2.0.3 with specific SHA hash
Uses specific SHA hashes for all actions following repository security standards.
* review: add timeout to type checking command for faster failure detection
Wrap npm run test:types with 10-minute timeout to provide faster feedback
when type checking hangs and more predictable workflow behavior. This
improvement was requested during code review to prevent workflows from
running until the 15-minute job timeout.
Provides clearer indication when type checking itself fails versus other
workflow issues, improving debugging experience for developers.
* review: use CLIENT_LABEL environment variable in logging and output
Add CLIENT_LABEL to log messages and GitHub Step Summary output for
better traceability and debugging. This change
was requested during
code review to make use of the defined CLIENT_LABEL environment
variable that was previously unused.
Improves workflow output clarity by showing which client type
(typescript, mobile, etc.) is being processed.
* review: add retry logic for npm ci command to handle network issues
Implement shell-based retry logic (3 attempts with 5-second delays) for
npm ci command to handle temporary network issues without adding external
dependencies. This improvement was requested during code review to make
the workflow more resilient to transient failures.
Continues with existing npm install approach while adding robustness
for dependency installation in GitHub Actions environment.
* review: improve shell script variable quoting for better practices
Update shell script to use proper variable quoting syntax throughout
(${VARIABLE} instead of $VARIABLE) for better shell scripting practices
and consistency. This change was requested during code review to follow
shell scripting best practices.
While this won't cause problems in practice, it prevents potential
word splitting issues and improves code maintainability.
* review: add back logging out of Azure
* review: adjust logic of retries for npm ci
* review: quote some strings
* review: add error catching around npm i
* review: remove unnecessary cleanup step
* review: use npm link and bitwarden/gh-actions/download-artifacts
* review: add underscores to job level env vars
* 🎨 fix artipacked zizmor issue and improved actionlint formatting
---------
Co-authored-by: Matt Andreko <mandreko@bitwarden.com>
* Session timeout policy
* default "custom" is 8 hours, validation fixes
* ownership update
* default max allowed timeout is not selected
* adjusting defaults, fixing backwards compatibility, skip type confirmation dialog when switching between the never and on system lock
* unit test coverage
* wording update, custom hours, minutes jumping on errors
* wording update
* wrong session timeout action dropdown label
* show dialog as valid when opened first time, use @for loop, use controls instead of get
* dialog static opener
* easier to understand type value listener
* unit tests
* explicit maximum allowed timeout required error
* eslint revert
* feat: add commercial sdk as optional dependency
* feat: add alias to CLI
* feat: add alias to browser
* feat: add alias to web
* fix: revert optional - we cant omit optional dependencies or the builds break
* feat: remove commercial package from browser build
* feat: remove commercial package from cli build
* feat: remove commercial package from web build
* chore: add commercial sdk to renovate
* fix: windows cli workflow
* fix: accidental change
* feat: add lint for version string
* undo weird merge changes
* Extract windows biometrics v2 changes
Co-authored-by: Bernd Schoolmann <mail@quexten.com>
* Address some code review feedback
* cargo fmt
* rely on zeroizing allocator
* Handle TDE edge cases
* Update windows default
* Make windows rust code async and fix restoring focus freezes
* fix formatting
* cleanup native logging
* Add unit test coverage
* Add missing logic to edge case for PIN disable.
* Address code review feedback
* fix test
* code review changes
* fix clippy warning
* Swap to unimplemented on each method
* Implement encrypted memory store
* Make dpapi secure key container pub(super)
* Add comments on sync and send
* Clean up comments
* Clean up
* Fix build
* Add logging and update codeowners
* Run cargo fmt
* Clean up doc
* fix unit tests
* Update apps/desktop/desktop_native/core/src/secure_memory/secure_key/mod.rs
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Handle tampering with re-key and log
* Add docs
* Fix windows build
* Prevent rust flycheck log from being commited to git
* Undo feature flag change
* Add env var override and docs
* Add deps to km owership
---------
Co-authored-by: Thomas Avery <tavery@bitwarden.com>
Co-authored-by: Thomas Avery <43214426+Thomas-Avery@users.noreply.github.com>
* Fix false positive CI check for index.d.ts generation
* use event
* lint: use env var
* use sha not ref
* only run in one platform
* simplify
* one platform
* ci: add experimental Nx affected workflow
Adds .github/workflows/nx.yml to run \`nx affected\` on pull requests,
testing only changed libraries for build, lint, and test targets.
This prevents regressions of the library configuration issues discovered
in the systematic Nx library audit and ensures proper library builds in CI.
Features:
- Uses nrwl/nx-set-shas for accurate affected project detection
- Tests build, lint, and test targets
- Runs on PR open/synchronize events
- Helps catch package.json path bugs before merge
* review: get node version from .nvmrc
* encode username for uri and add spec
* verify response from getHibpBreach method
* test/validate for BreachAccountResponse type and length instead of mock response
* - extract dirt api method out of global api service
- create new directory structure
- change imports accordingly
- extract breach account response
- put extracted code into new dirt dir
* codeowners and dep injection for new hibp service
* Add PhishingDetectionService
* Add a tab listener.
* Get the known phishing domain from the server
* Get the known phishing domain from the server
* Add phishing detection content script.
* Revert "Add phishing detection content script."
This reverts commit ce64d3435a.
* Fix conflicts
* Add build configs.
* Decouple the phishing detection content script logic from the rest of the app.
* move the call to background
* Add communication between the content script and background service.
* Update code to use Log service.
* Resolve conflict
* Add changes for phishing domain report
* Fix initializer order issue.
* Fix domain error.
* Account for no responses.
* Add exit functionality for onclick.
* Wrapped phishing detection feature behind feature flag (#13915)
* push changes for alert
* Removed browser logic for checking feature flag
* move the alert as dialog
* Add functionality to navigate back in history.
* [PM-19814] Add redirect to warning page when a phishing domain is detected.
* [PM-19814] Add the phishing warning page to the Angular popup.
* [PM-19814] Add functionality to display phishing host.
* [PM-19814] Add exit button and learn more link.
* [PM-19814] Add phishing detection feature flag.
* [PM-19814] Move phishing service to phishing directory
* [PM-19814] Add UI to display phishing URL.
* [PM-19814] Disable the URL input and populate it with the phishing URL.
* [PM-19814] Add phishing icon
* [PM-19814] Temporarily remove phishing reporting feature. It can be released separately in another ticket.
* [PM-19814] Clean up
* [PM-19814] Add types to the handlers.
* [PM-19814] Remove logic for handling authentication since the endpoint will be unauthenticated.
* [PM-19814] Fixed as many type issues as possible; added @ts-strict-ignore to the remaining ones.
* [PM-19814] Fix race condition in feature flag check.
* [PM-19814] Update wording for the marketing request.
* [PM-19814] Move phishing detection check from content script to webRequest.onCompleted listener.
* [PM-19814] Use webNavigation.onCompleted for redirect to ensure that the redirect only happens when they land on the page.
* [PM-19814] Remove unused code.
* [PM-19814] Fix merge conflict and update text based on product owner’s request
* [PM-19814] Fix merge conflict
* [PM-19814] Update text
* Resolve the message catalog entries
* Update file for consistent import and exports
* Update imports
* Update another import for BrowserPopupUtils
* Update the rest of the imports for BrowserPopupUtils
* Updates messages
* Rename files
* Current phishing block changes
* Use globalthis for chrome
* Add types file
* Update browser api to include tab navigation and close tab functions
* Update phishing detection to track multiple tabs and not trust info from content script
* Change chrome to browser.
* Fixed phishing detection checking previous url instead of current on navigation. Updated def flag for testing urls.
* Move phishing icon
* Fix chrome specific issues. Add comments to where BrowserApi should be used
* Fix command errors. Typecheck messages. Added guard for phishing detection messages
* Use concat map instead of merge map
* Unformat webfonts.scss file
* Fix lint and import errors
* Move phishing blocker files to dirt folder
* Rename background folder to services
* Add code ownership for phishing blocker
* Update text to use locales on phishing blocker learn more page
* Change navigation from using webapi to browser on updated event for safari support
* Update icon usage
* Fix type issues and add test file
* Fix linting error in test
---------
Co-authored-by: Jimmy Vo <huynhmaivo82@gmail.com>
Co-authored-by: Cy Okeke <cokeke@bitwarden.com>
Co-authored-by: Conner Turnbull <133619638+cturnbull-bitwarden@users.noreply.github.com>
Co-authored-by: Conner Turnbull <cturnbull@bitwarden.com>
Co-authored-by: cyprain-okeke <108260115+cyprain-okeke@users.noreply.github.com>
Co-authored-by: Tom <144813356+ttalty@users.noreply.github.com>
This change eliminates the circular dependency between messaging and messaging-internal libraries by merging them into a single messaging library.
Previously, messaging-internal imported from @bitwarden/messaging while messaging tried to import from @bitwarden/messaging-internal, creating an unresolvable circular dependency. This also violated Nx best practices by using cross-library file includes in tsconfig.lib.json.
Changes made:
- Moved all messaging-internal code (SubjectMessageSender, helpers, tests) into libs/messaging/src/
- Updated all imports to use relative paths instead of @bitwarden/messaging imports
- Removed the entire messaging-internal library and its configuration files
- Updated external references in apps/browser to import from @bitwarden/messaging
- Fixed libs/messaging/tsconfig.lib.json to use standard src/**/*.ts pattern
- Updated libs/common internal.ts to re-export from messaging instead of messaging-internal
The messaging library now exports both public APIs and internal implementations, which is a cleaner architecture than maintaining two separate libraries with circular dependencies.
Fixes rootDir configuration issues identified in the Nx library systematic fix project.
* create the pricing library
* Create pricing-card.component
* Refactor the code
* feat: Add pricing card component library
* Fix the test failing error
* Address billing pr comments
* feat: Add Storybook documentation and stories for pricing-card component
* Fix some ui feedback
* Changes from the display and sizes
* feat(billing): refactor pricing card with flexible title slots and active badge
* Enhance pricing card with flexible design and button icons
* refactor: organize pricing card files into dedicated folder
* Complete pricing card enhancements with Chromatic feedback fixes
* refactor base on pr coments
* Fix the button alignment
* Update all the card to have the same height
* Fix the slot issue on the title
* Fix the Lint format issue
* Add the header in the stories book
