bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-02-18 10:23:52 +00:00
Code Issues Releases Wiki Activity
20,001 Commits 1,349 Branches 583 Tags
b22c8c27081e34afa4e703e159f7764363ae797d
Commit Graph

5823 Commits

Author SHA1 Message Date
Brandon Treston
b22c8c2708 fix copy (#17504) 2026-02-17 09:24:13 -08:00
Kyle Spearrin
4032301eb8 [PM-27766] Add policy for blocking account creation from claimed domains (#17211) 
* Added policy for blocking account creation for claimed domains.

* add feature flag

* fix desc

* learn more link

* fix localization key to learnMore

* onpush change detection
 2026-02-17 09:24:13 -08:00
Nick Krantz
69a4740c2f [PM-26688][PM-27710] Delay skeletons from showing + search (#17394) 
* add custom operator for loading skeleton delays

* add `isCipherSearching$` observable to search service

* prevent vault skeleton from showing immediately

* add skeleton for search + delay to sends

* update fade-in-out component selector

* add fade-in-out component for generic use

* address memory leak by using defer to encapsulate `skeletonShownAt`

* add missing provider
 2026-02-17 09:24:13 -08:00
Bernd Schoolmann
7a8c9827a2 Fix desktop not launching (#17485) 2026-02-17 09:24:13 -08:00
Jonathan Prusik
c6ec5b955f [PM-27797] Prevent host page manipulation of inline menu popover attribute (#17400) 
* turn off inline experience if host page aggressively competes for top of top-layer

* add alert message for top-layer hijack scenarios

* widen the backoff threshold

* refactor backoff logic to include popover attribute mutations

* improve getPageIsOpaque check

* do not attempt inline menu insertion if it has been disabled for security concerns

* fix typo

* cleanup

* add tests
 2026-02-17 09:24:12 -08:00
Andy Pixley
c08469d142 [BRE-1303] Providing method for pinning Chrome extension ID for dev (#17432) 2026-02-17 09:24:12 -08:00
Addison Beck
74d3675360 fix: add world: MAIN to Firefox page script registration (#17466) 
* chore: update @types/firefox-webext-browser

* fix: add world: MAIN to Firefox page script registration

* review: add world property to registration type
 2026-02-17 09:24:12 -08:00
Addison Beck
42e58f81e3 fix: enable dynamic URLs for Chrome web accessible resources (#17429) 
This commit adds use_dynamic_url: true to the extension's web_accessible_resources configuration. When enabled, Chrome generates random session-based GUIDs for extension resource URLs instead of using the predictable static extension ID. This enhances privacy by making extension resource URLs unpredictable and prevents third-party enumeration of installed extensions.

The feature is supported in Chrome 102+ and changes resource URLs from chrome-extension://[static-id]/resource to chrome-extension://[random-guid]/resource, with GUIDs regenerating each browser session while maintaining all existing extension functionality.

Addresses: https://bitwarden.atlassian.net/browse/PM-28344
 2026-02-17 09:24:12 -08:00
Alex Morask
c8dfc70999 [PM-27925] Refactor StripeService to allow more than one instance (#17467) 
* Refactor StripeService to allow more than one instance per scope

* Fix linting issue

* Claude's feedback
 2026-02-17 09:24:11 -08:00
Brandon Treston
5659947475 fix error in console (#17468) 2026-02-17 09:24:11 -08:00
bw-ghapp[bot]
946c363891 Autosync the updated translations (#17462) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:24:10 -08:00
neuronull
cb46365a05 Align Desktop Native's Rust CI checks with SDK (#17261) 
* clean crate deps

* update lint workflow

* add rustfmt.toml

* apply rust fmt

* missed one

* fix lint of lint lol

* more deps platform fixes

* fix macos_provider

* some more deps clean

* more cleanup

* add --all-targets

* remove another unused dep

* generate index.d.ts

* fix whitespace

* fix split comment in biometric

* formatting comment in biometric_v2

* apply fmt
 2026-02-17 09:24:10 -08:00
Github Actions
6c781e3259 Bumped client version(s) 2026-02-17 09:24:09 -08:00
Jonathan Prusik
28c48939d9 [PM-27915] Add additional global styling collision defenses for pseudo-elements (#17340) 
* add additional global styling collision defenses for pseudo-elements

* move internal stylesheet into closed shadow root
 2026-02-17 09:24:07 -08:00
Will Martin
86c9554ac8 [PM-28071] add prod test domain for phishing detection (#17450) 2026-02-17 09:24:07 -08:00
Github Actions
ed71d60b8e Bumped Desktop client to 2025.11.2 2026-02-17 09:24:07 -08:00
bw-ghapp[bot]
b1206b84e1 Autosync the updated translations (#17461) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:24:06 -08:00
bw-ghapp[bot]
ec4d29f692 Autosync the updated translations (#17460) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:24:06 -08:00
Daniel Riera
2ac4f32ce5 Pm 27900 add additional hardening in extension frame validation (#17265) 
* PM-27900 harden iframe, origin route tightening and test updates

* reduce comments to make more legible

* Removes referrer check in favor of PM-27822 #17313 bitwarden/clients@4206447cfe

* nake token optional since it is later set

* whitelist -> allowlist

* improve notes on unsafe

* improve content handler notes

* order allowlist

* improve jsdoc on ismessagefromextension method

* cover additional test cases

* rename verifytoken and document more clear, update referrer

---------

Co-authored-by: Miles Blackwood <mrobinson@bitwarden.com>
 2026-02-17 09:24:06 -08:00
renovate[bot]
df0e683a11 [deps] Platform: Update semver to v7.7.3 (#17457) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
 2026-02-17 09:24:05 -08:00
renovate[bot]
1bfec5595e [deps] Platform: Update @types/node to v22.19.1 (#17448) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-02-17 09:24:03 -08:00
Oscar Hinton
f232192ad2 [PM-28231] Enable component-class-suffix (#17384) 
* Enable component-class-suffix

* Rename file
 2026-02-17 09:24:03 -08:00
Maximilian Power
8962c466a8 Fix Firefox phishing blocker continue button by awaiting tab navigation promises (#17436) 2026-02-17 09:24:03 -08:00
aj-bw
a279b0d4bf removal of freebsd build, upload, release and other references (#17354) 2026-02-17 09:24:02 -08:00
Jordan Aasen
1d46719282 [PM-23384] - Browser extension spotlight directing to Premium signup in web (#17343) 
* premium upgrade nudge

* add specs

* clean up vault template and specs

* fix date comparison. add more specs for date

* fix spec

* fix specs

* make prop private
 2026-02-17 09:24:02 -08:00
Github Actions
9f4f23b601 Bumped client version(s) 2026-02-17 09:24:00 -08:00
Maximilian Power
30a09ee104 updates strings (#17422) 
* updated strings
 2026-02-17 09:24:00 -08:00
neuronull
cc30a9b912 Desktop Native compile debug builds with debug log level (#17357) 
* Desktop Native compile debug builds with debug log level

* typo in code comment
 2026-02-17 09:23:59 -08:00
Matt Gibson
d337de83ad [PM-28038][PM-28276] Ignore url case for origin matching (#17355) 
* ignore url case for origin matching

* Fixup typo

* Inject log services
 2026-02-17 09:23:59 -08:00
Alex Dragovich
a50a79e257 [PM-27465] Fixing cancel button on Send and Vault export (#17138) 2026-02-17 09:23:59 -08:00
Jason Ng
0d2d8c3a2a [PM-26687] send skeleton (#17333) 
* adding skeleton to send
 2026-02-17 09:23:58 -08:00
Daniel Riera
91e08139dd [PM-4903] - If you back out of autofill flow from locked vault screen, credentials autofilled on normal unlock (#17283) 
* PM-4903- added a check for auth status and popout tabs, if no popup tab and auth is locked, abandon autofill

* add test

* clear all notifications if unlock popout closed

* add more tests and use tabid for performance optimization
 2026-02-17 09:23:58 -08:00
Addison Beck
f63e01fb92 fix(desktop): persist zoom state across vault locks (#17217) 
* fix(desktop): persist zoom state across vault locks

Replace role-based zoom menu items with custom click handlers to fix
zoom persistence issue where keyboard shortcuts (Ctrl+/-/0, Cmd+/-/0)
weren't saving zoom changes after vault lock.

Changes:
- Add custom click handlers for zoomIn/zoomOut/resetZoom menu items
- Add WindowMain.saveZoomFactor() method for immediate persistence
- Pass WindowMain dependency to ViewMenu constructor
- Update zoom-changed event comment to clarify coverage
- Maintain existing mouse wheel zoom persistence via zoom-changed event

Fixes: PM-791
Fixes: https://github.com/bitwarden/clients/issues/4675

* chore: update to macos-15 runners

* review: downgrade macos build runner to 14

* review: align step with min zoom level

* cleanup from merge
 2026-02-17 09:23:57 -08:00
Brandon Treston
f9b7763d6d [PM-28216] Add org ability check for one time dialog (#17372) 
* add org ability check for one time dialog

* exclude providers (cautionary step) and add tests
 2026-02-17 09:23:57 -08:00
bw-ghapp[bot]
92b852b299 Autosync the updated translations (#17378) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
 2026-02-17 09:23:56 -08:00
bw-ghapp[bot]
73d63aa824 Autosync the updated translations (#17377) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:23:55 -08:00
bw-ghapp[bot]
0777e183cc Autosync the updated translations (#17379) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:23:55 -08:00
Andreas Coroiu
73bc7bb76b [PM-18046] Implement session storage (#17346) 
* feat: add support for IPC client managed session storage

* feat: update SDK

* fix: using undecorated service in jslib module directly

* feat: add test case for web

* chore: document why we use any type

* fix: `ipc` too short

* typo: omg

* Revert "typo: omg"

This reverts commit 559b05eb5a.

* Revert "fix: `ipc` too short"

This reverts commit 35fc99e10b.

* fix: use camelCase
 2026-02-17 09:23:54 -08:00
Mark Youssef
b7c8469256 [CL-672] update mobile design of dialog (#14828) 
---------

Co-authored-by: Vicki League <vleague@bitwarden.com>
 2026-02-17 09:23:54 -08:00
Oscar Hinton
a4d9f6ec66 [CL-738] Migrate disclosure component (#17206) 2026-02-17 09:23:53 -08:00
Github Actions
93698e0b69 Bumped Desktop client to 2025.11.1 2026-02-17 09:23:53 -08:00
Daniel James Smith
b05f125d1c [PM-26162] [Chromium importer] Add fallback name in case empty when loading browser profiles (#16664) 
* Added a fallback to use a browser profile folder-name in case the name of the profile is empty
 2026-02-17 09:23:52 -08:00
Thomas Avery
8a7bfefad3 [PM-26498] Add proofOfDecryption method to MasterPasswordUnlockService (#17322) 
* Add proofOfDecryption method to MasterPasswordUnlockService
 2026-02-17 09:23:52 -08:00
Alex Morask
7076eb1f11 [PM-28173] Only send 1 seat in Families tax calculation (#17368) 
* Fix family seat count in calculation

* Fix test
 2026-02-17 09:23:51 -08:00
Jordan Aasen
1f5da3499d [PM-27661] - Multiple URIs - Add a Collapse Button after clicking View All for Saved Websites (#17352) 
* use signals. add toggleable list view.

* use @for. remove redundant if statement

* fix template variable name

* clean up test setup

* Update apps/browser/src/vault/popup/components/vault-v2/autofill-confirmation-dialog/autofill-confirmation-dialog.component.spec.ts

Co-authored-by: Nik Gilmore <ngilmore@bitwarden.com>

---------

Co-authored-by: Nik Gilmore <ngilmore@bitwarden.com>
 2026-02-17 09:23:51 -08:00
Leslie Tilton
51e7b0a0ea [PM-27933] Skip assign tasks view if no critical applications are selected (#17351) 
* Fix reviews not saving in new applications review. Skip assign page if no at risk passwords are to be assigned. Fix bug in password change widget

* Claude comment improvements
 2026-02-17 09:23:50 -08:00
renovate[bot]
91046a04b0 [deps] Platform: Update Rust crate typenum to v1.19.0 (#16845) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
 2026-02-17 09:23:50 -08:00
Thomas Avery
27b7372553 [PM-24107] Migrate KM's usage of getUserKey from the key service (#17117) 
* Remove internal use of getUserKey in the key service

* Move ownership of RotateableKeySet and remove usage of getUserKey

* Add input validation to createKeySet
 2026-02-17 09:23:50 -08:00
Daniel Riera
afcbed8a81 [PM-26916] inline menu not autofilling email field for oatsovernight.com (#17182) 
* PM-26916 utilize opid on focused fields as first validation in order to avoid erroneously filling other similar fields

* extract logic to helper and take totp and multiple forms into account

* run prettier

* avoid filling with opid if already filled

* clean up comments and avoid early return so all fields are scanned

* add tests
 2026-02-17 09:23:49 -08:00
Jeffrey Holland
bb570c54f8 Display autofill overlay for zoom.us signin password (#16900) 2026-02-17 09:23:49 -08:00