bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-02-18 10:23:52 +00:00
Code Issues Releases Wiki Activity
20,023 Commits 1,349 Branches 583 Tags
b5e724548b20bd50c98e8bb6b5fef9a4a7f328f3
Commit Graph

20023 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Krantz
b5e724548b [PM-24505] Manually open extension error message (#17116) 
* update manual open message to be more generic to cover more scenarios

* update error state when attempting to open the extension via button press
 2026-02-17 09:24:19 -08:00
renovate[bot]
09fbabcc6c [deps] Vault: Update koa to v2.16.3 [SECURITY] (#17514) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-02-17 09:24:19 -08:00
Daniel Riera
c3dd485eaf [PM-28516] Inline menu is not working in main (#17524) 
* PM-28516 alidate iframe and stylesheet URLs against their own origins to handle
cases where chrome assigns different extension ids in different contexts

* switch to regex to match exisiting match pattern

* updated regex to account for safari
 2026-02-17 09:24:19 -08:00
Oscar Hinton
e1cf72ea5c Add clap and async-trait as tool owned dependencies (#17579) 2026-02-17 09:24:18 -08:00
Dave
fa0a26ecbb fix(two-factor) [PM-21204]: Users without premium cannot disable premium 2FA (#17134) 
* refactor(two-factor-service) [PM-21204]: Stub API methods in TwoFactorService (domain).

* refactor(two-factor-service) [PM-21204]: Build out stubs and add documentation.

* refactor(two-factor-service) [PM-21204]: Update TwoFactorApiService call sites to use TwoFactorService.

* refactor(two-fatcor) [PM-21204]: Remove deprecated and unused formPromise methods.

* refactor(two-factor) [PM-21204]: Move 2FA-supporting services into common/auth/two-factor feature namespace.

* refactor(two-factor) [PM-21204]: Update imports for service/init containers.

* feat(two-factor) [PM-21204]: Add a disabling flow for Premium 2FA when enabled on a non-Premium account.

* fix(two-factor-service) [PM-21204]: Fix type-safety of module constants.

* fix(multiple) [PM-21204]: Prettier.

* fix(user-verification-dialog) [PM-21204]: Remove bodyText configuration for this use.

* fix(user-verification-dialog) [PM-21204]: Improve the error message displayed to the user.
 2026-02-17 09:24:18 -08:00
Andreas Coroiu
350cd8e910 chore: ignore commercial sdk (#17585) 2026-02-17 09:24:18 -08:00
renovate[bot]
96f69f724f [deps] Platform: Update nx monorepo to v21.6.8 (#16415) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-02-17 09:24:18 -08:00
Leslie Tilton
d187c07edf [PM-28451] Fix icons in application review table (#17512) 
* Fix icons in application review table

* Add default icon if none is found in review applications table. Move function to computed signal

* Rename function

* Remove redundant if statement
 2026-02-17 09:24:18 -08:00
renovate[bot]
a05ae283a3 [deps]: Update Rust crate cc to v1.2.46 (#17571) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
 2026-02-17 09:24:17 -08:00
renovate[bot]
ef5670fdb6 [deps] Platform: Update Rust crate libc to v0.2.177 (#17549) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
 2026-02-17 09:24:17 -08:00
renovate[bot]
21b9ac906a [deps]: Update Rust crate clap to v4.5.51 (#17572) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-02-17 09:24:17 -08:00
renovate[bot]
ade6242a47 [deps]: Update Rust crate async-trait to v0.1.89 (#17570) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-02-17 09:24:17 -08:00
renovate[bot]
b6993fe11a [PM-28558] [deps]: Update actions/upload-artifact action to v5.0.0 (#17538) 
* [deps]: Update actions/upload-artifact action to v4.6.2

* Bumping to 5.0.0. to keep all usages in sync

All other upload-artifacts actions were also bumped to 5.0.0 with https://github.com/bitwarden/clients/pull/17305

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
 2026-02-17 09:24:16 -08:00
bw-ghapp[bot]
96e87fae96 Autosync the updated translations (#17531) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:24:16 -08:00
bw-ghapp[bot]
f7772f77df Autosync the updated translations (#17530) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:24:15 -08:00
bw-ghapp[bot]
981c6dd76f Autosync the updated translations (#17529) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:24:15 -08:00
Addison Beck
927e81249a chore: create eslint rule to catch insecure page script injection (#17437) 
* chore: create eslint rule to catch insecure page script injection

* chore: ignore existing lints

* review: tighten rule scope

* review: add tests
 2026-02-17 09:24:15 -08:00
Jared Snider
85eacdacc3 PM-28506 - TwoFactorSetupYubikey - refactor yubikey form to be rows with 1 field per row to allow remove button to be visible again. (#17519) 2026-02-17 09:24:15 -08:00
Vijay Oommen
2516a1e4af [PM-27287] Items in My Items should show in Inactive 2FA report (#17434) 2026-02-17 09:24:14 -08:00
Stephon Brown
fb753ac9e6 [PM-26044] Update Offboarding Survey for User and Organization (#17472) 
* feat(billing): update messages to add reasons

* feat(billing): update survey with switching reason based on param

* fix(billing): revert value of switching reasons

* fix(billing): revert removal of tooExpensive message

* fix(billing): Add plan type to params and update switching logic

* fix(billing): update to include logic

* fix(billing): PR feedback
 2026-02-17 09:24:14 -08:00
renovate[bot]
62d981821d [deps] Vault: Update koa to v2.16.2 [SECURITY] (#15807) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Matt Andreko <mandreko@bitwarden.com>
 2026-02-17 09:24:14 -08:00
Jeffrey Holland
0c8bb46b44 Autofill/pm 25597 plex password generation (#16997) 
* Correctly fill generated passwords and current password on plex.tv

* Correctly fill generated passwords and current password on plex.tv

* Leave existing forEach

* Add tests for changes
 2026-02-17 09:24:14 -08:00
Brandon Treston
b22c8c2708 fix copy (#17504) 2026-02-17 09:24:13 -08:00
Kyle Spearrin
4032301eb8 [PM-27766] Add policy for blocking account creation from claimed domains (#17211) 
* Added policy for blocking account creation for claimed domains.

* add feature flag

* fix desc

* learn more link

* fix localization key to learnMore

* onpush change detection
 2026-02-17 09:24:13 -08:00
Nick Krantz
69a4740c2f [PM-26688][PM-27710] Delay skeletons from showing + search (#17394) 
* add custom operator for loading skeleton delays

* add `isCipherSearching$` observable to search service

* prevent vault skeleton from showing immediately

* add skeleton for search + delay to sends

* update fade-in-out component selector

* add fade-in-out component for generic use

* address memory leak by using defer to encapsulate `skeletonShownAt`

* add missing provider
 2026-02-17 09:24:13 -08:00
rr-bw
dedbe3cb2c feat(marketing-initiated-premium): Auth [PM-27542] Write fromMarketing value to state (#17470) 2026-02-17 09:24:13 -08:00
Bernd Schoolmann
7a8c9827a2 Fix desktop not launching (#17485) 2026-02-17 09:24:13 -08:00
Jonathan Prusik
c6ec5b955f [PM-27797] Prevent host page manipulation of inline menu popover attribute (#17400) 
* turn off inline experience if host page aggressively competes for top of top-layer

* add alert message for top-layer hijack scenarios

* widen the backoff threshold

* refactor backoff logic to include popover attribute mutations

* improve getPageIsOpaque check

* do not attempt inline menu insertion if it has been disabled for security concerns

* fix typo

* cleanup

* add tests
 2026-02-17 09:24:12 -08:00
Andy Pixley
c08469d142 [BRE-1303] Providing method for pinning Chrome extension ID for dev (#17432) 2026-02-17 09:24:12 -08:00
Addison Beck
74d3675360 fix: add world: MAIN to Firefox page script registration (#17466) 
* chore: update @types/firefox-webext-browser

* fix: add world: MAIN to Firefox page script registration

* review: add world property to registration type
 2026-02-17 09:24:12 -08:00
Addison Beck
42e58f81e3 fix: enable dynamic URLs for Chrome web accessible resources (#17429) 
This commit adds use_dynamic_url: true to the extension's web_accessible_resources configuration. When enabled, Chrome generates random session-based GUIDs for extension resource URLs instead of using the predictable static extension ID. This enhances privacy by making extension resource URLs unpredictable and prevents third-party enumeration of installed extensions.

The feature is supported in Chrome 102+ and changes resource URLs from chrome-extension://[static-id]/resource to chrome-extension://[random-guid]/resource, with GUIDs regenerating each browser session while maintaining all existing extension functionality.

Addresses: https://bitwarden.atlassian.net/browse/PM-28344
 2026-02-17 09:24:12 -08:00
Matt Andreko
4e28046fc5 Workflow corrections (#17392) 
Co-authored-by: Amy Galles <9685081+AmyLGalles@users.noreply.github.com>
 2026-02-17 09:24:11 -08:00
Alex Morask
c8dfc70999 [PM-27925] Refactor StripeService to allow more than one instance (#17467) 
* Refactor StripeService to allow more than one instance per scope

* Fix linting issue

* Claude's feedback
 2026-02-17 09:24:11 -08:00
renovate[bot]
5be8295455 [deps]: Update GitHub Artifact Actions (#17305) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel James Smith <2670567+djsmith85@users.noreply.github.com>
 2026-02-17 09:24:11 -08:00
Brandon Treston
5659947475 fix error in console (#17468) 2026-02-17 09:24:11 -08:00
bw-ghapp[bot]
946c363891 Autosync the updated translations (#17462) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:24:10 -08:00
neuronull
cb46365a05 Align Desktop Native's Rust CI checks with SDK (#17261) 
* clean crate deps

* update lint workflow

* add rustfmt.toml

* apply rust fmt

* missed one

* fix lint of lint lol

* more deps platform fixes

* fix macos_provider

* some more deps clean

* more cleanup

* add --all-targets

* remove another unused dep

* generate index.d.ts

* fix whitespace

* fix split comment in biometric

* formatting comment in biometric_v2

* apply fmt
 2026-02-17 09:24:10 -08:00
renovate[bot]
1fa060c842 [deps]: Update codecov/test-results-action action to v1.1.1 (#17493) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-02-17 09:24:09 -08:00
renovate[bot]
5598b63110 [deps] Platform: Update @types/chrome to v0.1.28 (#17489) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-02-17 09:24:09 -08:00
renovate[bot]
3064a233ed [deps] Platform: Update @types/node-forge to v1.3.14 (#17490) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2026-02-17 09:24:09 -08:00
Github Actions
6c781e3259 Bumped client version(s) 2026-02-17 09:24:09 -08:00
Alex
c84d09c8b2 text and style (#17439) 2026-02-17 09:24:08 -08:00
Kyle Denney
ff24743989 [PM-28370] fix defect for self-hosted metadata (#17464) 2026-02-17 09:24:08 -08:00
gitclonebrian
cc70b18ffa [BRE-1333] Added permissions to token generation (#17471) 2026-02-17 09:24:08 -08:00
Jonathan Prusik
28c48939d9 [PM-27915] Add additional global styling collision defenses for pseudo-elements (#17340) 
* add additional global styling collision defenses for pseudo-elements

* move internal stylesheet into closed shadow root
 2026-02-17 09:24:07 -08:00
Will Martin
86c9554ac8 [PM-28071] add prod test domain for phishing detection (#17450) 2026-02-17 09:24:07 -08:00
Github Actions
ed71d60b8e Bumped Desktop client to 2025.11.2 2026-02-17 09:24:07 -08:00
Jason Ng
7447ed096c [PM-27103] Add URL Check to Send (#17056) 
* add dangerousPatters check to api service
 2026-02-17 09:24:07 -08:00
bw-ghapp[bot]
b1206b84e1 Autosync the updated translations (#17461) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:24:06 -08:00
bw-ghapp[bot]
ec4d29f692 Autosync the updated translations (#17460) 
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
 2026-02-17 09:24:06 -08:00