Removal of SHIFT from valid modifier keys. As it stands, we allow [SHIFT + `<a-z>`] , which would prevent users from capitalizing letters. As a result, the default shortcut has to change (because it included SHIFT). Changed to CONTROL + ALT + b
* remove feature flag from lock component
* Add missing windowHidden desktop feature
* Remove the flag from CLI unlock
* Remove the flag from enum file
* refactor(pricing): misc
- Remove unused test file
* refactor(pricing): discount-badge.component
- Introduce new Discount union type
- Introduce Maybe type helper for T | null | undefined
- Use Discount type in the discount-badge.component
- Update the user-subscription.component to pass Discount type into the discount-badge.component
- Update spec, stories and mdx
* refactor(pricing): pricing-card.component
- Support changeDetection: ChangeDetectionStrategy.OnPush
- Update spec and mdx files
* refactor(pricing): cart-summary.component
- Introduce new Cart type
- Use Cart type as main input in cart-summary.component
- Support optional custom header template in cart-summary.component
- Support optional cart-level Discount type in cart-summary.component
- Update upgrade-payment.component to pass in new Cart type to cart-summary.component
- Update spec file, stories and mdx file
* feat(subscription): misc
- Remove unused test file
- Update jest.config.js
- Add test.setup.ts
* feat(subscription): subscription-card.component
- Add BitwardenSubscription type
- Add subscription-card.component
- Add translations
- Add spec file, stories and MDX file
* feat(subscription): storage-card.component
- Add standalone Storage type
- Add storage-card.component
- Add spec file, stories and MDX file
* feat(subscription): additional-options-card.component
- Add additional-options-card.component
- Add spec file, stories and MDX file
* fix(pricing): cart-summary.component.stories.ts lint
* fix(pricing): discount-badge.component.stories.ts lint
* fix(web): Resolve estimatedTax$ toSignal for use in cart on upgrade-payment.component
* feedback(design): Fix design issues
* Kyle's feedback
* Kyle's feedback
* cleanup: Use SubscriptionStatuses instead of string values
* feat: Add CTA disabling input to storage-card.component
* feat: Add CTA disabling input to additional-options-card.component
* prevent redundant cache updates on account switch
Remove automatic cache update triggering that caused UI freezes when
switching to accounts with phishing detection access.
Root cause: The update$ observable used startWith(undefined) which
triggered an immediate cache refresh whenever a new subscription was
created. On account switch, phishingDetectionSettingsService.on$ emits
true, creating a new subscription and triggering a full ~800K entry
fetch that blocks the UI thread.
Fix:
- Remove startWith(undefined) to prevent auto-triggering on subscription
- Add MIN_UPDATE_INTERVAL (5 min) constant for cache freshness checks
- Add _updateInProgress flag to prevent concurrent updates
- Add filter() to skip updates when one is already in progress
- Add cache freshness check (skip if updated within 5 minutes)
- Add finalize() to reliably reset _updateInProgress flag (per ADR)
- Replace share() with shareReplay() to prevent duplicate work
- Add triggerUpdateIfNeeded() public method for explicit update requests
The scheduled 24-hour update interval is unaffected - it still calls
_triggerUpdate$.next() via the task scheduler.
* trigger cache updates asynchronously on account switch
Update PhishingDetectionService to explicitly trigger cache updates
when phishing detection becomes active for an account, using a
non-blocking pattern.
Changes:
- Add call to phishingDataService.triggerUpdateIfNeeded() when on$ emits true
- Use of(null).pipe(delay(0)) to defer update to next event loop tick
- This prevents the update from blocking the account switch UI flow
The delay(0) pattern is preferred over setTimeout per codebase conventions
(RxJS over native JS). The subscription auto-completes since of() emits
once and completes, so no manual cleanup is needed.
Combined with the previous commit's safeguards (cache freshness check,
concurrent update prevention), this ensures:
1. Account switch completes immediately (non-blocking trigger)
2. Cache updates only run when actually needed (< 5 min freshness)
3. Concurrent updates are prevented (_updateInProgress flag)
Fixes: PM-30319
* decouple cache update subscription from UI event merge
Move phishingDataService.update$ to a separate subscription outside the
merge() stream to prevent blocking the service worker during critical
initialization and account switch flows.
Background:
The service worker is single-threaded. When the phishing cache update
runs, it downloads a 25MB file and parses 800K entries using .split(),
which is CPU-intensive synchronous work. During this parsing, the
service worker cannot respond to popup requests, causing the extension
UI to appear frozen when the user clicks the extension icon.
Previously, update$ was included in the merge() alongside UI event
handlers (onTabUpdated$, onContinueCommand$, onCancelCommand$). When
on$ emitted true (user has phishing access), the merge subscription
was created as part of the same synchronous flow, coupling the heavy
cache work with the UI event setup.
Changes:
- Create separate updateSub subscription at initialization
- Remove update$ from merge() - now only contains UI event streams
- Keep delay(0) trigger for triggerUpdateIfNeeded()
How delay(0) works:
JavaScript's event loop must complete all synchronous code before
processing async callbacks. delay(0) schedules the trigger for the
next event loop tick, meaning:
1. initialize() completes and returns
2. Service worker is 'free' to handle other tasks
3. Next tick: triggerUpdateIfNeeded() fires
4. Cache update runs in background
The cache parsing will still block the thread when it eventually runs,
but this is now decoupled from the critical initialization path. The
window where blocking can affect user interaction is minimized.
PM-30319
* comment
* account for new changes in spec file
* prevent UI blocking during cache updates
Problem:
- Switching accounts caused 5+ second UI freeze
- Even when data unchanged, 789K entries were rewritten to IndexedDB
- Set was rebuilt from 789K entries on every state emission
Solution:
- Skip state update when checksum matches (return null instead of full data)
- Cache Set in memory, only rebuild when checksum changes
- Track last check time in memory instead of state
- Use streaming fetch to prevent Firefox memory explosion
- Add comprehensive logging for debugging
Performance improvement:
- Checksum match: ~5 seconds → ~10ms (no blocking)
- Full update: Still required when data changes, but with streaming
* pre-populate cache on install/update and optimize Set building
Problem:
Premium users experienced a 5+ second UI freeze on first login after
install because the phishing list (~63MB, 789K entries) was downloaded
synchronously when phishing detection was enabled.
Solution:
1. Pre-populate cache on extension install/update
- Added triggerPhishingCacheUpdate() to MainBackground
- RuntimeBackground calls this on "install" and "update" events
- Cache is ready before user logs in, eliminating first-login lag
2. Chunked Set building for UI responsiveness
- Build Set in 50K-entry chunks with event loop yields
- Changed from synchronous map() to async switchMap() + buildSetInChunks()
- Prevents UI blocking when Set is rebuilt from cached data
3. Streaming with yields
- Added yield after each network chunk during streaming fetch
- Keeps service worker responsive to popup messages during download
4. Log cleanup for production
- Converted verbose debugging logs from info → debug level
- Kept important operational events (daily/full updates) at info
- Removed timing logs and progress banners
- Fixed comment accuracy: 100MB → 63MB uncompressed
Performance impact:
- First login after install: 5+ seconds → near-instant (cache pre-populated)
- Set rebuild: non-blocking via chunked processing
- Subsequent updates: already optimized via checksum matching
* spec
* add allowlist for bare amazon.com domain
Problem:
The upstream Phishing.Database contains a false positive entry
`https://www.Amazon.com` (line 666495), causing the real Amazon
website to be incorrectly blocked.
Solution:
Add BARE_DOMAIN_ALLOWLIST that skips blocking for exact hostname
matches (amazon.com, www.amazon.com) when the URL has no path,
query, or hash. This protects users from false positives while
still detecting phishing URLs that use Amazon in paths or
subdomain tricks.
Allowed:
- https://amazon.com
- https://www.amazon.com
Still blocked:
- https://amazon.com/phishing/path
- https://amazon.com-malicious.xyz
- https://fake.com/amazon.com/steal
* logging
* update our links source url
* Fix Chrome memory leak in phishing detection service
* reduce memory leaks
* optimize phishing detection performance and fix memory leaks
This commit addresses critical performance issues and memory leaks in the
phishing detection feature, particularly for non-premium users and during
extension reloads.
Storage Isolation:
- Created BrowserIndexedDbStorageService for large data storage
- Separated PHISHING_DATA_DISK (60MB+ phishing URLs) from PHISHING_DETECTION_DISK
- Prevents popup from loading large dataset when accessing small settings
- Fixed UI freeze when navigating to Settings -> Account security -> back arrow
Lazy Loading Optimizations:
- Converted _cachedState, _webAddresses$, and update$ to lazy getters
- Only accesses IndexedDB when phishing detection is actually used
- Prevents blocking service worker initialization on extension reload
- Added guard in triggerUpdateIfNeeded() to skip if no observers
Performance Improvements:
- Modified buildEnabledPipeline$() to check available$ first
- Uses startWith(true) to emit immediately, preventing on$ from blocking
- Skips IndexedDB reads for non-premium users during unlock/account switch
- Prevents 3+ second UI freezes for non-premium users
Memory Leak Fixes:
- Added static interval cleanup to prevent accumulation on service recreation
- Fixed tab listener cleanup by storing bound handler reference
- Fixed triggerUpdateSub subscription cleanup on account switches
- Prevents exponential memory growth from undestroyed subscriptions
Test Fixes:
- Updated tests to set up available$ prerequisites before testing enabled$
- Fixed tests to wait for actual state values after startWith(true) emission
- Uses filter() to wait for expected state values in async tests
Files Changed:
- apps/browser/src/platform/services/browser-indexed-db-storage.service.ts (new)
- apps/browser/src/platform/storage/browser-storage-service.provider.ts
- apps/browser/src/dirt/phishing-detection/services/phishing-data.service.ts
- apps/browser/src/dirt/phishing-detection/services/phishing-detection.service.ts
- apps/browser/src/background/runtime.background.ts
- libs/common/src/dirt/services/phishing-detection/phishing-detection-settings.service.ts
- libs/common/src/dirt/services/phishing-detection/phishing-detection-settings.service.spec.ts
- libs/state/src/core/state-definitions.ts
- libs/storage-core/src/client-locations.ts
* fix test type errors
* remove allowlist
* storage isolation revert
The initial implementation of storage isolation was used to fix a specific navigation scenario that lead to freezing of the ui ("Settings → Account Security" and clicking the back button)
Why disk-large instead of memory-large-object:
- **Problem**: Users experienced infinite loading (2+ minute freezes) when navigating to "Settings → Account Security" and clicking the back button. The Popup would freeze because `chrome.storage.local` broadcasts 60MB writes to all contexts, causing the Popup to deserialize data it never requested.
- **Fix**: Created `disk-large` storage location using native IndexedDB, which persists data (unlike `memory-large-object`) and doesn't broadcast events (unlike `chrome.storage.local`), isolating large datasets from the Popup context.
**Key Difference:**
- `memory-large-object`: **Non-persistent** in-memory storage. Data is lost when the service worker restarts or the extension reloads.
- `disk-large`: **Persistent** storage using native IndexedDB. Data survives service worker restarts and extension reloads.
**Why We Need Persistence:**
The phishing dataset (~60MB, 780K entries) must persist across:
- Service worker restarts (Chrome terminates service workers after inactivity)
- Extension reloads/updates
- Browser restarts
If we used `memory-large-object`, the extension would need to re-download the entire 60MB dataset every time the service worker restarts, which happens frequently in Chrome. This would:
1. Waste bandwidth (60MB downloads on every restart)
2. Cause UI freezes on every restart (same problem we're trying to fix)
3. Fail offline scenarios
**Why Not Use Existing `disk` Location:**
The existing `"disk"` location uses `chrome.storage.local`, which has a critical flaw for large datasets:
- **Event Broadcasting**: Any write to `chrome.storage.local` triggers `onChanged` events broadcast to **all** extension contexts (Background, Popup, Sidebar)
- **The UI/UX Problem**:
- Users experienced **infinite loading** or **2+ minute freezes** when navigating to "Settings → Account Security" and clicking the back button
- When Background writes 60MB, Chrome serializes and IPCs it to Popup, causing Popup's main thread to freeze while deserializing this massive object, even if Popup never requested the data
- The Popup would become completely unresponsive, showing a spinning cursor or blank screen
- **The Fix**: Native IndexedDB doesn't broadcast events across processes, isolating the storage so Background can write 60MB without disturbing the Popup
* remove implementation comments from jsdoc
* renaming
* new domains source
* remove unnecessary complexity from buildEnabledPipeline and remove all IndexedDB references
* fix pre-population on install/update
* handle null webAddresses
---------
Co-authored-by: maxkpower <mpower@bitwarden.com>
* use type safe generics for throttle and debounce, account for the change were event isn't passed
* read gloabl once
* check for styles before setting
* narrow keywords index
* narrow bitwardenAutofillInit for callback
* nullish coalescing operator on value for prop attributes
* Front end changes to disable SM ads for users
* fixing failing tests
* Update libs/common/src/admin-console/models/response/organization.response.ts
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* fixing merge conflicts
* claude suggestion
* adding feature flag for disable sm ads on clients
* fixing tests
---------
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
* add callout to vault-items for non premium users, add upgrade premium flow
* add archive badge to item details only for desktop
* update desktop edit item save for unarchive
* updated success toast for edited archive item non premium
* Add CI validations install and run Desktop client (Linux)
* add support for arm for snap and flatpak
* fix flatpak pkg doesn't match installed name
* name change
* remove unused dep
* add other validations to check-failures
* add wayland validation
* wayland deps
* simulate X server
* remove unused id
* Implement cleanupCipher method in BaseImporter with tests for notes and name handling
- Added cleanupCipher method to preserve leading/trailing spaces in notes and set them to null if they contain only whitespace or are empty.
- Updated the BaseImporter class to remove trimming of notes to maintain original formatting.
- Added unit tests for cleanupCipher to verify behavior for various note and name scenarios.
* Got rid of unneeded cipher spec test
* Got rid of unneeded comment
* Fix service and importers for tests to pass
* Fix sdk.service.ts
* Refactor URL normalization in ApiService to streamline request URL construction
* Fixed PR comments
* Add back comment
---------
Co-authored-by: Mike Amirault <mamirault@bitwarden.com>
This PR moves the Desktop Send list UI into a shared library component and updates the Desktop Send v2 component to use modern Angular patterns (Signals, OnPush, no manual subscriptions)
* allow drawer to adapt to size input
* add new drawer sizes
* move logic back to dialog component
* convert width to computed signal
* fix template error and remove duplicate class
* use normal const object
* ensure dialogSize undefined is handled
Commit a3e654d (https://github.com/bitwarden/clients/pull/16053) removed explicit --target flags from the Linux desktop build workflow when removing musl support. This change inadvertently broke the build.js binary distribution logic, which only copies the desktop_proxy binary to the dist directory when an explicit target is specified. Without this binary in the expected location (/opt/Bitwarden/desktop_proxy), browser integration fails on Linux.
This fix restores explicit --target flags using gnu triplets instead of the previously removed musl triplets. The x64 build now uses --target=x86_64-unknown-linux-gnu and the arm64 build uses --target=aarch64-unknown-linux-gnu, ensuring build.js properly distributes the desktop_proxy binary and restoring browser integration functionality on Linux desktop.
