* Implement cleanupCipher method in BaseImporter with tests for notes and name handling
- Added cleanupCipher method to preserve leading/trailing spaces in notes and set them to null if they contain only whitespace or are empty.
- Updated the BaseImporter class to remove trimming of notes to maintain original formatting.
- Added unit tests for cleanupCipher to verify behavior for various note and name scenarios.
* Got rid of unneeded cipher spec test
* Got rid of unneeded comment
* Fix service and importers for tests to pass
* Fix sdk.service.ts
* Refactor URL normalization in ApiService to streamline request URL construction
* Fixed PR comments
* Add back comment
---------
Co-authored-by: Mike Amirault <mamirault@bitwarden.com>
This PR moves the Desktop Send list UI into a shared library component and updates the Desktop Send v2 component to use modern Angular patterns (Signals, OnPush, no manual subscriptions)
* allow drawer to adapt to size input
* add new drawer sizes
* move logic back to dialog component
* convert width to computed signal
* fix template error and remove duplicate class
* use normal const object
* ensure dialogSize undefined is handled
Commit a3e654d (https://github.com/bitwarden/clients/pull/16053) removed explicit --target flags from the Linux desktop build workflow when removing musl support. This change inadvertently broke the build.js binary distribution logic, which only copies the desktop_proxy binary to the dist directory when an explicit target is specified. Without this binary in the expected location (/opt/Bitwarden/desktop_proxy), browser integration fails on Linux.
This fix restores explicit --target flags using gnu triplets instead of the previously removed musl triplets. The x64 build now uses --target=x86_64-unknown-linux-gnu and the arm64 build uses --target=aarch64-unknown-linux-gnu, ensuring build.js properly distributes the desktop_proxy binary and restoring browser integration functionality on Linux desktop.
* Change domain terminology to web addresses
* Added phishing resource file
* Finish renaming and adding runtime configuration for domains vs links setting
* Update reference
* Add matching functions per resource
* correct URL matching logic for links-based detection
Problem:
The phishing link matcher was failing to detect known phishing URLs due to
two issues:
1. Protocol mismatch: Entries in the phishing list use `http://` but users
typically visit `https://` versions. The matcher was comparing full URLs
including protocol, causing legitimate matches to fail.
- List entry: `http://smartdapptradxx.pages.dev`
- User visits: `https://smartdapptradxx.pages.dev/`
- Result: No match (incorrect)
2. Hostname-only matching would have caused false positives: An earlier
attempt to fix#1 included hostname-only comparison, which defeats the
purpose of links-based detection. The goal of PM-28548 is precise URL
matching to avoid blocking entire domains (like pages.dev, github.io)
when only specific paths are malicious.
Solution:
- Always strip protocol (http:// or https://) from both entry and URL
before comparison, treating them as equivalent
- Remove hostname-only matching to maintain precision
- Keep prefix matching for subpaths, query strings, and fragments
---------
Co-authored-by: Alex <adewitt@bitwarden.com>
* [pm-28077] Add input types to ignoredInputTypes
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Merge branch 'main' of github.com:bitwarden/clients into pm-28077-more-ignoredInputTypes-in-CollectAutofillContentService
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* [pm-28077] Remove month input type from ignored types
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* [pm-28077] Remove month radio and checkbox types from ignored types
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* Merge branch 'main' of github.com:bitwarden/clients into pm-28077-more-ignoredInputTypes-in-CollectAutofillContentService
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* [pm-28077] Fix prettier issues/conflicts
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* [pm-28077] Add comment regarding datetime depcrecation
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
---------
Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
* use optional chaining and make portkey optional to match the AutofillInlineMenuIframeExtensionMessage
* make ariaAlertElement optional
* tiemouts are set to null for clearing, updated type to match this
* border color is conditionally applied, undefined is acceptable here
* check if aria alerts exist before calling
* return early if no styles exist for updateElementStyles or no position for updateIframePosition
* initilaize timers to null
* non null assert iframe since it is initialized in initMenuIframe which makes it safe to assert non null by lifecycle
* remove optional chainning
* [PM-29209] Introduce new autofill nudge service specific to the Browser client
* [PM-29209] Cleanup redundant browser setting checks
* [PM-29209] Ensure nudge is dismissed on nudge button click
* [PM-29209] Add spec file for browser autofill nudge service
* [PM-29209] Cleanup settings-v2 spec file
* Introduce bitwarden-encrypted-json-importer
An effort to introduce type guards and split the logic between the differently protected bitwarden-json import-formats
* Improved stricter types, but not quite ts-strict yet
* Add guard to prevent passing password-protected exports to the wrong importer.
* Only create one return object instead of multiple
* Updated changes afer npm ci and npm run prettier
---------
Co-authored-by: Daniel James Smith <djsmith85@users.noreply.github.com>
* early return on typedata if it is not present
* use optional chaining on null checks
* nullish coallescing operator on potentially undefined type
* optional chaining to check both that the element exists and that contentWindow is not null before calling postMessage
* add null check for this.currentNotificationBarType before calling
* add a null check before appending notificationBarRootElement, ts cant track we set the iframe across method calls
* added null checks before calling setElementStyles
The Exposed Passwords and Weak Passwords reports were using an incorrect
rowSize value (53px instead of 75px) for their virtual scroll tables.
This caused the \"Back to reports\" button to collide with table entries.
The issue was cumulative - more items meant more visible collision. This
fix aligns both reports with the Reused Passwords report which correctly
uses 75px for identical row structures.
* add new color palette to theme and tailwind config
* updated docs color names
* remove safelist changes
* add missing accent colors to docs
* updated color mappings
* combined docs in colors.mdx and reference in Claude.md
* add variables for white and black
* updated docs
* updated list rendering style
* more specific docs instructions
* revert to simpler colors docs reference
* remove changes to claude.md
* use rgb color variables to compose semantic
* Add creationDate of account to AccountInfo
* Added initialization of creationDate.
* Removed extra changes.
* Fixed tests to initialize creation date
* Added helper method to abstract account initialization in tests.
* More test updates.
* Linting
* Additional test fixes.
* Fixed spec reference
* Fixed imports
* Linting.
* Fixed browser test.
* Modified tsconfig to reference spec file.
* Fixed import.
* Removed dependency on os. This is necessary so that the @bitwarden/common/spec lib package can be referenced in tests without node.
* Revert "Removed dependency on os. This is necessary so that the @bitwarden/common/spec lib package can be referenced in tests without node."
This reverts commit 669f6557b6.
* Updated stories to hard-code new field.
* Removed changes to tsconfig
* Revert "Removed changes to tsconfig"
This reverts commit b7d916e8dc.
* Updated to use Date
* Updated to use Date on sync.
* Changes to tests that can't use mock function
* Prettier updates
* Update equality to handle Date type.
* Change to type comparison.
* Simplified equality comparison to just use properties.
* Added comment.
* Updated comment to reference Date.
* Added back in internal method tests.
