* add "All caught up!" state for application review card
- Display success state when all applications have been reviewed and no new applications need review
- Add iconColorClass input to activity-card component to support conditional icon colors (green checkmark for success state)
- Add i18n keys: allCaughtUp and noNewApplicationsToReviewAtThisTime
- Check if all apps have review dates via enrichedReportData$ to determine when to show the caught up state
* fix "Potential Race Condition with State Initialization" from claude issue and replace getter
* Consolidate loading state and handle null report from api response
* Fix jumping of page when ciphers are still loading
* Fix type errors
* Fix loading state
* Update type guards
* Add metric data types. Update places saving a risk insights report summary to save metrics
* Fix types and test error
* Fix critical report members
* Update test case for null username in type-guard
* Fix report application mapped data check
* max init
* add mp4 and organize code better
* fix lint errors
* move empty state logic into risk insights component
* replace getter logic
* sub for org name
* checkForVaultItems fix
- need to use cipherservice instead of report results from data service
* fix all critical issues mentioned by claude bot
* resolve empty state logic bug and memory leaks
- Handle zero-results case in empty state logic
- Add takeUntil cleanup to _setupUserId subscription
- Guard console.warn with isDevMode() check
* use tuple arrays for benefits to prevent XSS risk
Replace pipe-separated strings with typed tuple arrays [string, string][]
for benefits data in empty state component. This eliminates potential XSS
risk from string splitting, provides compile-time type safety, and improves
performance by removing runtime string parsing on every change detection.
* fix(dirt): hide empty states during report generation and fix memory leak
Add isGeneratingReport$ to combineLatest, update empty state conditions
to check !isGenerating, simplify run report logic, and fix memory leak
in route.queryParams subscription.
Addresses Claude bot feedback on PR #16832
* refactor(dirt): use signals and OnPush in empty state card component
Convert @Input() to readonly input signals and add OnPush change
detection strategy. Update template to call signals as functions.
Fixes ESLint compliance issues.
* refactor(dirt): remove unused shouldShowRunReportState variable
The shouldShowRunReportState variable was calculated but never used.
The template already uses @else for the run report state, making this
variable redundant.
* refactor(dirt): consolidate duplicate if statements in empty state logic
Merge 5 separate if/else blocks checking shouldShowImportDataState into
single consolidated block. Move constant benefits assignment outside
conditional. Improves readability and reduces duplication.
* remove unnecessary getOrganizationName wrapper method
* remove duplicate runReport method
Remove runReport arrow function and use generateReport consistently.
Both methods called dataService.triggerReport(), but generateReport
includes an organizationId check for defensive programming.
* feat(dirt): add newApplications$ observable to orchestrator
Add reactive observable that filters applicationData for unreviewed apps
(reviewedDate === null). Observable automatically updates when report
state changes through the pipeline.
- Add newApplications$ observable with distinctUntilChanged
- Filters rawReportData$.data.applicationData
- Uses shareReplay for multi-subscriber efficiency
Related to PM-27284
* feat(dirt): add saveApplicationReviewStatus$ to orchestrator
Implement method to save application review status and critical flags.
Updates all applications where reviewedDate === null to set current date,
and marks selected applications as critical.
- Add saveApplicationReviewStatus$() method
- Add _updateReviewStatusAndCriticalFlags() helper
- Uses existing encryption and API update patterns
- Single API call for both review status and critical flags
- Follows same pattern as saveCriticalApplications$()
Related to PM-27284
* feat(dirt): expose newApplications$ in data service
Expose orchestrator's newApplications$ observable and save method
through RiskInsightsDataService facade. Maintains clean separation
between orchestrator (business logic) and components (UI).
- Expose newApplications$ observable
- Expose saveApplicationReviewStatus() delegation method
- Maintains facade pattern consistency
Related to PM-27284
* feat(dirt): make AllActivitiesService reactive to new applications
Update AllActivitiesService to subscribe to orchestrator's newApplications$
observable instead of receiving data through summary updates.
- Subscribe to dataService.newApplications$ in constructor
- Add setNewApplications() helper method
- Remove newApplications update from setAllAppsReportSummary()
- New applications now update reactively when review status changes
Related to PM-27284
* feat(dirt): connect dialog to review status save method
Update NewApplicationsDialogComponent to call the data service's
saveApplicationReviewStatus method when marking applications as critical.
- Inject RiskInsightsDataService
- Replace placeholder onMarkAsCritical() with real implementation
- Handle success/error cases with appropriate toast notifications
- Close dialog on successful save
- Show different messages based on whether apps were marked critical
Related to PM-27284
* feat(dirt): add i18n strings for application review
Add internationalization strings for the new applications review dialog
success and error messages.
- applicationReviewSaved: Success toast title
- applicationsMarkedAsCritical: Success message when apps marked critical
- newApplicationsReviewed: Success message when apps reviewed only
- errorSavingReviewStatus: Error toast title
- pleaseTryAgain: Error toast message
Related to PM-27284
* fix(dirt): add subscription cleanup to AllActivitiesService
Critical fix for production code quality and memory leak prevention.
Adds takeUntil pattern to all subscriptions to comply with ADR-0003
(Observable Data Services) requirements.
**Subscription Cleanup (ADR-0003 Compliance):**
- Add takeUntil pattern to AllActivitiesService subscriptions
- Add _destroy$ Subject and destroy() method
- Prevents memory leaks by properly unsubscribing from observables
- Follows Observable Data Services ADR requirements
Changes:
- Import Subject and takeUntil from rxjs
- Add private _destroy$ Subject for cleanup coordination
- Apply takeUntil(this._destroy$) to all 3 subscriptions:
- enrichedReportData$ subscription
- criticalReportResults$ subscription
- newApplications$ subscription
- Add destroy() method for proper resource cleanup
This ensures proper resource cleanup and follows Bitwarden's
architectural decision records for observable management.
Related to PM-27284
* fix(dirt): replace manual takeUntil with takeUntilDestroyed in AllActivitiesService
Fixes critical memory leak by replacing manual subscription cleanup
with Angular's automatic DestroyRef-based cleanup pattern.
**Changes:**
- Replace `takeUntil(this._destroy$)` with `takeUntilDestroyed()` for all 3 subscriptions
- Remove unused `_destroy$` Subject and manual `destroy()` method
- Update imports to use `@angular/core/rxjs-interop`
**Why:**
- Manual `destroy()` method was never called anywhere in codebase
- Subscriptions accumulated without cleanup, causing memory leaks
- `takeUntilDestroyed()` uses Angular's DestroyRef for automatic cleanup
- Aligns with ADR-0003 and .claude/CLAUDE.md requirements
**Impact:**
- Automatic subscription cleanup when service context is destroyed
- Prevents memory leaks during hot module reloads and route changes
- Reduces code complexity (no manual lifecycle management needed)
Related to PM-27284
* refactor(dirt): remove newApplications from OrganizationReportSummary
Removes redundant newApplications field from summary type and uses
derived newApplications$ observable from orchestrator instead.
**Changes:**
- Remove newApplications from OrganizationReportSummary type definition
- Remove dummy data array from RiskInsightsReportService.getApplicationsSummary()
- Remove newApplications subscription from AllActivitiesService
- Update AllActivityComponent to subscribe directly to dataService.newApplications$
**Why:**
- Eliminates data redundancy (stored vs derived)
- newApplications$ already computes from applicationData.reviewedDate === null
- Single source of truth: applicationData is the source
- Simplifies encrypted payload (less data in summary)
- Better separation: stored data (counts) vs computed data (lists)
**Impact:**
- No functional changes - UI continues to display new applications correctly
- Cleaner architecture with computed observable pattern
* cleanup
* fix(dirt): improve dialog type safety and error logging
Addresses critical PR review issues in NewApplicationsDialogComponent:
**Type Safety:**
- Replace unsafe type casting `(this as any).dialogRef` with proper DialogRef injection
- Inject DialogRef<boolean | undefined> using Angular's inject() function
- Ensures type safety and prevents runtime errors from missing dialogRef
**Error Handling:**
- Add LogService to dialog component
- Log errors with "[NewApplicationsDialog]" for debugging
- Maintain user-facing error toast while adding server-side logging
**Impact:**
- Eliminates TypeScript safety bypasses
- Improves production debugging capabilities
- Follows Angular dependency injection best practices
* fixing mock data and test cases for new apps
* refactor(dirt): remove newApplications validation from OrganizationReportSummary type guard
Removes redundant newApplications field validation from the
OrganizationReportSummary type guard and related test cases.
**Changes:**
- Remove "newApplications" from allowed keys in isOrganizationReportSummary()
- Remove newApplications array validation logic
- Remove newApplications validation from validateOrganizationReportSummary()
- Remove 2 test cases for newApplications validation
- Remove newApplications field from 8 test data objects
**Rationale:**
The newApplications field was removed from OrganizationReportSummary type
definition because it's derived data that can be calculated from
applicationData (filtering where reviewedDate === null). The data is now
accessed via the reactive newApplications$ observable instead of being
stored redundantly in the summary object.
**Impact:**
- No functional changes - UI continues to display new applications via observable
- Type guard now correctly validates the actual OrganizationReportSummary structure
- Eliminates data redundancy and maintains single source of truth
- All 43 tests passing
---------
Co-authored-by: Tom <ttalty@bitwarden.com>
* Session timeout policy
* default "custom" is 8 hours, validation fixes
* ownership update
* default max allowed timeout is not selected
* adjusting defaults, fixing backwards compatibility, skip type confirmation dialog when switching between the never and on system lock
* unit test coverage
* wording update, custom hours, minutes jumping on errors
* wording update
* wrong session timeout action dropdown label
* show dialog as valid when opened first time, use @for loop, use controls instead of get
* dialog static opener
* easier to understand type value listener
* unit tests
* explicit maximum allowed timeout required error
* eslint revert
* new drawer functions for crit apps
* logic for triggering the drawer functions in components
* cleanup unused logic and rename "navigation" to "action"
- ... since the click is now triggering the drawer instead of navigating to another tab/page
* null check for reportData in drawer methods
* use criticalReportResults$ to avoid duplicating logic
* use criticalReportResults$ to avoid dupe logic
* remove unused code
* Add runtime type guards for decrypted JSON data
- Create risk-insights-type-guards.ts with validation functions
- Replace unsafe type assertions with runtime validation in encryption service
- Validate ApplicationHealthReportDetail, OrganizationReportSummary, and OrganizationReportApplication
- Add detailed error messages for validation failures
- Remove TODO comments for type guard implementation
Improves security by preventing malformed data from bypassing type safety and ensures data integrity for decrypted report structures.
* test file fix
* date validation
* add runtime type guards and validation failure tests
Issue 1: Missing Test Coverage for Type Guard Validation Failures
- Create comprehensive test suite with 17 tests covering all validation scenarios
- Test invalid structures, missing fields, wrong types, and edge cases
- Verify proper error messages and validation logic for all data types
Issue 2: Silent Failure on Validation Errors (Security Concern)
- Re-throw validation errors instead of silently returning empty/default data
- Add descriptive error messages indicating potential data corruption or tampering
- Ensure all validation failures are surfaced as security issues, not swallowed
Additional Fix: Date Validation Vulnerability
- Validate date strings before creating Date objects to prevent Invalid Date (NaN)
- Throw explicit errors for unparseable date strings
- Update error handling to catch and properly surface date validation failures
* add empty string validation and sanitize error messages
- Validate array elements are non-empty strings (atRiskCipherIds, cipherIds, newApplications)
- Sanitize validation error messages to prevent information disclosure
- Log detailed errors for debugging, re-throw generic messages
- Add tests for empty string validation and error message sanitization
* add comprehensive validation for scalar strings and numeric ranges
- Validate all scalar string fields are non-empty (applicationName, userName, email, cipherId, userGuid)
- Add numeric range validation (finite, non-negative) for all count fields
- Export type guard functions for testability and reusability
- Add 19 new tests covering edge cases (empty strings, NaN, Infinity, negative numbers)
* prevent prototype pollution and unexpected property injection in type guards
- Validate object prototype is Object.prototype (prevents __proto__ attacks)
- Check for dangerous own properties (constructor, prototype)
- Strict property enumeration - reject objects with unexpected properties
- Add comprehensive security tests (prototype pollution, unexpected props)
- Protects against data tampering and information leakage
* security: always sanitize error messages to prevent information disclosure
- Remove fragile pattern matching in error handlers
- Always throw generic error messages by default
- Log detailed errors for debugging, never expose to callers
- Future-proof against validation error message changes
- Prevents disclosure of internal data structure details
Applies to all decryption/validation methods in encryption service
* security: comprehensive hardening of type validation system
CRITICAL FIXES:
- Add __proto__ to prototype pollution checks (loop-based)
- Remove conditional error sanitization (always sanitize)
SECURITY ENHANCEMENTS:
- Add integer overflow protection (Number.isSafeInteger)
- Add DoS prevention (array/string length limits: 50K/1K)
- Strengthen all 4 type guards with 10-layer validation
LIMITS:
- Max string length: 1,000 characters
- Max array length: 50,000 elements
- Max safe integer: 2^53 - 1
DOCUMENTATION:
- Update code-review-methodology.md with patterns
- Update .cursorrules with security best practices
- Create comprehensive security audit document
All 57 tests passing. No linting errors.
Defense-in-depth complete - production ready.
* fix: consolidate security constants and add upper bound validation
CRITICAL FIXES:
- Consolidate MAX_STRING_LENGTH and MAX_ARRAY_LENGTH to file level (DRY)
- Add MAX_COUNT constant (10M) for upper bound validation
- Apply upper bound checks to all 12 count fields
BENEFITS:
- Single source of truth for security limits
- Prevents business logic issues from extreme values
- Easier maintenance and updates
* filter at risk passwords count to only critical apps
* PM-26929 assign tasks to those apps that are marked as critical
---------
Co-authored-by: voommen-livefront <voommen@livefront.com>
* created shared card directive
* WIP
* use base card in anon layout
* use bit-card for pricing card component
* add base card to integration cards
* add base card to reports cards
* add base card to integration card
* use card content on report card
* use base card directive on base component
* update dirt card to use bit-card
* run prettier. fix whitespace
* add missing imports to report list stories
* add base card story and docs
* feat: add commercial sdk as optional dependency
* feat: add alias to CLI
* feat: add alias to browser
* feat: add alias to web
* fix: revert optional - we cant omit optional dependencies or the builds break
* feat: remove commercial package from browser build
* feat: remove commercial package from cli build
* feat: remove commercial package from web build
* chore: add commercial sdk to renovate
* fix: windows cli workflow
* fix: accidental change
* feat: add lint for version string
* undo weird merge changes
* WIP: added new services, refactor members to use billing service and member action service
* replace dialog logic and user logic with service implementations
* WIP
* wip add tests
* add tests, continue refactoring
* clean up
* move BillingConstraintService to billing ownership
* fix import
* fix seat count not updating if feature flag is disabled
* refactor billingMetadata, clean up
* Move files to folders. Delete unused component. Move model to file
* Move risk insights services to folder structure capturing domains, api, and view organization. Move mock data
* Remove legacy risk insight report code
* Move api model to file
* Separate data service and orchestration of data to make the data service a facade
* Add orchestration updates for fetching applications as well as migrating data.
* Updated migration of critical applications and merged old saved data to new critical applications on report object
* Update test cases
* Fixed test case after merge. Cleaned up per comments on review
* Fixed decryption and encryption issue when not using existing content key
* Fix type errors
* Fix test update
* Fixe remove critical applications
* Fix report generating flag not being reset
* Removed extra logs
* Remove legacy provider files
* Removing index files to make file re-org easier
* Move manage-clients.component and associated API invocation to AC
* Move add-existing-organization-dialog.component to AC
* Move manage-client-name-dialog.component and associated API call to AC
* Move misc clients files to AC
* Move create-client-dialog.component and associated API call to AC
* Move manage-client-subscription-dialog.component to AC
* Update provider-layout.component
* Cleanup
* Fix linting
* [PM-27024] Fix password change progress card to track only critical apps and detect new at-risk passwords
- Filter at-risk password count to critical applications only
- Update state logic to transition back to assign tasks when new at-risk passwords detected
- Only create security tasks for critical applications with at-risk passwords
- Show 'X new passwords at-risk' message when tasks exist and new at-risk passwords appear
* spec
The Key Connector URL was getting overwritten back to the default URL on `submit()` because `valueChanges` gets triggered during `submit()`. This fix adds a check to make sure we only set the default URL when changing TO Key Connector from a different decryption option. In other words, don't overwrite back to the default URL during `submit()`.
Also removes the trailing slash `/` from the default URL.
* removing unused properties from org metadata
* removing further properties from the response and replacing them with data already available
* [PM-25379] new org metadata service for new endpoint
* don't need strict ignore
* forgot unit tests
* added cache busting to metadata service
not used yet - waiting for a decision on moving a portion of this to AC
* [PM-25682] Remove ts-strict-ignore from Vault view models and update types to be strict
* [PM-25682] Ignore ViewEncryptableKeys error for old decrypt methods
* [PM-25682] Add null/undefined as possible types for isNull* and other helpers that include null checks internally
* [PM-25682] Use patchValue instead of setValue which does not support undefined values
* [PM-25682] Add type assertions and other misc. null checks where necessary
* [PM-25682] Fix importers specs
* [PM-25682] Cleanup card view/details
* [PM-25682] Fix cipher view hasAttachment helper
* [PM-25682] Cleanup unecessary null assignments in notification.background.spec.ts
* [PM-25682] Ensure linkedId is undefined instead of null
* [PM-25682] Cleanup misc typing errors
* [PM-25682] Make the CipherId required
* [PM-25682] Undo CipherId assertions
* [PM-25682] Undo brand initial value change
* [PM-25682] Update SshKeyView
* [PM-25682] Add constructor to Fido2CredentialView
* [PM-25682] Prettier
* [PM-25682] Fix strict type warnings after merge with main
* [PM-25682] Cleanup cipher view spec
* [PM-25682] Cleanup new type warnings after merge
* [PM-25682] Undo removed eslint-disable-next-line comment
* [PM-25682] Fix flaky test
* [PM-25682] Use satisfies instead of as for Fido2CredentialAutofillView
On the SSO Config page, when Key Connector is a valid option, setup a listener to changes to the Member Decryption Options form radio selection:
- If radio selection is Key Connector: set a default URL
- If radio selection is NOT Key Connector: clear the URL
This commit restructures the webpack configs for each project (i.e. web, browser, desktop, cli) such that each project has a base config that is shared in a way that requires less hard-coding of info, and more like simply calling a function with a few properties.
* new messages.json keys
* button changes for dirt activity card
* dummy data
* newApplicationsCount and temp toast
* Added third dirt-activity-card component after the existing two cards
* added newApplications to setAllAppsReportSummary
* make button smaller
* cleanup/nice-to-haves
* remove comment
* simplify activity card icon logic to use nullable iconClass
* use buttonText presence to determine button display in activity card
* apps needing review card
- I think accidentally deleted when resolving merge conflicts
* buttonClick.observed && buttonText
* Add password trigger logic to report service. Also updated api to use classes that properly handle encstring with placeholders for upcoming usage
* Fix merged test case conflict
* Fix type errors and test cases. Make create data functions for report and summary
* Update Risk Insights Report Data Type
* Update encryption usage and test cases. Moved mock data
* Remove unused variable
* Move all-application constructor
* Update all applications and risk insights to look at fetched logic
* Fix name of variable. Fetch last report run
* Cleanup all and critical application tabs drawer dependencies
* Rename components from tool to dirt. Hook up all applications to use reportResult summary
* Critical application cleanup. Trigger refetch of report for enriching when critical applications change
* Fix type errors
* Rename loader from tools to dirt. Cleanup
* Add activity tab updates using data service
* Use safeProviders in access intelligence
* Fix refresh button not appearing. Change "refresh" to "run report"
* Remove multiple async calls for isRunningReport
* Fix report button not showing
* Add no report ran message
* Fix password change on critical applications
Upgrade to the latest supported typescript version in Angular.
Resolved TS errors by:
- adding `: any` which is what the compiler previously implied and now warns about.
- adding `toJSON` to satisfy requirement.
