Bitwarden Bot

icon indicating a website link https://bitwarden.com

Results 413 comments of Bitwarden Bot

[deps] Tools: Update oidc-client-ts to v3

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [f57ee241\-71a3\-41be\-96a7\-dc42330b5fda](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=f57ee241-71a3-41be-96a7-dc42330b5fda&branch=renovate%2Foidc-client-ts-3.x) ### New Issues Severity|Issue|Source File / Package|Checkmarx Insight ---|---|---|--- ![LOW](https://cdn.ast.checkmarx.net/integrations/severity/Low.png)|[Use_Of_Hardcoded_Password](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/f57ee241-71a3-41be-96a7-dc42330b5fda/sast/description/259/2783517675732844652)|/libs/importer/src/importers/base\-importer\.ts: [131](https://github.com/bitwarden/clients/blob/renovate/oidc-client-ts-3.x//libs/importer/src/importers/base-importer.ts#L131)|[Attack Vector](https://ast.checkmarx.net/results/f57ee241-71a3-41be-96a7-dc42330b5fda/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=0l9AF71Kf%2F0D%2Bq3RO3WxZL1U9P0%3D&redirect=true) ![LOW](https://cdn.ast.checkmarx.net/integrations/severity/Low.png)|[Use_Of_Hardcoded_Password](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/f57ee241-71a3-41be-96a7-dc42330b5fda/sast/description/259/2783517675732844652)|/libs/importer/src/importers/base\-importer\.ts: [28](https://github.com/bitwarden/clients/blob/renovate/oidc-client-ts-3.x//libs/importer/src/importers/base-importer.ts#L28)|[Attack Vector](https://ast.checkmarx.net/results/f57ee241-71a3-41be-96a7-dc42330b5fda/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=1xFB5ix3Ajtt7aC5onLiwWqAnSI%3D&redirect=true) ![LOW](https://cdn.ast.checkmarx.net/integrations/severity/Low.png)|[Use_Of_Hardcoded_Password](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/f57ee241-71a3-41be-96a7-dc42330b5fda/sast/description/259/2783517675732844652)|/libs/importer/src/importers/base\-importer\.ts: [26](https://github.com/bitwarden/clients/blob/renovate/oidc-client-ts-3.x//libs/importer/src/importers/base-importer.ts#L26)|[Attack Vector](https://ast.checkmarx.net/results/f57ee241-71a3-41be-96a7-dc42330b5fda/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=2i%2FVkLsCn5hfoUe%2Btvrx3APs4jM%3D&redirect=true) ![LOW](https://cdn.ast.checkmarx.net/integrations/severity/Low.png)|[Use_Of_Hardcoded_Password](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/f57ee241-71a3-41be-96a7-dc42330b5fda/sast/description/259/2783517675732844652)|/libs/importer/src/importers/base\-importer\.ts: [29](https://github.com/bitwarden/clients/blob/renovate/oidc-client-ts-3.x//libs/importer/src/importers/base-importer.ts#L29)|[Attack...

[PM-1223] POC: Investigate ability to add support for mediated conditional UI

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [2c0ad82a\-d03a\-41e6\-942f\-1f3f1dc7980c](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=2c0ad82a-d03a-41e6-942f-1f3f1dc7980c&branch=PM-1223-investigate-ability-to-add-support-for-mediated-conditional-ui) ### New Issues Severity|Issue|Source File / Package|Checkmarx Insight ---|---|---|--- ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/2c0ad82a-d03a-41e6-942f-1f3f1dc7980c/sast/description/359/2526234764757185080)|/apps/browser/src/vault/fido2/webauthn\-utils\.ts: [125](https://github.com/bitwarden/clients/blob/PM-1223-investigate-ability-to-add-support-for-mediated-conditional-ui//apps/browser/src/vault/fido2/webauthn-utils.ts#L125)|[Attack Vector](https://ast.checkmarx.net/results/2c0ad82a-d03a-41e6-942f-1f3f1dc7980c/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=QGyKRkCitt5M8iOjl2PL387Pvf4%3D&redirect=true)

Auth/PM-5263 - TokenService State Provider Migration

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [c562d38d\-4307\-49ef\-921d\-685a8353bf66](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=c562d38d-4307-49ef-921d-685a8353bf66&branch=auth%2Fpm-5263%2Ftoken-service-state-provider-migration) ### No New Or Fixed Issues Found

[PM-4882] Passkeys: funnel rp name or id to the cipher name on save

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [d686cfd9\-c857\-47dc\-83b8\-ac9f621ff547](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=d686cfd9-c857-47dc-83b8-ac9f621ff547&branch=vault%2Fpm-4882-passkey-name-item-name) ### New Issues Severity|Issue|Source File / Package|Checkmarx Insight ---|---|---|--- ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/d686cfd9-c857-47dc-83b8-ac9f621ff547/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/accounts/trial\-initiation/billing\.component\.html: [41](https://github.com/bitwarden/clients/blob/vault/pm-4882-passkey-name-item-name//apps/web/src/app/billing/accounts/trial-initiation/billing.component.html#L41)|[Attack Vector](https://ast.checkmarx.net/results/d686cfd9-c857-47dc-83b8-ac9f621ff547/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=Kz1BlCNI4nHBlf7OcvtXIKhiaYo%3D&redirect=true) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/d686cfd9-c857-47dc-83b8-ac9f621ff547/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/accounts/trial\-initiation/billing\.component\.html: [41](https://github.com/bitwarden/clients/blob/vault/pm-4882-passkey-name-item-name//apps/web/src/app/billing/accounts/trial-initiation/billing.component.html#L41)|[Attack Vector](https://ast.checkmarx.net/results/d686cfd9-c857-47dc-83b8-ac9f621ff547/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=yBwRPKWN22q8VwSG1ysFsyJsVSI%3D&redirect=true) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/d686cfd9-c857-47dc-83b8-ac9f621ff547/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/accounts/trial\-initiation/billing\.component\.html: [41](https://github.com/bitwarden/clients/blob/vault/pm-4882-passkey-name-item-name//apps/web/src/app/billing/accounts/trial-initiation/billing.component.html#L41)|[Attack Vector](https://ast.checkmarx.net/results/d686cfd9-c857-47dc-83b8-ac9f621ff547/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=XeZanCaDs6MKUAvExZ4p5DIBIBw%3D&redirect=true) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/d686cfd9-c857-47dc-83b8-ac9f621ff547/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/accounts/trial\-initiation/billing\.component\.html: [41](https://github.com/bitwarden/clients/blob/vault/pm-4882-passkey-name-item-name//apps/web/src/app/billing/accounts/trial-initiation/billing.component.html#L41)|[Attack...

DEVOPS-1743 Web Vault Migration workflow improvements

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [a7d3176d\-afbe\-4b52\-b677\-71d4598999a4](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=a7d3176d-afbe-4b52-b677-71d4598999a4&branch=task%2FDEVOPS-1743) ### No New Or Fixed Issues Found

[AC-2008] [AC-2122] [Pt 1] Transition PolicyService to use StateProvider

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [b170f08d\-489a\-4982\-96d7\-963fbd7cb625](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=b170f08d-489a-4982-96d7-963fbd7cb625&branch=ac%2Fac-2008%2Ftransition-policyservice-to-use-stateprovider) ### No New Or Fixed Issues Found

[PM-6377] Fix HCaptcha accessibility and resolve Checkmarx warning

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [c055c7ca\-13ee\-4bf2\-a8d7\-43a2e129d7ba](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=c055c7ca-13ee-4bf2-a8d7-43a2e129d7ba&branch=ps%2Fcheckmarx-hcaptcha) ### New Issues Severity|Issue|Source File / Package|Checkmarx Insight ---|---|---|--- ![LOW](https://cdn.ast.checkmarx.net/integrations/severity/Low.png)|[Client_DOM_Open_Redirect](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/c055c7ca-13ee-4bf2-a8d7-43a2e129d7ba/sast/description/601/11100132039797172543)|/apps/desktop/src/auth/accessibility\-cookie\.component\.html: [18](https://github.com/bitwarden/clients/blob/ps/checkmarx-hcaptcha//apps/desktop/src/auth/accessibility-cookie.component.html#L18)|[Attack Vector](https://ast.checkmarx.net/results/c055c7ca-13ee-4bf2-a8d7-43a2e129d7ba/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=N7aCMtaI%2FUAfCxARXwan7wJtNSM%3D&redirect=true) ### Fixed Issues Severity|Issue|Source File / Package ---|---|---...

[PM-6404] Initial Clear Events Code

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [ca8cf92e\-c187\-4807\-b9f6\-51d212febd5f](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=ca8cf92e-c187-4807-b9f6-51d212febd5f&branch=pm%2Fps-6404%2Fadd-clear-events) ### Fixed Issues Severity|Issue|Source File / Package ---|---|--- ![LOW](https://cdn.ast.checkmarx.net/integrations/severity/Low.png)|[Use_Of_Hardcoded_Password](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/ca8cf92e-c187-4807-b9f6-51d212febd5f/sast/description/259/2783517675732844652)|/apps/cli/src/vault/models/cipher\.response\.ts: [21](https://github.com/bitwarden/clients/blob/pm/ps-6404/add-clear-events//apps/cli/src/vault/models/cipher.response.ts#L21) ![LOW](https://cdn.ast.checkmarx.net/integrations/severity/Low.png)|[Use_Of_Hardcoded_Password](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/ca8cf92e-c187-4807-b9f6-51d212febd5f/sast/description/259/2783517675732844652)|/apps/cli/src/vault/models/cipher\.response\.ts: [21](https://github.com/bitwarden/clients/blob/pm/ps-6404/add-clear-events//apps/cli/src/vault/models/cipher.response.ts#L21)

AC-2161 update cipher collections org vault modal

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [56d484e0\-54d3\-4317\-baed\-29a8115e71b3](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=56d484e0-54d3-4317-baed-29a8115e71b3&branch=AC-2161-Update-Cipher-Collections) ### No New Or Fixed Issues Found

Move fingerprint validated to biometric state povider

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [e0b2d1a5\-b13e\-49c8\-b112\-b5df69b0fa39](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=e0b2d1a5-b13e-49c8-b112-b5df69b0fa39&branch=ps%2Fpm-5537%2Fmigrate-biometric-fingerprint-validated) ### New Issues Severity|Issue|Source File / Package|Checkmarx Insight ---|---|---|--- ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|Unpinned Actions Full Length Commit SHA|/build\-desktop\.yml: [1280](https://github.com/bitwarden/clients/blob/ps/pm-5537/migrate-biometric-fingerprint-validated//.github/workflows/build-desktop.yml#L1280)|Pinning an action to a...