Bitwarden Bot

icon indicating a website link https://bitwarden.com

Results 413 comments of Bitwarden Bot

[PM-5434] Create VaultBrowserStateService and migrate components from BrowserStateService

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [6b6e455c\-fdec\-4f28\-81be\-709aee734293](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=6b6e455c-fdec-4f28-81be-709aee734293&branch=vault%2Fpm-5434) ### New Issues Severity|Issue|Source File / Package|Checkmarx Insight ---|---|---|--- ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[Client_DOM_XSS](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/6b6e455c-fdec-4f28-81be-709aee734293/sast/description/79/10016977899842968824)|/apps/web/src/app/auth/settings/two\-factor\-verify\.component\.html: [3](https://github.com/bitwarden/clients/blob/vault/pm-5434//apps/web/src/app/auth/settings/two-factor-verify.component.html#L3)|[Attack Vector](https://ast.checkmarx.net/results/6b6e455c-fdec-4f28-81be-709aee734293/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=cbaoNv%2Fax8KDDlTeF4CTOpdAPSc%3D&redirect=true) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[Client_DOM_XSS](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/6b6e455c-fdec-4f28-81be-709aee734293/sast/description/79/10016977899842968824)|/bitwarden\_license/bit\-web/src/app/admin\-console/providers/settings/account\.component\.html: [27](https://github.com/bitwarden/clients/blob/vault/pm-5434//bitwarden_license/bit-web/src/app/admin-console/providers/settings/account.component.html#L27)|[Attack Vector](https://ast.checkmarx.net/results/6b6e455c-fdec-4f28-81be-709aee734293/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=Fkhb4FHzt7oRhV8mV7aZiE9kY1c%3D&redirect=true) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[Client_DOM_XSS](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/6b6e455c-fdec-4f28-81be-709aee734293/sast/description/79/10016977899842968824)|/bitwarden\_license/bit\-web/src/app/admin\-console/providers/settings/account\.component\.html: [27](https://github.com/bitwarden/clients/blob/vault/pm-5434//bitwarden_license/bit-web/src/app/admin-console/providers/settings/account.component.html#L27)|[Attack Vector](https://ast.checkmarx.net/results/6b6e455c-fdec-4f28-81be-709aee734293/41bd746e-d417-4eda-afeb-01a59d162661/sast?result-id=q1X8ZOiQjlVe%2B5aJDkJzxLqdsfk%3D&redirect=true) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Potential_XSS](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/6b6e455c-fdec-4f28-81be-709aee734293/sast/description/79/7567754570932744334)|/apps/desktop/src/app/components/avatar\.component\.ts: [45](https://github.com/bitwarden/clients/blob/vault/pm-5434//apps/desktop/src/app/components/avatar.component.ts#L45)|[Attack...

[PM-5009] migrate billing component

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [48d7c4d7\-bfa7\-4352\-9a13\-fdea177dfda5](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=48d7c4d7-bfa7-4352-9a13-fdea177dfda5&branch=PM-5009-Migrate-billing-component) ### Fixed Issues Severity|Issue|Source File / Package ---|---|--- ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/48d7c4d7-bfa7-4352-9a13-fdea177dfda5/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/accounts/trial\-initiation/billing\.component\.html: [41](https://github.com/bitwarden/clients/blob/PM-5009-Migrate-billing-component//apps/web/src/app/billing/accounts/trial-initiation/billing.component.html#L41) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/48d7c4d7-bfa7-4352-9a13-fdea177dfda5/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/accounts/trial\-initiation/billing\.component\.html: [41](https://github.com/bitwarden/clients/blob/PM-5009-Migrate-billing-component//apps/web/src/app/billing/accounts/trial-initiation/billing.component.html#L41) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/48d7c4d7-bfa7-4352-9a13-fdea177dfda5/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/accounts/trial\-initiation/billing\.component\.html: [41](https://github.com/bitwarden/clients/blob/PM-5009-Migrate-billing-component//apps/web/src/app/billing/accounts/trial-initiation/billing.component.html#L41) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/48d7c4d7-bfa7-4352-9a13-fdea177dfda5/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/accounts/trial\-initiation/billing\.component\.html: [41](https://github.com/bitwarden/clients/blob/PM-5009-Migrate-billing-component//apps/web/src/app/billing/accounts/trial-initiation/billing.component.html#L41) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/48d7c4d7-bfa7-4352-9a13-fdea177dfda5/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/accounts/trial\-initiation/billing\.component\.html: [19](https://github.com/bitwarden/clients/blob/PM-5009-Migrate-billing-component//apps/web/src/app/billing/accounts/trial-initiation/billing.component.html#L19) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/48d7c4d7-bfa7-4352-9a13-fdea177dfda5/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/accounts/trial\-initiation/billing\.component\.html: [19](https://github.com/bitwarden/clients/blob/PM-5009-Migrate-billing-component//apps/web/src/app/billing/accounts/trial-initiation/billing.component.html#L19)...

[PM-5743] Implement eslint rule for usage of window object in background script

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [eb864868\-b381\-47f6\-a847\-9a4f115cd434](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=eb864868-b381-47f6-a847-9a4f115cd434&branch=autofill%2Fpm-5743-implment-eslint-rule-for-usage-of-window-object-in-background-script) ### Fixed Issues Severity|Issue|Source File / Package ---|---|--- ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/eb864868-b381-47f6-a847-9a4f115cd434/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/shared/add\-credit\.component\.ts: [146](https://github.com/bitwarden/clients/blob/autofill/pm-5743-implment-eslint-rule-for-usage-of-window-object-in-background-script//apps/web/src/app/billing/shared/add-credit.component.ts#L146) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/eb864868-b381-47f6-a847-9a4f115cd434/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/shared/add\-credit\.component\.ts: [80](https://github.com/bitwarden/clients/blob/autofill/pm-5743-implment-eslint-rule-for-usage-of-window-object-in-background-script//apps/web/src/app/billing/shared/add-credit.component.ts#L80) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/eb864868-b381-47f6-a847-9a4f115cd434/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/shared/add\-credit\.component\.ts: [30](https://github.com/bitwarden/clients/blob/autofill/pm-5743-implment-eslint-rule-for-usage-of-window-object-in-background-script//apps/web/src/app/billing/shared/add-credit.component.ts#L30) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/eb864868-b381-47f6-a847-9a4f115cd434/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/shared/add\-credit\.component\.ts: [70](https://github.com/bitwarden/clients/blob/autofill/pm-5743-implment-eslint-rule-for-usage-of-window-object-in-background-script//apps/web/src/app/billing/shared/add-credit.component.ts#L70) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/eb864868-b381-47f6-a847-9a4f115cd434/sast/description/359/2526234764757185080)|/apps/web/src/app/billing/shared/add\-credit\.component\.ts: [135](https://github.com/bitwarden/clients/blob/autofill/pm-5743-implment-eslint-rule-for-usage-of-window-object-in-background-script//apps/web/src/app/billing/shared/add-credit.component.ts#L135) ![MEDIUM](https://cdn.ast.checkmarx.net/integrations/severity/Medium.png)|[Client_Privacy_Violation](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/eb864868-b381-47f6-a847-9a4f115cd434/sast/description/359/2526234764757185080)|/bitwarden\_license/bit\-web/src/app/auth/sso/sso\.component\.ts: [161](https://github.com/bitwarden/clients/blob/autofill/pm-5743-implment-eslint-rule-for-usage-of-window-object-in-background-script//bitwarden_license/bit-web/src/app/auth/sso/sso.component.ts#L161)...

[deps]: Update lowdb to v7

Internal tracking: * ID: AC-2225 * Link: https://bitwarden.atlassian.net/browse/AC-2225

[deps]: Update lowdb to v7

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [d6babcaf\-33b7\-44b6\-9a14\-76261d79f3af](https://ast.checkmarx.net/projects/08da1c57-874f-47df-a647-3dbe6cd151bd/scans?id=d6babcaf-33b7-44b6-9a14-76261d79f3af&branch=renovate%2Flowdb-7.x) ### No New Or Fixed Issues Found

Bump follow-redirects from 1.15.2 to 1.15.5

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [b1497097\-e2e9\-47fc\-bcd1\-03a49b5601d6](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=b1497097-e2e9-47fc-bcd1-03a49b5601d6&branch=dependabot%2Fnpm_and_yarn%2Ffollow-redirects-1.15.5) ### No New Or Fixed Issues Found

[PM-1785] 🧪 channel(Version): Lemur Beta & Datura

Thank you for your contribution! We've added this to our internal Community PR board for review. ID: PM-1785

[PS-2410] Remove unnecessary URI-pruning logic

Thank you for your contribution! We've added this to our internal Community PR board for review. ID: PS-2410

[CL-18] toast component and service

![Logo](https://cdn.ast.checkmarx.net/integrations/logo/Checkmarx.png) **Checkmarx One – Scan Summary & Details** – [0d9765b0\-74c0\-41d3\-8e07\-468ff8b09f4f](https://ast.checkmarx.net/projects/41bd746e-d417-4eda-afeb-01a59d162661/scans?id=0d9765b0-74c0-41d3-8e07-468ff8b09f4f&branch=ps%2FCL-18%2Fmigrate-toasts) ### Fixed Issues Severity|Issue|Source File / Package ---|---|--- ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[Client_DOM_Code_Injection](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/0d9765b0-74c0-41d3-8e07-468ff8b09f4f/sast/description/94/9680731281616821460)|/apps/web/src/connectors/common\.ts: [2](https://github.com/bitwarden/clients/blob/ps/CL-18/migrate-toasts//apps/web/src/connectors/common.ts#L2) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[Client_DOM_Code_Injection](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/0d9765b0-74c0-41d3-8e07-468ff8b09f4f/sast/description/94/9680731281616821460)|/apps/browser/src/autofill/services/collect\-autofill\-content\.service\.ts: [1054](https://github.com/bitwarden/clients/blob/ps/CL-18/migrate-toasts//apps/browser/src/autofill/services/collect-autofill-content.service.ts#L1054) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[Client_DOM_Stored_XSS](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/0d9765b0-74c0-41d3-8e07-468ff8b09f4f/sast/description/79/1779421333800271656)|/apps/web/src/connectors/sso\.ts: [33](https://github.com/bitwarden/clients/blob/ps/CL-18/migrate-toasts//apps/web/src/connectors/sso.ts#L33) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[Client_DOM_XSS](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/0d9765b0-74c0-41d3-8e07-468ff8b09f4f/sast/description/79/10016977899842968824)|/apps/browser/src/auth/scripts/duo\.js: [285](https://github.com/bitwarden/clients/blob/ps/CL-18/migrate-toasts//apps/browser/src/auth/scripts/duo.js#L285) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[Client_DOM_XSS](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/0d9765b0-74c0-41d3-8e07-468ff8b09f4f/sast/description/79/10016977899842968824)|/apps/browser/src/auth/scripts/duo\.js: [285](https://github.com/bitwarden/clients/blob/ps/CL-18/migrate-toasts//apps/browser/src/auth/scripts/duo.js#L285) ![HIGH](https://cdn.ast.checkmarx.net/integrations/severity/High.png)|[Client_DOM_XSS](https://ast.checkmarx.net/results/41bd746e-d417-4eda-afeb-01a59d162661/0d9765b0-74c0-41d3-8e07-468ff8b09f4f/sast/description/79/10016977899842968824)|/apps/desktop/src/auth/scripts/duo\.js: [285](https://github.com/bitwarden/clients/blob/ps/CL-18/migrate-toasts//apps/desktop/src/auth/scripts/duo.js#L285)...

[deps] AC: Update postcss-loader to v7.3.4

Internal tracking: * ID: AC-2229 * Link: https://bitwarden.atlassian.net/browse/AC-2229