clients
clients copied to clipboard
Published
20 hours ago •
bitwarden
bitwarden
[PM-4882] Passkeys: funnel rp name or id to the cipher name on save
Type of change
- [ ] Bug fix
- [x] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other
Objective
When creating a passkey and a new vault item, we want to set name to be rp's name value (rp.name). If the rp does not provide a name then we save rp.id which is the url
Code changes
- file.ext: Description of what was changed and why
Screenshots
(see the "target" name in the extension)
| Client | Before | After |
|---|---|---|
| Safari | ||
| Firefox | ||
| Safari |
Before you submit
- Please add unit tests where it makes sense to do so (encouraged but not required)
- If this change requires a documentation update - notify the documentation team
- If this change has particular deployment requirements - notify the DevOps team
- Ensure that all UI additions follow WCAG AA requirements
Codecov Report
Attention: Patch coverage is 0% with 5 lines in your changes are missing coverage. Please review.
Project coverage is 24.91%. Comparing base (
b46eb27) to head (ff9a2a7). Report is 113 commits behind head on main.
| Files | Patch % | Lines |
|---|---|---|
| ...rc/vault/popup/components/fido2/fido2.component.ts | 0.00% | 5 Missing :warning: |
Additional details and impacted files
@@ Coverage Diff @@
## main #7969 +/- ##
===========================================
- Coverage 59.32% 24.91% -34.41%
===========================================
Files 1057 2239 +1182
Lines 27253 65598 +38345
Branches 5453 12378 +6925
===========================================
+ Hits 16167 16347 +180
- Misses 9756 47918 +38162
- Partials 1330 1333 +3
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Checkmarx One – Scan Summary & Details – d686cfd9-c857-47dc-83b8-ac9f621ff547
New Issues
| Severity | Issue | Source File / Package | Checkmarx Insight |
|---|---|---|---|
 |
Client_Privacy_Violation | /apps/web/src/app/billing/accounts/trial-initiation/billing.component.html: 41 | Attack Vector |
|
Client_Privacy_Violation | /apps/web/src/app/billing/accounts/trial-initiation/billing.component.html: 41 | Attack Vector |
|
Client_Privacy_Violation | /apps/web/src/app/billing/accounts/trial-initiation/billing.component.html: 41 | Attack Vector |
|
Client_Privacy_Violation | /apps/web/src/app/billing/accounts/trial-initiation/billing.component.html: 41 | Attack Vector |
|
Client_Privacy_Violation | /apps/web/src/app/billing/accounts/trial-initiation/billing.component.html: 19 | Attack Vector |
|
Client_Privacy_Violation | /apps/web/src/app/billing/accounts/trial-initiation/billing.component.html: 19 | Attack Vector |
|
Client_Privacy_Violation | /apps/web/src/app/billing/accounts/trial-initiation/billing.component.html: 19 | Attack Vector |
|
Client_Privacy_Violation | /apps/web/src/app/billing/accounts/trial-initiation/billing.component.html: 19 | Attack Vector |
|
Client_Privacy_Violation | /apps/web/src/app/tools/reports/pages/breach-report.component.html: 14 | Attack Vector |
|
Unpinned Actions Full Length Commit SHA | /build-desktop.yml: 1224 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /build-browser.yml: 354 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /build-web.yml: 357 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /build-web.yml: 263 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /build-web.yml: 293 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /build-browser.yml: 412 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /build-desktop.yml: 1149 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
|
Unpinned Actions Full Length Commit SHA | /build-web.yml: 187 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
 |
Client_Use_Of_Iframe_Without_Sandbox | /apps/browser/src/autofill/content/notification-bar.ts: 874 | Attack Vector |
|
Client_Weak_Cryptographic_Hash | /libs/common/src/platform/services/web-crypto-function.service.ts: 142 | Attack Vector |
|
Client_Weak_Cryptographic_Hash | /libs/common/src/platform/services/web-crypto-function.service.ts: 142 | Attack Vector |
|
Unsafe_Use_Of_Target_blank | /apps/web/src/app/tools/send/access.component.html: 81 | Attack Vector |
|
Unsafe_Use_Of_Target_blank | /apps/web/src/app/admin-console/organizations/members/components/member-dialog/member-dialog.component.html: 126 | Attack Vector |
|
Unsafe_Use_Of_Target_blank | /apps/web/src/app/vault/components/vault-items/vault-cipher-row.component.html: 93 | Attack Vector |
|
Unsafe_Use_Of_Target_blank | /apps/web/src/app/core/web-file-download.service.ts: 23 | Attack Vector |
|
Unsafe_Use_Of_Target_blank | /bitwarden_license/bit-web/src/app/secrets-manager/overview/overview.component.html: 15 | Attack Vector |
|
Unsafe_Use_Of_Target_blank | /apps/browser/src/autofill/notification/bar.html: 11 | Attack Vector |
|
Use_Of_Hardcoded_Password | /libs/importer/src/importers/lastpass/access/services/rest-client.ts: 12 | Attack Vector |
|
Use_Of_Hardcoded_Password | /libs/importer/src/importers/lastpass/access/services/client.ts: 432 | Attack Vector |
|
Use_Of_Hardcoded_Password | /libs/importer/src/importers/lastpass/access/services/rest-client.ts: 11 | Attack Vector |
|
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /apps/browser/src/auth/background/service-factories/auth-request-crypto-service.factory.ts: 27 | Attack Vector |
|
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /apps/browser/src/background/service-factories/send-service.factory.ts: 42 | Attack Vector |
|
Use_of_Broken_or_Risky_Cryptographic_Algorithm | /apps/browser/src/auth/background/service-factories/key-connector-service.factory.ts: 67 | Attack Vector |
Fixed Issues
| Severity | Issue | Source File / Package |
|---|---|---|
 |
Client_DOM_XSS | /apps/web/src/app/auth/settings/two-factor-verify.component.html: 3 |
|
Client_DOM_XSS | /bitwarden_license/bit-web/src/app/admin-console/providers/settings/account.component.html: 27 |
|
Client_DOM_XSS | /bitwarden_license/bit-web/src/app/admin-console/providers/settings/account.component.html: 27 |
|
Angular_Improper_Type_Pipe_Usage | /apps/browser/src/vault/popup/components/fido2/fido2-use-browser-link.component.html: 1 |
|
Angular_Improper_Type_Pipe_Usage | /apps/web/src/app/billing/shared/adjust-storage.component.html: 27 |
|
Angular_Improper_Type_Pipe_Usage | /apps/web/src/app/billing/organizations/adjust-subscription.component.html: 54 |
|
Angular_Improper_Type_Pipe_Usage | /apps/web/src/app/billing/organizations/adjust-subscription.component.html: 18 |
|
Client_Potential_XSS | /apps/desktop/src/app/components/avatar.component.ts: 45 |
|
Client_Privacy_Violation | /apps/web/src/app/tools/reports/pages/breach-report.component.html: 14 |
|
Client_Privacy_Violation | /apps/browser/src/auth/popup/account-switching/account.component.ts: 12 |
|
Client_Privacy_Violation | /apps/browser/src/auth/popup/account-switching/account.component.ts: 12 |
|
Client_Privacy_Violation | /apps/web/src/app/auth/settings/two-factor-verify.component.html: 3 |
|
Client_Privacy_Violation | /apps/web/src/app/billing/shared/add-credit.component.ts: 131 |
|
Client_Privacy_Violation | /libs/components/src/color-password/color-password.component.ts: 25 |
|
Client_Privacy_Violation | /apps/web/src/app/billing/shared/add-credit.component.ts: 76 |
|
Client_Privacy_Violation | /apps/web/src/app/billing/shared/add-credit.component.ts: 66 |
|
Client_Privacy_Violation | /libs/components/src/color-password/color-password.component.ts: 26 |
|
Client_Privacy_Violation | /apps/web/src/app/billing/shared/add-credit.component.ts: 142 |
|
Client_Privacy_Violation | /apps/desktop/src/auth/lock.component.html: 32 |
|
Client_Privacy_Violation | /apps/web/src/app/billing/shared/add-credit.component.ts: 26 |
|
Client_Privacy_Violation | /apps/web/src/app/auth/lock.component.html: 18 |
|
Unpinned Actions Full Length Commit SHA | /build-browser.yml: 368 |
|
Unpinned Actions Full Length Commit SHA | /build-web.yml: 361 |
|
Unpinned Actions Full Length Commit SHA | /build-web.yml: 297 |
|
Unpinned Actions Full Length Commit SHA | /build-web.yml: 191 |
|
Unpinned Actions Full Length Commit SHA | /build-desktop.yml: 1280 |
|
Unpinned Actions Full Length Commit SHA | /build-browser.yml: 426 |
|
Unpinned Actions Full Length Commit SHA | /build-web.yml: 267 |
|
Unpinned Actions Full Length Commit SHA | /build-desktop.yml: 1205 |
|
Client_DOM_Open_Redirect | /apps/browser/src/tools/popup/generator/password-generator-history.component.ts: 18 |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/popup/account-switching/current-account.component.ts: 15 |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/popup/login-via-auth-request.component.ts: 55 |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/popup/login-via-auth-request.component.ts: 55 |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/login/login-via-auth-request.component.ts: 63 |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/login/login-via-auth-request.component.ts: 63 |
|
Client_DOM_Open_Redirect | /apps/browser/src/auth/popup/account-switching/account.component.ts: 25 |
|
Client_DOM_Open_Redirect | /apps/browser/src/vault/popup/components/vault/attachments.component.ts: 31 |
|
Client_DOM_Open_Redirect | /apps/browser/src/popup/settings/premium.component.ts: 26 |
|
Client_DOM_Open_Redirect | /apps/browser/src/vault/popup/components/vault/password-history.component.ts: 21 |
|
Client_DOM_Open_Redirect | /apps/desktop/src/auth/accessibility-cookie.component.html: 18 |
|
Client_Hardcoded_Domain | /apps/web/src/app/billing/shared/payment.component.ts: 56 |
|
Client_Hardcoded_Domain | /apps/web/src/app/billing/shared/payment.component.ts: 56 |
|
Client_Password_In_Comment | /apps/browser/src/autofill/background/notification.background.ts: 535 |
|
Client_Use_Of_Iframe_Without_Sandbox | /apps/browser/src/autofill/content/notification-bar.ts: 888 |
|
Client_Weak_Cryptographic_Hash | /libs/common/src/platform/services/web-crypto-function.service.ts: 142 |
|
Use_Of_Hardcoded_Password | /libs/common/src/tools/send/services/send.service.ts: 26 |
|
Use_Of_Hardcoded_Password | /libs/common/src/tools/send/services/send.service.ts: 25 |
|
Use_Of_Hardcoded_Password | /apps/web/src/app/layouts/password-manager-logo.ts: 3 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 56 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 51 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 30 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 58 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 37 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 51 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 57 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 26 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 13 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 38 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 65 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 15 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 30 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 16 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 44 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 54 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 50 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 32 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 45 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 38 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 17 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 17 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 42 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 46 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 62 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 27 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 24 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 39 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 55 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 40 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 22 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 14 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 27 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 63 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 55 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 23 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 14 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 58 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 29 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 53 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 41 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 49 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 40 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 41 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 52 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 43 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 25 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 23 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 46 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 64 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 16 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 66 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 31 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 52 |
|
Use_Of_Hardcoded_Password | /apps/browser/src/platform/services/i18n.service.ts: 51 |
|
More results are available on AST platform
