[SM-954]-Initial PR for adding the new onboarding page, and new styling and lo…

[cd-bitwarden]

…gic for onboarding steps for SM.

🎟️ Tracking

📔 Objective

break onboarding steps into a new page, show onboarding page link in the sidebar depending on step status, remove onboarding logic from overview page. Add a help accordion to the left nav bar, with useful links and the get started page if they have completed it and it's no longer in the top of the nav bar.

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[codecov[bot]]

Codecov Report

Attention: Patch coverage is 0% with 198 lines in your changes missing coverage. Please review.

Project coverage is 33.04%. Comparing base (5b4e4d8) to head (65864b0).

:white_check_mark: All tests successful. No failed tests found.

Files	Patch %	Lines
...ecrets-manager/overview/sm-onboarding.component.ts	0.00%	96 Missing :warning:
...ponents/onboarding/sm-onboarding-task.component.ts	0.00%	26 Missing :warning:
.../secrets-manager/guards/sm-org-onboarding.guard.ts	0.00%	22 Missing :warning:
...ents/onboarding/sm-onboarding-section.component.ts	0.00%	16 Missing :warning:
...ts-manager/overview/sm-onboarding-tasks.service.ts	0.00%	12 Missing :warning:
...p/secrets-manager/overview/sm-onboarding.module.ts	0.00%	9 Missing :warning:
...app/secrets-manager/layout/navigation.component.ts	0.00%	7 Missing :warning:
...rets-manager/overview/onboarding-routing.module.ts	0.00%	5 Missing :warning:
...t-web/src/app/secrets-manager/sm-routing.module.ts	0.00%	3 Missing :warning:
...app/secrets-manager/overview/overview.component.ts	0.00%	2 Missing :warning:

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #10752      +/-   ##
==========================================
- Coverage   33.11%   33.04%   -0.08%     
==========================================
  Files        2682     2688       +6     
  Lines       82730    82908     +178     
  Branches    15709    15737      +28     
==========================================
  Hits        27396    27396              
- Misses      53180    53358     +178     
  Partials     2154     2154              

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[github-actions[bot]]

Checkmarx One – Scan Summary & Details – 92618e3c-ea29-44d2-bdf3-a5163173ec63

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2024-7971	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9370	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9963	Npm-electron-32.0.1	Vulnerable Package
	CVE-2020-28469	Npm-glob-parent-3.1.0	Vulnerable Package
	CVE-2021-3807	Npm-ansi-regex-2.1.1	Vulnerable Package
	CVE-2024-10229	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-10230	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-10231	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-10487	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-10488	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-10826	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-10827	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-21536	Npm-http-proxy-middleware-2.0.6	Vulnerable Package
	CVE-2024-39338	Npm-axios-1.7.2	Vulnerable Package
	CVE-2024-4068	Npm-braces-2.3.2	Vulnerable Package
	CVE-2024-45296	Npm-path-to-regexp-6.2.2	Vulnerable Package
	CVE-2024-45296	Npm-path-to-regexp-0.1.7	Vulnerable Package
	CVE-2024-45590	Npm-body-parser-1.20.2	Vulnerable Package
	CVE-2024-52798	Npm-path-to-regexp-0.1.7	Vulnerable Package
	CVE-2024-7025	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7964	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7965	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7966	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7967	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7968	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7969	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7970	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7972	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7973	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7974	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7977	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7979	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7980	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8193	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8194	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8198	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8362	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8636	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8637	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8638	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8639	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8904	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8905	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9120	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9121	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9122	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9123	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9602	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9603	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9954	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9955	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9956	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9957	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9959	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9960	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9961	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9965	Npm-electron-32.0.1	Vulnerable Package
	Cxcd847ba7-2310	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-4067	Npm-micromatch-4.0.7	Vulnerable Package
	CVE-2024-4067	Npm-micromatch-3.1.10	Vulnerable Package
	CVE-2024-43788	Npm-webpack-5.88.2	Vulnerable Package
	CVE-2024-43788	Npm-webpack-5.93.0	Vulnerable Package
	CVE-2024-43796	Npm-express-4.19.2	Vulnerable Package
	CVE-2024-43799	Npm-send-0.18.0	Vulnerable Package
	CVE-2024-43800	Npm-serve-static-1.15.0	Vulnerable Package
	CVE-2024-45811	Npm-vite-4.5.3	Vulnerable Package
	CVE-2024-45812	Npm-vite-4.5.3	Vulnerable Package
	CVE-2024-47068	Npm-rollup-3.29.4	Vulnerable Package
	CVE-2024-47764	Npm-cookie-0.6.0	Vulnerable Package
	CVE-2024-7975	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7976	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7978	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-7981	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8033	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8034	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8035	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8906	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8907	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8908	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-8909	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9369	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9958	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9962	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9964	Npm-electron-32.0.1	Vulnerable Package
	CVE-2024-9966	Npm-electron-32.0.1	Vulnerable Package
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 446	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 485	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 485	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 485	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 446	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 446	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 859	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 880	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 880	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 551	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 551	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 551	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 1528	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/background/overlay.background.ts: 1527	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 883	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 880	Attack Vector
	Client_Privacy_Violation	/apps/web/src/app/auth/lock.component.ts: 18	Attack Vector
	Client_Privacy_Violation	/apps/web/src/app/auth/lock.component.ts: 46	Attack Vector
	Client_Privacy_Violation	/apps/desktop/src/vault/app/vault/view.component.html: 534	Attack Vector
	Client_Privacy_Violation	/libs/components/src/color-password/color-password.component.ts: 14	Attack Vector
	Client_Privacy_Violation	/libs/components/src/color-password/color-password.component.ts: 14	Attack Vector
	Client_Privacy_Violation	/apps/desktop/src/vault/app/vault/view.component.html: 60	Attack Vector
	Client_Privacy_Violation	/apps/desktop/src/vault/app/vault/view.component.html: 56	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/tools/popup/generator/password-generator-history.component.html: 26	Attack Vector
	Client_Privacy_Violation	/apps/browser/src/vault/popup/components/vault/password-history.component.html: 18	Attack Vector
	Client_Privacy_Violation	/apps/desktop/src/vault/app/vault/view.component.html: 50	Attack Vector
	Cx54379275-7f08	Npm-es5-ext-0.10.64	Vulnerable Package
	Client_DOM_Open_Redirect	/apps/browser/src/auth/popup/login-via-auth-request.component.ts: 53	Attack Vector
	Client_DOM_Open_Redirect	/apps/browser/src/auth/popup/login-via-auth-request.component.ts: 53	Attack Vector
	Client_DOM_Open_Redirect	/apps/desktop/src/auth/login/login-via-auth-request.component.ts: 61	Attack Vector
	Client_DOM_Open_Redirect	/apps/desktop/src/auth/login/login-via-auth-request.component.ts: 61	Attack Vector
	Client_DOM_Open_Redirect	/apps/browser/src/tools/popup/generator/password-generator-history.component.ts: 19	Attack Vector
	Client_DOM_Open_Redirect	/apps/browser/src/vault/popup/components/vault/password-history.component.ts: 23	Attack Vector
	Client_DOM_Open_Redirect	/apps/browser/src/billing/popup/settings/premium.component.ts: 27	Attack Vector
	Client_DOM_Open_Redirect	/apps/browser/src/vault/popup/components/vault/attachments.component.ts: 33	Attack Vector
	Client_DOM_Open_Redirect	/libs/common/src/auth/iframe-component.ts: 49	Attack Vector
	Client_DOM_Open_Redirect	/apps/desktop/src/auth/scripts/duo.js: 277	Attack Vector
	Client_DOM_Open_Redirect	/libs/common/src/auth/webauthn-iframe.ts: 25	Attack Vector
	Unprotected_Cookie	/apps/web/src/app/auth/sso.component.ts: 159	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 42	Attack Vector
	Unsafe_Use_Of_Target_blank	/apps/web/src/app/shared/components/onboarding/sm-onboarding-task.component.html: 46	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 239	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 204	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 192	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 180	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 168	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 147	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 133	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 129	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 119	Attack Vector
	Unsafe_Use_Of_Target_blank	/bitwarden_license/bit-web/src/app/secrets-manager/overview/sm-onboarding.component.html: 106

More results are available on AST platform