clients icon indicating copy to clipboard operation
clients copied to clipboard

[PM-8833] Implement on page autofill menu for password generation

Open cagonzalezcs opened this issue 1 year ago â€ĸ 4 comments

đŸŽŸī¸ Tracking

https://bitwarden.atlassian.net/browse/PM-8833

📔 Objective

The objective of this PR is to introduce password generation within the inline menu. This work not only implements the views and methodologies for generating and filling a randomized password, but also some extensive field qualification work to ensure that the generator appears where it is expected to appear.

Along with the password generation view, this introduces a view that asks the user to save a login on account creation fields. This triggers after fill of the password, and on click of fields that are qualified as account creation (or modification) fields.

📸 Demo

https://github.com/user-attachments/assets/c3beb00b-ff1a-4512-bd0b-293750876aaa

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

đŸĻŽ Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or â„šī¸ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or âš ī¸ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or â™ģī¸ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

cagonzalezcs avatar Sep 17 '24 20:09 cagonzalezcs

Logo Checkmarx One – Scan Summary & Details – 7cfb9044-cc15-46dd-82a8-1f284172c509

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 655 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 668 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 555 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 682 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 562 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 578 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 494 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 500 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 512 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 411 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 1709 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 366 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 366 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 643 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 644 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 642 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 641 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 645 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 654 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 208 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 651 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 708 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 407 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 451 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 434 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 2863 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 2758 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 1710 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 135 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 546 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 586 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 220 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 1710 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/background/overlay.background.ts: 1635 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 817 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1072 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 816 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 128 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1143 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1125 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1106 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1096 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1044 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1190 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1102 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1083 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1043 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1178 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1167 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1078 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1073 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1068 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 761 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 128 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 128 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 128 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 128 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 128 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 128 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 128 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 128 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 128 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 84 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 84 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 84 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 84 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 84 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 84 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 84 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 84 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 84 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 218 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 222 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 207 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 36 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 763 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 349 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 314 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 364 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 323 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 438 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 806 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 791 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 204 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 606 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 586 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 240 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 240 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/overlay/inline-menu/pages/list/autofill-inline-menu-list.ts: 1093 Attack Vector
MEDIUM Client_Privacy_Violation

More results are available on AST platform

github-actions[bot] avatar Sep 17 '24 20:09 github-actions[bot]

Codecov Report

Attention: Patch coverage is 87.06240% with 85 lines in your changes missing coverage. Please review.

Project coverage is 33.57%. Comparing base (9264e67) to head (4ea094a). Report is 1 commits behind head on main.

:white_check_mark: All tests successful. No failed tests found.

Files with missing lines Patch % Lines
...wser/src/autofill/background/overlay.background.ts 89.55% 15 Missing and 13 partials :warning:
apps/browser/src/background/main.background.ts 0.00% 15 Missing :warning:
...src/autofill/content/bootstrap-autofill-overlay.ts 0.00% 5 Missing :warning:
...ervices/inline-menu-field-qualification.service.ts 75.00% 5 Missing :warning:
...utofill/content/bootstrap-autofill-overlay-menu.ts 0.00% 4 Missing :warning:
...ofill/services/autofill-overlay-content.service.ts 96.11% 2 Missing and 2 partials :warning:
...browser/src/autofill/content/bootstrap-autofill.ts 0.00% 3 Missing :warning:
...nline-menu/pages/list/autofill-inline-menu-list.ts 97.84% 0 Missing and 3 partials :warning:
.../browser/src/autofill/services/autofill.service.ts 40.00% 2 Missing and 1 partial :warning:
...src/autofill/background/notification.background.ts 60.00% 2 Missing :warning:
... and 9 more
Additional details and impacted files
@@            Coverage Diff             @@
##             main   #11114      +/-   ##
==========================================
+ Coverage   33.36%   33.57%   +0.20%     
==========================================
  Files        2798     2798              
  Lines       86482    86798     +316     
  Branches    16476    16536      +60     
==========================================
+ Hits        28858    29141     +283     
- Misses      55314    55354      +40     
+ Partials     2310     2303       -7     

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov[bot] avatar Sep 26 '24 17:09 codecov[bot]

BIT run: https://github.com/bitwarden/browser-interactions-testing/actions/runs/11353358383

jprusik avatar Oct 15 '24 19:10 jprusik

BIT Run: https://github.com/bitwarden/browser-interactions-testing/actions/runs/11368501956

cagonzalezcs avatar Oct 16 '24 15:10 cagonzalezcs