bitwarden
Refactor Fido2 Components
đ Objective
Refactor the three passkey modals to clean up the code a little, fix typescript typing issues, and hopefully make these modals clearer for future changes.
â° Reminders before review
- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team
đĻŽ Reviewer guidelines
- đ (
:+1:) or similar for great changes - đ (
:memo:) or âšī¸ (:information_source:) for notes or general info - â (
:question:) for questions - đ¤ (
:thinking:) or đ (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion - đ¨ (
:art:) for suggestions / improvements - â (
:x:) or â ī¸ (:warning:) for more significant problems or concerns needing attention - đą (
:seedling:) or âģī¸ (:recycle:) for future improvements or indications of technical debt - â (
:pick:) for minor or nitpick changes
Checkmarx One â Scan Summary & Details â 5fe63e5f-fc33-43e8-afb8-9003a3caed0f
New Issues (3)
Checkmarx found the following issues in this Pull Request
| Severity | Issue | Source File / Package | Checkmarx Insight |
|---|---|---|---|
 |
CVE-2025-6555 | Npm-electron-34.0.0 | detailsDescription: Use After Free in Animation in Google Chrome prior to 138.0.7204.49, allowed a remote attacker to potentially exploit heap corruption via a crafted...Attack Vector: NETWORK Attack Complexity: LOW ID: txYgariZ41KAR5rF1l1h2ogJNARCGNGKO0dvZMBICCw%3D |
|
CVE-2025-6556 | Npm-electron-34.0.0 | detailsRecommended version: 35.6.0Description: Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a... Attack Vector: NETWORK Attack Complexity: LOW ID: O2QUinhr3yKzBlhqTijE%2FoTd2EnsURGjM58CMoEtD%2FE%3D |
|
CVE-2025-6557 | Npm-electron-34.0.0 | detailsRecommended version: 35.6.0Description: Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engag... Attack Vector: NETWORK Attack Complexity: LOW ID: ytSjCHtBUhoOTZUpANi7QRLYVXPo66ii0nt%2FrkYTvTw%3D |
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Codecov Report
Attention: Patch coverage is 65.00000% with 28 lines in your changes missing coverage. Please review.
Please upload report for BASE (
feature/passkey-provider@c873f5a). Learn more about missing BASE report.
:white_check_mark: All tests successful. No failed tests found.
Additional details and impacted files
@@ Coverage Diff @@
## feature/passkey-provider #15105 +/- ##
===========================================================
Coverage ? 36.89%
===========================================================
Files ? 3203
Lines ? 93074
Branches ? 13960
===========================================================
Hits ? 34335
Misses ? 57330
Partials ? 1409
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
:rocket: New features to boost your workflow:
- :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
@coltonhurst I updated the PR to address your comments. I will ping @abergs to take a look too.
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarQube Cloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}