clients icon indicating copy to clipboard operation
clients copied to clipboard
verified publisher icon bitwarden

[PM-28536] Add phishing blocker setting to account security

Open maxkpower opened this issue 1 month ago â€ĸ 6 comments

🎟ī¸ Tracking

https://bitwarden.atlassian.net/browse/PM-28536

📔 Objective

Adds a user-level setting to allow users to disable the phishing detection feature in the browser extension. The setting applies to all users logged into the extension that have premium access.

  • New Service: PhishingDetectionSettingsService manages the user on/off state
  • UI: Added toggle in Account Security settings (visible to premium users only)

📸 Screenshots

Clipboard-20251121-175310-312

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

đŸĻŽ Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹī¸ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠ī¸ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or â™ģī¸ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

maxkpower avatar Nov 20 '25 23:11 maxkpower

Logo Checkmarx One – Scan Summary & Details – 5ef85231-0761-4970-9622-df717bae2401

Great job! No new security vulnerabilities introduced in this pull request

github-actions[bot] avatar Nov 20 '25 23:11 github-actions[bot]

Claude finished @maxkpower's task —— View job

Review Complete ✅

  • [x] Analyze PR context
  • [x] Review PR changes using bitwarden-code-reviewer agent
  • [x] Complete review

The bitwarden-code-reviewer agent has completed a comprehensive review of this PR and posted:

  • 1 summary comment with overall assessment and recommendation
  • 5 inline comments on specific code sections

The review findings and recommendations are now visible in the PR conversation. The code is production-ready and follows all critical Bitwarden guidelines.

claude[bot] avatar Nov 21 '25 18:11 claude[bot]

Codecov Report

:x: Patch coverage is 71.15385% with 15 lines in your changes missing coverage. Please review. :white_check_mark: Project coverage is 41.87%. Comparing base (dc763f6) to head (fd83388). :warning: Report is 20 commits behind head on main. :white_check_mark: All tests successful. No failed tests found.

Files with missing lines Patch % Lines
...g-detection/phishing-detection-settings.service.ts 75.00% 8 Missing and 1 partial :warning:
apps/browser/src/popup/services/services.module.ts 0.00% 3 Missing :warning:
apps/browser/src/background/main.background.ts 33.33% 2 Missing :warning:
...phishing-detection-settings.service.abstraction.ts 0.00% 1 Missing :warning:
Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #17527      +/-   ##
==========================================
+ Coverage   41.84%   41.87%   +0.02%     
==========================================
  Files        3589     3591       +2     
  Lines      104162   104236      +74     
  Branches    15713    15722       +9     
==========================================
+ Hits        43590    43647      +57     
- Misses      58722    58725       +3     
- Partials     1850     1864      +14

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

:rocket: New features to boost your workflow:
  • :package: JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

codecov[bot] avatar Nov 21 '25 18:11 codecov[bot]

I've addressed some comments as well as made an update to the UI component used as per design in the ticket. I've also fixed some merged whitespace changes that my local environment overwrote.

This pull request is ready for re-review.

Banrion avatar Dec 11 '25 19:12 Banrion

We will be merging the code changes from 17818 into this pull request due to being behind a feature flag and reducing QA testing load.

Banrion avatar Dec 12 '25 15:12 Banrion

Changes in this PR impact the Autofill experience of the browser client

BIT has tested the core experience with these changes and all feature flags disabled.

✅ Fortunately, these BIT tests have passed! 🎉

bw-ghapp[bot] avatar Dec 12 '25 17:12 bw-ghapp[bot]

Changes in this PR impact the Autofill experience of the browser client

BIT has tested the core experience with these changes and the feature flag configuration used by vault.bitwarden.com.

✅ Fortunately, these BIT tests have passed! 🎉

bw-ghapp[bot] avatar Dec 12 '25 17:12 bw-ghapp[bot]