contributing-docs icon indicating copy to clipboard operation
contributing-docs copied to clipboard
verified publisher icon bitwarden

Add Localization section to Swift Style Guide

Open KatherineInCode opened this issue 7 months ago • 3 comments

📔 Objective

This adds a section to discuss our approach to localization in the iOS applications. This is inspired by a recent Community PR where someone was not aware of our approach and needed to make changes on review because of it.

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

KatherineInCode avatar May 16 '25 18:05 KatherineInCode

Logo Checkmarx One – Scan Summary & Detailsf9039b0f-45a1-4aba-b0b1-0a08befc42b1

New Issues (7)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
HIGH Cx7c1ed3d7-0e49 Npm-image-size-1.2.0
detailsRecommended version: 1.2.1
Description: Image-size is vulnerable to a Denial of Service (DoS) vulnerability when processing specially crafted images. The issue occurs because of an infine...
Attack Vector: NETWORK
Attack Complexity: LOW

ID: Woda2gsqVnpQyEYXQXR7mj7K%2FV39EKAtUf8xWl9u7jc%3D
Vulnerable Package
MEDIUM CVE-2024-53382 Npm-prismjs-1.29.0
detailsRecommended version: 1.30.0
Description: Prism (aka PrismJS) allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), bec...
Attack Vector: NETWORK
Attack Complexity: HIGH

ID: fwlizxwqdaoPpQ4d342dhKCKxElL575EmrV6c6NU9DI%3D
Vulnerable Package
MEDIUM CVE-2025-27789 Npm-@babel/runtime-corejs3-7.26.0
detailsRecommended version: 7.26.10
Description: Babel is a compiler for writing next-generation JavaScript. In affected versions of Babel, to compile regular expressions named capturing groups, B...
Attack Vector: LOCAL
Attack Complexity: LOW

ID: 74Nna63fUeF3gtTWqUkikW%2BCoo%2B4WAjNOU8GFUJBXS0%3D
Vulnerable Package
MEDIUM CVE-2025-27789 Npm-@babel/helpers-7.26.0
detailsRecommended version: 7.26.10
Description: Babel is a compiler for writing next-generation JavaScript. In affected versions of Babel, to compile regular expressions named capturing groups, B...
Attack Vector: LOCAL
Attack Complexity: LOW

ID: ywGlLgJZknNLVdBiTMimpAQBH6FiPjjoKgXobOU3D%2Fw%3D
Vulnerable Package
MEDIUM CVE-2025-32014 Npm-estree-util-value-to-estree-3.2.1
detailsRecommended version: 3.3.3
Description: A vulnerability in estree-util-value-to-estree versions prior to 3.3.3 allows an attacker to generate an "ESTree" object that specifies a prototype...
Attack Vector: NETWORK
Attack Complexity: LOW

ID: 82povqtMfq%2FEPt5NgsTkx79RjjbjVBosK9av%2FNEQjIY%3D
Vulnerable Package
MEDIUM CVE-2025-32996 Npm-http-proxy-middleware-2.0.7
detailsRecommended version: 2.0.9
Description: In http-proxy-middleware v1.3.0 through v2.0.7 and v3.x through v3.0.3, "writeBody" function can be called twice because "else if" is not used.
Attack Vector: NETWORK
Attack Complexity: HIGH

ID: W%2BLRR1%2F6eqx5A%2B7YUaQ4TajfjO7ypS7N44g9xi%2BYuk8%3D
Vulnerable Package
MEDIUM CVE-2025-32997 Npm-http-proxy-middleware-2.0.7
detailsRecommended version: 2.0.9
Description: In http-proxy-middleware versions 1.3.0 through 2.0.8 and 3.x through 3.0.4, the "fixRequestBody" function proceeds even if "bodyParser" has failed.
Attack Vector: NETWORK
Attack Complexity: HIGH

ID: WYWc0EYNOxrgFwrFI0mEDUCawBIwAopD%2FDGP5Xc%2BYHg%3D
Vulnerable Package

github-actions[bot] avatar May 16 '25 18:05 github-actions[bot]

Deploying contributing-docs with  Cloudflare Pages  Cloudflare Pages

Latest commit: b85af21
Status: ✅  Deploy successful!
Preview URL: https://343aa1e6.contributing-docs.pages.dev
Branch Preview URL: https://katherine-swift-localization.contributing-docs.pages.dev

View logs

cloudflare-workers-and-pages[bot] avatar May 16 '25 19:05 cloudflare-workers-and-pages[bot]

In addition to this, could we please also link to https://contributing.bitwarden.com/contributing/#localization-l10n

Good call! I'll make that change when I get a chance

KatherineInCode avatar May 19 '25 13:05 KatherineInCode