bitwarden
Ephemeral test
đī¸ Tracking
đ Objective
đ¸ Screenshots
â° Reminders before review
- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team
đĻŽ Reviewer guidelines
- đ (
:+1:) or similar for great changes - đ (
:memo:) or âšī¸ (:information_source:) for notes or general info - â (
:question:) for questions - đ¤ (
:thinking:) or đ (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion - đ¨ (
:art:) for suggestions / improvements - â (
:x:) or â ī¸ (:warning:) for more significant problems or concerns needing attention - đą (
:seedling:) or âģī¸ (:recycle:) for future improvements or indications of technical debt - â (
:pick:) for minor or nitpick changes
Ephemeral Environment Details: Web: https://ephem-test-01-dev.ee.bitwarden.pw/web Api: https://ephem-test-01-dev.ee.bitwarden.pw/api
Checkmarx One â Scan Summary & Details â ee1957d5-a998-42be-8155-d12ba97d74ca
New Issues
| Severity | Issue | Source File / Package | Checkmarx Insight |
|---|---|---|---|
 |
Privacy_Violation | /src/Api/Vault/Models/Request/CipherRequestModel.cs: 169 | Attack Vector |
|
Privacy_Violation | /src/Api/Vault/Models/Request/CipherRequestModel.cs: 198 | Attack Vector |
|
Unpinned Actions Full Length Commit SHA | /cleanup-ephemeral-environment.yml: 39 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
 |
Log_Forging | /src/Api/Vault/Controllers/CiphersController.cs: 217 | Attack Vector |
|
Unpinned Actions Full Length Commit SHA | /cleanup-ephemeral-environment.yml: 39 | Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps... |
Fixed Issues
| Severity | Issue | Source File / Package |
|---|---|---|
|
CSRF | /src/Billing/Controllers/RecoveryController.cs: 38 |
|
CSRF | /src/Api/Vault/Controllers/CiphersController.cs: 121 |
|
CSRF | /src/Api/Vault/Controllers/CiphersController.cs: 107 |
|
CSRF | /src/Admin/AdminConsole/Controllers/OrganizationsController.cs: 351 |
|
CSRF | /src/Billing/Controllers/StripeController.cs: 164 |
|
CSRF | /src/Api/Vault/Controllers/CiphersController.cs: 936 |
|
CSRF | /src/Api/Vault/Controllers/CiphersController.cs: 121 |
|
CSRF | /src/Api/Auth/Controllers/AccountsController.cs: 455 |
|
CSRF | /src/Api/Vault/Controllers/CiphersController.cs: 107 |
|
CSRF | /src/Admin/AdminConsole/Controllers/OrganizationsController.cs: 351 |
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Ephemeral Environment Details: Web: https://ephem-test-01.ee.bitwarden.pw/web Api: https://ephem-test-01.ee.bitwarden.pw/api
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 41.96%. Comparing base (
2c4dd3e) to head (100bf56). Report is 8 commits behind head on main.
Additional details and impacted files
@@ Coverage Diff @@
## main #4907 +/- ##
==========================================
+ Coverage 41.78% 41.96% +0.18%
==========================================
Files 1364 1374 +10
Lines 64030 64332 +302
Branches 5874 5909 +35
==========================================
+ Hits 26752 26996 +244
- Misses 36074 36117 +43
- Partials 1204 1219 +15
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Ephemeral Environment Details: Web: https://ephem-test-01.ee.bitwarden.pw/web Api: https://ephem-test-01.ee.bitwarden.pw/api
Ephemeral Environment Details: Web: https://ephem-test-01-dev.ee.bitwarden.pw/web Api: https://ephem-test-01-dev.ee.bitwarden.pw/api
Ephemeral Environment Details: Web: https://ephem-test-01-dev.ee.bitwarden.pw/web Api: https://ephem-test-01-dev.ee.bitwarden.pw/api
Ephemeral Environment Details: Web: https://ephem-test-01-dev.ee.bitwarden.pw/web Api: https://ephem-test-01-dev.ee.bitwarden.pw/api
Ephemeral Environment Details: Web: https://ephem-test-01-dev.ee.bitwarden.pw/web Api: https://ephem-test-01-dev.ee.bitwarden.pw/api
Ephemeral Environment Details: Web: https://ephem-test-01.ee.bitwarden.pw/web Api: https://ephem-test-01.ee.bitwarden.pw/api