server
server copied to clipboard
Published
20 hours ago âĸ
bitwarden
bitwarden
[Sm-1197] - dupe guids
đī¸ Tracking
đ Objective
Return better error message when duplicate Ids are passed to get-secret-by-ids API using SM-Action Creating a new PR to undo the revert of it in main.
đ¸ Screenshots
â° Reminders before review
- Contributor guidelines followed
- All formatters and local linters executed and passed
- Written new unit and / or integration tests where applicable
- Protected functional changes with optionality (feature flags)
- Used internationalization (i18n) for all UI strings
- CI builds passed
- Communicated to DevOps any deployment requirements
- Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team
đĻŽ Reviewer guidelines
- đ (
:+1:) or similar for great changes - đ (
:memo:) or âšī¸ (:information_source:) for notes or general info - â (
:question:) for questions - đ¤ (
:thinking:) or đ (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion - đ¨ (
:art:) for suggestions / improvements - â (
:x:) or â ī¸ (:warning:) for more significant problems or concerns needing attention - đą (
:seedling:) or âģī¸ (:recycle:) for future improvements or indications of technical debt - â (
:pick:) for minor or nitpick changes
Checkmarx One â Scan Summary & Details â f2c9051d-4eb3-4f8d-83ce-e47b17f9c91f
New Issues
| Severity | Issue | Source File / Package | Checkmarx Insight |
|---|---|---|---|
 |
Privacy_Violation | /src/Api/Auth/Controllers/WebAuthnController.cs: 178 | Attack Vector |
|
Privacy_Violation | /src/Api/Auth/Controllers/AccountsController.cs: 548 | Attack Vector |
|
Privacy_Violation | /src/Api/Auth/Controllers/AccountsController.cs: 828 | Attack Vector |
|
Privacy_Violation | /src/Api/Controllers/DevicesController.cs: 129 | Attack Vector |
|
Privacy_Violation | /src/Api/Auth/Controllers/AccountsController.cs: 846 | Attack Vector |
|
Privacy_Violation | /src/Api/Vault/Controllers/CiphersController.cs: 961 | Attack Vector |
|
Privacy_Violation | /src/Api/Auth/Controllers/AccountsController.cs: 411 | Attack Vector |
|
Privacy_Violation | /src/Api/Auth/Controllers/TwoFactorController.cs: 444 | Attack Vector |
|
Privacy_Violation | /src/Api/AdminConsole/Controllers/OrganizationsController.cs: 260 | Attack Vector |
|
Privacy_Violation | /src/Api/Controllers/DevicesController.cs: 155 | Attack Vector |
|
Privacy_Violation | /src/Api/AdminConsole/Controllers/OrganizationsController.cs: 376 | Attack Vector |
|
Privacy_Violation | /src/Api/AdminConsole/Controllers/OrganizationsController.cs: 429 | Attack Vector |
 |
Log_Forging | /src/Api/Auth/Controllers/WebAuthnController.cs: 153 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/WebAuthnController.cs: 85 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/WebAuthnController.cs: 68 | Attack Vector |
|
Log_Forging | /src/Api/Vault/Controllers/CiphersController.cs: 222 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 94 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 104 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 122 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 131 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 148 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/AccountsController.cs: 403 | Attack Vector |
|
Log_Forging | /src/Api/Controllers/DevicesController.cs: 120 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/AccountsController.cs: 540 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/AccountsController.cs: 820 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/AccountsController.cs: 838 | Attack Vector |
|
Log_Forging | /src/Api/Vault/Controllers/CiphersController.cs: 953 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 402 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 157 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 188 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 206 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 245 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 254 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 263 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 280 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 289 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 297 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 350 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 369 | Attack Vector |
|
Log_Forging | /src/Api/Auth/Controllers/TwoFactorController.cs: 380 | Attack Vector |
|
Log_Forging | /src/Api/AdminConsole/Controllers/OrganizationsController.cs: 240 | Attack Vector |
|
Log_Forging | /src/Api/Controllers/DevicesController.cs: 146 | Attack Vector |
|
Log_Forging | /src/Api/AdminConsole/Controllers/OrganizationsController.cs: 404 | Attack Vector |
|
Log_Forging | /src/Api/AdminConsole/Controllers/OrganizationsController.cs: 341 | Attack Vector |
Fixed Issues
| Severity | Issue | Source File / Package |
|---|---|---|
|
CSRF | /src/Billing/Controllers/StripeController.cs: 130 |
|
CSRF | /src/Billing/Controllers/StripeController.cs: 117 |
|
CSRF | /src/Api/Auth/Controllers/TwoFactorController.cs: 411 |
|
CSRF | /src/Api/Vault/Controllers/CiphersController.cs: 583 |
|
CSRF | /src/Api/Vault/Controllers/CiphersController.cs: 583 |
|
CSRF | /bitwarden_license/src/Sso/Controllers/AccountController.cs: 100 |
|
CSRF | /src/Identity/Controllers/AccountsController.cs: 72 |
|
Log_Forging | /src/Api/Vault/Controllers/CiphersController.cs: 583 |
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 41.32%. Comparing base (
07d37b1) to head (caa095f).
Additional details and impacted files
@@ Coverage Diff @@
## main #4202 +/- ##
==========================================
+ Coverage 41.31% 41.32% +0.01%
==========================================
Files 1262 1262
Lines 60067 60079 +12
Branches 5484 5485 +1
==========================================
+ Hits 24816 24828 +12
Misses 34108 34108
Partials 1143 1143
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}