Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PM-12036] Removing ActiveUserState from vault-onboarding.service.ts #12898

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[PM-12036] Removing ActiveUserState from vault-onboarding.service.ts #12898

wants to merge 1 commit into from
+20 −9

Conversation

cd-bitwarden
Copy link
Contributor

🎟️ Tracking


📔 Objective

Use SingleUserState not ActiveUserState in vault-onboarding.service

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

@cd-bitwarden cd-bitwarden requested a review from a team as a code owner January 15, 2025 22:41
@github-actions GitHub Actions
Copy link
Contributor

Logo
Checkmarx One – Scan Summary & Details7fe1c22e-6cd2-4068-bc69-90607cdfc63a

New Issues (11)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2024-12381 Npm-electron-33.2.1 Vulnerable Package
MEDIUM Angular_Improper_Type_Pipe_Usage /apps/browser/src/autofill/popup/fido2/fido2-use-browser-link-v1.component.html: 1
detailsThe value used in fido2PopoutSessionData$ at /apps/browser/src/autofill/popup/fido2/fido2-use-browser-link-v1.component.html in line 1 may throw an...
Attack Vector
MEDIUM CVE-2024-11110 Npm-electron-33.2.1 Vulnerable Package
MEDIUM CVE-2024-11117 Npm-electron-33.2.1 Vulnerable Package
MEDIUM Client_Privacy_Violation /apps/browser/src/vault/popup/components/vault-v2/vault-list-items-container/vault-list-items-container.component.html: 15
detailsMethod at line 15 of /apps/browser/src/vault/popup/components/vault-v2/vault-list-items-container/vault-list-items-container.component.html sends ...
Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/popup/settings/autofill-v1.component.ts: 104
detailsMethod AutofillV1Component at line 104 of /apps/browser/src/autofill/popup/settings/autofill-v1.component.ts sends user information outside the app...
Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/popup/settings/notifications-v1.component.ts: 32
detailsMethod ngOnInit at line 32 of /apps/browser/src/autofill/popup/settings/notifications-v1.component.ts sends user information outside the applicatio...
Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/popup/settings/autofill-v1.component.ts: 104
detailsMethod AutofillV1Component at line 104 of /apps/browser/src/autofill/popup/settings/autofill-v1.component.ts sends user information outside the app...
Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/popup/fido2/fido2-cipher-row-v1.component.ts: 12
detailsMethod app_fido2_cipher_row_v1 at line 12 of /apps/browser/src/autofill/popup/fido2/fido2-cipher-row-v1.component.ts sends user information outside...
Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/popup/fido2/fido2-cipher-row-v1.component.ts: 12
detailsMethod app_fido2_cipher_row_v1 at line 12 of /apps/browser/src/autofill/popup/fido2/fido2-cipher-row-v1.component.ts sends user information outside...
Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/popup/fido2/fido2-cipher-row-v1.component.ts: 12
detailsMethod app_fido2_cipher_row_v1 at line 12 of /apps/browser/src/autofill/popup/fido2/fido2-cipher-row-v1.component.ts sends user information outside...
Attack Vector
Fixed Issues (2)

Great job! The following issues were fixed in this Pull Request

Severity Issue Source File / Package
MEDIUM Client_Privacy_Violation /bitwarden_license/bit-web/src/app/tools/access-intelligence/org-at-risk-apps-dialog.component.html: 15
MEDIUM Client_Privacy_Violation /bitwarden_license/bit-web/src/app/tools/access-intelligence/org-at-risk-members-dialog.component.html: 17

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shane-melton shane-melton Awaiting requested review from shane-melton shane-melton is a code owner automatically assigned from bitwarden/team-vault-dev

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cd-bitwarden