Commit Graph

1371 Commits

Author SHA1 Message Date
Thomas Rittson 306aef73d4
Increase error checking on imported Login items (#369)
* Increase error checking on imported Login items

* Check encKey when importing encrypted JSON

* Fix style, use GUID as random string for test

* Revert "Increase error checking on imported Login items"

This reverts commit 17294527863cc53b84ed218f94ffbc21f4e96260.

* fix linting

* Fix tests
2021-05-13 10:58:59 +10:00
Oscar Hinton ba1a40af4e
Bump node to 14 (#358)
* Bump node requirement to 14 and npm to 7
2021-05-12 18:55:00 +02:00
Oscar Hinton 1e2c56cacf
Add bulk reinvite apis (#374) 2021-05-12 11:17:18 +02:00
Thomas Rittson 8244971026
Refactor Send 'copy link' functionality (#373) 2021-05-12 06:39:31 +10:00
Matt Gibson 2cf5d767b5
Fix null search service checking (#372)
* Do not reset Search Index if SearchService is null

* Check lambda exists

* Fix Chalk
2021-05-10 09:52:45 -05:00
Matt Gibson 2750ca7586
Reject form promises for proper error handling (#371) 2021-05-10 09:43:57 -05:00
Oscar Hinton 1b8f6aace2
Add setting to disable biometric auto prompt on desktop (#370)
* Add setting to disable biometric auto prompt on desktop

* Add callback for checking if the window is visible.
2021-05-06 19:41:51 +02:00
Thomas Rittson d184b0d2d6
Default values for cipher.reprompt (#367)
* Set default cipher.reprompt value for imports

* Set default cipher.reprompt value for new ciphers

* Add support for importing bitwarden exports

* Add default cipher.reprompt for JSON imports

Co-authored-by: Hinton <oscar@oscarhinton.com>
2021-05-05 17:54:17 +10:00
Tomer Shvueli 2841cff90a
feat: enable copying of TOTP code when auto filling credentials (#278)
* feat: Help enable copying of TOTP code when auto filling credentials

* fix: Update constant to stay consistent
2021-05-05 12:25:58 +10:00
Oscar Hinton e2cb9b6bef
Include encrypt in formPromise (#368)
* Include encrypt in formPromise
2021-05-04 16:26:26 +02:00
Oscar Hinton a72c8a60c1
Password reprompt (#357) 2021-04-29 13:31:21 +02:00
Daniel James Smith 1eb40a4891
Add support to import from Nordpass(.csv) (#360)
* Add support for parsing .csv files from Nordpass

* Remove whitespace before extracting CardExpiration

* Add curlybraces to one-liner if's as requested

* NordPassImporter: Process more complex names
2021-04-29 06:51:35 -04:00
Daniel James Smith e298ecfee3
Add import of totp from Lastpass (#361)
* Add import of totp from Lastpass

* Fixed import as request during review
2021-04-28 16:50:37 -04:00
Oscar Hinton 5b7d918f29
Validate key before using it (#366)
* Validate key before using it
2021-04-28 22:02:43 +02:00
Oscar Hinton 672d07e1e2
Change download to happen in the renderer (#365) 2021-04-27 16:44:28 +02:00
Thomas Rittson 4eb50d757d
Let subclasses override create Send success msg (#362) 2021-04-27 07:30:47 +10:00
Matt Gibson 5b751d38a0
Fix auth error if last block put takes too long (#364) 2021-04-26 15:06:18 -05:00
Matt Gibson 5be76c1a63
Allow external awaits of indexing (#359)
* Allow external awaits of indexing

We were getting stuck in an infinite load loop where we were basing
logic on a dirty state of search service. This await enables us to
wait until an index is complete, then update it rather than being
kicked out of indexing early because it is in progress.

* Stop infinite loop by specifying ciphers to index
2021-04-23 13:55:57 -05:00
Chad Griffis b6f102938f
Update color-password.pipe.js to handle Unicode/Emoji correctly accross platforms. (#354) 2021-04-22 16:56:36 -04:00
Matt Gibson 090ad790f5
Specify Organization indexed on search service (#356)
* Specify Organization indexed on search service

a null indexedEntityId specifies it is the users entire vault.
otherwise, organizations specify their id to signify the index is a subset.

user's vault will re-index if the indexed entity does not match the
users id or null. at the moment, user's vault does not set userId
because indexing occurs in the setter for decryptedCipherCache,
which cannot be asynchronous

* Linter fix
2021-04-22 14:53:45 -05:00
Oscar Hinton aca098645a
Bump dependencies (#350)
* Bump dependencies
2021-04-22 21:17:14 +02:00
Matt Gibson 11fff06b8c
Use new attachment download data (#355)
* Use new attachment download data

* lint fix
2021-04-22 09:30:53 -05:00
Thomas Rittson 36641f07b9
Add unauthGuard and lockGuard to prevent unintended navigation (#351)
* Lift web repo unauthGuardService up to jslib

* Add lockGuard (requires vault to be locked)

* Fix linting
2021-04-22 07:52:48 +10:00
Oscar Hinton 3c872e56f2
Revert "Password reprompt (#343)" (#353)
This reverts commit 372e139810.
2021-04-21 20:49:18 +02:00
Matt Gibson 1f62b22285
CLI specifies bitwarden api for send download (#348)
This is needed for CLI to download Send files from non-configured
Bitwarden Servers. Web does not have this issue because it can assume
api from its own url.
2021-04-20 19:17:31 -05:00
Matt Gibson 3a1087456f
Rename CipherString and CipherArrayBuffer to Enc (#352) 2021-04-20 19:16:19 -05:00
Matt Gibson a5ccca05da
Fix mistake and clarify api method name (#347) 2021-04-20 14:59:51 -05:00
Oscar Hinton 372e139810
Password reprompt (#343)
Add support for password reprompt on cipher items
2021-04-15 16:14:33 +02:00
Thomas Rittson 66eec2b022
Use sync instead of token to manage emailVerified (#344) 2021-04-15 07:00:49 +10:00
Oscar Hinton 92df633040
Remove last remnants of old analytics code (#345) 2021-04-14 21:34:30 +02:00
Matt Gibson 0a0cdaa7fd
Fix cipher upload (#346)
* Upload correct data array

* Require BufferArray Encryption for upload to server

The CipherArrayBuffer tiny type is only created by CryptoService
and required by all upload methods

* Add test for attachment upload encryption
2021-04-14 10:47:10 -05:00
kapitainsky c832728b6d
fix: cmd + w doesn't close the window on macOS (#714) (#342)
cmd + w doesn't close the window on macOS. Based on @cscharf explanation - https://github.com/bitwarden/desktop/issues/714#issuecomment-810554674 - it seems that issue was introduced in response to erroneous Apple Store approver request. The code change reversed this change.
2021-04-13 14:31:34 -04:00
Tomasz Zdybał 827674847f
Skip FirefoxAccounts during Firefox CSV Import (#323)
* Skip FirefoxAccounts during Firefox CSV Import

Firefox exports 'chrome://FirefoxAccounts' if Firefox Accouts are used
in browser. It's quite hacky - password field in CSV is actually a JSON
encoded data, not a password.
Because it's not a useful record, it should be skipped during import.

* Fix indentation

* Move test Firefox test data to files, fix linter errors
2021-04-12 12:08:56 -05:00
Matt Gibson 62cc43fb46
Move renew endpoint to fix overlapping endpoint issue (#335) 2021-04-12 09:45:06 -05:00
Kyle Spearrin cbd86a83c5 npm audit fix 2021-04-09 12:01:29 -04:00
Snyk bot 2428b7e592
fix: package.json & package-lock.json to reduce vulnerabilities (#334)
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NODEFETCH-674311
- https://snyk.io/vuln/SNYK-JS-PAPAPARSE-564258
2021-04-09 11:58:32 -04:00
Kyle Spearrin 97715585a6 fix build problem with signalr upgrade 2021-04-09 11:54:16 -04:00
Snyk bot 0c7af12ffa
fix: upgrade @microsoft/signalr-protocol-msgpack from 3.1.0 to 3.1.13 (#327)
Snyk has created this PR to upgrade @microsoft/signalr-protocol-msgpack from 3.1.0 to 3.1.13.

See this package in npm:
https://www.npmjs.com/package/@microsoft/signalr-protocol-msgpack

See this project in Snyk:
https://app.snyk.io/org/kspearrin/project/38b1ffd6-0f49-4f56-b34f-c800f1e8b2aa?utm_source=github&utm_medium=upgrade-pr

Co-authored-by: Kyle Spearrin <kspearrin@users.noreply.github.com>
2021-04-09 11:44:33 -04:00
Snyk bot 0826247c7a
fix: upgrade node-forge from 0.7.6 to 0.10.0 (#329)
Snyk has created this PR to upgrade node-forge from 0.7.6 to 0.10.0.

See this package in npm:
https://www.npmjs.com/package/node-forge

See this project in Snyk:
https://app.snyk.io/org/kspearrin/project/38b1ffd6-0f49-4f56-b34f-c800f1e8b2aa?utm_source=github&utm_medium=upgrade-pr
2021-04-09 11:02:38 -04:00
Snyk bot 08cd6874a5
fix: upgrade core-js from 2.6.2 to 2.6.12 (#328)
Snyk has created this PR to upgrade core-js from 2.6.2 to 2.6.12.

See this package in npm:
https://www.npmjs.com/package/core-js

See this project in Snyk:
https://app.snyk.io/org/kspearrin/project/38b1ffd6-0f49-4f56-b34f-c800f1e8b2aa?utm_source=github&utm_medium=upgrade-pr
2021-04-09 11:00:20 -04:00
Snyk bot bb5482be72
fix: upgrade @microsoft/signalr from 3.1.0 to 3.1.13 (#326)
Snyk has created this PR to upgrade @microsoft/signalr from 3.1.0 to 3.1.13.

See this package in npm:
https://www.npmjs.com/package/@microsoft/signalr

See this project in Snyk:
https://app.snyk.io/org/kspearrin/project/38b1ffd6-0f49-4f56-b34f-c800f1e8b2aa?utm_source=github&utm_medium=upgrade-pr
2021-04-09 11:00:08 -04:00
Snyk bot db02b78384
fix: upgrade big-integer from 1.6.36 to 1.6.48 (#325)
Snyk has created this PR to upgrade big-integer from 1.6.36 to 1.6.48.

See this package in npm:
https://www.npmjs.com/package/big-integer

See this project in Snyk:
https://app.snyk.io/org/kspearrin/project/38b1ffd6-0f49-4f56-b34f-c800f1e8b2aa?utm_source=github&utm_medium=upgrade-pr
2021-04-09 10:59:42 -04:00
Thomas Rittson 85893f5f9e
Require user to verify email to use file Send (#331)
* Require user to verify email to use file Send

* Simplify alertShown logic
2021-04-09 07:05:15 +10:00
Oscar Hinton 78d40d9f18
Remove electron remote (#332)
* Replace remote calls with ipcRenderer.invoke.
2021-04-07 19:42:06 +02:00
Steven 728e40fbfa
Optimize isSearchable for Chinese. (#330)
* Optimize isSearchable for Chinese.

* Fix lint.

* Fix lint.
2021-04-07 10:51:34 -04:00
Vincent Salucci 97ece68dec
[Reset Password] Custom user permission (#317) 2021-04-06 08:47:16 -05:00
Matt Gibson baca6d7966
Use iterator compatible Array instantiation (#324) 2021-04-05 17:49:39 -05:00
Oscar Hinton ba742f72d8
Restrict WebAuthn to Windows only for Electron (#322) 2021-04-05 22:38:45 +02:00
Matt Gibson 08a856645b
Add collections to ciphers in export model. (#320)
* Add collections to ciphers in export model.

This enables immediately setting collections from the CLI on create.
The other location this code is used is on import of Bitwarden json data.
However, collectionId is explicitly nulled out here to be resolved
later at the server level.

* Linter fix
2021-04-05 15:21:07 -05:00
Daniel James Smith b774c3e785
Replaced appveyor build badge with one from Github Workflow (#319)
* Deleted appveyor.yml

* Removed Appveyor check in karma.conf.js

* Modified build badge to use Github workflow

* Fixed missing parenthesis in README.md
2021-04-05 15:25:45 -04:00