bitwarden-bot
commented
7 months ago 
Checkmarx One – Scan Summary & Details – a7e58bb5-2b07-4aab-a7b5-e529a4c204db
Fixed Issues
| Severity | Issue | Source File / Package |
|---|---|---|
 |
Client_Privacy_Violation | /src/app/accounts/apiKey.component.ts: 27 |
|
Client_Privacy_Violation | /src/app/tabs/settings.component.html: 370 |
|
Client_Privacy_Violation | /src/app/tabs/settings.component.html: 229 |
|
Client_Privacy_Violation | /src/app/tabs/settings.component.html: 212 |
|
Client_Privacy_Violation | /src/app/accounts/apiKey.component.html: 22 |
|
Missing_HSTS_Header | /jslib/common/src/services/api.service.ts: 243 |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: 79 |
|
Unpinned Actions Full Length Commit SHA | /version-bump.yml: 29 |
|
Unpinned Actions Full Length Commit SHA | /release.yml: 39 |
|
Unpinned Actions Full Length Commit SHA | /release.yml: 62 |
|
Unpinned Actions Full Length Commit SHA | /build.yml: 665 |
 |
Client_DOM_Open_Redirect | /jslib/common/src/misc/iframe_component.ts: 49 |
|
Client_DOM_Open_Redirect | /jslib/common/src/misc/webauthn_iframe.ts: 25 |
|
Client_Password_In_Comment | /jslib/common/src/services/userVerification.service.ts: 25 |
|
Client_Password_In_Comment | /jslib/common/src/enums/policyType.ts: 10 |
|
Log_Forging | /src/services/azure-directory.service.ts: 497 |
|
Missing_CSP_Header | /jslib/common/src/services/azureFileUpload.service.ts: 28 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 388 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 388 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 388 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 388 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 388 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 388 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 388 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 388 |
|
Use_Of_Hardcoded_Password | /scripts/notarize.js: 11 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 508 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 519 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 517 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 516 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 494 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 493 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 492 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 106 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 105 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 104 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 247 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 246 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 245 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 129 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 128 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 127 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 81 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 363 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 343 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 339 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 328 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 327 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 332 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 331 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 363 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 343 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 339 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 328 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 327 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 332 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 331 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 363 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 343 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 339 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 328 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 327 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 332 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 331 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 363 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 343 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 339 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 328 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 327 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 332 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 331 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 363 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 343 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 339 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 328 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 327 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 332 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 331 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 363 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 343 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 339 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 328 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 327 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 332 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 331 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 363 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 343 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 339 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 328 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 327 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 332 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 331 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 129 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 128 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 127 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 129 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 128 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 127 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 129 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 128 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 127 |
|
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 112 |
|
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 106 |
|
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 104 |
|
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 98 |
|
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 96 |
|
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 90 |
|
Use_Of_Hardcoded_Password | /jslib/common/src/services/passwordGeneration.service.ts: 88 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 363 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 343 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 339 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 328 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 327 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 332 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 331 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 353 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 353 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 356 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 355 |
|
Use_Of_Hardcoded_Password | /jslib/node/src/cli/commands/login.command.ts: 81 |
|
Use_Of_Hardcoded_Password | /jslib/node/spec/services/nodeCryptoFunction.service.spec.ts: 306 |
|
Use_Of_Hardcoded_Password | /jslib/node/spec/services/nodeCryptoFunction.service.spec.ts: 305 |
|
Use_Of_Hardcoded_Password | /jslib/node/spec/services/nodeCryptoFunction.service.spec.ts: 304 |
|
Use_Of_Hardcoded_Password | /jslib/node/spec/services/nodeCryptoFunction.service.spec.ts: 304 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/cipher.spec.ts: 137 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/cipher.spec.ts: 76 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/login.spec.ts: 40 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/password.spec.ts: 29 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/misc/logInStrategies/logIn.strategy.spec.ts: 27 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/misc/logInStrategies/passwordLogIn.strategy.spec.ts: 24 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/misc/logInStrategies/passwordLogIn.strategy.spec.ts: 24 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/misc/logInStrategies/passwordLogIn.strategy.spec.ts: 23 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/misc/logInStrategies/passwordLogIn.strategy.spec.ts: 23 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/misc/logInStrategies/passwordLogIn.strategy.spec.ts: 22 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/misc/logInStrategies/passwordLogIn.strategy.spec.ts: 22 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/misc/logInStrategies/passwordLogIn.strategy.spec.ts: 22 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/cipher.spec.ts: 205 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/send.spec.ts: 139 |
|
Use_Of_Hardcoded_Password | /jslib/common/src/services/cipher.service.ts: 133 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/send.spec.ts: 109 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/login.spec.ts: 90 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/send.spec.ts: 86 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/cipher.spec.ts: 70 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/login.spec.ts: 69 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/password.spec.ts: 47 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/send.spec.ts: 35 |
|
Use_Of_Hardcoded_Password | /jslib/common/spec/domain/login.spec.ts: 29 |
|
Use_Of_Hardcoded_Password |
This PR contains the following updates:
8.10.0->9.1.0Release Notes
prettier/eslint-config-prettier (eslint-config-prettier)
### [`v9.1.0`](https://togithub.com/prettier/eslint-config-prettier/blob/HEAD/CHANGELOG.md#Version-910-2023-12-02) [Compare Source](https://togithub.com/prettier/eslint-config-prettier/compare/v9.0.0...v9.1.0) - Added: \[unicorn/template-indent], (as a \[special rule]\[unicorn/template-indent-special]). Thanks to Gürgün Dayıoğlu ([@gurgunday](https://togithub.com/gurgunday))! - Changed: All the \[formatting rules that were deprecated in ESLint 8.53.0]\[deprecated-8.53.0] are now excluded if you set the `ESLINT_CONFIG_PRETTIER_NO_DEPRECATED` environment variable. ### [`v9.0.0`](https://togithub.com/prettier/eslint-config-prettier/blob/HEAD/CHANGELOG.md#Version-900-2023-08-05) [Compare Source](https://togithub.com/prettier/eslint-config-prettier/compare/v8.10.0...v9.0.0) - Added: The CLI helper tool now works with eslint.config.js (flat config). Just like ESLint itself, the CLI tool automatically first tries eslint.config.js and then eslintrc, and you can force which one to use by setting the \[ESLINT_USE_FLAT_CONFIG] environment variable. Note that the *config* of eslint-config-prettier has always been compatible with eslint.config.js (flat config) – it was just the CLI tool that needed updating. On top of that, the docs have been updated to mention how to use both eslint.config.js (flat config) and eslintrc, and the tests now test both config systems. - Changed: \[unicode-bom] is no longer turned off. Prettier preserves the BOM if you have one, and does not add one if missing. It was wrong of eslint-config-prettier to disable that rule. If you get ESLint errors after upgrading, either add `"unicode-bom": "off"` to your config to disable it again, or run ESLint with `--fix` to fix all files according to the rule (add or remove BOM). Thanks to Nicolas Stepien ([@nstepien](https://togithub.com/nstepien))!Configuration
📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.
AC-2149