[deps]: Update bootstrap to v5 [SECURITY]

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
bootstrap (source)	4.6.2 -> 5.0.0

GitHub Vulnerability Alerts

CVE-2024-6531

A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.

---

Release Notes

twbs/bootstrap (bootstrap)

### [`v5.0.0`](https://redirect.github.com/twbs/bootstrap/releases/tag/v5.0.0) [Compare Source](https://redirect.github.com/twbs/bootstrap/compare/v4.6.2...v5.0.0) #### Highlights [#​32155](https://redirect.github.com/twbs/bootstrap/issues/32155): Updated `make-col()` mixin to generate equal columns when no size is specified [#​32763](https://redirect.github.com/twbs/bootstrap/issues/32763): Added new `color-scheme()` mixin [#​33389](https://redirect.github.com/twbs/bootstrap/issues/33389): Dropdown menus now have option become clickable [#​33453](https://redirect.github.com/twbs/bootstrap/issues/33453): Added new docs footer [#​33548](https://redirect.github.com/twbs/bootstrap/issues/33548): Offcanvas header components are now vertically aligned [#​33549](https://redirect.github.com/twbs/bootstrap/issues/33549): Added offcanvas-top modifier [#​33634](https://redirect.github.com/twbs/bootstrap/issues/33634): Added support for `.dropdown-item`s wrapped in `

`s [#​33626](https://redirect.github.com/twbs/bootstrap/issues/33626): Fix v5 regressions in tab dropdown functionality #### 🚀 Features - [#​32763](https://redirect.github.com/twbs/bootstrap/issues/32763): Add `color-scheme` mixin - [#​33389](https://redirect.github.com/twbs/bootstrap/issues/33389): Dropdown — Add option to make the dropdown menu clickable - [#​33549](https://redirect.github.com/twbs/bootstrap/issues/33549): Add offcanvas-top modifier #### 🎨 CSS - [#​32155](https://redirect.github.com/twbs/bootstrap/issues/32155): Add equal column mixin - [#​32763](https://redirect.github.com/twbs/bootstrap/issues/32763): Add `color-scheme` mixin - [#​33292](https://redirect.github.com/twbs/bootstrap/issues/33292): Make accordion icon rotation more natural - [#​33411](https://redirect.github.com/twbs/bootstrap/issues/33411): Fix validation feedback icon in select multiple - [#​33478](https://redirect.github.com/twbs/bootstrap/issues/33478): Make `.nav-link` color consistent when using buttons - [#​33482](https://redirect.github.com/twbs/bootstrap/issues/33482): Dropdown — Apply positioning only when Popper is not used - [#​33548](https://redirect.github.com/twbs/bootstrap/issues/33548): Vertically align offcanvas header components - [#​33549](https://redirect.github.com/twbs/bootstrap/issues/33549): Add offcanvas-top modifier - [#​33550](https://redirect.github.com/twbs/bootstrap/issues/33550): Spinner alignment changes - [#​33598](https://redirect.github.com/twbs/bootstrap/issues/33598): Hide validation icons from multiple selects - [#​33600](https://redirect.github.com/twbs/bootstrap/issues/33600): Have $form-check-input-border's default derive from $black - [#​33607](https://redirect.github.com/twbs/bootstrap/issues/33607): Reduce color-scheme complexity - [#​33642](https://redirect.github.com/twbs/bootstrap/issues/33642): use `:read-only` css selector instead `[readonly]` for consistency - [#​33658](https://redirect.github.com/twbs/bootstrap/issues/33658): fix: use list-group variable instead of alert - [#​33736](https://redirect.github.com/twbs/bootstrap/issues/33736): accordion: fix `border-top` on Firefox #### ☕️ JavaScript - [#​32439](https://redirect.github.com/twbs/bootstrap/issues/32439): Decouple BackDrop from modal - [#​33245](https://redirect.github.com/twbs/bootstrap/issues/33245): Decouple Modal's scrollbar functionality - [#​33249](https://redirect.github.com/twbs/bootstrap/issues/33249): Simplify Modal Config - [#​33250](https://redirect.github.com/twbs/bootstrap/issues/33250): Simplify ScrollSpy config - [#​33310](https://redirect.github.com/twbs/bootstrap/issues/33310): fix: make EventHandler better handle mouseenter/mouseleave events - [#​33389](https://redirect.github.com/twbs/bootstrap/issues/33389): Dropdown — Add option to make the dropdown menu clickable - [#​33429](https://redirect.github.com/twbs/bootstrap/issues/33429): Remove element event listeners through base component - [#​33451](https://redirect.github.com/twbs/bootstrap/issues/33451): Add missing things in `hide` method of dropdown - [#​33456](https://redirect.github.com/twbs/bootstrap/issues/33456): Use our `isDisabled` util on dropdown - [#​33466](https://redirect.github.com/twbs/bootstrap/issues/33466): Refactor dropdown's hide functionality - [#​33479](https://redirect.github.com/twbs/bootstrap/issues/33479): Fix dropdown escape propagation - [#​33496](https://redirect.github.com/twbs/bootstrap/issues/33496): Use cached `noop` function - [#​33497](https://redirect.github.com/twbs/bootstrap/issues/33497): Use template literals instead of concatenation - [#​33499](https://redirect.github.com/twbs/bootstrap/issues/33499): Fix wrong carousel transformation, direction to order - [#​33545](https://redirect.github.com/twbs/bootstrap/issues/33545): Use the backdrop util in offcanvas, enforcing consistency - [#​33586](https://redirect.github.com/twbs/bootstrap/issues/33586): Tab.js: Fixes on click handling - [#​33589](https://redirect.github.com/twbs/bootstrap/issues/33589): refactor: make static `selectMenuItem` method private - [#​33612](https://redirect.github.com/twbs/bootstrap/issues/33612): tests: fix random BrowserStack failures in scrollbar - [#​33626](https://redirect.github.com/twbs/bootstrap/issues/33626): Fix v5 regressions in tab dropdown functionality - [#​33634](https://redirect.github.com/twbs/bootstrap/issues/33634): Dropdown: support `.dropdown-item` wrapped in `

` tags - [#​33638](https://redirect.github.com/twbs/bootstrap/issues/33638): Fix toggle between modals example - [#​33643](https://redirect.github.com/twbs/bootstrap/issues/33643): fix: clicking an item in navbar dropdown should not collapse the dropdown in firefox - [#​33666](https://redirect.github.com/twbs/bootstrap/issues/33666): Modal.js: fix test for scrollbar - [#​33677](https://redirect.github.com/twbs/bootstrap/issues/33677): Offcanvas.js: If scroll is allowed, should allow focus on other elements - [#​33684](https://redirect.github.com/twbs/bootstrap/issues/33684): Don't change the value for `altBoundary` option - [#​33706](https://redirect.github.com/twbs/bootstrap/issues/33706): Scrollbar: respect the initial body overflow value #### 📖 Docs - [#​33446](https://redirect.github.com/twbs/bootstrap/issues/33446): Make offcanvas example fully static - [#​33453](https://redirect.github.com/twbs/bootstrap/issues/33453): Add new docs footer - [#​33521](https://redirect.github.com/twbs/bootstrap/issues/33521): The spacing margin side identifiers 's' and 'e' may be intuitive for … - [#​33522](https://redirect.github.com/twbs/bootstrap/issues/33522): Clarify docs accordion example - [#​33543](https://redirect.github.com/twbs/bootstrap/issues/33543): Update parcel.md - [#​33553](https://redirect.github.com/twbs/bootstrap/issues/33553): Add example: Panels stay open - [#​33567](https://redirect.github.com/twbs/bootstrap/issues/33567): Fixed wrong method name \_getInstance - [#​33571](https://redirect.github.com/twbs/bootstrap/issues/33571): footer: fix `rel=noopener` attribute - [#​33583](https://redirect.github.com/twbs/bootstrap/issues/33583): docs: update clipboard.js to v2.0.8 - [#​33597](https://redirect.github.com/twbs/bootstrap/issues/33597): Docs: Fix wrong dark attribute in Table - Vertical Alignment - [#​33632](https://redirect.github.com/twbs/bootstrap/issues/33632): Correct the heading for the States section - [#​33638](https://redirect.github.com/twbs/bootstrap/issues/33638): Fix toggle between modals example - [#​33664](https://redirect.github.com/twbs/bootstrap/issues/33664): Docs: fix W3C validation errors in list-group example - [#​33668](https://redirect.github.com/twbs/bootstrap/issues/33668): Update anchor.js to v4.3.1. - [#​33669](https://redirect.github.com/twbs/bootstrap/issues/33669): Change from preventOverflow to detectOverflow in `boundary` option - [#​33675](https://redirect.github.com/twbs/bootstrap/issues/33675): Fix typo - [#​33676](https://redirect.github.com/twbs/bootstrap/issues/33676): Fix Grid System docs - [#​33685](https://redirect.github.com/twbs/bootstrap/issues/33685): docs: fix the default value of Popper's `boundary` option - [#​33687](https://redirect.github.com/twbs/bootstrap/issues/33687): Fixes [#​33686](https://redirect.github.com/twbs/bootstrap/issues/33686) typo in RTL docs - [#​33690](https://redirect.github.com/twbs/bootstrap/issues/33690): Add Bootstrap Icons to alerts docs - [#​33726](https://redirect.github.com/twbs/bootstrap/issues/33726): Replace modal and scrollspy placeholder content - [#​33733](https://redirect.github.com/twbs/bootstrap/issues/33733): Tooltip/Popover — Minor doc updates - [#​33735](https://redirect.github.com/twbs/bootstrap/issues/33735): Clarify `boundary` option description - [#​33772](https://redirect.github.com/twbs/bootstrap/issues/33772): Improve overall new examples' accessibility - [#​33782](https://redirect.github.com/twbs/bootstrap/issues/33782): Add new team members to the Teams page - [#​33786](https://redirect.github.com/twbs/bootstrap/issues/33786): Docs: adding intro about web accessibility - [#​33797](https://redirect.github.com/twbs/bootstrap/issues/33797): Update links to CCA, MQ5 prefers-reduced-motion, evergreen WCAG urls - [#​33810](https://redirect.github.com/twbs/bootstrap/issues/33810): Tweak toast docs - [#​33829](https://redirect.github.com/twbs/bootstrap/issues/33829): Update migration guide for some v5 changes - [#​33832](https://redirect.github.com/twbs/bootstrap/issues/33832): Fix doc typo and Bootstrap Icons link - [#​33833](https://redirect.github.com/twbs/bootstrap/issues/33833): refactor(docs): Added form file input variables - [#​33834](https://redirect.github.com/twbs/bootstrap/issues/33834): Rewrite migration guide #### Examples - [#​33097](https://redirect.github.com/twbs/bootstrap/issues/33097): Update RTL examples - [#​33759](https://redirect.github.com/twbs/bootstrap/issues/33759): fix: change margin breakpoints for bootstrap logo on double header - [#​33681](https://redirect.github.com/twbs/bootstrap/issues/33681): Fixes signup form in Heroes example - [#​33569](https://redirect.github.com/twbs/bootstrap/issues/33569): Improve responsiveness of Features examples #### 🌎 Accessibility - [#​33772](https://redirect.github.com/twbs/bootstrap/issues/33772): Improve overall new examples' accessibility - [#​33810](https://redirect.github.com/twbs/bootstrap/issues/33810): Tweak toast docs #### 🏭 Tests - [#​33578](https://redirect.github.com/twbs/bootstrap/issues/33578): Remove unnecessary `data-bs-backdrop="static"` from modal tests - [#​33612](https://redirect.github.com/twbs/bootstrap/issues/33612): tests: fix random BrowserStack failures in scrollbar - [#​33666](https://redirect.github.com/twbs/bootstrap/issues/33666): Modal.js: fix test for scrollbar - [#​33734](https://redirect.github.com/twbs/bootstrap/issues/33734): Add missing test for clicking select option in a dropdown #### 🧰 Misc - [#​33720](https://redirect.github.com/twbs/bootstrap/issues/33720): JS tests: add Node.js 16 #### 📦 Dependencies - Updated numerous devDependencies

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 0.00%. Comparing base (f52af53) to head (9d9962d). Report is 1 commits behind head on main.

:white_check_mark: All tests successful. No failed tests found.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #585 +/- ## ===================================== Coverage 0.00% 0.00% ===================================== Files 58 58 Lines 2542 2542 Branches 462 462 ===================================== Misses 2542 2542 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[bitwarden-bot]

Internal tracking:

• ID: PM-11752
• Link: https://bitwarden.atlassian.net/browse/PM-11752

[github-actions[bot]]

Checkmarx One – Scan Summary & Details – eede4f94-783b-43c8-a9a4-b2ca81b92115

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Client_Privacy_Violation	/src/app/tabs/settings.component.html: 362	Attack Vector
	Client_Privacy_Violation	/src/app/tabs/settings.component.html: 227	Attack Vector
	Client_Privacy_Violation	/src/app/tabs/settings.component.html: 212	Attack Vector
	Client_Privacy_Violation	/src/app/accounts/apiKey.component.html: 21	Attack Vector
	Client_Privacy_Violation	/src/app/accounts/apiKey.component.ts: 27	Attack Vector

Fixed Issues

Severity	Issue	Source File / Package
	Client_Privacy_Violation	/src/app/accounts/apiKey.component.ts: 27
	Client_Privacy_Violation	/src/app/tabs/settings.component.html: 370
	Client_Privacy_Violation	/src/app/tabs/settings.component.html: 229
	Client_Privacy_Violation	/src/app/tabs/settings.component.html: 212
	Client_Privacy_Violation	/src/app/accounts/apiKey.component.html: 22
	Missing_CSP_Header	/src/services/azure-directory.service.ts: 519

[renovate[bot]]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.