Skip to content

Update SDK to 2.0.0-4744-599e7927 #6395

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
bw-ghapp wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Update SDK to 2.0.0-4744-599e7927 #6395

bw-ghapp wants to merge 8 commits into from
+1 −1

Conversation

@bw-ghapp
Copy link
Contributor

@bw-ghapp bw-ghapp bot commented Jan 22, 2026
edited by atlassian bot
Loading

Updates the SDK version from 2.0.0-4676-0544ddec to com.bitwarden:sdk-android 2.0.0-4744-599e7927

What's Changed

Raw changelog 
- [PM-30144] Add keystore support for unsigned shared key (#677)
- [PM-19056]  SDK: Send email verification (#643)
- [PM-24978] Pass along Attachment decryption errors (#644)
- [BEEEP] Clean up PRF/HKDF error handling (#666)
- [PM-27638|BEEEP] Add key id to passwordprotectedkeyenvelope headers (#514)
- Update pull request template (#708)
- Fix sqlite location (#707)
- [deps]: Update dtolnay/rust-toolchain digest to f7ccc83 (#630)
- SSO JIT Master Password encryption v2 new user registration Argon2Id KDF parallelism 4 (#711)

@bw-ghapp bw-ghapp bot requested a review from david-livefront as a code owner January 22, 2026 15:26
@bw-ghapp bw-ghapp bot added the automated-pr PR created by workflow or other automation label Jan 22, 2026
@bw-ghapp bw-ghapp bot requested a review from a team as a code owner January 22, 2026 15:26
@bw-ghapp bw-ghapp bot added the t:deps Change Type - Dependencies label Jan 22, 2026
@github-actions github-actions bot added app:authenticator Bitwarden Authenticator app context app:password-manager Bitwarden Password Manager app context labels Jan 22, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Jan 22, 2026
edited
Loading

Logo
Checkmarx One – Scan Summary & Details83fd5f9b-e895-4bfb-a558-085aaeb3eff5

New Issues (68)

Checkmarx found the following issues in this Pull Request

# Severity Issue Source File / Package Checkmarx Insight
1 CRITICAL Command_Injection /.github/scripts/label-pr.py: 109
detailsThe application's gh_replace_labels method calls an OS (shell) command with payload, at line 109 of /.github/scripts/label-pr.py, using an u...
Attack Vector
2 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt: 2473
detailsMethod Lambda at line 2473 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt sends user information outside the ...
Attack Vector
3 MEDIUM Privacy_Violation /network/src/testFixtures/kotlin/com/bitwarden/network/model/SyncResponseProfileUtil.kt: 54
detailsMethod createMockProfile at line 54 of /network/src/testFixtures/kotlin/com/bitwarden/network/model/SyncResponseProfileUtil.kt sends user informat...
Attack Vector
4 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt: 2631
detailsMethod Lambda at line 2631 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt sends user information outside the ...
Attack Vector
5 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt: 2546
detailsMethod Lambda at line 2546 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt sends user information outside the ...
Attack Vector
6 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt: 2365
detailsMethod Lambda at line 2365 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt sends user information outside the ...
Attack Vector
7 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt: 2417
detailsMethod Lambda at line 2417 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt sends user information outside the ...
Attack Vector
8 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt: 2315
detailsMethod Lambda at line 2315 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/CipherManagerTest.kt sends user information outside the ...
Attack Vector
9 MEDIUM Privacy_Violation /ui/src/main/kotlin/com/bitwarden/ui/platform/model/TotpData.kt: 26
detailsMethod TotpData at line 26 of /ui/src/main/kotlin/com/bitwarden/ui/platform/model/TotpData.kt sends user information outside the application. Thi...
Attack Vector
10 MEDIUM Privacy_Violation /testharness/src/main/kotlin/com/bitwarden/testharness/data/manager/CredentialTestManagerImpl.kt: 39
detailsMethod createPassword at line 39 of /testharness/src/main/kotlin/com/bitwarden/testharness/data/manager/CredentialTestManagerImpl.kt sends user in...
Attack Vector
11 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/addedit/util/CreateCredentialRequestExtensions.kt: 39
detailsMethod toDefaultAddTypeContent at line 39 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/addedit/util/CreateCredentialRequestExtensio...
Attack Vector
12 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/addedit/util/CreateCredentialRequestExtensions.kt: 38
detailsMethod toDefaultAddTypeContent at line 38 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/addedit/util/CreateCredentialRequestExtensio...
Attack Vector
13 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/data/autofill/manager/AutofillTotpManagerImpl.kt: 28
detailsMethod tryCopyTotpToClipboard at line 28 of /app/src/main/kotlin/com/x8bit/bitwarden/data/autofill/manager/AutofillTotpManagerImpl.kt sends user i...
Attack Vector
14 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/twofactorlogin/TwoFactorLoginNavigation.kt: 27
detailsMethod TwoFactorLoginArgs at line 27 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/twofactorlogin/TwoFactorLoginNavigation.kt sends ...
Attack Vector
15 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/data/credentials/model/Fido2CredentialAssertionRequest.kt: 24
detailsMethod Fido2CredentialAssertionRequest at line 24 of /app/src/main/kotlin/com/x8bit/bitwarden/data/credentials/model/Fido2CredentialAssertionReques...
Attack Vector
16 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/login/LoginViewModel.kt: 294
detailsMethod LoginState at line 294 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/login/LoginViewModel.kt sends user information outside t...
Attack Vector
17 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingScreenTest.kt: 1990
detailsMethod `GetPasswordCredentialResult event should call CredentialProviderCompletionManager with result` at line 1990 of /app/src/test/kotlin/com/x...
Attack Vector
18 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/item/VaultItemViewModel.kt: 1420
detailsMethod VaultItemState at line 1420 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/vault/feature/item/VaultItemViewModel.kt sends user information ...
Attack Vector
19 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt: 127
detailsMethod createMockLoginView at line 127 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt sends user in...
Attack Vector
20 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/ui/credentials/manager/CredentialProviderCompletionManagerTest.kt: 232
detailsMethod `completePasswordGet should set GetCredentialResponse, set activity result, then finish activity when result is Success` at line 232 of /a...
Attack Vector
21 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt: 122
detailsMethod createMockLoginView at line 122 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt sends user in...
Attack Vector
22 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/ui/credentials/manager/CredentialProviderCompletionManagerTest.kt: 258
detailsMethod `completePasswordGet should set GetCredentialException, set activity result, then finish activity when result is Cancelled` at line 258 of...
Attack Vector
23 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/vaultunlock/VaultUnlockViewModelTest.kt: 778
detailsMethod `on UnlockClick for password unlock should display error dialog on AuthenticationError` at line 778 of /app/src/test/kotlin/com/x8bit/bitw...
Attack Vector
24 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModel.kt: 427
detailsMethod CompleteRegistrationState at line 427 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationV...
Attack Vector
25 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModel.kt: 431
detailsMethod CompleteRegistrationState at line 431 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationV...
Attack Vector
26 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModel.kt: 428
detailsMethod CompleteRegistrationState at line 428 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationV...
Attack Vector
27 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModel.kt: 426
detailsMethod CompleteRegistrationState at line 426 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationV...
Attack Vector
28 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModel.kt: 322
detailsMethod Lambda at line 322 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModel.kt sends ...
Attack Vector
29 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/ui/credentials/manager/CredentialProviderCompletionManagerTest.kt: 155
detailsMethod `completeCredentialRegistration should set CreateCredentialResponse, set activity result, then finish activity when result is SuccessPasswo...
Attack Vector
30 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModel.kt: 322
detailsMethod Lambda at line 322 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModel.kt sends ...
Attack Vector
31 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt: 585
detailsMethod Lambda at line 585 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt se...
Attack Vector
32 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/deleteaccount/DeleteAccountViewModel.kt: 100
detailsMethod Lambda at line 100 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/deleteaccount/DeleteAccountViewM...
Attack Vector
33 MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/deleteaccount/DeleteAccountViewModelTest.kt: 175
detailsMethod Lambda at line 175 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/deleteaccount/DeleteAccountViewM...
Attack Vector
34 MEDIUM Privacy_Violation /app/src/main/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/deleteaccount/DeleteAccountViewModel.kt: 100
detailsMethod Lambda at line 100 of /app/src/main/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/deleteaccount/DeleteAccountViewM...
Attack Vector
35 MEDIUM Privacy_Violation /testharness/src/main/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModel.kt: 174
detailsMethod CreatePasswordState at line 174 of /testharness/src/main/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordV...
Attack Vector

More results are available on the CxOne platform

Fixed Issues (15) Great job! The following issues were fixed in this Pull Request
Severity Issue Source File / Package
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 429
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 402
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 386
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 334
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 237
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 265
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 305
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 206
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 170
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 110
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 90
MEDIUM Privacy_Violation /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 70
MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/data/credentials/model/Fido2CredentialAssertionRequestUtil.kt: 12
MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt: 675
MEDIUM Privacy_Violation /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt: 687

@bw-ghapp bw-ghapp bot changed the title Update SDK to 2.0.0-4695-e6d848e1 Update SDK to 2.0.0-4696-b275f18d Jan 22, 2026
@bw-ghapp bw-ghapp bot changed the title Update SDK to 2.0.0-4696-b275f18d Update SDK to 2.0.0-4697-cf97241f Jan 22, 2026
@bw-ghapp bw-ghapp bot changed the title Update SDK to 2.0.0-4697-cf97241f Update SDK to 2.0.0-4699-b8cddcf5 Jan 23, 2026
@bw-ghapp bw-ghapp bot changed the title Update SDK to 2.0.0-4699-b8cddcf5 Update SDK to 2.0.0-4706-c97bc923 Jan 23, 2026
@bw-ghapp bw-ghapp bot changed the title Update SDK to 2.0.0-4706-c97bc923 Update SDK to 2.0.0-4707-c17008bb Jan 23, 2026
@bw-ghapp bw-ghapp bot changed the title Update SDK to 2.0.0-4707-c17008bb Update SDK to 2.0.0-4722-b213f927 Jan 26, 2026
@bw-ghapp bw-ghapp bot changed the title Update SDK to 2.0.0-4722-b213f927 Update SDK to 2.0.0-4744-599e7927 Jan 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@david-livefront david-livefront Awaiting requested review from david-livefront david-livefront is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

app:authenticator Bitwarden Authenticator app context app:password-manager Bitwarden Password Manager app context automated-pr PR created by workflow or other automation t:deps Change Type - Dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant