PM-34193: Rollback SDK update for Vault lockout bug by david-livefront · Pull Request #6724 · bitwarden/android

david-livefront · 2026-03-26T21:09:03Z

🎟️ Tracking

📔 Objective

This PR addresses a bug with Never timeout value. When set, the app attempts to unlock the vault upon startup and fails due to a bug in the Bitwarden SDK. The SDK will never return from this attempt to unlock the vault and make it impossible to unlock with other means as well.

The main change is the rollback of the SDK.

codecov · 2026-03-26T21:14:37Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.53%. Comparing base (6cf15fb) to head (150d671).

Additional details and impacted files

@@                   Coverage Diff                   @@
##           release/2026.3-rc49    #6724      +/-   ##
=======================================================
- Coverage                86.40%   85.53%   -0.87%     
=======================================================
  Files                      793      937     +144     
  Lines                    57069    59787    +2718     
  Branches                  8394     8450      +56     
=======================================================
+ Hits                     49308    51137    +1829     
- Misses                    4833     5701     +868     
- Partials                  2928     2949      +21

Flag	Coverage Δ
app-data	`17.72% <ø> (-0.03%)`	⬇️
app-ui-auth-tools	`21.11% <ø> (+0.34%)`	⬆️
app-ui-platform	`15.71% <ø> (+0.68%)`	⬆️
app-ui-vault	`26.54% <ø> (+0.68%)`	⬆️
authenticator	`6.60% <ø> (-0.04%)`	⬇️
lib-core-network-bridge	`4.27% <ø> (-0.03%)`	⬇️
lib-data-ui	`0.95% <ø> (-0.01%)`	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

github-actions · 2026-03-26T21:15:30Z

Checkmarx One – Scan Summary & Details – 61a2f1d1-427b-4533-9fa8-d8cdc1d54013

New Issues (128)

Checkmarx found the following issues in this Pull Request

#	Issue	Source File / Package	Checkmarx Insight
1	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 154	details The web application's `clearCookies should remove all stored cookie configs` method creates a cookie Cookie, at line 154 of /app/src/test/kotlin/... Attack Vector
2	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 148	details The web application's `clearCookies should remove all stored cookie configs` method creates a cookie Cookie, at line 148 of /app/src/test/kotlin/... Attack Vector
3	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/manager/network/NetworkCookieManagerTest.kt: 203	details The web application's Lambda method creates a cookie Cookie, at line 203 of /app/src/test/kotlin/com/x8bit/bitwarden/data/platform/manager/network/... Attack Vector
4	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/manager/network/NetworkCookieManagerTest.kt: 229	details The web application's Lambda method creates a cookie Cookie, at line 229 of /app/src/test/kotlin/com/x8bit/bitwarden/data/platform/manager/network/... Attack Vector
5	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/manager/util/CookieConfigurationDataExtensionsTest.kt: 45	details The web application's `toNetworkCookieList should map multiple cookies correctly` method creates a cookie Cookie, at line 45 of /app/src/test/kot... Attack Vector
6	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/manager/util/CookieConfigurationDataExtensionsTest.kt: 62	details The web application's `toNetworkCookie should map name and value correctly` method creates a cookie Cookie, at line 62 of /app/src/test/kotlin/co... Attack Vector
7	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/manager/util/CookieConfigurationDataExtensionsTest.kt: 46	details The web application's `toNetworkCookieList should map multiple cookies correctly` method creates a cookie Cookie, at line 46 of /app/src/test/kot... Attack Vector
8	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/manager/util/CookieConfigurationDataExtensionsTest.kt: 31	details The web application's `toNetworkCookieList should map single cookie correctly` method creates a cookie Cookie, at line 31 of /app/src/test/kotlin... Attack Vector
9	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 129	details The web application's `storeCookieConfig with null should not affect other hostnames` method creates a cookie Cookie, at line 129 of /app/src/tes... Attack Vector
10	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 123	details The web application's `storeCookieConfig with null should not affect other hostnames` method creates a cookie Cookie, at line 123 of /app/src/tes... Attack Vector
11	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 103	details The web application's `storeCookieConfig with null should remove stored config` method creates a cookie Cookie, at line 103 of /app/src/test/kotl... Attack Vector
12	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/repository/util/CookieConfigurationDataExtensionsTest.kt: 32	details The web application's `toAcquiredCookiesList should map list of Cookie to list of AcquiredCookie` method creates a cookie Cookie, at line 32 of /... Attack Vector
13	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/repository/util/AcquiredCookieExtensionsTest.kt: 39	details The web application's `toConfigurationDataCookies should map list of AcquiredCookie to list of Cookie` method creates a cookie Cookie, at line 39... Attack Vector
14	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/repository/util/CookieConfigurationDataExtensionsTest.kt: 31	details The web application's `toAcquiredCookiesList should map list of Cookie to list of AcquiredCookie` method creates a cookie Cookie, at line 31 of /... Attack Vector
15	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/repository/util/CookieConfigurationDataExtensionsTest.kt: 12	details The web application's `toAcquiredCookie should map Cookie to AcquiredCookie` method creates a cookie Cookie, at line 12 of /app/src/test/kotlin/c... Attack Vector
16	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/repository/util/AcquiredCookieExtensionsTest.kt: 40	details The web application's `toConfigurationDataCookies should map list of AcquiredCookie to list of Cookie` method creates a cookie Cookie, at line 40... Attack Vector
17	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/repository/util/AcquiredCookieExtensionsTest.kt: 20	details The web application's `toConfigurationCookie should map AcquiredCookie to CookieConfigurationData Cookie` method creates a cookie Cookie, at line... Attack Vector
18	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/sdk/ServerCommunicationConfigRepositoryTest.kt: 72	details The web application's Lambda method creates a cookie Cookie, at line 72 of /app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/sdk/Se... Attack Vector
19	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/sdk/ServerCommunicationConfigRepositoryTest.kt: 156	details The web application's Lambda method creates a cookie Cookie, at line 156 of /app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/sdk/S... Attack Vector
20	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/sdk/ServerCommunicationConfigRepositoryTest.kt: 157	details The web application's Lambda method creates a cookie Cookie, at line 157 of /app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/sdk/S... Attack Vector
21	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/sdk/ServerCommunicationConfigRepositoryTest.kt: 71	details The web application's Lambda method creates a cookie Cookie, at line 71 of /app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/sdk/Se... Attack Vector
22	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 189	details The web application's `storage should isolate configs by hostname` method creates a cookie Cookie, at line 189 of /app/src/test/kotlin/com/x8bit/... Attack Vector
23	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 180	details The web application's `storage should isolate configs by hostname` method creates a cookie Cookie, at line 180 of /app/src/test/kotlin/com/x8bit/... Attack Vector
24	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 81	details The web application's `storage should handle cookies with multiple values` method creates a cookie Cookie, at line 81 of /app/src/test/kotlin/com... Attack Vector
25	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 85	details The web application's `storage should handle cookies with multiple values` method creates a cookie Cookie, at line 85 of /app/src/test/kotlin/com... Attack Vector
26	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 51	details The web application's `storeCookieConfig should update existing config` method creates a cookie Cookie, at line 51 of /app/src/test/kotlin/com/x8... Attack Vector
27	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 61	details The web application's `storeCookieConfig should update existing config` method creates a cookie Cookie, at line 61 of /app/src/test/kotlin/com/x8... Attack Vector
28	HttpOnly_Cookie_Flag_Not_Set	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/datasource/disk/CookieDiskSourceTest.kt: 32	details The web application's `storeCookieConfig should persist config and getCookieConfig should retrieve it` method creates a cookie Cookie, at line 32... Attack Vector
29	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt: 98	details Method createMockCipherView at line 98 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt sends user in... Attack Vector
30	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/tools/feature/generator/passwordhistory/PasswordHistoryViewModelTest.kt: 203	details Method Lambda at line 203 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/tools/feature/generator/passwordhistory/PasswordHistoryViewModelTest.kt s... Attack Vector
31	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/tools/feature/send/addedit/AddEditSendViewModelTest.kt: 1202	details Method Lambda at line 1202 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/tools/feature/send/addedit/AddEditSendViewModelTest.kt sends user inform... Attack Vector
32	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 429	details Method Lambda at line 429 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest... Attack Vector
33	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 386	details Method Lambda at line 386 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest... Attack Vector
34	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 402	details Method Lambda at line 402 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest... Attack Vector
35	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 334	details Method Lambda at line 334 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest... Attack Vector
36	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 305	details Method Lambda at line 305 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest... Attack Vector
37	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 265	details Method Lambda at line 265 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest... Attack Vector
38	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 237	details Method Lambda at line 237 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest... Attack Vector
39	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 206	details Method Lambda at line 206 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest... Attack Vector
40	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 170	details Method Lambda at line 170 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest... Attack Vector
41	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 110	details Method Lambda at line 110 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest... Attack Vector
42	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 90	details Method Lambda at line 90 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.... Attack Vector
43	Privacy_Violation	/testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.kt: 70	details Method Lambda at line 70 of /testharness/src/test/kotlin/com/bitwarden/testharness/ui/platform/feature/createpassword/CreatePasswordViewModelTest.... Attack Vector
44	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordViewModelTest.kt: 482	details Method Lambda at line 482 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/exportitems/verifypassword/VerifyPasswordViewModelTest.kt s... Attack Vector
45	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt: 585	details Method Lambda at line 585 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt se... Attack Vector
46	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/vaultunlock/VaultUnlockViewModelTest.kt: 796	details Method `on UnlockClick for password unlock should display error dialog on AuthenticationError` at line 796 of /app/src/test/kotlin/com/x8bit/bitw... Attack Vector
47	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/deleteaccount/DeleteAccountViewModelTest.kt: 175	details Method Lambda at line 175 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/deleteaccount/DeleteAccountViewM... Attack Vector
48	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt: 61	details Method Lambda at line 61 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt sends user information outs... Attack Vector
49	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt: 61	details Method Lambda at line 61 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt sends user information outs... Attack Vector
50	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt: 125	details Method createMockLoginView at line 125 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt sends user in... Attack Vector
51	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/data/credentials/model/Fido2CredentialAssertionRequestUtil.kt: 12	details Method createMockFido2CredentialAssertionRequest at line 12 of /app/src/test/kotlin/com/x8bit/bitwarden/data/credentials/model/Fido2CredentialAsser... Attack Vector
52	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/loginapproval/LoginApprovalViewModelTest.kt: 150	details Method `on ApproveAccountChangeClick dialog state should be cleared, user should be switched, and getAuthRequestByIdFlow should be called` at lin... Attack Vector
53	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/loginapproval/LoginApprovalViewModelTest.kt: 376	details Method Lambda at line 376 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/loginapproval/LoginApprovalViewM... Attack Vector
54	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/loginapproval/LoginApprovalViewModelTest.kt: 307	details Method Lambda at line 307 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/settings/accountsecurity/loginapproval/LoginApprovalViewM... Attack Vector
55	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt: 446	details Method Lambda at line 446 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt se... Attack Vector
56	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt: 330	details Method Lambda at line 330 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt se... Attack Vector
57	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt: 362	details Method Lambda at line 362 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt se... Attack Vector
58	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt: 675	details Method at line 675 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt sends us... Attack Vector
59	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt: 687	details Method at line 687 of /app/src/test/kotlin/com/x8bit/bitwarden/ui/auth/feature/completeregistration/CompleteRegistrationViewModelTest.kt sends us... Attack Vector
60	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt: 77	details Method Lambda at line 77 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt sends user information outs... Attack Vector
61	Privacy_Violation	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt: 77	details Method Lambda at line 77 of /app/src/test/kotlin/com/x8bit/bitwarden/data/vault/datasource/sdk/model/CipherViewUtil.kt sends user information outs... Attack Vector
62	Use_of_Hardcoded_Password	/app/src/test/kotlin/com/x8bit/bitwarden/ui/vault/feature/attachments/AttachmentsViewModelTest.kt: 487	details The application uses the hard-coded password "mockId-1" for authentication purposes, either using it to verify users' identities, or to access an... Attack Vector
63	Use_of_Hardcoded_Password	/app/src/test/kotlin/com/x8bit/bitwarden/data/platform/manager/sdk/repository/SdkCipherRepositoryTest.kt: 205	details The application uses the hard-coded password "cipherId" for authentication purposes, either using it to verify users' identities, or to access ano... Attack Vector
64	Use_of_Hardcoded_Password	/app/src/test/kotlin/com/x8bit/bitwarden/ui/tools/feature/send/addedit/AddEditSendViewModelTest.kt: 573	details The application uses the hard-coded password "some-password" for authentication purposes, either using it to verify users' identities, or to acce... Attack Vector
65	Use_of_Hardcoded_Password	/app/src/test/kotlin/com/x8bit/bitwarden/ui/platform/feature/rootnav/RootNavViewModelTest.kt: 772	details The application uses the hard-coded password "testPassword123" for authentication purposes, either using it to verify users' identities, or to acc... Attack Vector
66	Use_of_Hardcoded_Password	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/VaultLockManagerTest.kt: 2011	details The application uses the hard-coded password "mockValue" for authentication purposes, either using it to verify users' identities, or to access an... Attack Vector
67	Use_of_Hardcoded_Password	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/VaultLockManagerTest.kt: 1955	details The application uses the hard-coded password "mockValue" for authentication purposes, either using it to verify users' identities, or to access an... Attack Vector
68	Use_of_Hardcoded_Password	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/VaultLockManagerTest.kt: 1162	details The application uses the hard-coded password "mockValue" for authentication purposes, either using it to verify users' identities, or to access an... Attack Vector
69	Use_of_Hardcoded_Password	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/VaultLockManagerTest.kt: 1443	details The application uses the hard-coded password "mockValue" for authentication purposes, either using it to verify users' identities, or to access an... Attack Vector
70	Use_of_Hardcoded_Password	/app/src/test/kotlin/com/x8bit/bitwarden/data/vault/manager/VaultLockManagerTest.kt: 1036	details The application uses the hard-coded password "mockValue" for authentication purposes, either using it to verify users' identities, or to access an... Attack Vector

More results are available on the CxOne platform

PM-34193: Rollback SDK update for Vault lockout bug

150d671

david-livefront requested a review from a team as a code owner March 26, 2026 21:09

github-actions bot added app:password-manager Bitwarden Password Manager app context app:authenticator Bitwarden Authenticator app context t:deps Change Type - Dependencies labels Mar 26, 2026

david-livefront added t:bug Change Type - Bug and removed t:deps Change Type - Dependencies labels Mar 26, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

PM-34193: Rollback SDK update for Vault lockout bug#6724

PM-34193: Rollback SDK update for Vault lockout bug#6724
david-livefront wants to merge 1 commit intorelease/2026.3-rc49from
PM-34193-vault-lockout

david-livefront commented Mar 26, 2026 •

edited by atlassian bot

Loading

Uh oh!

codecov bot commented Mar 26, 2026 •

edited

Loading

Uh oh!

github-actions bot commented Mar 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

david-livefront commented Mar 26, 2026 • edited by atlassian bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

🎟️ Tracking

📔 Objective

Uh oh!

codecov bot commented Mar 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

github-actions bot commented Mar 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

david-livefront commented Mar 26, 2026 •

edited by atlassian bot

Loading

codecov bot commented Mar 26, 2026 •

edited

Loading