Merge branch 'main' into km/new-pin-service-interface

Author: quexten

.github/renovate.json5

@@ -324,6 +324,7 @@
         "storybook",
         "tailwindcss",
         "zone.js",
+        "@tailwindcss/container-queries",
       ],
       description: "UI Foundation owned dependencies",
       commitMessagePrefix: "[deps] UI Foundation:",

.github/workflows/publish-cli.yml

@@ -119,7 +119,7 @@ jobs:
         uses: bitwarden/gh-actions/azure-logout@main
 
       - name: Install Snap
-        uses: samuelmeuli/action-snapcraft@d33c176a9b784876d966f80fb1b461808edc0641  # v2.1.1
+        uses: samuelmeuli/action-snapcraft@fceeb3c308e76f3487e72ef608618de625fb7fe8  # v3.0.1
 
       - name: Download artifacts
         run: wget https://github.com/bitwarden/clients/releases/download/cli-v${{ env._PKG_VERSION }}/bw_${{ env._PKG_VERSION }}_amd64.snap

.github/workflows/publish-desktop.yml

@@ -233,7 +233,7 @@ jobs:
         uses: bitwarden/gh-actions/azure-logout@main
 
       - name: Install Snap
-        uses: samuelmeuli/action-snapcraft@d33c176a9b784876d966f80fb1b461808edc0641 # v2.1.1
+        uses: samuelmeuli/action-snapcraft@fceeb3c308e76f3487e72ef608618de625fb7fe8 # v3.0.1
 
       - name: Setup
         run: mkdir dist

.github/workflows/review-code.yml

@@ -84,16 +84,18 @@ jobs:
 
       - name: Review with Claude Code
         if: steps.check_changes.outputs.vault_team_changes == 'true'
-        uses: anthropics/claude-code-action@a5528eec7426a4f0c9c1ac96018daa53ebd05bc4 # v1.0.7
+        uses: anthropics/claude-code-action@ac1a3207f3f00b4a37e2f3a6f0935733c7c64651 # v1.0.11
         with:
           anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
           track_progress: true
+          use_sticky_comment: true
           prompt: |
             REPO: ${{ github.repository }}
             PR NUMBER: ${{ github.event.pull_request.number }}
             TITLE: ${{ github.event.pull_request.title }}
             BODY: ${{ github.event.pull_request.body }}
             AUTHOR: ${{ github.event.pull_request.user.login }}
+            COMMIT: ${{ github.event.pull_request.head.sha }}
 
             Please review this pull request with a focus on:
             - Code quality and best practices
@@ -103,7 +105,20 @@ jobs:
 
             Note: The PR branch is already checked out in the current working directory.
 
-            Provide detailed feedback using inline comments for specific issues.
+            Provide a comprehensive review including:
+            - Summary of changes since last review
+            - Critical issues found (be thorough)
+            - Suggested improvements (be thorough)
+            - Good practices observed (be concise - list only the most notable items without elaboration)
+            - Action items for the author
+            - Leverage collapsible <details> sections where appropriate for lengthy explanations or code snippets to enhance human readability
+
+            When reviewing subsequent commits:
+            - Track status of previously identified issues (fixed/unfixed/reopened)
+            - Identify NEW problems introduced since last review
+            - Note if fixes introduced new issues
+
+            IMPORTANT: Be comprehensive about issues and improvements. For good practices, be brief - just note what was done well without explaining why or praising excessively.
 
           claude_args: |
-            --allowedTools "mcp__github_inline_comment__create_inline_comment,Bash(gh pr comment:*),Bash(gh pr diff:*),Bash(gh pr view:*)"
+            --allowedTools "mcp__github_comment__update_claude_comment,mcp__github_inline_comment__create_inline_comment,Bash(gh pr diff:*),Bash(gh pr view:*)"

.storybook/preview.tsx

@@ -8,7 +8,7 @@ setCompodocJson(docJson);
 
 const wrapperDecorator = componentWrapperDecorator((story) => {
   return /*html*/ `
-    <div class="tw-bg-background tw-px-5 tw-py-10">
+    <div class="tw-bg-background tw-px-5 tw-py-10 tw-@container">
       ${story}
     </div>
   `;

CLAUDE.md

@@ -1,5 +1,13 @@
 # Bitwarden Clients - Claude Code Configuration
 
+## Project Context Files
+
+**Read these files before reviewing to ensure that you fully understand the project and contributing guidelines**
+
+1. @README.md
+2. @CONTRIBUTING.md
+3. @.github/PULL_REQUEST_TEMPLATE.md
+
 ## Critical Rules
 
 - **NEVER** use code regions: If complexity suggests regions, refactor for better readability
@@ -8,7 +16,7 @@
 
 - **NEVER** send unencrypted vault data to API services
 
-- **NEVER** commit secrets, credentials, or sensitive information. Follow the guidelines in `SECURITY.md`.
+- **NEVER** commit secrets, credentials, or sensitive information.
 
 - **NEVER** log decrypted data, encryption keys, or PII
   - No vault data in error messages or console logs
@@ -88,3 +96,13 @@ enum CipherType {
 ```
 
 Example: `/libs/common/src/vault/enums/cipher-type.ts`
+
+## References
+
+- [Web Clients Architecture](https://contributing.bitwarden.com/architecture/clients)
+- [Architectural Decision Records (ADRs)](https://contributing.bitwarden.com/architecture/adr/)
+- [Contributing Guide](https://contributing.bitwarden.com/)
+- [Web Clients Setup Guide](https://contributing.bitwarden.com/getting-started/clients/)
+- [Code Style](https://contributing.bitwarden.com/contributing/code-style/)
+- [Security Whitepaper](https://bitwarden.com/help/bitwarden-security-white-paper/)
+- [Security Definitions](https://contributing.bitwarden.com/architecture/security/definitions)

apps/browser/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bitwarden/browser",
-  "version": "2025.10.0",
+  "version": "2025.10.1",
   "scripts": {
     "build": "npm run build:chrome",
     "build:bit": "npm run build:bit:chrome",

apps/browser/src/_locales/ar/messages.json

@@ -1548,6 +1548,15 @@
   "readSecurityKey": {
     "message": "قراءة مفتاح الأمان"
   },
+  "readingPasskeyLoading": {
+    "message": "Reading passkey..."
+  },
+  "passkeyAuthenticationFailed": {
+    "message": "Passkey authentication failed"
+  },
+  "useADifferentLogInMethod": {
+    "message": "Use a different log in method"
+  },
   "awaitingSecurityKeyInteraction": {
     "message": "في انتظار التفاعل مع مفتاح الأمن..."
   },

apps/browser/src/_locales/az/messages.json

@@ -551,11 +551,11 @@
     "message": "Axtarışı sıfırla"
   },
   "archiveNoun": {
-    "message": "Archive",
+    "message": "Arxiv",
     "description": "Noun"
   },
   "archiveVerb": {
-    "message": "Archive",
+    "message": "Arxivlə",
     "description": "Verb"
   },
   "unarchive": {
@@ -734,7 +734,7 @@
     "message": "Yararsız ana parol"
   },
   "invalidMasterPasswordConfirmEmailAndHost": {
-    "message": "Invalid master password. Confirm your email is correct and your account was created on $HOST$.",
+    "message": "Yararsız ana parol. E-poçtunuzun doğru olduğunu və hesabınızın $HOST$ üzərində yaradıldığını təsdiqləyin.",
     "placeholders": {
       "host": {
         "content": "$1",
@@ -1548,6 +1548,15 @@
   "readSecurityKey": {
     "message": "Güvənlik açarını oxu"
   },
+  "readingPasskeyLoading": {
+    "message": "Keçid açarı oxunur..."
+  },
+  "passkeyAuthenticationFailed": {
+    "message": "Keçid açarı kimlik doğrulaması uğursuzdur"
+  },
+  "useADifferentLogInMethod": {
+    "message": "Fərqli bir giriş üsulu istifadə edin"
+  },
   "awaitingSecurityKeyInteraction": {
     "message": "Güvənlik açarı ilə əlaqə gözlənilir..."
   },
@@ -3208,7 +3217,7 @@
     }
   },
   "exportingOrganizationVaultFromPasswordManagerWithDataOwnershipDesc": {
-    "message": "Only the organization vault associated with $ORGANIZATION$ will be exported.",
+    "message": "Yalnız $ORGANIZATION$ ilə əlaqələndirilmiş təşkilat seyfi xaricə köçürüləcək.",
     "placeholders": {
       "organization": {
         "content": "$1",
@@ -3217,7 +3226,7 @@
     }
   },
   "exportingOrganizationVaultFromAdminConsoleWithDataOwnershipDesc": {
-    "message": "Only the organization vault associated with $ORGANIZATION$ will be exported. My items collections will not be included.",
+    "message": "Yalnız $ORGANIZATION$ ilə əlaqələndirilmiş təşkilat seyfi xaricə köçürüləcək. Element kolleksiyalarım daxil edilməyəcək.",
     "placeholders": {
       "organization": {
         "content": "$1",

apps/browser/src/_locales/be/messages.json

@@ -1548,6 +1548,15 @@
   "readSecurityKey": {
     "message": "Read security key"
   },
+  "readingPasskeyLoading": {
+    "message": "Reading passkey..."
+  },
+  "passkeyAuthenticationFailed": {
+    "message": "Passkey authentication failed"
+  },
+  "useADifferentLogInMethod": {
+    "message": "Use a different log in method"
+  },
   "awaitingSecurityKeyInteraction": {
     "message": "Awaiting security key interaction..."
   },