🍒 [PM-21537] Fix remove individual vault collection selection cherrypick (#5261)

.github/scripts/jira-get-release-notes/README.md

@@ -1,133 +0,0 @@
-# Get Release Notes from Jira script
-
-Fetches release notes from Jira issues.
-
-## Prerequisites
-
-- Python dev environment - use [uv](https://github.com/astral-sh/uv)
-- Jira API token. Generate one at: https://id.atlassian.com/manage-profile/security/api-tokens
-- Install dependencies:
-
-```bash
-uv pip install -r pyproject.toml
-```
-
-## Usage
-
-```bash
-./jira_release_notes.py RELEASE-1762 example@example.com T0k3n123
-```
-
-# Output Format
-
-The script retrieves the content from a custom field and handles two types of Jira release notes formats:
-
-1. Bullet Points:
-```
-• Point 1
-• Point 2
-• Point 3
-```
-
-2. Single Line:
-```
-Single line of release notes text
-```
-
-## Jira JSON format example
-
-### Single line
-
-```json
-...
-"customfield_10335": {
-    "type": "doc",
-    "version": 1,
-    "content": [
-        {
-            "type": "paragraph",
-            "content": [
-                {
-                    "type": "text",
-                    "text": "Single line release notes"
-                }
-            ]
-        }
-    ]
-},
-...
-```
-
-### Bullet points
-
-```json
-...
-"customfield_10335": {
-    "type": "doc",
-    "version": 1,
-    "content": [
-        {
-            "type": "bulletList",
-            "content": [
-                {
-                    "type": "listItem",
-                    "content": [
-                        {
-                            "type": "paragraph",
-                            "content": [
-                                {
-                                    "type": "text",
-                                    "text": "Release notes list item 1"
-                                }
-                            ]
-                        }
-                    ]
-                },
-                {
-                    "type": "listItem",
-                    "content": [
-                        {
-                            "type": "paragraph",
-                            "content": [
-                                {
-                                    "type": "text",
-                                    "text": "Release notes list item 2"
-                                }
-                            ]
-                        }
-                    ]
-                },
-                {
-                    "type": "listItem",
-                    "content": [
-                        {
-                            "type": "paragraph",
-                            "content": [
-                                {
-                                    "type": "text",
-                                    "text": "Release notes list item 3"
-                                }
-                            ]
-                        }
-                    ]
-                },
-                {
-                    "type": "listItem",
-                    "content": [
-                        {
-                            "type": "paragraph",
-                            "content": [
-                                {
-                                    "type": "text",
-                                    "text": "Release notes list item 4"
-                                }
-                            ]
-                        }
-                    ]
-                }
-            ]
-        }
-    ]
-},
-...
-```

.github/scripts/jira-get-release-notes/jira_release_notes.py

@@ -1,70 +0,0 @@
-#!/usr/bin/env python3
-
-import sys
-import base64
-import json
-import requests
-
-def extract_text_from_content(content):
-    if isinstance(content, list):
-        texts = [extract_text_from_content(item) for item in content]
-        return '\n'.join(text for text in texts if text.strip())
-
-    if isinstance(content, dict):
-        if content.get('type') == 'text':
-            return content.get('text', '')
-        elif content.get('type') == 'paragraph':
-            return extract_text_from_content(content.get('content', []))
-        elif content.get('type') == 'bulletList':
-            return extract_text_from_content(content.get('content', []))
-        elif content.get('type') == 'listItem':
-            item_text = extract_text_from_content(content.get('content', []))
-            return f"* {item_text.strip()}"
-
-    return ''
-
-def parse_release_notes(response_json):
-    try:
-        fields = response_json.get('fields', {})
-        release_notes_field = fields.get('customfield_10335', {})
-
-        if not release_notes_field or not release_notes_field.get('content'):
-            return ''
-
-        release_notes = extract_text_from_content(release_notes_field.get('content', []))
-        return release_notes
-
-    except Exception as e:
-        print(f"Error parsing release notes: {str(e)}", file=sys.stderr)
-        return ''
-
-def main():
-    if len(sys.argv) != 4:
-        print(f"Usage: {sys.argv[0]} <issue_id> <jira_email> <jira_api_token>")
-        sys.exit(1)
-
-    jira_issue_id = sys.argv[1]
-    jira_email = sys.argv[2]
-    jira_api_token = sys.argv[3]
-    jira_base_url = "https://bitwarden.atlassian.net"
-
-    auth = base64.b64encode(f"{jira_email}:{jira_api_token}".encode()).decode()
-    headers = {
-        "Authorization": f"Basic {auth}",
-        "Content-Type": "application/json"
-    }
-
-    response = requests.get(
-        f"{jira_base_url}/rest/api/3/issue/{jira_issue_id}",
-        headers=headers
-    )
-
-    if response.status_code != 200:
-        print(f"Error fetching Jira issue: {response.status_code}", file=sys.stderr)
-        sys.exit(1)
-
-    release_notes = parse_release_notes(response.json())
-    print(release_notes)
-
-if __name__ == "__main__":
-    main()

.github/scripts/jira-get-release-notes/pyproject.toml

@@ -1,9 +0,0 @@
-[project]
-name = "jira-get-release-notes"
-version = "0.1.0"
-description = "Add your description here"
-readme = "README.md"
-requires-python = ">=3.12"
-dependencies = [
-    "requests>=2.32.3",
-]

.github/scripts/jira-get-release-notes/uv.lock

@@ -1,91 +0,0 @@
-version = 1
-revision = 2
-requires-python = ">=3.12"
-
-[[package]]
-name = "certifi"
-version = "2025.4.26"
-source = { registry = "https://pypi.org/simple" }
-sdist = { url = "https://files.pythonhosted.org/packages/e8/9e/c05b3920a3b7d20d3d3310465f50348e5b3694f4f88c6daf736eef3024c4/certifi-2025.4.26.tar.gz", hash = "sha256:0a816057ea3cdefcef70270d2c515e4506bbc954f417fa5ade2021213bb8f0c6", size = 160705, upload-time = "2025-04-26T02:12:29.51Z" }
-wheels = [
-    { url = "https://files.pythonhosted.org/packages/4a/7e/3db2bd1b1f9e95f7cddca6d6e75e2f2bd9f51b1246e546d88addca0106bd/certifi-2025.4.26-py3-none-any.whl", hash = "sha256:30350364dfe371162649852c63336a15c70c6510c2ad5015b21c2345311805f3", size = 159618, upload-time = "2025-04-26T02:12:27.662Z" },
-]
-
-[[package]]
-name = "charset-normalizer"
-version = "3.4.2"
-source = { registry = "https://pypi.org/simple" }
-sdist = { url = "https://files.pythonhosted.org/packages/e4/33/89c2ced2b67d1c2a61c19c6751aa8902d46ce3dacb23600a283619f5a12d/charset_normalizer-3.4.2.tar.gz", hash = "sha256:5baececa9ecba31eff645232d59845c07aa030f0c81ee70184a90d35099a0e63", size = 126367, upload-time = "2025-05-02T08:34:42.01Z" }
-wheels = [
-    { url = "https://files.pythonhosted.org/packages/d7/a4/37f4d6035c89cac7930395a35cc0f1b872e652eaafb76a6075943754f095/charset_normalizer-3.4.2-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:0c29de6a1a95f24b9a1aa7aefd27d2487263f00dfd55a77719b530788f75cff7", size = 199936, upload-time = "2025-05-02T08:32:33.712Z" },
-    { url = "https://files.pythonhosted.org/packages/ee/8a/1a5e33b73e0d9287274f899d967907cd0bf9c343e651755d9307e0dbf2b3/charset_normalizer-3.4.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:cddf7bd982eaa998934a91f69d182aec997c6c468898efe6679af88283b498d3", size = 143790, upload-time = "2025-05-02T08:32:35.768Z" },
-    { url = "https://files.pythonhosted.org/packages/66/52/59521f1d8e6ab1482164fa21409c5ef44da3e9f653c13ba71becdd98dec3/charset_normalizer-3.4.2-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:fcbe676a55d7445b22c10967bceaaf0ee69407fbe0ece4d032b6eb8d4565982a", size = 153924, upload-time = "2025-05-02T08:32:37.284Z" },
-    { url = "https://files.pythonhosted.org/packages/86/2d/fb55fdf41964ec782febbf33cb64be480a6b8f16ded2dbe8db27a405c09f/charset_normalizer-3.4.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d41c4d287cfc69060fa91cae9683eacffad989f1a10811995fa309df656ec214", size = 146626, upload-time = "2025-05-02T08:32:38.803Z" },
-    { url = "https://files.pythonhosted.org/packages/8c/73/6ede2ec59bce19b3edf4209d70004253ec5f4e319f9a2e3f2f15601ed5f7/charset_normalizer-3.4.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4e594135de17ab3866138f496755f302b72157d115086d100c3f19370839dd3a", size = 148567, upload-time = "2025-05-02T08:32:40.251Z" },
-    { url = "https://files.pythonhosted.org/packages/09/14/957d03c6dc343c04904530b6bef4e5efae5ec7d7990a7cbb868e4595ee30/charset_normalizer-3.4.2-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:cf713fe9a71ef6fd5adf7a79670135081cd4431c2943864757f0fa3a65b1fafd", size = 150957, upload-time = "2025-05-02T08:32:41.705Z" },
-    { url = "https://files.pythonhosted.org/packages/0d/c8/8174d0e5c10ccebdcb1b53cc959591c4c722a3ad92461a273e86b9f5a302/charset_normalizer-3.4.2-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:a370b3e078e418187da8c3674eddb9d983ec09445c99a3a263c2011993522981", size = 145408, upload-time = "2025-05-02T08:32:43.709Z" },
-    { url = "https://files.pythonhosted.org/packages/58/aa/8904b84bc8084ac19dc52feb4f5952c6df03ffb460a887b42615ee1382e8/charset_normalizer-3.4.2-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:a955b438e62efdf7e0b7b52a64dc5c3396e2634baa62471768a64bc2adb73d5c", size = 153399, upload-time = "2025-05-02T08:32:46.197Z" },
-    { url = "https://files.pythonhosted.org/packages/c2/26/89ee1f0e264d201cb65cf054aca6038c03b1a0c6b4ae998070392a3ce605/charset_normalizer-3.4.2-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:7222ffd5e4de8e57e03ce2cef95a4c43c98fcb72ad86909abdfc2c17d227fc1b", size = 156815, upload-time = "2025-05-02T08:32:48.105Z" },
-    { url = "https://files.pythonhosted.org/packages/fd/07/68e95b4b345bad3dbbd3a8681737b4338ff2c9df29856a6d6d23ac4c73cb/charset_normalizer-3.4.2-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:bee093bf902e1d8fc0ac143c88902c3dfc8941f7ea1d6a8dd2bcb786d33db03d", size = 154537, upload-time = "2025-05-02T08:32:49.719Z" },
-    { url = "https://files.pythonhosted.org/packages/77/1a/5eefc0ce04affb98af07bc05f3bac9094513c0e23b0562d64af46a06aae4/charset_normalizer-3.4.2-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:dedb8adb91d11846ee08bec4c8236c8549ac721c245678282dcb06b221aab59f", size = 149565, upload-time = "2025-05-02T08:32:51.404Z" },
-    { url = "https://files.pythonhosted.org/packages/37/a0/2410e5e6032a174c95e0806b1a6585eb21e12f445ebe239fac441995226a/charset_normalizer-3.4.2-cp312-cp312-win32.whl", hash = "sha256:db4c7bf0e07fc3b7d89ac2a5880a6a8062056801b83ff56d8464b70f65482b6c", size = 98357, upload-time = "2025-05-02T08:32:53.079Z" },
-    { url = "https://files.pythonhosted.org/packages/6c/4f/c02d5c493967af3eda9c771ad4d2bbc8df6f99ddbeb37ceea6e8716a32bc/charset_normalizer-3.4.2-cp312-cp312-win_amd64.whl", hash = "sha256:5a9979887252a82fefd3d3ed2a8e3b937a7a809f65dcb1e068b090e165bbe99e", size = 105776, upload-time = "2025-05-02T08:32:54.573Z" },
-    { url = "https://files.pythonhosted.org/packages/ea/12/a93df3366ed32db1d907d7593a94f1fe6293903e3e92967bebd6950ed12c/charset_normalizer-3.4.2-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:926ca93accd5d36ccdabd803392ddc3e03e6d4cd1cf17deff3b989ab8e9dbcf0", size = 199622, upload-time = "2025-05-02T08:32:56.363Z" },
-    { url = "https://files.pythonhosted.org/packages/04/93/bf204e6f344c39d9937d3c13c8cd5bbfc266472e51fc8c07cb7f64fcd2de/charset_normalizer-3.4.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:eba9904b0f38a143592d9fc0e19e2df0fa2e41c3c3745554761c5f6447eedabf", size = 143435, upload-time = "2025-05-02T08:32:58.551Z" },
-    { url = "https://files.pythonhosted.org/packages/22/2a/ea8a2095b0bafa6c5b5a55ffdc2f924455233ee7b91c69b7edfcc9e02284/charset_normalizer-3.4.2-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:3fddb7e2c84ac87ac3a947cb4e66d143ca5863ef48e4a5ecb83bd48619e4634e", size = 153653, upload-time = "2025-05-02T08:33:00.342Z" },
-    { url = "https://files.pythonhosted.org/packages/b6/57/1b090ff183d13cef485dfbe272e2fe57622a76694061353c59da52c9a659/charset_normalizer-3.4.2-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:98f862da73774290f251b9df8d11161b6cf25b599a66baf087c1ffe340e9bfd1", size = 146231, upload-time = "2025-05-02T08:33:02.081Z" },
-    { url = "https://files.pythonhosted.org/packages/e2/28/ffc026b26f441fc67bd21ab7f03b313ab3fe46714a14b516f931abe1a2d8/charset_normalizer-3.4.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c9379d65defcab82d07b2a9dfbfc2e95bc8fe0ebb1b176a3190230a3ef0e07c", size = 148243, upload-time = "2025-05-02T08:33:04.063Z" },
-    { url = "https://files.pythonhosted.org/packages/c0/0f/9abe9bd191629c33e69e47c6ef45ef99773320e9ad8e9cb08b8ab4a8d4cb/charset_normalizer-3.4.2-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e635b87f01ebc977342e2697d05b56632f5f879a4f15955dfe8cef2448b51691", size = 150442, upload-time = "2025-05-02T08:33:06.418Z" },
-    { url = "https://files.pythonhosted.org/packages/67/7c/a123bbcedca91d5916c056407f89a7f5e8fdfce12ba825d7d6b9954a1a3c/charset_normalizer-3.4.2-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:1c95a1e2902a8b722868587c0e1184ad5c55631de5afc0eb96bc4b0d738092c0", size = 145147, upload-time = "2025-05-02T08:33:08.183Z" },
-    { url = "https://files.pythonhosted.org/packages/ec/fe/1ac556fa4899d967b83e9893788e86b6af4d83e4726511eaaad035e36595/charset_normalizer-3.4.2-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:ef8de666d6179b009dce7bcb2ad4c4a779f113f12caf8dc77f0162c29d20490b", size = 153057, upload-time = "2025-05-02T08:33:09.986Z" },
-    { url = "https://files.pythonhosted.org/packages/2b/ff/acfc0b0a70b19e3e54febdd5301a98b72fa07635e56f24f60502e954c461/charset_normalizer-3.4.2-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:32fc0341d72e0f73f80acb0a2c94216bd704f4f0bce10aedea38f30502b271ff", size = 156454, upload-time = "2025-05-02T08:33:11.814Z" },
-    { url = "https://files.pythonhosted.org/packages/92/08/95b458ce9c740d0645feb0e96cea1f5ec946ea9c580a94adfe0b617f3573/charset_normalizer-3.4.2-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:289200a18fa698949d2b39c671c2cc7a24d44096784e76614899a7ccf2574b7b", size = 154174, upload-time = "2025-05-02T08:33:13.707Z" },
-    { url = "https://files.pythonhosted.org/packages/78/be/8392efc43487ac051eee6c36d5fbd63032d78f7728cb37aebcc98191f1ff/charset_normalizer-3.4.2-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:4a476b06fbcf359ad25d34a057b7219281286ae2477cc5ff5e3f70a246971148", size = 149166, upload-time = "2025-05-02T08:33:15.458Z" },
-    { url = "https://files.pythonhosted.org/packages/44/96/392abd49b094d30b91d9fbda6a69519e95802250b777841cf3bda8fe136c/charset_normalizer-3.4.2-cp313-cp313-win32.whl", hash = "sha256:aaeeb6a479c7667fbe1099af9617c83aaca22182d6cf8c53966491a0f1b7ffb7", size = 98064, upload-time = "2025-05-02T08:33:17.06Z" },
-    { url = "https://files.pythonhosted.org/packages/e9/b0/0200da600134e001d91851ddc797809e2fe0ea72de90e09bec5a2fbdaccb/charset_normalizer-3.4.2-cp313-cp313-win_amd64.whl", hash = "sha256:aa6af9e7d59f9c12b33ae4e9450619cf2488e2bbe9b44030905877f0b2324980", size = 105641, upload-time = "2025-05-02T08:33:18.753Z" },
-    { url = "https://files.pythonhosted.org/packages/20/94/c5790835a017658cbfabd07f3bfb549140c3ac458cfc196323996b10095a/charset_normalizer-3.4.2-py3-none-any.whl", hash = "sha256:7f56930ab0abd1c45cd15be65cc741c28b1c9a34876ce8c17a2fa107810c0af0", size = 52626, upload-time = "2025-05-02T08:34:40.053Z" },
-]
-
-[[package]]
-name = "jira-get-release-notes"
-version = "0.1.0"
-source = { virtual = "." }
-dependencies = [
-    { name = "requests" },
-]
-
-[package.metadata]
-requires-dist = [{ name = "requests", specifier = ">=2.32.3" }]
-
-[[package]]
-name = "idna"
-version = "3.10"
-source = { registry = "https://pypi.org/simple" }
-sdist = { url = "https://files.pythonhosted.org/packages/f1/70/7703c29685631f5a7590aa73f1f1d3fa9a380e654b86af429e0934a32f7d/idna-3.10.tar.gz", hash = "sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9", size = 190490, upload-time = "2024-09-15T18:07:39.745Z" }
-wheels = [
-    { url = "https://files.pythonhosted.org/packages/76/c6/c88e154df9c4e1a2a66ccf0005a88dfb2650c1dffb6f5ce603dfbd452ce3/idna-3.10-py3-none-any.whl", hash = "sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3", size = 70442, upload-time = "2024-09-15T18:07:37.964Z" },
-]
-
-[[package]]
-name = "requests"
-version = "2.32.3"
-source = { registry = "https://pypi.org/simple" }
-dependencies = [
-    { name = "certifi" },
-    { name = "charset-normalizer" },
-    { name = "idna" },
-    { name = "urllib3" },
-]
-sdist = { url = "https://files.pythonhosted.org/packages/63/70/2bf7780ad2d390a8d301ad0b550f1581eadbd9a20f896afe06353c2a2913/requests-2.32.3.tar.gz", hash = "sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760", size = 131218, upload-time = "2024-05-29T15:37:49.536Z" }
-wheels = [
-    { url = "https://files.pythonhosted.org/packages/f9/9b/335f9764261e915ed497fcdeb11df5dfd6f7bf257d4a6a2a686d80da4d54/requests-2.32.3-py3-none-any.whl", hash = "sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6", size = 64928, upload-time = "2024-05-29T15:37:47.027Z" },
-]
-
-[[package]]
-name = "urllib3"
-version = "2.4.0"
-source = { registry = "https://pypi.org/simple" }
-sdist = { url = "https://files.pythonhosted.org/packages/8a/78/16493d9c386d8e60e442a35feac5e00f0913c0f4b7c217c11e8ec2ff53e0/urllib3-2.4.0.tar.gz", hash = "sha256:414bc6535b787febd7567804cc015fee39daab8ad86268f1310a9250697de466", size = 390672, upload-time = "2025-04-10T15:23:39.232Z" }
-wheels = [
-    { url = "https://files.pythonhosted.org/packages/6b/11/cc635220681e93a0183390e26485430ca2c7b5f9d33b15c74c2861cb8091/urllib3-2.4.0-py3-none-any.whl", hash = "sha256:4e16665048960a0900c702d4a66415956a584919c03361cac9f1df5c5dd7e813", size = 128680, upload-time = "2025-04-10T15:23:37.377Z" },
-]

.github/workflows/build-authenticator.yml

@@ -29,25 +29,12 @@ env:
   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
   JAVA_VERSION: 17
 
-permissions:
-  contents: read
-  packages: read
-
 jobs:
   build:
     name: Build Authenticator
     runs-on: ubuntu-24.04
 
     steps:
-      - name: Log inputs to job summary
-        run: |
-          echo "<details><summary>Job Inputs</summary>" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo '```json' >> $GITHUB_STEP_SUMMARY
-          echo '${{ toJson(inputs) }}' >> $GITHUB_STEP_SUMMARY
-          echo '```' >> $GITHUB_STEP_SUMMARY
-          echo "</details>" >> $GITHUB_STEP_SUMMARY
-
       - name: Check out repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
@@ -122,7 +109,7 @@ jobs:
           bundle install --jobs 4 --retry 3
 
       - name: Log in to Azure
-        uses: Azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
+        uses: Azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.6.1
         with:
           creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 

.github/workflows/build.yml

@@ -30,25 +30,12 @@ env:
   JAVA_VERSION: 17
   GITHUB_ACTION_RUN_URL: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
 
-permissions:
-  contents: read
-  packages: read
-
 jobs:
   build:
     name: Build
     runs-on: ubuntu-24.04
 
     steps:
-      - name: Log inputs to job summary
-        run: |
-          echo "<details><summary>Job Inputs</summary>" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo '```json' >> $GITHUB_STEP_SUMMARY
-          echo '${{ toJson(inputs) }}' >> $GITHUB_STEP_SUMMARY
-          echo '```' >> $GITHUB_STEP_SUMMARY
-          echo "</details>" >> $GITHUB_STEP_SUMMARY
-
       - name: Check out repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
@@ -130,7 +117,7 @@ jobs:
           bundle install --jobs 4 --retry 3
 
       - name: Log in to Azure
-        uses: Azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
+        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
         with:
           creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 
@@ -208,7 +195,7 @@ jobs:
 
       - name: Increment version
         run: |
-          DEFAULT_VERSION_CODE=$((11000+GITHUB_RUN_NUMBER))
+          DEFAULT_VERSION_CODE=$((11000+$GITHUB_RUN_NUMBER))
           bundle exec fastlane setBuildVersionInfo \
           versionCode:${{ inputs.version-code || '$DEFAULT_VERSION_CODE' }} \
           versionName:${{ inputs.version-name }}
@@ -429,7 +416,7 @@ jobs:
           bundle install --jobs 4 --retry 3
 
       - name: Log in to Azure
-        uses: Azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
+        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
         with:
           creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 
@@ -494,7 +481,7 @@ jobs:
       # Start from 11000 to prevent collisions with mobile build version codes
       - name: Increment version
         run: |
-          DEFAULT_VERSION_CODE=$((11000+GITHUB_RUN_NUMBER))
+          DEFAULT_VERSION_CODE=$((11000+$GITHUB_RUN_NUMBER))
           VERSION_CODE="${{ inputs.version-code || '$DEFAULT_VERSION_CODE' }}"
           bundle exec fastlane setBuildVersionInfo \
           versionCode:$VERSION_CODE \

.github/workflows/crowdin-pull-authenticator.yml

@@ -0,0 +1,56 @@
+name: Crowdin Sync - Authenticator
+
+on:
+  workflow_dispatch:
+    inputs: {}
+  schedule:
+    - cron: '0 0 * * 5'
+
+jobs:
+  crowdin-sync:
+    name: Autosync
+    runs-on: ubuntu-24.04
+    env:
+      _CROWDIN_PROJECT_ID: "673718"
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Log in to Azure - CI Subscription
+        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
+        with:
+          creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
+
+      - name: Retrieve secrets
+        id: retrieve-secrets
+        uses: bitwarden/gh-actions/get-keyvault-secrets@main
+        with:
+          keyvault: "bitwarden-ci"
+          secrets: "github-gpg-private-key, github-gpg-private-key-passphrase"
+
+      - name: Generate GH App token
+        uses: actions/create-github-app-token@3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5 # v2.0.2
+        id: app-token
+        with:
+          app-id: ${{ secrets.BW_GHAPP_ID }}
+          private-key: ${{ secrets.BW_GHAPP_KEY }}
+
+      - name: Download translations
+        uses: crowdin/github-action@b8012bd5491b8aa8578b73ab5b5f5e7c94aaa6e2 # v2.7.0
+        env:
+          GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
+          CROWDIN_API_TOKEN: ${{ secrets.CROWDIN_API_TOKEN }}
+        with:
+          config: crowdin-bwa.yml
+          upload_sources: false
+          upload_translations: false
+          download_translations: true
+          github_user_name: "bitwarden-devops-bot"
+          github_user_email: "106330231+bitwarden-devops-bot@users.noreply.github.com"
+          commit_message: "Autosync the updated translations"
+          localization_branch_name: crowdin-auto-sync
+          create_pull_request: true
+          pull_request_title: "Autosync Crowdin Translations"
+          pull_request_body: "Autosync the updated translations"
+          gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }}
+          gpg_passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }}

.github/workflows/crowdin-pull.yml

@@ -1,35 +1,23 @@
-name: Cron / Crowdin Pull
-run-name: Crowdin Pull - ${{ github.event_name == 'workflow_dispatch' && 'Manual' || 'Scheduled' }}
+name: Crowdin Sync
 
 on:
   workflow_dispatch:
+    inputs: {}
   schedule:
     - cron: '0 0 * * 5'
 
 jobs:
   crowdin-sync:
-    name: Crowdin Pull - ${{ matrix.name }} - ${{ github.event_name }}
+    name: Autosync
     runs-on: ubuntu-24.04
-    permissions:
-      contents: write
-      pull-requests: write
-    strategy:
-      matrix:
-        include:
-          - name: Password Manager
-            project_id: 269690
-            config: crowdin-bwpm.yml
-            branch: crowdin-pull-bwpm
-          - name: Authenticator
-            project_id: 673718
-            config: crowdin-bwa.yml
-            branch: crowdin-pull-bwa
+    env:
+      _CROWDIN_PROJECT_ID: "269690"
     steps:
       - name: Checkout repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Login to Azure - CI Subscription
-        uses: Azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
+        uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
         with:
           creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 
@@ -47,23 +35,22 @@ jobs:
           app-id: ${{ secrets.BW_GHAPP_ID }}
           private-key: ${{ secrets.BW_GHAPP_KEY }}
 
-      - name: Download translations for ${{ matrix.name }}
+      - name: Download translations
         uses: crowdin/github-action@b8012bd5491b8aa8578b73ab5b5f5e7c94aaa6e2 # v2.7.0
         env:
           GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
           CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}
-          _CROWDIN_PROJECT_ID: ${{ matrix.project_id }}
         with:
-          config: ${{ matrix.config }}
+          config: crowdin.yml
           upload_sources: false
           upload_translations: false
           download_translations: true
           github_user_name: "bitwarden-devops-bot"
           github_user_email: "106330231+bitwarden-devops-bot@users.noreply.github.com"
-          commit_message: "Crowdin Pull - ${{ matrix.name }}"
-          localization_branch_name: ${{ matrix.branch }}
+          commit_message: "Autosync the updated translations"
+          localization_branch_name: crowdin-auto-sync
           create_pull_request: true
-          pull_request_title: "Crowdin Pull - ${{ matrix.name }}"
-          pull_request_body: ":inbox_tray: New translations for ${{ matrix.name }} received!"
+          pull_request_title: "Autosync Crowdin Translations"
+          pull_request_body: "Autosync the updated translations"
           gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }}
           gpg_passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }}

.github/workflows/crowdin-push-authenticator.yml

@@ -0,0 +1,30 @@
+name: Crowdin Push - Authenticator
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - "main"
+env:
+  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  JAVA_VERSION: 17
+
+jobs:
+  crowdin-push:
+    name: Crowdin Push
+    runs-on: ubuntu-24.04
+    env:
+      _CROWDIN_PROJECT_ID: "673718"
+    steps:
+      - name: Check out repo
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+      - name: Upload sources
+        uses: crowdin/github-action@b8012bd5491b8aa8578b73ab5b5f5e7c94aaa6e2 # v2.7.0
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          CROWDIN_API_TOKEN: ${{ secrets.CROWDIN_API_TOKEN }}
+        with:
+          config: crowdin-bwa.yml
+          upload_sources: true
+          upload_translations: false

.github/workflows/crowdin-push.yml

@@ -1,24 +1,23 @@
-name: CI / Crowdin Push
-run-name: Crowdin Push - ${{ github.event_name == 'workflow_dispatch' && 'Manual' || 'CI' }}
+name: Crowdin Push
 
 on:
   workflow_dispatch:
   push:
     branches:
-      - main
+      - "main"
 
 jobs:
   crowdin-push:
-    name: Crowdin Push - ${{ github.event_name }}
+    name: Crowdin Push
     runs-on: ubuntu-24.04
-    permissions:
-      contents: read
+    env:
+      _CROWDIN_PROJECT_ID: "269690"
     steps:
       - name: Check out repo
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Log in to Azure
-        uses: Azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0
+        uses: Azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.6.1
         with:
           creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
 
@@ -29,24 +28,12 @@ jobs:
           keyvault: "bitwarden-ci"
           secrets: "crowdin-api-token"
 
-      - name: Upload sources for Password Manager
+      - name: Upload sources
         uses: crowdin/github-action@b8012bd5491b8aa8578b73ab5b5f5e7c94aaa6e2 # v2.7.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}
-          _CROWDIN_PROJECT_ID: "269690"
         with:
-          config: crowdin-bwpm.yml
-          upload_sources: true
-          upload_translations: false
-
-      - name: Upload sources for Authenticator
-        uses: crowdin/github-action@b8012bd5491b8aa8578b73ab5b5f5e7c94aaa6e2 # v2.7.0
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}
-          _CROWDIN_PROJECT_ID: "673718"
-        with:
-          config: crowdin-bwa.yml
+          config: crowdin.yml
           upload_sources: true
           upload_translations: false

.github/workflows/github-release.yml

@@ -3,24 +3,45 @@ name: Create GitHub Release
 on:
   workflow_dispatch:
     inputs:
+      version-name:
+        description: 'Version Name - E.g. "2024.11.1"'
+        required: true
+        type: string
+      version-number:
+        description: 'Version Number - E.g. "123456"'
+        required: true
+        type: string
       artifact-run-id:
         description: 'GitHub Action Run ID containing artifacts'
         required: true
         type: string
-      release-ticket-id:
-        description: 'Release Ticket ID - e.g. RELEASE-1762'
-        required: true
-        type: string
-
+      draft:
+        description: 'Create as draft release'
+        type: boolean
+        default: true
+      prerelease:
+        description: 'Mark as pre-release'
+        type: boolean
+        default: true
+      make-latest:
+        description: 'Set as the latest release'
+        type: boolean
+      branch-protection-type:
+        description: 'Branch protection type'
+        type: choice
+        options:
+          - Branch Name
+          - GitHub API
+        default: Branch Name
 env:
     ARTIFACTS_PATH: artifacts
-
 jobs:
   create-release:
     name: Create GitHub Release
     runs-on: ubuntu-24.04
     permissions:
       contents: write
+      actions: read
 
     steps:
       - name: Check out repository
@@ -33,74 +54,31 @@ jobs:
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           ARTIFACT_RUN_ID: ${{ inputs.artifact-run-id }}
+          BRANCH_PROTECTION_TYPE: ${{ inputs.branch-protection-type }}
         run: |
-          workflow_data=$(gh run view $ARTIFACT_RUN_ID --json headBranch,workflowName)
-          release_branch=$(echo "$workflow_data" | jq -r .headBranch)
-          workflow_name=$(echo "$workflow_data" | jq -r .workflowName)
+          release_branch=$(gh run view $ARTIFACT_RUN_ID --json headBranch -q .headBranch)
 
-          # branch protection check
-          if [[ "$release_branch" != "main" && ! "$release_branch" =~ ^release/ ]]; then
-            echo "::error::Branch '$release_branch' is not 'main' or a release branch starting with 'release/'. Releases must be created from protected branches."
-            exit 1
-          fi
-
-          echo "release_branch=$release_branch" >> $GITHUB_OUTPUT
-          echo "workflow_name=$workflow_name" >> $GITHUB_OUTPUT
-
-          case "$workflow_name" in
-            *"Password Manager"* | "Build")
-              echo "app_name=Password Manager" >> $GITHUB_OUTPUT
-              echo "app_name_suffix=bwpm" >> $GITHUB_OUTPUT
+          case "$BRANCH_PROTECTION_TYPE" in
+            "Branch Name")
+              if [[ "$release_branch" != "main" && ! "$release_branch" =~ ^release/ ]]; then
+                echo "::error::Branch '$release_branch' is not 'main' or a release branch starting with 'release/'. Releases must be created from protected branches."
+                exit 1
+              fi
               ;;
-            *"Authenticator"*)
-              echo "app_name=Authenticator" >> $GITHUB_OUTPUT
-              echo "app_name_suffix=bwa" >> $GITHUB_OUTPUT
+            "GitHub API")
+              #NOTE requires token with "administration:read" scope
+              if ! gh api "repos/${{ github.repository }}/branches/$release_branch/protection" | grep -q "required_status_checks"; then
+                echo "::error::Branch '$release_branch' is not protected. Releases must be created from protected branches. If that's not correct, confirm if the github token user has the 'administration:read' scope."
+                exit 1
+              fi
               ;;
             *)
-              echo "::error::Unknown workflow name: $workflow_name"
+              echo "::error::Unsupported branch protection type: $BRANCH_PROTECTION_TYPE"
               exit 1
               ;;
           esac
 
-      - name: Get version info from run logs and set release tag name
-        id: get_release_info
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          ARTIFACT_RUN_ID: ${{ inputs.artifact-run-id }}
-          _APP_NAME_SUFFIX: ${{ steps.get_release_branch.outputs.app_name_suffix }}
-        run: |
-          workflow_log=$(gh run view $ARTIFACT_RUN_ID --log)
-
-          version_number_with_trailing_dot=$(grep -m 1 "Setting version code to" <<< "$workflow_log" | sed 's/.*Setting version code to //')
-          version_number=${version_number_with_trailing_dot%.} # remove trailing dot
-
-          version_name_with_trailing_dot=$(grep -m 1 "Setting version name to" <<< "$workflow_log" | sed 's/.*Setting version name to //')
-          version_name=${version_name_with_trailing_dot%.} # remove trailing dot
-
-          if [[ -z "$version_name" ]]; then
-            echo "::warning::Version name not found. Using default value - 0.0.0"
-            version_name="0.0.0"
-          else
-            echo "✅ Found version name: $version_name"
-          fi
-
-          if [[ -z "$version_number" ]]; then
-            echo "::warning::Version number not found. Using default value - 0"
-            version_number="0"
-          else
-            echo "✅ Found version number: $version_number"
-          fi
-
-          echo "version_number=$version_number" >> $GITHUB_OUTPUT
-          echo "version_name=$version_name" >> $GITHUB_OUTPUT
-
-          tag_name="v$version_name-$_APP_NAME_SUFFIX" # e.g. v2025.6.0-bwpm
-          echo "🔖 New tag name: $tag_name"
-          echo "tag_name=$tag_name" >> $GITHUB_OUTPUT
-
-          last_release_tag=$(git tag -l --sort=-authordate | grep "$APP_NAME_SUFFIX" | head -n 1)
-          echo "🔖 Last release tag: $last_release_tag"
-          echo "last_release_tag=$last_release_tag" >> $GITHUB_OUTPUT
+          echo "release_branch=$release_branch" >> $GITHUB_OUTPUT
 
       - name: Download artifacts
         env:
@@ -115,106 +93,37 @@ jobs:
             find $ARTIFACTS_PATH -type f
           fi
 
-      - name: Get product release notes
-        id: get_release_notes
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          ARTIFACT_RUN_ID: ${{ inputs.artifact-run-id }}
-          _VERSION_NAME: ${{ steps.get_release_info.outputs.version_name }}
-          _RELEASE_TICKET_ID: ${{ inputs.release-ticket-id }}
-          _JIRA_API_EMAIL: ${{ secrets.JIRA_API_EMAIL }}
-          _JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
-        run: |
-          echo "Getting product release notes"
-          product_release_notes=$(python3 .github/scripts/jira-get-release-notes/jira_release_notes.py $_RELEASE_TICKET_ID $_JIRA_API_EMAIL $_JIRA_API_TOKEN)
-
-          if [[ -z "$product_release_notes" || $product_release_notes == "Error checking"* ]]; then
-            echo "::warning::Failed to fetch release notes from Jira. Output: $product_release_notes"
-            product_release_notes="<insert product release notes here>"
-          else
-            echo "✅ Product release notes:"
-            echo "$product_release_notes"
-          fi
-
-          echo "$product_release_notes" > product_release_notes.txt
-
       - name: Create Release
         id: create_release
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          _APP_NAME: ${{ steps.get_release_branch.outputs.app_name }}
-          _VERSION_NAME: ${{ steps.get_release_info.outputs.version_name }}
-          _VERSION_NUMBER: ${{ steps.get_release_info.outputs.version_number }}
-          _TARGET_COMMIT: ${{ steps.get_release_branch.outputs.release_branch }}
-          _TAG_NAME: ${{ steps.get_release_info.outputs.tag_name }}
-          _LAST_RELEASE_TAG: ${{ steps.get_release_info.outputs.last_release_tag }}
-        run: |
-          echo "⌛️ Creating release for $_APP_NAME $_VERSION_NAME ($_VERSION_NUMBER) on $_TARGET_COMMIT"
-          release_url=$(gh release create "$_TAG_NAME" \
-            --title "$_APP_NAME $_VERSION_NAME ($_VERSION_NUMBER)" \
-            --target "$_TARGET_COMMIT" \
-            --generate-notes \
-            --notes-start-tag "$_LAST_RELEASE_TAG" \
-            --draft \
-            $ARTIFACTS_PATH/*/*)
-
-          echo "✅ Release created: $release_url"
-
-          # Get release info for outputs
-          release_data=$(gh release view "$_TAG_NAME" --json id)
-          release_id=$(echo "$release_data" | jq -r .id)
-
-          echo "id=$release_id" >> $GITHUB_OUTPUT
-          echo "url=$release_url" >> $GITHUB_OUTPUT
+        uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631 # v2.2.2
+        with:
+          tag_name: "v${{ inputs.version-name }}"
+          name: "${{ inputs.version-name }} (${{ inputs.version-number }})"
+          prerelease: ${{ inputs.prerelease }}
+          draft: ${{ inputs.draft }}
+          make_latest: ${{ inputs.make-latest }}
+          target_commitish: ${{ steps.get_release_branch.outputs.release_branch }}
+          generate_release_notes: true
+          files: |
+            artifacts/**/*
 
       - name: Update Release Description
-        id: update_release_description
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          RELEASE_ID: ${{ steps.create_release.outputs.id }}
+          RELEASE_URL: ${{ steps.create_release.outputs.url }}
           ARTIFACT_RUN_ID: ${{ inputs.artifact-run-id }}
-          _VERSION_NAME: ${{ steps.get_release_info.outputs.version_name }}
-          _TAG_NAME: ${{ steps.get_release_info.outputs.tag_name }}
         run: |
-          echo "Getting current release body. Tag: $_TAG_NAME"
-          current_body=$(gh release view "$_TAG_NAME" --json body --jq .body)
+          # Get current release body
+          current_body=$(gh api /repos/${{ github.repository }}/releases/$RELEASE_ID --jq .body)
 
-          product_release_notes=$(cat product_release_notes.txt)
-
-          # Update release description with product release notes and builds source
-          updated_body="# Overview
-          ${product_release_notes}
-
-          ${current_body}
+          # Append build source to the end
+          updated_body="${current_body}
           **Builds Source:** https://github.com/${{ github.repository }}/actions/runs/$ARTIFACT_RUN_ID"
 
-          new_release_url=$(gh release edit "$_TAG_NAME" --notes "$updated_body")
+          # Update release
+          gh api --method PATCH /repos/${{ github.repository }}/releases/$RELEASE_ID \
+            -f body="$updated_body"
 
-          # draft release links change after editing
-          echo "release_url=$new_release_url" >> $GITHUB_OUTPUT
-
-      - name: Add Release Summary
-        env:
-          _RELEASE_TAG: ${{ steps.get_release_info.outputs.tag_name }}
-          _LAST_RELEASE_TAG: ${{ steps.get_release_info.outputs.last_release_tag }}
-          _VERSION_NAME: ${{ steps.get_release_info.outputs.version_name }}
-          _VERSION_NUMBER: ${{ steps.get_release_info.outputs.version_number }}
-          _RELEASE_BRANCH: ${{ steps.get_release_branch.outputs.release_branch }}
-          _RELEASE_URL: ${{ steps.update_release_description.outputs.release_url }}
-        run: |
-          echo "# :fish_cake: Release ready at:" >> $GITHUB_STEP_SUMMARY
-          echo "$_RELEASE_URL" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-
-          if [[ "$_VERSION_NAME" == "0.0.0" || "$_VERSION_NUMBER" == "0" ]]; then
-            echo "> [!CAUTION]" >> $GITHUB_STEP_SUMMARY
-            echo "> Version name or number wasn't previously found and a default value was used. You'll need to manually update the release Title, Tag and Description, specifically, the "Full Changelog" link." >> $GITHUB_STEP_SUMMARY
-            echo "" >> $GITHUB_STEP_SUMMARY
-          fi
-
-          echo ":clipboard: Confirm that the defined GitHub Release options are correct:"  >> $GITHUB_STEP_SUMMARY
-          echo " * :bookmark: New tag name: \`$_RELEASE_TAG\`" >> $GITHUB_STEP_SUMMARY
-          echo " * :palm_tree: Target branch: \`$_RELEASE_BRANCH\`" >> $GITHUB_STEP_SUMMARY
-          echo " * :ocean: Previous tag set in the description \"Full Changelog\" link: \`$_LAST_RELEASE_TAG\`" >> $GITHUB_STEP_SUMMARY
-          echo " * :white_check_mark: Description has automated release notes and they match the commits in the release branch" >> $GITHUB_STEP_SUMMARY
-          echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
-          echo "> Commits directly pushed to branches without a Pull Request won't appear in the automated release notes." >> $GITHUB_STEP_SUMMARY
+          echo "# :rocket: Release ready at:" >> $GITHUB_STEP_SUMMARY
+          echo "$RELEASE_URL" >> $GITHUB_STEP_SUMMARY

.github/workflows/publish-github-release.yml

@@ -1,14 +0,0 @@
-name: Publish GitHub Release as newest
-
-on:
-  workflow_dispatch:
-
-permissions: {}
-
-jobs:
-  stub:
-    runs-on: ubuntu-24.04
-    name: Stub
-    steps:
-      - name: Stub
-        run: echo "This is a stub job to trigger the workflow."

.github/workflows/publish-store.yml

@@ -1,16 +0,0 @@
-
-name: Publish
-
-on:
-  workflow_dispatch:
-
-permissions: {}
-
-jobs:
-    publish:
-      runs-on: ubuntu-24.04
-      name: Promote build to Production in Play Store
-
-      steps:
-        - name: TEST STEP
-          run: exit 0

.github/workflows/scan.yml

@@ -11,14 +11,10 @@ on:
     branches:
       - main
 
-permissions: {}
-
 jobs:
   check-run:
     name: Check PR run
     uses: bitwarden/gh-actions/.github/workflows/check-run.yml@main
-    permissions:
-      contents: read
 
   sast:
     name: SAST scan

.github/workflows/test-device.yml

@@ -1,16 +0,0 @@
-name: Test Device
-
-on:
-  workflow_dispatch:
-
-permissions:
-  contents: read
-
-jobs:
-  test:
-    name: Test Device
-    runs-on: ubuntu-24.04
-
-    steps:
-    - name: Placeholder step
-      run: echo "Placeholder workflow step"

.github/workflows/test.yml

@@ -9,7 +9,7 @@ on:
   pull_request:
     types: [opened, synchronize]
   merge_group:
-    types: [checks_requested]
+    type: [checks_requested]
   workflow_dispatch:
 
 env:
@@ -110,7 +110,7 @@ jobs:
           echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY
           echo "> Uploading code coverage report failed. Please check the \"Upload to codecov.io\" step of \"Process Test Reports\" job for more details." >> $GITHUB_STEP_SUMMARY
 
-          if [ -n "$PR_NUMBER" ]; then
+          if [ ! -z "$PR_NUMBER" ]; then
             message=$'> [!WARNING]\n> @'$RUN_ACTOR' Uploading code coverage report failed. Please check the "Upload to codecov.io" step of [Process Test Reports job]('$_GITHUB_ACTION_RUN_URL') for more details.'
             gh pr comment --repo $GITHUB_REPOSITORY $PR_NUMBER --body "$message"
           fi

Gemfile.lock

@@ -9,26 +9,26 @@ GEM
       public_suffix (>= 2.0.2, < 7.0)
     artifactory (3.0.17)
     atomos (0.1.3)
-    aws-eventstream (1.4.0)
-    aws-partitions (1.1125.0)
-    aws-sdk-core (3.226.2)
+    aws-eventstream (1.3.2)
+    aws-partitions (1.1102.0)
+    aws-sdk-core (3.223.0)
       aws-eventstream (~> 1, >= 1.3.0)
       aws-partitions (~> 1, >= 1.992.0)
       aws-sigv4 (~> 1.9)
       base64
       jmespath (~> 1, >= 1.6.1)
       logger
-    aws-sdk-kms (1.106.0)
-      aws-sdk-core (~> 3, >= 3.225.0)
+    aws-sdk-kms (1.100.0)
+      aws-sdk-core (~> 3, >= 3.216.0)
       aws-sigv4 (~> 1.5)
-    aws-sdk-s3 (1.192.0)
-      aws-sdk-core (~> 3, >= 3.225.0)
+    aws-sdk-s3 (1.185.0)
+      aws-sdk-core (~> 3, >= 3.216.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.5)
-    aws-sigv4 (1.12.1)
+    aws-sigv4 (1.11.0)
       aws-eventstream (~> 1, >= 1.0.2)
     babosa (1.0.4)
-    base64 (0.3.0)
+    base64 (0.2.0)
     claide (1.1.0)
     colored (1.2)
     colored2 (3.1.2)
@@ -58,10 +58,10 @@ GEM
       faraday (>= 0.8.0)
       http-cookie (~> 1.0.0)
     faraday-em_http (1.0.0)
-    faraday-em_synchrony (1.0.1)
+    faraday-em_synchrony (1.0.0)
     faraday-excon (1.1.0)
     faraday-httpclient (1.0.1)
-    faraday-multipart (1.1.1)
+    faraday-multipart (1.1.0)
       multipart-post (~> 2.0)
     faraday-net_http (1.0.2)
     faraday-net_http_persistent (1.2.0)
@@ -71,7 +71,7 @@ GEM
     faraday_middleware (1.2.1)
       faraday (~> 1.0)
     fastimage (2.4.0)
-    fastlane (2.228.0)
+    fastlane (2.227.2)
       CFPropertyList (>= 2.3, < 4.0.0)
       addressable (>= 2.8, < 3.0.0)
       artifactory (~> 3.0)
@@ -165,8 +165,8 @@ GEM
     httpclient (2.9.0)
       mutex_m
     jmespath (1.6.2)
-    json (2.12.2)
-    jwt (2.10.2)
+    json (2.11.3)
+    jwt (2.10.1)
       base64
     logger (1.7.0)
     mini_magick (4.13.2)
@@ -175,13 +175,13 @@ GEM
     multipart-post (2.4.1)
     mutex_m (0.3.0)
     nanaimo (0.4.0)
-    naturally (2.3.0)
+    naturally (2.2.1)
     nkf (0.2.0)
     optparse (0.6.0)
     os (1.1.4)
     plist (3.7.2)
     public_suffix (6.0.2)
-    rake (13.3.0)
+    rake (13.2.1)
     representable (3.2.0)
       declarative (< 0.1.0)
       trailblazer-option (>= 0.1.1, < 0.2.0)

README.md

@@ -52,16 +52,6 @@
 
     Please avoid mixing formatting and logical changes in the same commit/PR. When possible, fix any large formatting issues in a separate PR before opening one to make logical changes to the same code. This helps others focus on the meaningful code changes when reviewing the code.
 
-4. Setup JDK `Version` `17`:
-
-    - Navigate to `Preferences > Build, Execution, Deployment > Build Tools > Gradle`.
-    - Hit the selected Gradle JDK next to `Gradle JDK:`.
-    - Select a `17.x` version or hit `Download JDK...` if not present.
-    - Select `Version` `17`.
-    - Select your preferred `Vendor`.
-    - Hit `Download`.
-    - Hit `Apply`.
-
 ## Theme
 
 ### Icons & Illustrations

annotation/.gitignore

@@ -1 +0,0 @@
-/build

annotation/build.gradle.kts

@@ -1,42 +0,0 @@
-import org.jetbrains.kotlin.gradle.dsl.JvmTarget
-
-plugins {
-    alias(libs.plugins.android.library)
-    alias(libs.plugins.kotlin.android)
-}
-
-android {
-    namespace = "com.bitwarden.annotation"
-    compileSdk = libs.versions.compileSdk.get().toInt()
-
-    defaultConfig {
-        minSdk = libs.versions.minSdkBwa.get().toInt()
-
-        testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
-        consumerProguardFiles("consumer-rules.pro")
-    }
-
-    buildTypes {
-        release {
-            isMinifyEnabled = false
-            proguardFiles(
-                getDefaultProguardFile("proguard-android-optimize.txt"),
-                "proguard-rules.pro",
-            )
-        }
-    }
-    compileOptions {
-        sourceCompatibility(libs.versions.jvmTarget.get())
-        targetCompatibility(libs.versions.jvmTarget.get())
-    }
-    @Suppress("UnstableApiUsage")
-    testFixtures {
-        enable = true
-    }
-}
-
-kotlin {
-    compilerOptions {
-        jvmTarget = JvmTarget.fromTarget(libs.versions.jvmTarget.get())
-    }
-}

app/build.gradle.kts

@@ -10,7 +10,6 @@ import java.util.Properties
 
 plugins {
     alias(libs.plugins.android.application)
-    alias(libs.plugins.androidx.room)
     // Crashlytics is enabled for all builds initially but removed for FDroid builds in gradle and
     // standardDebug builds in the merged manifest.
     alias(libs.plugins.crashlytics)
@@ -47,10 +46,6 @@ android {
     namespace = "com.x8bit.bitwarden"
     compileSdk = libs.versions.compileSdk.get().toInt()
 
-    room {
-        schemaDirectory("$projectDir/schemas")
-    }
-
     defaultConfig {
         applicationId = "com.x8bit.bitwarden"
         minSdk = libs.versions.minSdk.get().toInt()
@@ -60,6 +55,11 @@ android {
 
         setProperty("archivesBaseName", "com.x8bit.bitwarden")
 
+        ksp {
+            // The location in which the generated Room Database Schemas will be stored in the repo.
+            arg("room.schemaLocation", "$projectDir/schemas")
+        }
+
         testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
 
         buildConfigField(
@@ -99,7 +99,6 @@ android {
             applicationIdSuffix = ".beta"
             isDebuggable = false
             isMinifyEnabled = true
-            isShrinkResources = true
             matchingFallbacks += listOf("release")
             proguardFiles(
                 getDefaultProguardFile("proguard-android-optimize.txt"),
@@ -112,7 +111,6 @@ android {
         release {
             isDebuggable = false
             isMinifyEnabled = true
-            isShrinkResources = true
             proguardFiles(
                 getDefaultProguardFile("proguard-android-optimize.txt"),
                 "proguard-rules.pro",
@@ -195,7 +193,7 @@ android {
 
 kotlin {
     compilerOptions {
-        jvmTarget = JvmTarget.fromTarget(libs.versions.jvmTarget.get())
+        jvmTarget.set(JvmTarget.fromTarget(libs.versions.jvmTarget.get()))
     }
 }
 
@@ -215,7 +213,6 @@ dependencies {
 
     implementation(files("libs/authenticatorbridge-1.0.1-release.aar"))
 
-    implementation(project(":annotation"))
     implementation(project(":core"))
     implementation(project(":data"))
     implementation(project(":network"))
@@ -298,7 +295,8 @@ tasks {
         useJUnitPlatform()
         maxHeapSize = "2g"
         maxParallelForks = Runtime.getRuntime().availableProcessors()
-        jvmArgs = jvmArgs.orEmpty() + "-XX:+UseParallelGC" + "-Duser.country=US"
+        jvmArgs = jvmArgs.orEmpty() + "-XX:+UseParallelGC"
+        android.sourceSets["main"].res.srcDirs("src/test/res")
     }
 }
 

app/schemas/com.x8bit.bitwarden.data.credentials.datasource.disk.database.PrivilegedAppDatabase/1.json

@@ -1,38 +0,0 @@
-{
-  "formatVersion": 1,
-  "database": {
-    "version": 1,
-    "identityHash": "ce40856ec88770d11b7afb587c7deabc",
-    "entities": [
-      {
-        "tableName": "privileged_apps",
-        "createSql": "CREATE TABLE IF NOT EXISTS `${TABLE_NAME}` (`package_name` TEXT NOT NULL, `signature` TEXT NOT NULL, PRIMARY KEY(`package_name`, `signature`))",
-        "fields": [
-          {
-            "fieldPath": "packageName",
-            "columnName": "package_name",
-            "affinity": "TEXT",
-            "notNull": true
-          },
-          {
-            "fieldPath": "signature",
-            "columnName": "signature",
-            "affinity": "TEXT",
-            "notNull": true
-          }
-        ],
-        "primaryKey": {
-          "autoGenerate": false,
-          "columnNames": [
-            "package_name",
-            "signature"
-          ]
-        }
-      }
-    ],
-    "setupQueries": [
-      "CREATE TABLE IF NOT EXISTS room_master_table (id INTEGER PRIMARY KEY,identity_hash TEXT)",
-      "INSERT OR REPLACE INTO room_master_table (id,identity_hash) VALUES(42, 'ce40856ec88770d11b7afb587c7deabc')"
-    ]
-  }
-}

app/src/beta/AndroidManifest.xml

@@ -1,21 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<manifest xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:tools="http://schemas.android.com/tools">
-
-    <application tools:ignore="MissingApplicationIcon">
-        <activity
-            android:name=".MainActivity">
-            <intent-filter android:autoVerify="true">
-                <action android:name="android.intent.action.VIEW" />
-
-                <category android:name="android.intent.category.DEFAULT" />
-                <category android:name="android.intent.category.BROWSABLE" />
-
-                <data android:scheme="https" />
-                <data android:host="*.bitwarden.pw" />
-                <data android:pathPattern="/redirect-connector.*" />
-            </intent-filter>
-        </activity>
-    </application>
-
-</manifest>

app/src/debug/AndroidManifest.xml

@@ -7,20 +7,6 @@
         <meta-data
             android:name="firebase_crashlytics_collection_enabled"
             android:value="false" />
-        <activity
-            android:name=".MainActivity"
-            tools:ignore="IntentFilterExportedReceiver">
-            <intent-filter android:autoVerify="true">
-                <action android:name="android.intent.action.VIEW" />
-
-                <category android:name="android.intent.category.DEFAULT" />
-                <category android:name="android.intent.category.BROWSABLE" />
-
-                <data android:scheme="https" />
-                <data android:host="*.bitwarden.pw" />
-                <data android:pathPattern="/redirect-connector.*" />
-            </intent-filter>
-        </activity>
     </application>
 
 </manifest>

app/src/main/AndroidManifest.xml

@@ -37,18 +37,15 @@
         android:dataExtractionRules="@xml/data_extraction_rules"
         android:fullBackupContent="@xml/backup_rules"
         android:icon="@mipmap/ic_launcher"
-        android:intentMatchingFlags="enforceIntentFilter"
         android:label="@string/app_name"
         android:networkSecurityConfig="@xml/network_security_config"
         android:roundIcon="@mipmap/ic_launcher_round"
         android:supportsRtl="true"
         android:theme="@style/LaunchTheme"
-        tools:ignore="CredentialDependency"
         tools:replace="appComponentFactory"
-        tools:targetApi="36">
+        tools:targetApi="33">
         <activity
             android:name=".MainActivity"
-            android:configChanges="uiMode"
             android:exported="true"
             android:launchMode="@integer/launchModeAPIlevel"
             android:theme="@style/LaunchTheme"
@@ -81,6 +78,7 @@
                 <data android:scheme="https" />
                 <data android:host="*.bitwarden.com" />
                 <data android:host="*.bitwarden.eu" />
+                <data android:host="*.bitwarden.pw" />
                 <data android:pathPattern="/redirect-connector.*" />
             </intent-filter>
             <intent-filter>
@@ -329,19 +327,11 @@
             <action android:name="android.intent.action.MAIN" />
             <category android:name="android.intent.category.HOME" />
         </intent>
-        <!-- To Query Privileged Apps -->
-        <intent>
-            <action android:name="android.intent.action.VIEW" />
-            <data android:scheme="http" />
-        </intent>
         <!-- To Query Chrome Beta: -->
         <package android:name="com.chrome.beta" />
 
         <!-- To Query Chrome Stable: -->
         <package android:name="com.android.chrome" />
-
-        <!-- To Query Brave Stable: -->
-        <package android:name="com.brave.browser" />
     </queries>
 
 </manifest>

app/src/main/assets/fido2_privileged_google.json

@@ -779,42 +779,6 @@
           }
         ]
       }
-    },
-    {
-      "type": "android",
-      "info": {
-        "package_name": "cz.seznam.sbrowser",
-        "signatures": [
-          {
-            "build": "release",
-            "cert_fingerprint_sha256": "DB:95:40:66:10:78:83:6E:4E:B1:66:F6:9E:F4:07:30:9E:8D:AE:33:34:68:5E:C8:F6:FA:2F:13:81:B9:AC:F6"
-          }
-        ]
-      }
-    },
-    {
-      "type": "android",
-      "info": {
-        "package_name": "com.opera.mini.native",
-        "signatures": [
-          {
-            "build": "release",
-            "cert_fingerprint_sha256": "57:AC:BC:52:5F:1B:2E:BD:19:19:6C:D6:F0:14:39:7C:C9:10:FD:18:84:1E:0A:E8:50:FE:BC:3E:1E:59:3F:F2"
-          }
-        ]
-      }
-    },
-    {
-      "type": "android",
-      "info": {
-        "package_name": "com.opera.mini.native.beta",
-        "signatures": [
-          {
-            "build": "release",
-            "cert_fingerprint_sha256": "57:AC:BC:52:5F:1B:2E:BD:19:19:6C:D6:F0:14:39:7C:C9:10:FD:18:84:1E:0A:E8:50:FE:BC:3E:1E:59:3F:F2"
-          }
-        ]
-      }
     }
   ]
 }

app/src/main/java/com/x8bit/bitwarden/AccessibilityActivity.kt

@@ -2,7 +2,7 @@ package com.x8bit.bitwarden
 
 import android.os.Bundle
 import androidx.appcompat.app.AppCompatActivity
-import com.bitwarden.annotation.OmitFromCoverage
+import com.bitwarden.core.annotation.OmitFromCoverage
 
 /**
  * An activity to be launched and then immediately closed so that the OS Shade can be collapsed

app/src/main/java/com/x8bit/bitwarden/AuthCallbackActivity.kt

@@ -4,7 +4,7 @@ import android.content.Intent
 import android.os.Bundle
 import androidx.activity.viewModels
 import androidx.appcompat.app.AppCompatActivity
-import com.bitwarden.annotation.OmitFromCoverage
+import com.bitwarden.core.annotation.OmitFromCoverage
 import dagger.hilt.android.AndroidEntryPoint
 
 /**

app/src/main/java/com/x8bit/bitwarden/AutofillTotpCopyActivity.kt

@@ -4,7 +4,7 @@ import android.os.Bundle
 import androidx.activity.viewModels
 import androidx.appcompat.app.AppCompatActivity
 import androidx.lifecycle.lifecycleScope
-import com.bitwarden.annotation.OmitFromCoverage
+import com.bitwarden.core.annotation.OmitFromCoverage
 import com.x8bit.bitwarden.data.autofill.manager.AutofillCompletionManager
 import dagger.hilt.android.AndroidEntryPoint
 import kotlinx.coroutines.flow.launchIn

app/src/main/java/com/x8bit/bitwarden/BitwardenAppComponentFactory.kt

@@ -5,7 +5,7 @@ import android.content.Intent
 import android.os.Build
 import androidx.annotation.Keep
 import androidx.core.app.AppComponentFactory
-import com.bitwarden.annotation.OmitFromCoverage
+import com.bitwarden.core.annotation.OmitFromCoverage
 import com.x8bit.bitwarden.data.autofill.BitwardenAutofillService
 import com.x8bit.bitwarden.data.autofill.accessibility.BitwardenAccessibilityService
 import com.x8bit.bitwarden.data.credentials.BitwardenCredentialProviderService

app/src/main/java/com/x8bit/bitwarden/BitwardenApplication.kt

@@ -1,7 +1,7 @@
 package com.x8bit.bitwarden
 
 import android.app.Application
-import com.bitwarden.annotation.OmitFromCoverage
+import com.bitwarden.core.annotation.OmitFromCoverage
 import com.x8bit.bitwarden.data.auth.manager.AuthRequestNotificationManager
 import com.x8bit.bitwarden.data.platform.manager.LogsManager
 import com.x8bit.bitwarden.data.platform.manager.event.OrganizationEventManager

app/src/main/java/com/x8bit/bitwarden/MainActivity.kt

@@ -11,18 +11,15 @@ import androidx.activity.compose.setContent
 import androidx.activity.viewModels
 import androidx.appcompat.app.AppCompatActivity
 import androidx.appcompat.app.AppCompatDelegate
-import androidx.compose.runtime.Composable
 import androidx.compose.runtime.getValue
 import androidx.compose.runtime.remember
 import androidx.core.os.LocaleListCompat
 import androidx.core.splashscreen.SplashScreen.Companion.installSplashScreen
 import androidx.lifecycle.compose.collectAsStateWithLifecycle
-import androidx.navigation.NavController
 import androidx.navigation.compose.NavHost
-import com.bitwarden.annotation.OmitFromCoverage
+import com.bitwarden.core.annotation.OmitFromCoverage
 import com.bitwarden.ui.platform.base.util.EventsEffect
 import com.bitwarden.ui.platform.theme.BitwardenTheme
-import com.bitwarden.ui.platform.util.setupEdgeToEdge
 import com.x8bit.bitwarden.data.autofill.accessibility.manager.AccessibilityCompletionManager
 import com.x8bit.bitwarden.data.autofill.manager.AutofillActivityManager
 import com.x8bit.bitwarden.data.autofill.manager.AutofillCompletionManager
@@ -38,7 +35,6 @@ import com.x8bit.bitwarden.ui.platform.feature.rootnav.rootNavDestination
 import com.x8bit.bitwarden.ui.platform.feature.settings.appearance.model.AppLanguage
 import com.x8bit.bitwarden.ui.platform.util.appLanguage
 import dagger.hilt.android.AndroidEntryPoint
-import kotlinx.coroutines.flow.map
 import javax.inject.Inject
 
 /**
@@ -66,29 +62,66 @@ class MainActivity : AppCompatActivity() {
     @Inject
     lateinit var debugLaunchManager: DebugMenuLaunchManager
 
+    @Suppress("LongMethod")
     override fun onCreate(savedInstanceState: Bundle?) {
         var shouldShowSplashScreen = true
         installSplashScreen().setKeepOnScreenCondition { shouldShowSplashScreen }
         super.onCreate(savedInstanceState)
 
         if (savedInstanceState == null) {
-            mainViewModel.trySendAction(MainAction.ReceiveFirstIntent(intent = intent))
+            mainViewModel.trySendAction(
+                MainAction.ReceiveFirstIntent(
+                    intent = intent,
+                ),
+            )
         }
 
         // Within the app the theme will change dynamically and will be managed by the
         // OS, but we need to ensure we properly set the values when upgrading from older versions
         // that handle this differently or when the activity restarts.
         AppCompatDelegate.setDefaultNightMode(settingsRepository.appTheme.osValue)
-        setupEdgeToEdge(appThemeFlow = mainViewModel.stateFlow.map { it.theme })
         setContent {
-            val navController = rememberBitwardenNavController(name = "MainActivity")
-            SetupEventsEffect(navController = navController)
             val state by mainViewModel.stateFlow.collectAsStateWithLifecycle()
+            val navController = rememberBitwardenNavController(name = "MainActivity")
+            EventsEffect(viewModel = mainViewModel) { event ->
+                when (event) {
+                    is MainEvent.CompleteAccessibilityAutofill -> {
+                        handleCompleteAccessibilityAutofill(event)
+                    }
+
+                    is MainEvent.CompleteAutofill -> handleCompleteAutofill(event)
+                    MainEvent.Recreate -> handleRecreate()
+                    MainEvent.NavigateToDebugMenu -> navController.navigateToDebugMenuScreen()
+                    is MainEvent.ShowToast -> {
+                        Toast
+                            .makeText(
+                                baseContext,
+                                event.message.invoke(resources),
+                                Toast.LENGTH_SHORT,
+                            )
+                            .show()
+                    }
+
+                    is MainEvent.UpdateAppLocale -> {
+                        AppCompatDelegate.setApplicationLocales(
+                            LocaleListCompat.forLanguageTags(event.localeName),
+                        )
+                    }
+
+                    is MainEvent.UpdateAppTheme -> {
+                        AppCompatDelegate.setDefaultNightMode(event.osTheme)
+                    }
+                }
+            }
             updateScreenCapture(isScreenCaptureAllowed = state.isScreenCaptureAllowed)
             LocalManagerProvider(featureFlagsState = state.featureFlagsState) {
                 ObserveScreenDataEffect(
                     onDataUpdate = remember(mainViewModel) {
-                        { mainViewModel.trySendAction(MainAction.ResumeScreenDataReceived(it)) }
+                        {
+                            mainViewModel.trySendAction(
+                                MainAction.ResumeScreenDataReceived(it),
+                            )
+                        }
                     },
                 )
                 BitwardenTheme(
@@ -115,7 +148,11 @@ class MainActivity : AppCompatActivity() {
 
     override fun onNewIntent(intent: Intent) {
         super.onNewIntent(intent)
-        mainViewModel.trySendAction(action = MainAction.ReceiveNewIntent(intent = intent))
+        mainViewModel.trySendAction(
+            action = MainAction.ReceiveNewIntent(
+                intent = intent,
+            ),
+        )
     }
 
     override fun onResume() {
@@ -162,34 +199,6 @@ class MainActivity : AppCompatActivity() {
         .takeIf { it }
         ?: super.dispatchKeyEvent(event)
 
-    @Composable
-    private fun SetupEventsEffect(navController: NavController) {
-        EventsEffect(viewModel = mainViewModel) { event ->
-            when (event) {
-                is MainEvent.CompleteAccessibilityAutofill -> {
-                    handleCompleteAccessibilityAutofill(event)
-                }
-
-                is MainEvent.CompleteAutofill -> handleCompleteAutofill(event)
-                MainEvent.Recreate -> handleRecreate()
-                MainEvent.NavigateToDebugMenu -> navController.navigateToDebugMenuScreen()
-                is MainEvent.ShowToast -> {
-                    Toast
-                        .makeText(baseContext, event.message.invoke(resources), Toast.LENGTH_SHORT)
-                        .show()
-                }
-
-                is MainEvent.UpdateAppLocale -> {
-                    AppCompatDelegate.setApplicationLocales(
-                        LocaleListCompat.forLanguageTags(event.localeName),
-                    )
-                }
-
-                is MainEvent.UpdateAppTheme -> AppCompatDelegate.setDefaultNightMode(event.osTheme)
-            }
-        }
-    }
-
     private fun sendOpenDebugMenuEvent() {
         mainViewModel.trySendAction(MainAction.OpenDebugMenu)
     }

app/src/main/java/com/x8bit/bitwarden/data/auth/manager/AuthRequestNotificationManagerImpl.kt

@@ -7,9 +7,8 @@ import androidx.compose.ui.graphics.Color
 import androidx.core.app.NotificationChannelCompat
 import androidx.core.app.NotificationCompat
 import androidx.core.app.NotificationManagerCompat
-import com.bitwarden.annotation.OmitFromCoverage
+import com.bitwarden.core.annotation.OmitFromCoverage
 import com.bitwarden.data.manager.DispatcherManager
-import com.bitwarden.ui.platform.resource.BitwardenDrawable
 import com.x8bit.bitwarden.R
 import com.x8bit.bitwarden.data.auth.datasource.disk.AuthDiskSource
 import com.x8bit.bitwarden.data.auth.util.createPasswordlessRequestDataIntent
@@ -67,7 +66,7 @@ class AuthRequestNotificationManagerImpl(
                     ?.let { context.getString(R.string.confim_log_in_attemp_for_x, it) }
                     ?: context.getString(R.string.confirm_log_in),
             )
-            .setSmallIcon(BitwardenDrawable.ic_notification)
+            .setSmallIcon(R.drawable.ic_notification)
             .setColor(Color.White.value.toInt())
             .setAutoCancel(true)
             .setTimeoutAfter(NOTIFICATION_DEFAULT_TIMEOUT_MILLIS)

app/src/main/java/com/x8bit/bitwarden/data/auth/manager/UserLogoutManagerImpl.kt

@@ -1,7 +1,8 @@
 package com.x8bit.bitwarden.data.auth.manager
 
+import android.content.Context
+import android.widget.Toast
 import androidx.annotation.StringRes
-import com.bitwarden.core.data.manager.toast.ToastManager
 import com.bitwarden.core.data.repository.util.bufferedMutableSharedFlow
 import com.bitwarden.data.manager.DispatcherManager
 import com.x8bit.bitwarden.R
@@ -26,15 +27,15 @@ import timber.log.Timber
  */
 @Suppress("LongParameterList")
 class UserLogoutManagerImpl(
+    private val context: Context,
     private val authDiskSource: AuthDiskSource,
     private val generatorDiskSource: GeneratorDiskSource,
     private val passwordHistoryDiskSource: PasswordHistoryDiskSource,
     private val pushDiskSource: PushDiskSource,
     private val settingsDiskSource: SettingsDiskSource,
-    private val toastManager: ToastManager,
     private val vaultDiskSource: VaultDiskSource,
-    private val vaultSdkSource: VaultSdkSource,
     dispatcherManager: DispatcherManager,
+    private val vaultSdkSource: VaultSdkSource,
 ) : UserLogoutManager {
     private val scope = CoroutineScope(dispatcherManager.unconfined)
     private val mainScope = CoroutineScope(dispatcherManager.main)
@@ -116,7 +117,7 @@ class UserLogoutManagerImpl(
     }
 
     private fun showToast(@StringRes message: Int) {
-        mainScope.launch { toastManager.show(messageId = message) }
+        mainScope.launch { Toast.makeText(context, message, Toast.LENGTH_SHORT).show() }
     }
 
     private fun switchUserIfAvailable(

app/src/main/java/com/x8bit/bitwarden/data/auth/manager/di/AuthManagerModule.kt

@@ -1,7 +1,6 @@
 package com.x8bit.bitwarden.data.auth.manager.di
 
 import android.content.Context
-import com.bitwarden.core.data.manager.toast.ToastManager
 import com.bitwarden.data.manager.DispatcherManager
 import com.bitwarden.network.service.AccountsService
 import com.bitwarden.network.service.AuthRequestsService
@@ -108,23 +107,23 @@ object AuthManagerModule {
     @Provides
     @Singleton
     fun provideUserLogoutManager(
+        @ApplicationContext context: Context,
         authDiskSource: AuthDiskSource,
         generatorDiskSource: GeneratorDiskSource,
         passwordHistoryDiskSource: PasswordHistoryDiskSource,
         pushDiskSource: PushDiskSource,
         settingsDiskSource: SettingsDiskSource,
-        toastManager: ToastManager,
         vaultDiskSource: VaultDiskSource,
         vaultSdkSource: VaultSdkSource,
         dispatcherManager: DispatcherManager,
     ): UserLogoutManager =
         UserLogoutManagerImpl(
+            context = context,
             authDiskSource = authDiskSource,
             generatorDiskSource = generatorDiskSource,
             passwordHistoryDiskSource = passwordHistoryDiskSource,
             pushDiskSource = pushDiskSource,
             settingsDiskSource = settingsDiskSource,
-            toastManager = toastManager,
             vaultDiskSource = vaultDiskSource,
             vaultSdkSource = vaultSdkSource,
             dispatcherManager = dispatcherManager,

app/src/main/java/com/x8bit/bitwarden/data/auth/repository/AuthRepository.kt

@@ -15,6 +15,7 @@ import com.x8bit.bitwarden.data.auth.repository.model.LeaveOrganizationResult
 import com.x8bit.bitwarden.data.auth.repository.model.LoginResult
 import com.x8bit.bitwarden.data.auth.repository.model.LogoutReason
 import com.x8bit.bitwarden.data.auth.repository.model.NewSsoUserResult
+import com.x8bit.bitwarden.data.auth.repository.model.OrganizationDomainSsoDetailsResult
 import com.x8bit.bitwarden.data.auth.repository.model.PasswordHintResult
 import com.x8bit.bitwarden.data.auth.repository.model.PasswordStrengthResult
 import com.x8bit.bitwarden.data.auth.repository.model.PolicyInformation
@@ -352,6 +353,13 @@ interface AuthRepository : AuthenticatorProvider, AuthRequestManager {
      */
     fun setWebAuthResult(webAuthResult: WebAuthResult)
 
+    /**
+     * Checks for a claimed domain organization for the [email] that can be used for an SSO request.
+     */
+    suspend fun getOrganizationDomainSsoDetails(
+        email: String,
+    ): OrganizationDomainSsoDetailsResult
+
     /**
      * Get the verified organization domain SSO details for the given [email].
      */

app/src/main/java/com/x8bit/bitwarden/data/auth/repository/AuthRepositoryImpl.kt

@@ -65,6 +65,7 @@ import com.x8bit.bitwarden.data.auth.repository.model.LeaveOrganizationResult
 import com.x8bit.bitwarden.data.auth.repository.model.LoginResult
 import com.x8bit.bitwarden.data.auth.repository.model.LogoutReason
 import com.x8bit.bitwarden.data.auth.repository.model.NewSsoUserResult
+import com.x8bit.bitwarden.data.auth.repository.model.OrganizationDomainSsoDetailsResult
 import com.x8bit.bitwarden.data.auth.repository.model.PasswordHintResult
 import com.x8bit.bitwarden.data.auth.repository.model.PasswordStrengthResult
 import com.x8bit.bitwarden.data.auth.repository.model.PolicyInformation
@@ -111,6 +112,7 @@ import com.x8bit.bitwarden.data.auth.util.YubiKeyResult
 import com.x8bit.bitwarden.data.auth.util.toSdkParams
 import com.x8bit.bitwarden.data.platform.error.MissingPropertyException
 import com.x8bit.bitwarden.data.platform.error.NoActiveUserException
+import com.x8bit.bitwarden.data.platform.manager.FeatureFlagManager
 import com.x8bit.bitwarden.data.platform.manager.FirstTimeActionManager
 import com.x8bit.bitwarden.data.platform.manager.LogsManager
 import com.x8bit.bitwarden.data.platform.manager.PolicyManager
@@ -171,6 +173,7 @@ class AuthRepositoryImpl(
     private val trustedDeviceManager: TrustedDeviceManager,
     private val userLogoutManager: UserLogoutManager,
     private val policyManager: PolicyManager,
+    private val featureFlagManager: FeatureFlagManager,
     firstTimeActionManager: FirstTimeActionManager,
     logsManager: LogsManager,
     pushManager: PushManager,
@@ -1198,6 +1201,23 @@ class AuthRepositoryImpl(
         webAuthResultChannel.trySend(webAuthResult)
     }
 
+    override suspend fun getOrganizationDomainSsoDetails(
+        email: String,
+    ): OrganizationDomainSsoDetailsResult = organizationService
+        .getOrganizationDomainSsoDetails(
+            email = email,
+        )
+        .fold(
+            onSuccess = {
+                OrganizationDomainSsoDetailsResult.Success(
+                    isSsoAvailable = it.isSsoAvailable,
+                    organizationIdentifier = it.organizationIdentifier,
+                    verifiedDate = it.verifiedDate,
+                )
+            },
+            onFailure = { OrganizationDomainSsoDetailsResult.Failure(error = it) },
+        )
+
     override suspend fun getVerifiedOrganizationDomainSsoDetails(
         email: String,
     ): VerifiedOrganizationDomainSsoDetailsResult = organizationService

app/src/main/java/com/x8bit/bitwarden/data/auth/repository/di/AuthRepositoryModule.kt

@@ -15,6 +15,7 @@ import com.x8bit.bitwarden.data.auth.manager.TrustedDeviceManager
 import com.x8bit.bitwarden.data.auth.manager.UserLogoutManager
 import com.x8bit.bitwarden.data.auth.repository.AuthRepository
 import com.x8bit.bitwarden.data.auth.repository.AuthRepositoryImpl
+import com.x8bit.bitwarden.data.platform.manager.FeatureFlagManager
 import com.x8bit.bitwarden.data.platform.manager.FirstTimeActionManager
 import com.x8bit.bitwarden.data.platform.manager.LogsManager
 import com.x8bit.bitwarden.data.platform.manager.PolicyManager
@@ -58,6 +59,7 @@ object AuthRepositoryModule {
         userLogoutManager: UserLogoutManager,
         pushManager: PushManager,
         policyManager: PolicyManager,
+        featureFlagManager: FeatureFlagManager,
         firstTimeActionManager: FirstTimeActionManager,
         logsManager: LogsManager,
     ): AuthRepository = AuthRepositoryImpl(
@@ -80,6 +82,7 @@ object AuthRepositoryModule {
         userLogoutManager = userLogoutManager,
         pushManager = pushManager,
         policyManager = policyManager,
+        featureFlagManager = featureFlagManager,
         firstTimeActionManager = firstTimeActionManager,
         logsManager = logsManager,
     )

app/src/main/java/com/x8bit/bitwarden/data/auth/repository/model/Organization.kt

@@ -12,8 +12,6 @@ import com.bitwarden.network.model.OrganizationType
  * @property shouldUseKeyConnector Indicates that the organization uses a key connector.
  * @property role The user's role in the organization.
  * @property keyConnectorUrl The key connector domain (if applicable).
- * @property userIsClaimedByOrganization Indicates that the user is claimed by the organization.
- * @property limitItemDeletion Indicates that the organization limits item deletion.
  */
 data class Organization(
     val id: String,
@@ -23,5 +21,4 @@ data class Organization(
     val role: OrganizationType,
     val keyConnectorUrl: String?,
     val userIsClaimedByOrganization: Boolean,
-    val limitItemDeletion: Boolean = false,
 )

app/src/main/java/com/x8bit/bitwarden/data/auth/repository/model/OrganizationDomainSsoDetailsResult.kt

@@ -0,0 +1,28 @@
+package com.x8bit.bitwarden.data.auth.repository.model
+
+import java.time.ZonedDateTime
+
+/**
+ * Response types when checking for an email's claimed domain organization.
+ */
+sealed class OrganizationDomainSsoDetailsResult {
+    /**
+     * The request was successful.
+     *
+     * @property isSsoAvailable Indicates if SSO is available for the email address.
+     * @property organizationIdentifier The claimed organization identifier for the email address.
+     * @property verifiedDate The date and time when the domain was verified.
+     */
+    data class Success(
+        val isSsoAvailable: Boolean,
+        val organizationIdentifier: String,
+        val verifiedDate: ZonedDateTime?,
+    ) : OrganizationDomainSsoDetailsResult()
+
+    /**
+     * The request failed.
+     */
+    data class Failure(
+        val error: Throwable,
+    ) : OrganizationDomainSsoDetailsResult()
+}

app/src/main/java/com/x8bit/bitwarden/data/auth/repository/model/PolicyInformation.kt

@@ -1,6 +1,5 @@
 package com.x8bit.bitwarden.data.auth.repository.model
 
-import com.bitwarden.network.model.SyncResponseJson
 import kotlinx.serialization.SerialName
 import kotlinx.serialization.Serializable