[deps]: Update passkey-client digest to 23e559f

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
passkey-client	dependencies	digest	3b76463 -> 23e559f

---

Configuration

📅 Schedule: Branch creation - "every 2nd week starting on the 2 week of the year before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[bitwarden-bot]

Internal tracking:

• ID: PM-27437
• Link: https://bitwarden.atlassian.net/browse/PM-27437

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[claude]

Claude finished @renovate[bot]'s task —— View job

---

Code Review Complete ✓

Review Summary

Overall Assessment: ✅ APPROVE

This Renovate bot PR updates the passkey-rs dependency from 3b76463 to 23e559f with positive changes and no security concerns.

---

Key Findings

What Changed

• Git revision update: Both passkey and passkey-client crates updated to rev 23e559f16df460c52f4298b28d745db01934b8d4
• Dependency consolidation: Removed duplicate idna 0.5.0, now using unified idna 1.0.3
• Transitive cleanup: Removed unicode-bidi and unicode-normalization (now internal to idna 1.0.3)
• Follow-up fix: Commit 22a6d5e3 properly completed the update (fixed passkey core crate reference)

Security Assessment ✓

• ✅ Upgrading idna 0.5.0 → 1.0.3 is a positive security change (newer version with bug fixes)
• ✅ All passkey-rs crates from Bitwarden's controlled fork (github.com/bitwarden/passkey-rs)
• ✅ Dependency consolidation eliminates duplicate Unicode processing code
• ✅ No changes to cryptographic primitives or sensitive credential handling

Impact Analysis

• Scope: Limited to bitwarden-fido crate (FIDO2/passkey authentication)
• Breaking changes: None detected
• API surface: No changes to public API
• Test coverage: Existing unit tests remain valid

Code Quality

• Cargo.lock changes are consistent and well-formed
• Dependency tree simplified (better build times and binary size)
• Follow-up commit properly completed Renovate's initial partial update

---

Recommendations

1. ✅ Safe to merge after CI validation passes
2. Consider testing FIDO2 authentication flows in development before production deployment
3. The dependency simplification is beneficial for maintenance

This PR represents routine dependency maintenance with positive hygiene improvements on a Bitwarden-controlled dependency.

---

[github-actions]

Checkmarx One – Scan Summary & Details – f523fb90-75ba-493d-b5a7-5d0435f9b1ee

Great job! No new security vulnerabilities introduced in this pull request

[github-actions]

🔍 SDK Breaking Change Detection Results

SDK Version: renovate/passkey-client-digest (22a6d5e)
Completed: 2025-12-10 13:23:56 UTC
Total Time: 215s

Client	Status	Details
typescript	✅ No breaking changes detected	TypeScript compilation passed with new SDK version - View Details

---

Breaking change detection completed. View SDK workflow

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 78.61%. Comparing base (f0d4b0e) to head (22a6d5e).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #527   +/-   ##
=======================================
  Coverage   78.61%   78.61%           
=======================================
  Files         281      281           
  Lines       29131    29131           
=======================================
  Hits        22901    22901           
  Misses       6230     6230           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.