[PM-29254] Added feature flag for Items transfer

[gbubemismith]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-29254

📔 Objective

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – ad64833a-feeb-4284-a65c-cea75a83cb77

New Issues (1)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CSRF	/src/Api/Auth/Controllers/AccountsController.cs: 427	details Method at line 427 of /src/Api/Auth/Controllers/AccountsController.cs gets a parameter from a user request from model. This parameter value flow... ID: VU8sgdorwW4N9vJXTUl%2BCpjmMcY%3D Attack Vector

Fixed Issues (1)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	CSRF	/src/Api/AdminConsole/Public/Controllers/MembersController.cs: 207

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 53.64%. Comparing base (b5f7f9f) to head (3c6bbbf).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #6694      +/-   ##
==========================================
- Coverage   57.46%   53.64%   -3.82%     
==========================================
  Files        1926     1926              
  Lines       85711    85711              
  Branches     7686     7686              
==========================================
- Hits        49250    45982    -3268     
- Misses      34615    37955    +3340     
+ Partials     1846     1774      -72     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[claude]

Claude finished @gbubemismith's task —— View job

---

Code Review Complete

Tasks

• Gather context and read changed files
• Review PR changes using bitwarden-code-reviewer agent
• Post review feedback

---

Review Summary

Overall Assessment: Request Changes

Change: Added feature flag constant MigrateMyVaultToMyItems in src/Core/Constants.cs:253

---

Findings

♻️ Naming Convention Inconsistency

Location: src/Core/Constants.cs:253

The new feature flag constant MigrateMyVaultToMyItems does not follow the established naming pattern for feature flags with similar PM numbers in the Vault Team section.

Analysis:

Looking at the Vault Team section, feature flags with PM numbers in the 19000-25000 range consistently use the PM prefix in the constant name:

• Line 244: PM19941MigrateCipherDomainToSdk = "pm-19941-migrate-cipher-domain-to-sdk"
• Line 247: PM22134SdkCipherListView = "pm-22134-sdk-cipher-list-view"
• Line 248: PM22136_SdkCipherEncryption = "pm-22136-sdk-cipher-encryption"
• Line 249: PM23904_RiskInsightsForPremium = "pm-23904-risk-insights-for-premium"
• Line 250: PM25083_AutofillConfirmFromSearch = "pm-25083-autofill-confirm-from-search"

The new flag is for PM-20558, which falls numerically between PM-19941 and PM-22134, yet doesn't follow the same naming pattern.

Recommendation:

For consistency, the constant should be renamed to:

public const string PM20558_MigrateMyVaultToMyItems = "pm-20558-migrate-myvault-to-myitems";

This maintains consistency within the Vault Team section and makes it easier for developers to locate feature flags by PM number.

---

Positive Observations

• ✅ String value format is correct (lowercase, kebab-case, with pm- prefix)
• ✅ Placement within the Vault Team section is appropriate
• ✅ Syntax is valid and follows C# constant declaration standards
• ✅ Properly positioned at the end of the Vault Team section

---

The implementation is functionally correct but has a naming inconsistency that should be addressed to maintain codebase consistency.