[PM-25259] Create workflow for updating API bindings

[Hinton]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/PM-25259

📔 Objective

Adds a workflow for updating api bindings.

Example output: #444

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation
  team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed
  issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – bc24b6bf-d568-44fb-a688-7f68ee750bad

New Issues (3)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2025-7783	Npm-form-data-4.0.3	details Recommended version: 4.0.4 Description: Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program... Attack Vector: NETWORK Attack Complexity: HIGH ID: eJdqGY7kwnl1yJbRmj1XEPyLZxN%2Bb746pRvgquKGqZM%3D Vulnerable Package
	CVE-2025-7783	Npm-axios-1.9.0	details Recommended version: 1.11.0 Description: Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program... Attack Vector: NETWORK Attack Complexity: HIGH ID: YSfKSv8QW0u98sOBWBBFEo1G6v82NfyqjcDR2Dk14y0%3D Vulnerable Package
	CVE-2025-54798	Npm-tmp-0.0.33	details Recommended version: 0.2.4 Description: tmp is a temporary file and directory creator for node.js. In versions prior to 0.2.4, tmp is vulnerable to an arbitrary temporary file "/" directo... Attack Vector: LOCAL Attack Complexity: HIGH ID: Us2jpOcqYwuq3e%2F%2BRc%2BdMDcEVmRL8txCtZd%2F%2FfeQHvg%3D Vulnerable Package

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 76.89%. Comparing base (5a722fd) to head (0986f63).
⚠️ Report is 12 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #442      +/-   ##
==========================================
- Coverage   76.93%   76.89%   -0.04%     
==========================================
  Files         270      270              
  Lines       25608    25592      -16     
==========================================
- Hits        19702    19680      -22     
- Misses       5906     5912       +6     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud