feat: add bulk duplicate report action to Reports search page

[Krishna2323]

Explanation of Change

Fixed Issues

$ #86683
PROPOSAL:

Tests

1. Basic Bulk Report Duplication

1. Navigate to the Reports search page (Search > Reports tab)
2. Select 2-3 expense reports that you submitted (you are the submitter)
3. Click the bulk actions dropdown
4. Verify the "Duplicate report" option is visible
5. Select "Duplicate report"
6. Navigate to the LHN and verify a duplicate was created for each selected report
7. Verify each duplicate is named "Copy of [Original report name]"
8. Verify each duplicate contains the same cash expenses (merchant, amount, category, tag, currency) as its source
9. Verify each duplicated expense date is today's date

2. Option Visibility — Only for Expense Reports You Submitted

1. Navigate to the Reports search page
2. Select an expense report where you are not the submitter (e.g. a report submitted to you for approval)
3. Verify the "Duplicate report" option is not visible in the bulk actions dropdown
4. Now select only reports you submitted
5. Verify the "Duplicate report" option appears

3. Option Visibility — Only on Reports Tab

1. Navigate to the Expenses search page (Search > Expenses tab)
2. Select one or more expenses
3. Verify the "Duplicate report" option is not visible in the bulk actions dropdown
4. Switch to the Reports tab and select the same reports
5. Verify the "Duplicate report" option is visible

4. Option Visibility — Requires Default Expense Policy

1. Leave all your workspaces so you have no default expense policy
2. Navigate to the Reports search page and select a report
3. Verify the "Duplicate report" option is not visible
4. Rejoin a workspace
5. Verify the "Duplicate report" option now appears

5. Card and Scanning Expenses Excluded

1. Have a report with a mix of: cash expense, corporate card expense, and a scanning receipt
2. Select this report on the Reports search page and duplicate it
3. Open the duplicated report
4. Verify only the cash expense appears; card and scanning expenses are excluded

6. Cross-Policy Duplication (Source Policy Accessible)

1. Have reports from two different workspaces where you are a member of both
2. Select both reports on the Reports search page and duplicate
3. Verify each duplicate is created under its source workspace (not your default)
4. Verify categories and tags from each source workspace are preserved

7. Cross-Policy Duplication (Source Policy Inaccessible)

1. Leave a workspace, then navigate to the Reports search page
2. Select a report from the workspace you left
3. Duplicate it
4. Verify the duplicated report is created under your default/primary workspace
5. Verify the following transaction types are skipped (not included in the duplicate):
   • Per diem expenses
   • Distance expenses
   • Credit card imported expenses
   • Partially created or scanning expenses
   • Expenses with a "custom unit out of policy" violation
6. Verify that cash expenses are duplicated correctly

8. Distance and Per Diem Expense Duplication

1. Have a report with distance and per diem expenses
2. Select it on the Reports search page and duplicate
3. Open the duplicated report
4. Verify the distance expense is present with correct distance and amount
5. Verify the per diem expense has correct subrates, dates, and amount

9. Empty Report / No Eligible Transactions

1. Have a report where all transactions are card imports (no cash expenses)
2. Duplicate the report from the Reports search page
3. Verify an empty duplicated report is created with the name "Copy of [Original]"

10. Selection Cleared After Duplication

1. Select multiple reports on the Reports search page
2. Duplicate them
3. Verify the selection is cleared after the action completes

• Verify that no errors appear in the JS console

Offline tests

1. Go offline (disconnect network)
2. Navigate to the Reports search page, select one or more reports, and duplicate
3. Verify the optimistic duplicate reports appear immediately in the LHN with correct names
4. Verify expenses show in the duplicated reports with correct amounts
5. Go back online
6. Verify the reports sync successfully with no duplicate reports or "not found" errors

QA Steps

• Same as tests

• Verify that no errors appear in the JS console

PR Author Checklist

• I linked the correct issue in the ### Fixed Issues section above
• I wrote clear testing steps that cover the changes made in this PR
  • I added steps for local testing in the Tests section
  • I added steps for the expected offline behavior in the Offline steps section
  • I added steps for Staging and/or Production testing in the QA steps section
  • I added steps to cover failure scenarios (i.e. verify an input displays the correct error message if the entered data is not correct)
  • I turned off my network connection and tested it while offline to ensure it matches the expected behavior (i.e. verify the default avatar icon is displayed if app is offline)
  • I tested this PR with a High Traffic account against the staging or production API to ensure there are no regressions (e.g. long loading states that impact usability).
• I included screenshots or videos for tests on all platforms
• I ran the tests on all platforms & verified they passed on:
  • Android: Native
  • Android: mWeb Chrome
  • iOS: Native
  • iOS: mWeb Safari
  • MacOS: Chrome / Safari
  • MacOS: Desktop
• I verified there are no console errors (if there's a console error not related to the PR, report it or open an issue for it to be fixed)
• I verified there are no new alerts related to the canBeMissing param for useOnyx
• I followed proper code patterns (see Reviewing the code)
  • I verified that any callback methods that were added or modified are named for what the method does and never what callback they handle (i.e. toggleReport and not onIconClick)
  • I verified that comments were added to code that is not self explanatory
  • I verified that any new or modified comments were clear, correct English, and explained "why" the code was doing something instead of only explaining "what" the code was doing.
  • I verified any copy / text shown in the product is localized by adding it to src/languages/* files and using the translation method
    • If any non-english text was added/modified, I used JaimeGPT to get English > Spanish translation. I then posted it in #expensify-open-source and it was approved by an internal Expensify engineer. Link to Slack message:
  • I verified all numbers, amounts, dates and phone numbers shown in the product are using the localization methods
  • I verified any copy / text that was added to the app is grammatically correct in English. It adheres to proper capitalization guidelines (note: only the first word of header/labels should be capitalized), and is either coming verbatim from figma or has been approved by marketing (in order to get marketing approval, ask the Bug Zero team member to add the Waiting for copy label to the issue)
  • I verified proper file naming conventions were followed for any new files or renamed files. All non-platform specific files are named after what they export and are not named "index.js". All platform-specific files are named for the platform the code supports as outlined in the README.
  • I verified the JSDocs style guidelines (in STYLE.md) were followed
• If a new code pattern is added I verified it was agreed to be used by multiple Expensify engineers
• I followed the guidelines as stated in the Review Guidelines
• I tested other components that can be impacted by my changes (i.e. if the PR modifies a shared library or component like Avatar, I verified the components using Avatar are working as expected)
• I verified all code is DRY (the PR doesn't include any logic written more than once, with the exception of tests)
• I verified any variables that can be defined as constants (ie. in CONST.ts or at the top of the file that uses the constant) are defined as such
• I verified that if a function's arguments changed that all usages have also been updated correctly
• If any new file was added I verified that:
  • The file has a description of what it does and/or why is needed at the top of the file if the code is not self explanatory
• If a new CSS style is added I verified that:
  • A similar style doesn't already exist
  • The style can't be created with an existing StyleUtils function (i.e. StyleUtils.getBackgroundAndBorderStyle(theme.componentBG))
• If new assets were added or existing ones were modified, I verified that:
  • The assets are optimized and compressed (for SVG files, run npm run compress-svg)
  • The assets load correctly across all supported platforms.
• If the PR modifies code that runs when editing or sending messages, I tested and verified there is no unexpected behavior for all supported markdown - URLs, single line code, code blocks, quotes, headings, bold, strikethrough, and italic.
• If the PR modifies a generic component, I tested and verified that those changes do not break usages of that component in the rest of the App (i.e. if a shared library or component like Avatar is modified, I verified that Avatar is working as expected in all cases)
• If the PR modifies a component related to any of the existing Storybook stories, I tested and verified all stories for that component are still working as expected.
• If the PR modifies a component or page that can be accessed by a direct deeplink, I verified that the code functions as expected when the deeplink is used - from a logged in and logged out account.
• If the PR modifies the UI (e.g. new buttons, new UI components, changing the padding/spacing/sizing, moving components, etc) or modifies the form input styles:
  • I verified that all the inputs inside a form are aligned with each other.
  • I added Design label and/or tagged @Expensify/design so the design team can review the changes.
• If a new page is added, I verified it's using the ScrollView component to make it scrollable when more elements are added to the page.
• I added unit tests for any new feature or bug fix in this PR to help automatically prevent regressions in this user flow.
• If the main branch was merged into this PR after a review, I tested again and verified the outcome was still expected according to the Test steps.

Screenshots/Videos

Android: Native

android_hybrid.mp4

Android: mWeb Chrome

android_mWeb.mp4

iOS: Native

ios_hybrid.mp4

iOS: mWeb Safari

ios_mWeb.mp4

MacOS: Chrome / Safari

test_1.mp4

test_2.mp4

test_3.mp4

test_4.mp4

test_5.mp4

test_6.mp4

test_7.mp4

test_7B.mp4

test_8.mp4

test_9.mp4

test_10.mp4

test_11.mp4

[melvin-bot]

Hey, I noticed you changed src/languages/en.ts in a PR from a fork. For security reasons, translations are not generated automatically for PRs from forks.

If you want to automatically generate translations for other locales, an Expensify employee will have to:

1. Look at the code and make sure there are no malicious changes.
2. Run the Generate static translations GitHub workflow. If you have write access and the K2 extension, you can simply click: [this button]

Alternatively, if you are an external contributor, you can run the translation script locally with your own OpenAI API key. To learn more, try running:

npx ts-node ./scripts/generateTranslations.ts --help

Typically, you'd want to translate only what you changed by running npx ts-node ./scripts/generateTranslations.ts --compare-ref main

[codecov]

Codecov Report

❌ Looks like you've decreased code coverage for some files. Please write tests to increase, or at least maintain, the existing level of code coverage. See our documentation here for how to interpret this table.

Files with missing lines	Coverage Δ
src/CONST/index.ts	92.30% <ø> (ø)
src/components/Search/SearchContext.tsx	49.36% <ø> (ø)
src/hooks/useBulkDuplicateReportAction.ts	100.00% <100.00%> (ø)
src/libs/ReportSecondaryActionUtils.ts	94.29% <ø> (+0.43%)	⬆️
src/components/Search/SearchBulkActionsButton.tsx	2.77% <0.00%> (-0.08%)	⬇️
src/hooks/useSearchBulkActions.ts	47.44% <94.11%> (+5.26%)	⬆️
...c/components/Search/BulkDuplicateReportHandler.tsx	0.00% <0.00%> (ø)
src/libs/actions/IOU/Duplicate.ts	93.79% <84.09%> (-1.65%)	⬇️
... and 163 files with indirect coverage changes

[hungvu193]

@MelvinBot review this

[MelvinBot]

PR Review — feat: add bulk duplicate report action to Reports search page

Blocking: Typecheck failure (missing translations)

The duplicateReport translation key was added to en.ts and es.ts but is missing from all other locale files: de.ts, fr.ts, it.ts, ja.ts, nl.ts, pl.ts, pt-BR.ts, zh-hans.ts. This causes the typecheck CI to fail. Run the translation generation script or manually add the key to each locale.

Blocking: playSound(SOUNDS.DONE) not called

bulkDuplicateExpenses (the existing bulk action for expenses) calls playSound(SOUNDS.DONE) after completing all duplications. The new bulkDuplicateReports function does not. This is an inconsistency — the user gets no audible feedback when the bulk report duplication completes.

Code Review Notes

Architecture & design

The overall approach is clean:

• BulkDuplicateReportHandler — invisible component that lazily subscribes to Onyx only when the option is visible. This mirrors the existing BulkDuplicateHandler pattern. Good.
• useBulkDuplicateReportAction — gathers all Onyx data needed and delegates to bulkDuplicateReports. Follows the same pattern as the expense duplicate hook.
• bulkDuplicateReports — iterates reports, resolves policy accessibility, and delegates to the existing duplicateReport per report. Re-uses existing logic well.

Potential issues worth verifying

1. Sequential duplicateReport calls in a loop — bulkDuplicateReports calls duplicateReport synchronously in a for loop. Each call internally does API.write() which triggers optimistic Onyx updates. For a large number of selected reports, this fires many Onyx merges synchronously. The existing bulkDuplicateExpenses has the same pattern so this is consistent, but worth noting for large selections.

2. getAllTransactions() call — bulkDuplicateReports calls getAllTransactions() to build a transaction-by-report map. This reads all transactions from Onyx synchronously. If the user has a very large transaction history, this could be expensive. Again consistent with existing patterns, but worth noting.

3. chatReportID vs parentReportID fallback (line: const chatReportID = report.chatReportID ?? report.parentReportID) — This fallback makes sense, but verify that parentReportID always points to a chat report and not another expense report in the chain.

Minor / nits

• The test file has thorough coverage (9 test cases covering policy fallback, transaction filtering, empty reports, multi-report grouping, etc.). Well done.
• The SelectedReports type import in BulkDuplicateReportHandler.tsx comes from ./types — verify this type includes reportID as a required field, since the hook filters with !!id.

Summary

Two blockers: (1) add the duplicateReport translation to all remaining locale files to fix typecheck, and (2) add playSound(SOUNDS.DONE) at the end of bulkDuplicateReports for consistency. The rest of the implementation looks solid and follows established patterns well.

[Krishna2323]

@codex review

[Krishna2323]

@MelvinBot review and look for regressions

[melvin-bot]

@hungvu193 Please copy/paste the Reviewer Checklist from here into a new comment on this PR and complete it. If you have the K2 extension, you can simply click: [this button]

[Krishna2323]

Duplicate report sometimes doesn't highlight the duplicated row, can you check? It seems working fine with duplicate expense.

@hungvu193 This seems to be an existing issue, it also doesn't highlight for new expense creation:

Monosnap.screencast.2026-04-17.23-17-49.mp4

[hungvu193]

This seems to be an existing issue, it also doesn't highlight for new expense creation:

@Krishna2323 Sounds good. Can you resolve the linting in the meantime?

[Krishna2323]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: de585d7742

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[trjExpensify]

@Krishna2323 where are you at with these failing jest tests?

[Krishna2323]

@hungvu193 @Valforte I've added a beta gate for this feature because bulk features typically have many edge cases. I've worked on three bulk features, and both of the previous ones had beta gates to avoid reverts. WDYT? Let me know if you have a different opinion. IMO, bulk features are harder to test thoroughly since they involve cross-policy interactions.

[Krishna2323]

@codex review

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Chef's kiss.

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[hungvu193]

I've added a beta gate for this feature because bulk features typically have many edge cases. I've worked on three bulk features, and both of the previous ones had beta gates to avoid reverts.

Yep. I agree with this one 👍

[hungvu193]

Reviewer Checklist

• I have verified the author checklist is complete (all boxes are checked off).
• I verified the correct issue is linked in the ### Fixed Issues section above
• I verified testing steps are clear and they cover the changes made in this PR
  • I verified the steps for local testing are in the Tests section
  • I verified the steps for Staging and/or Production testing are in the QA steps section
  • I verified the steps cover any possible failure scenarios (i.e. verify an input displays the correct error message if the entered data is not correct)
  • I turned off my network connection and tested it while offline to ensure it matches the expected behavior (i.e. verify the default avatar icon is displayed if app is offline)
• I checked that screenshots or videos are included for tests on all platforms
• I included screenshots or videos for tests on all platforms
• I verified that the composer does not automatically focus or open the keyboard on mobile unless explicitly intended. This includes checking that returning the app from the background does not unexpectedly open the keyboard.
• I verified tests pass on all platforms & I tested again on:
  • Android: HybridApp
  • Android: mWeb Chrome
  • iOS: HybridApp
  • iOS: mWeb Safari
  • MacOS: Chrome / Safari
• If there are any errors in the console that are unrelated to this PR, I either fixed them (preferred) or linked to where I reported them in Slack
• I verified proper code patterns were followed (see Reviewing the code)
  • I verified that any callback methods that were added or modified are named for what the method does and never what callback they handle (i.e. toggleReport and not onIconClick).
  • I verified that comments were added to code that is not self explanatory
  • I verified that any new or modified comments were clear, correct English, and explained "why" the code was doing something instead of only explaining "what" the code was doing.
  • I verified any copy / text shown in the product is localized by adding it to src/languages/* files and using the translation method
  • I verified all numbers, amounts, dates and phone numbers shown in the product are using the localization methods
  • I verified any copy / text that was added to the app is grammatically correct in English. It adheres to proper capitalization guidelines (note: only the first word of header/labels should be capitalized), and is either coming verbatim from figma or has been approved by marketing (in order to get marketing approval, ask the Bug Zero team member to add the Waiting for copy label to the issue)
  • I verified proper file naming conventions were followed for any new files or renamed files. All non-platform specific files are named after what they export and are not named "index.js". All platform-specific files are named for the platform the code supports as outlined in the README.
  • I verified the JSDocs style guidelines (in STYLE.md) were followed
• If a new code pattern is added I verified it was agreed to be used by multiple Expensify engineers
• I verified that this PR follows the guidelines as stated in the Review Guidelines
• I verified other components that can be impacted by these changes have been tested, and I retested again (i.e. if the PR modifies a shared library or component like Avatar, I verified the components using Avatar have been tested & I retested again)
• I verified all code is DRY (the PR doesn't include any logic written more than once, with the exception of tests)
• I verified any variables that can be defined as constants (ie. in CONST.ts or at the top of the file that uses the constant) are defined as such
• If a new component is created I verified that:
  • A similar component doesn't exist in the codebase
  • All props are defined accurately and each prop has a /** comment above it */
  • The file is named correctly
  • The component has a clear name that is non-ambiguous and the purpose of the component can be inferred from the name alone
  • The only data being stored in the state is data necessary for rendering and nothing else
  • For Class Components, any internal methods passed to components event handlers are bound to this properly so there are no scoping issues (i.e. for onClick={this.submit} the method this.submit should be bound to this in the constructor)
  • Any internal methods bound to this are necessary to be bound (i.e. avoid this.submit = this.submit.bind(this); if this.submit is never passed to a component event handler like onClick)
  • All JSX used for rendering exists in the render method
  • The component has the minimum amount of code necessary for its purpose, and it is broken down into smaller components in order to separate concerns and functions
• If any new file was added I verified that:
  • The file has a description of what it does and/or why is needed at the top of the file if the code is not self explanatory
• If a new CSS style is added I verified that:
  • A similar style doesn't already exist
  • The style can't be created with an existing StyleUtils function (i.e. StyleUtils.getBackgroundAndBorderStyle(theme.componentBG)
• If the PR modifies code that runs when editing or sending messages, I tested and verified there is no unexpected behavior for all supported markdown - URLs, single line code, code blocks, quotes, headings, bold, strikethrough, and italic.
• If the PR modifies a generic component, I tested and verified that those changes do not break usages of that component in the rest of the App (i.e. if a shared library or component like Avatar is modified, I verified that Avatar is working as expected in all cases)
• If the PR modifies a component related to any of the existing Storybook stories, I tested and verified all stories for that component are still working as expected.
• If the PR modifies a component or page that can be accessed by a direct deeplink, I verified that the code functions as expected when the deeplink is used - from a logged in and logged out account.
• If the PR modifies the UI (e.g. new buttons, new UI components, changing the padding/spacing/sizing, moving components, etc) or modifies the form input styles:
  • I verified that all the inputs inside a form are aligned with each other.
  • I added Design label and/or tagged @Expensify/design so the design team can review the changes.
• If a new page is added, I verified it's using the ScrollView component to make it scrollable when more elements are added to the page.
• For any bug fix or new feature in this PR, I verified that sufficient unit tests are included to prevent regressions in this flow.
• If the main branch was merged into this PR after a review, I tested again and verified the outcome was still expected according to the Test steps.
• I have checked off every checkbox in the PR reviewer checklist, including those that don't apply to this PR.

Screenshots/Videos

Android: HybridApp

Android.mov

Android: mWeb Chrome

mChrome.mov

iOS: HybridApp

ios.mov

iOS: mWeb Safari

safari.mov

MacOS: Chrome / Safari

chrome.mov

chrome1.mov

[Valforte]

Agree with the beta flag, LGTM!

[OSBotify]

✋ This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release.

[github-actions]

🚧 @Valforte has triggered a test Expensify/App build. You can view the workflow run here.

[github-actions]

🧪🧪 Use the links below to test this adhoc build on Android, iOS, and Web. Happy testing! 🧪🧪
Built from App PR #87728.

Android 🤖	iOS 🍎
https://ad-hoc-expensify-cash.s3.us-east-1.amazonaws.com/rock-artifacts/ad-hoc/rock-android-Adhoc-01ecd17-d98911d-4ea0dc5968b99ed7c3a0c0df972913b7d9658832/index.html	https://ad-hoc-expensify-cash.s3.us-east-1.amazonaws.com/rock-artifacts/ad-hoc/rock-ios-device-AdHoc-01ecd17-d98911d-0bdb55a2bded477b57a7de062bbcb4e064211c3b/index.html

Web 🕸️
https://87728.pr-testing.expensify.com

---

👀 View the workflow run that generated this build 👀

[OSBotify]

🚀 Deployed to staging by https://github.com/Valforte in version: 9.3.62-0 🚀

platform	result
🕸 web 🕸	success ✅
🤖 android 🤖	success ✅
🍎 iOS 🍎	success ✅

Bundle Size Analysis (Sentry):

• Android
• iOS

[lanitochka17]

Deploy Blocker ##88665 was identified to be related to this PR.