Skip to content

Commit 3c4b1bf

Browse files
MaxLuxsMaxLuxs
committed
fix: SAST Java-only build, Secret base/head, Swift AnyCodable
- security-scan: Build only :java-client:compileJava (avoid Kotlin 2.3) - secret-scan: base/head from event.before and PR refs so BASE != HEAD - swift-enhanced: add AnyCodable dep + import for entityContext type
1 parent 7f116e9 commit 3c4b1bf

3 files changed

Lines changed: 8 additions & 5 deletions

File tree

.github/workflows/security-scan.yml

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -47,12 +47,13 @@ jobs:
4747
with:
4848
fetch-depth: 0
4949

50+
# On push use event.before so BASE != HEAD; on PR use PR base/head
5051
- name: TruffleHog Scan
5152
uses: trufflesecurity/trufflehog@main
5253
with:
5354
path: ./
54-
base: ${{ github.event.repository.default_branch }}
55-
head: HEAD
55+
base: ${{ github.event.pull_request.base.sha || github.event.before || github.event.repository.default_branch }}
56+
head: ${{ github.event.pull_request.head.sha || github.sha }}
5657

5758
container-scan:
5859
name: Container Image Scan
@@ -103,8 +104,9 @@ jobs:
103104
- name: Grant execute permission for gradlew
104105
run: chmod +x gradlew
105106

107+
# Build only Java to avoid Kotlin (CodeQL Kotlin extractor does not support 2.3)
106108
- name: Build
107-
run: ./gradlew build -x test --no-daemon
109+
run: ./gradlew :java-client:compileJava --no-daemon
108110

109111
- name: Perform CodeQL Analysis
110112
uses: github/codeql-action/analyze@v4

sdk/swift-enhanced/Package.swift

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,13 +15,13 @@ let package = Package(
1515
),
1616
],
1717
dependencies: [
18-
// Base SDK dependency - in production, use: .package(url: "...", from: "1.0.0")
1918
.package(path: "../swift"),
19+
.package(url: "https://github.com/Flight-School/AnyCodable", .upToNextMajor(from: "0.6.1")),
2020
],
2121
targets: [
2222
.target(
2323
name: "FlagentEnhanced",
24-
dependencies: ["FlagentClient"],
24+
dependencies: ["FlagentClient", "AnyCodable"],
2525
path: "Sources/FlagentEnhanced"
2626
),
2727
.testTarget(

sdk/swift-enhanced/Sources/FlagentEnhanced/Manager/FlagentManager.swift

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
import Foundation
22
import Combine
33
import FlagentClient
4+
import AnyCodable
45

56
// Helper extension to convert Combine publishers to async/await
67
extension AnyPublisher {

0 commit comments

Comments
 (0)