Skip to content

fix: [SDK-4193] suppress unchecked cast warnings in Android bridge #1129

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
fadi-george merged 2 commits into from
Mar 19, 2026
Merged

fix: [SDK-4193] suppress unchecked cast warnings in Android bridge #1129

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ac64e65
chore(android): suppress unchecked cast warnings
fadi-george Mar 19, 2026
ad7b0a4
ci: add Linear ticket automation workflow
fadi-george Mar 19, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions .github/workflows/linear-deployed.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
name: Move Linear tickets to Deployed

on:
release:
types: [published, edited]

jobs:
linear-deployed:
uses: OneSignal/sdk-shared/.github/workflows/linear-deployed.yml@main
with:
release_body: ${{ github.event.release.body }}
secrets:
LINEAR_GITHUB_API_KEY: ${{ secrets.LINEAR_GITHUB_API_KEY }}
Comment on lines +9 to +13

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI 24 days ago

In general, the fix is to add an explicit permissions block that grants only the minimum GITHUB_TOKEN scopes required for this workflow. Because this workflow only triggers on releases and passes github.event.release.body into a reusable workflow, the calling workflow itself does not appear to need any write permissions. A safe and minimal default is to set contents: read at the workflow level, which is equivalent to a read‑only GITHUB_TOKEN for repo contents. The reusable workflow can still request additional permissions if it truly needs them.

Concretely, in .github/workflows/linear-deployed.yml, add a permissions: block near the top level, alongside name: and on: (or immediately after name:). Set contents: read, which is the typical baseline for workflows that only need to read repository data. No imports or external dependencies are needed, since this is pure YAML configuration. Existing behavior of the workflow will remain the same in normal cases, except that unintended write capabilities via GITHUB_TOKEN will be removed unless explicitly re‑granted.

Suggested changeset 1
.github/workflows/linear-deployed.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/linear-deployed.yml b/.github/workflows/linear-deployed.yml
--- a/.github/workflows/linear-deployed.yml
+++ b/.github/workflows/linear-deployed.yml
@@ -1,5 +1,8 @@
 name: Move Linear tickets to Deployed
 
+permissions:
+  contents: read
+
 on:
   release:
     types: [published, edited]
EOF
@@ -1,5 +1,8 @@
name: Move Linear tickets to Deployed

permissions:
contents: read

on:
release:
types: [published, edited]
Copilot is powered by AI and may make mistakes. Always verify output.
6 changes: 2 additions & 4 deletions android/src/main/java/com/onesignal/flutter/OneSignalInAppMessages.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,8 @@ else if (call.method.contentEquals("OneSignal#arePaused"))
else replyNotImplemented(result);
}

@SuppressWarnings("unchecked")
private void addTriggers(MethodCall call, Result result) {
// call.arguments is being casted to a Map<String, Object> so a try-catch with
// a ClassCastException will be thrown
try {
OneSignal.getInAppMessages().addTriggers((Map<String, String>) call.arguments);
replySuccess(result, null);
Expand All @@ -73,9 +72,8 @@ private void removeTrigger(MethodCall call, Result result) {
replySuccess(result, null);
}

@SuppressWarnings("unchecked")
private void removeTriggers(MethodCall call, Result result) {
// call.arguments is being casted to a Collection<String> a try-catch with
// a ClassCastException will be thrown
try {
OneSignal.getInAppMessages().removeTriggers((Collection<String>) call.arguments);
replySuccess(result, null);
Expand Down
1 change: 1 addition & 0 deletions android/src/main/java/com/onesignal/flutter/OneSignalNotifications.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,7 @@ public void onClick(INotificationClickEvent event) {
}
}

@SuppressWarnings("unchecked")
private JSONObject getJsonFromMap(Map<String, Object> map) throws JSONException {
JSONObject jsonData = new JSONObject();
for (String key : map.keySet()) {
Expand Down
12 changes: 4 additions & 8 deletions android/src/main/java/com/onesignal/flutter/OneSignalUser.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -82,9 +82,8 @@ private void getExternalId(MethodCall call, Result result) {
replySuccess(result, externalId);
}

@SuppressWarnings("unchecked")
private void addAliases(MethodCall call, Result result) {
// call.arguments is being casted to a Map<String, Object> so a try-catch with
// a ClassCastException will be thrown
try {
OneSignal.getUser().addAliases((Map<String, String>) call.arguments);
replySuccess(result, null);
Expand All @@ -97,9 +96,8 @@ private void addAliases(MethodCall call, Result result) {
}
}

@SuppressWarnings("unchecked")
private void removeAliases(MethodCall call, Result result) {
// call.arguments is being casted to a List<String> so a try-catch with
// a ClassCastException will be thrown
try {
OneSignal.getUser().removeAliases((List<String>) call.arguments);
replySuccess(result, null);
Expand Down Expand Up @@ -132,9 +130,8 @@ private void removeSms(MethodCall call, Result result) {
replySuccess(result, null);
}

@SuppressWarnings("unchecked")
private void addTags(MethodCall call, Result result) {
// call.arguments is being casted to a Map<String, Object> so a try-catch with
// a ClassCastException will be thrown
try {
OneSignal.getUser().addTags((Map<String, String>) call.arguments);
replySuccess(result, null);
Expand All @@ -147,9 +144,8 @@ private void addTags(MethodCall call, Result result) {
}
}

@SuppressWarnings("unchecked")
private void removeTags(MethodCall call, Result result) {
// call.arguments is being casted to a List<String> so a try-catch with
// a ClassCastException will be thrown
try {
OneSignal.getUser().removeTags((List<String>) call.arguments);
replySuccess(result, null);
Expand Down
Loading