From 4b57564dd42599348c13c2c192613f584779f21f Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Wed, 24 Sep 2025 07:58:54 -0700 Subject: [PATCH 001/126] Initial CodeQL commit --- .github/workflows/codeql.yml | 195 +++++++++++++++++++++++++++++++++++ 1 file changed, 195 insertions(+) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 000000000..26f54e51f --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,195 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL Advanced" + +on: + push: + branches: [ "master" ] + pull_request: + branches: [ "master" ] + +jobs: + analyze: + name: Analyze (${{ matrix.language }}) + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: read + contents: read + + strategy: + fail-fast: false + matrix: + include: + - language: actions + build-mode: none + - language: javascript-typescript + build-mode: none + - language: ruby + build-mode: none + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Add any setup steps before running the `github/codeql-action/init` action. + # This includes steps like installing compilers or runtimes (`actions/setup-node` + # or others). This is typically only required for manual builds. + # - name: Setup runtime (example) + # uses: actions/setup-example@v1 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + queries: ${{ matrix.language && 'security-extended, security-and-quality' }} + + - if: matrix.build-mode == 'manual' + shell: bash + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" + + analyze2: + name: Analyze (${{ matrix.language }}) + runs-on: ubuntu-latest + permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: read + contents: read + + strategy: + fail-fast: false + matrix: + include: + - language: java-kotlin + build-mode: none + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Add any setup steps before running the `github/codeql-action/init` action. + # This includes steps like installing compilers or runtimes (`actions/setup-node` + # or others). This is typically only required for manual builds. + # - name: Setup runtime (example) + # uses: actions/setup-example@v1 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + queries: ${{ matrix.language && 'security-extended, security-and-quality' }} + + - if: matrix.build-mode == 'manual' + shell: bash + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" + + + analyze3: + name: Analyze (${{ matrix.language }}) + runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} + permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: read + contents: read + + strategy: + fail-fast: false + matrix: + include: + - language: swift + build-mode: none + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Add any setup steps before running the `github/codeql-action/init` action. + # This includes steps like installing compilers or runtimes (`actions/setup-node` + # or others). This is typically only required for manual builds. + # - name: Setup runtime (example) + # uses: actions/setup-example@v1 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + queries: ${{ matrix.language && 'security-extended, security-and-quality' }} + + - if: matrix.build-mode == 'manual' + shell: bash + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" From bfbe3b82fa91172e191730e50ff9861709bec009 Mon Sep 17 00:00:00 2001 From: Randall Wyatt Date: Wed, 24 Sep 2025 11:04:23 -0400 Subject: [PATCH 002/126] changing swift build mode to manual --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 26f54e51f..1e78fbe6a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -156,7 +156,7 @@ jobs: matrix: include: - language: swift - build-mode: none + build-mode: manual steps: - name: Checkout repository uses: actions/checkout@v4 From 387fae6909bda78f14d753880873816ceee45c67 Mon Sep 17 00:00:00 2001 From: Randall Wyatt Date: Thu, 25 Sep 2025 11:43:41 -0400 Subject: [PATCH 003/126] working on the artifact for ios --- .github/workflows/codeql.yml | 63 +++++++++++++++++++++++++++++++++--- 1 file changed, 59 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1e78fbe6a..d6809ed8f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -156,12 +156,67 @@ jobs: matrix: include: - language: swift - build-mode: manual + build-mode: autobuild + build-ios: + runs-on: macos-14 + env: + TURBO_CACHE_DIR: .turbo/ios steps: - - name: Checkout repository - uses: actions/checkout@v4 + - name: Checkout + uses: actions/checkout@v3 - # Add any setup steps before running the `github/codeql-action/init` action. + - name: Setup + uses: ./.github/actions/setup + + - name: Cache turborepo for iOS + uses: actions/cache@v3 + with: + path: ${{ env.TURBO_CACHE_DIR }} + key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} + restore-keys: | + ${{ runner.os }}-turborepo-ios- + + - name: Check turborepo cache for iOS + run: | + TURBO_CACHE_STATUS=$(node -p "($(yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => t.task === 'build:ios').cache.status") + + if [[ $TURBO_CACHE_STATUS == "HIT" ]]; then + echo "turbo_cache_hit=1" >> $GITHUB_ENV + fi + + - name: Cache cocoapods + if: env.turbo_cache_hit != 1 + id: cocoapods-cache + uses: actions/cache@v3 + with: + path: | + **/ios/Pods + key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} + restore-keys: | + ${{ runner.os }}-cocoapods- + + - name: Install cocoapods + if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' + run: | + cd example/ios + pod install + env: + NO_FLIPPER: 1 + + - name: Build example for iOS + run: | + yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" + echo "${{ env.TURBO_CACHE_DIR }}" + + + # - name: 'Upload Artifact' + # uses: actions/upload-artifact@v4 + # with: + # name: ios-artifact + # path: + + + # Add any setup steps before running the `github/codeql-action/init` action. # This includes steps like installing compilers or runtimes (`actions/setup-node` # or others). This is typically only required for manual builds. # - name: Setup runtime (example) From 07dd54aa9387f7cb9a42cfc734d4d26166e55eea Mon Sep 17 00:00:00 2001 From: Randall Wyatt Date: Thu, 25 Sep 2025 11:47:38 -0400 Subject: [PATCH 004/126] working on the artifact for ios --- .github/workflows/codeql.yml | 209 ++++++++++++++++++----------------- 1 file changed, 105 insertions(+), 104 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d6809ed8f..659a0378e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -138,113 +138,114 @@ jobs: analyze3: - name: Analyze (${{ matrix.language }}) - runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} - permissions: - # required for all workflows - security-events: write - - # required to fetch internal or private CodeQL packs - packages: read - - # only required for workflows in private repositories - actions: read - contents: read - - strategy: - fail-fast: false - matrix: - include: - - language: swift - build-mode: autobuild - build-ios: + # name: Analyze (${{ matrix.language }}) + # runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} + # permissions: + # # required for all workflows + # security-events: write + # + # # required to fetch internal or private CodeQL packs + # packages: read + # + # # only required for workflows in private repositories + # actions: read + # contents: read + # + # strategy: + # fail-fast: false + # matrix: + # include: + # - language: swift + # build-mode: autobuild + + name: build iOS runs-on: macos-14 env: TURBO_CACHE_DIR: .turbo/ios - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup - uses: ./.github/actions/setup - - - name: Cache turborepo for iOS - uses: actions/cache@v3 - with: - path: ${{ env.TURBO_CACHE_DIR }} - key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} - restore-keys: | - ${{ runner.os }}-turborepo-ios- - - - name: Check turborepo cache for iOS - run: | - TURBO_CACHE_STATUS=$(node -p "($(yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => t.task === 'build:ios').cache.status") - - if [[ $TURBO_CACHE_STATUS == "HIT" ]]; then - echo "turbo_cache_hit=1" >> $GITHUB_ENV - fi - - - name: Cache cocoapods - if: env.turbo_cache_hit != 1 - id: cocoapods-cache - uses: actions/cache@v3 - with: - path: | - **/ios/Pods - key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} - restore-keys: | - ${{ runner.os }}-cocoapods- - - - name: Install cocoapods - if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' - run: | - cd example/ios - pod install - env: - NO_FLIPPER: 1 - - - name: Build example for iOS - run: | - yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" - echo "${{ env.TURBO_CACHE_DIR }}" - - - # - name: 'Upload Artifact' - # uses: actions/upload-artifact@v4 - # with: - # name: ios-artifact - # path: + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup + uses: ./.github/actions/setup + + - name: Cache turborepo for iOS + uses: actions/cache@v3 + with: + path: ${{ env.TURBO_CACHE_DIR }} + key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} + restore-keys: | + ${{ runner.os }}-turborepo-ios- + + - name: Check turborepo cache for iOS + run: | + TURBO_CACHE_STATUS=$(node -p "($(yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => t.task === 'build:ios').cache.status") + + if [[ $TURBO_CACHE_STATUS == "HIT" ]]; then + echo "turbo_cache_hit=1" >> $GITHUB_ENV + fi + + - name: Cache cocoapods + if: env.turbo_cache_hit != 1 + id: cocoapods-cache + uses: actions/cache@v3 + with: + path: | + **/ios/Pods + key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} + restore-keys: | + ${{ runner.os }}-cocoapods- + + - name: Install cocoapods + if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' + run: | + cd example/ios + pod install + env: + NO_FLIPPER: 1 + + - name: Build example for iOS + run: | + yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" + echo "${{ env.TURBO_CACHE_DIR }}" + + + # - name: 'Upload Artifact' + # uses: actions/upload-artifact@v4 + # with: + # name: ios-artifact + # path: # Add any setup steps before running the `github/codeql-action/init` action. - # This includes steps like installing compilers or runtimes (`actions/setup-node` - # or others). This is typically only required for manual builds. - # - name: Setup runtime (example) - # uses: actions/setup-example@v1 - - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - build-mode: ${{ matrix.build-mode }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. - - # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - queries: ${{ matrix.language && 'security-extended, security-and-quality' }} - - - if: matrix.build-mode == 'manual' - shell: bash - run: | - echo 'If you are using a "manual" build mode for one or more of the' \ - 'languages you are analyzing, replace this with the commands to build' \ - 'your code, for example:' - echo ' make bootstrap' - echo ' make release' - exit 1 - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" + # This includes steps like installing compilers or runtimes (`actions/setup-node` + # or others). This is typically only required for manual builds. + # - name: Setup runtime (example) + # uses: actions/setup-example@v1 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + queries: ${{ matrix.language && 'security-extended, security-and-quality' }} + + - if: matrix.build-mode == 'manual' + shell: bash + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" From c778ac3260723c0e7f2c25341a8c46de09bb6fe8 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 17:29:25 -0700 Subject: [PATCH 005/126] Working on the artifact for iOS v2 --- .github/workflows/codeql.yml | 78 ++++++++++++++++++------------------ 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 659a0378e..4a7eb94f2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -162,52 +162,52 @@ jobs: runs-on: macos-14 env: TURBO_CACHE_DIR: .turbo/ios - steps: - - name: Checkout - uses: actions/checkout@v3 + steps: + - name: Checkout + uses: actions/checkout@v3 - - name: Setup - uses: ./.github/actions/setup + - name: Setup + uses: ./.github/actions/setup - - name: Cache turborepo for iOS - uses: actions/cache@v3 - with: - path: ${{ env.TURBO_CACHE_DIR }} - key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} - restore-keys: | + - name: Cache turborepo for iOS + uses: actions/cache@v3 + with: + path: ${{ env.TURBO_CACHE_DIR }} + key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} + restore-keys: | ${{ runner.os }}-turborepo-ios- - - name: Check turborepo cache for iOS - run: | - TURBO_CACHE_STATUS=$(node -p "($(yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => t.task === 'build:ios').cache.status") + - name: Check turborepo cache for iOS + run: | + TURBO_CACHE_STATUS=$(node -p "($(yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => t.task === 'build:ios').cache.status") - if [[ $TURBO_CACHE_STATUS == "HIT" ]]; then - echo "turbo_cache_hit=1" >> $GITHUB_ENV - fi + if [[ $TURBO_CACHE_STATUS == "HIT" ]]; then + echo "turbo_cache_hit=1" >> $GITHUB_ENV + fi - - name: Cache cocoapods - if: env.turbo_cache_hit != 1 - id: cocoapods-cache - uses: actions/cache@v3 - with: - path: | - **/ios/Pods - key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} - restore-keys: | - ${{ runner.os }}-cocoapods- - - - name: Install cocoapods - if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' - run: | - cd example/ios - pod install - env: - NO_FLIPPER: 1 + - name: Cache cocoapods + if: env.turbo_cache_hit != 1 + id: cocoapods-cache + uses: actions/cache@v3 + with: + path: | + **/ios/Pods + key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} + restore-keys: | + ${{ runner.os }}-cocoapods- + + - name: Install cocoapods + if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' + run: | + cd example/ios + pod install + env: + NO_FLIPPER: 1 - - name: Build example for iOS - run: | - yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" - echo "${{ env.TURBO_CACHE_DIR }}" + - name: Build example for iOS + run: | + yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" + echo "${{ env.TURBO_CACHE_DIR }}" # - name: 'Upload Artifact' From 7824467af98ed83fbec27bb27603f17ea0fd88a8 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 18:04:14 -0700 Subject: [PATCH 006/126] Checking to see if the failure is due to a poorly configured turbo.json file --- .github/workflows/codeql.yml | 40 ++++++++++++++++++------------------ turbo.json | 2 +- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4a7eb94f2..775cf591f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -206,15 +206,15 @@ jobs: - name: Build example for iOS run: | - yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" - echo "${{ env.TURBO_CACHE_DIR }}" + yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" + echo "${{ env.TURBO_CACHE_DIR }}" - # - name: 'Upload Artifact' - # uses: actions/upload-artifact@v4 - # with: - # name: ios-artifact - # path: + # - name: 'Upload Artifact' + # uses: actions/upload-artifact@v4 + # with: + # name: ios-artifact + # path: # Add any setup steps before running the `github/codeql-action/init` action. @@ -236,16 +236,16 @@ jobs: # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs queries: ${{ matrix.language && 'security-extended, security-and-quality' }} - - if: matrix.build-mode == 'manual' - shell: bash - run: | - echo 'If you are using a "manual" build mode for one or more of the' \ - 'languages you are analyzing, replace this with the commands to build' \ - 'your code, for example:' - echo ' make bootstrap' - echo ' make release' - exit 1 - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" + - if: matrix.build-mode == 'manual' + shell: bash + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" diff --git a/turbo.json b/turbo.json index 405897eec..0ba47c448 100644 --- a/turbo.json +++ b/turbo.json @@ -30,7 +30,7 @@ "!example/ios/build", "!example/ios/Pods" ], - "outputs": [] + "outputs": [".turbo/cache"] } } } From 683fa7a4cd981c986ea3f9037a078c9ded89b9ff Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 18:20:34 -0700 Subject: [PATCH 007/126] Fixed yml config error in hierarchy --- .github/workflows/codeql.yml | 27 +++++++-------------------- 1 file changed, 7 insertions(+), 20 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 775cf591f..2bf4a1099 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -208,33 +208,20 @@ jobs: run: | yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" echo "${{ env.TURBO_CACHE_DIR }}" - - - # - name: 'Upload Artifact' - # uses: actions/upload-artifact@v4 - # with: - # name: ios-artifact - # path: - - - # Add any setup steps before running the `github/codeql-action/init` action. - # This includes steps like installing compilers or runtimes (`actions/setup-node` - # or others). This is typically only required for manual builds. - # - name: Setup runtime (example) - # uses: actions/setup-example@v1 + exit 1 # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - build-mode: ${{ matrix.build-mode }} + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} # If you wish to specify custom queries, you can do so here or in a config file. # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - queries: ${{ matrix.language && 'security-extended, security-and-quality' }} + queries: ${{ matrix.language && 'security-extended, security-and-quality' }} - if: matrix.build-mode == 'manual' shell: bash From fb7391fb88f79fb906602eac5778e87cb34ddbfd Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 18:38:41 -0700 Subject: [PATCH 008/126] Setting timeout for build --- .github/workflows/codeql.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2bf4a1099..a7cd3a25f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -159,9 +159,13 @@ jobs: # build-mode: autobuild name: build iOS + timeout-minutes: 20 runs-on: macos-14 env: TURBO_CACHE_DIR: .turbo/ios + TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} + TURBO_TEAM: ${{ secrets. TURBO_TEAM }} + steps: - name: Checkout uses: actions/checkout@v3 @@ -208,7 +212,6 @@ jobs: run: | yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" echo "${{ env.TURBO_CACHE_DIR }}" - exit 1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL From bf2ec601d3eb038c8bd191eaf105e0ccf9000b80 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 18:48:58 -0700 Subject: [PATCH 009/126] Debugging cache settings --- .github/workflows/codeql.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a7cd3a25f..41c79c644 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -174,13 +174,17 @@ jobs: uses: ./.github/actions/setup - name: Cache turborepo for iOS - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ${{ env.TURBO_CACHE_DIR }} key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} restore-keys: | ${{ runner.os }}-turborepo-ios- + - name: Debug Cache Key + run: | + echo "Cache key would be: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }}" + - name: Check turborepo cache for iOS run: | TURBO_CACHE_STATUS=$(node -p "($(yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => t.task === 'build:ios').cache.status") @@ -192,7 +196,7 @@ jobs: - name: Cache cocoapods if: env.turbo_cache_hit != 1 id: cocoapods-cache - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: | **/ios/Pods From f92a2136231a1d00f05bed8261ea6ea0328f2b73 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 19:12:08 -0700 Subject: [PATCH 010/126] Looks like it was cancelled before it could complete, extending timeout --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 41c79c644..d68be2db3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -159,7 +159,7 @@ jobs: # build-mode: autobuild name: build iOS - timeout-minutes: 20 + timeout-minutes: 60 runs-on: macos-14 env: TURBO_CACHE_DIR: .turbo/ios From 560b97fbe61d443fa408f002d708971d8ea4498b Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 19:43:25 -0700 Subject: [PATCH 011/126] ignoring kotlin files that will not build in this environment --- .github/workflows/codeql.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d68be2db3..46a669bbf 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -223,6 +223,11 @@ jobs: with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} + config: | + paths-ignore: + - '**/android/app/main/java/iterable/reactnativesdk/example/** + + # If you wish to specify custom queries, you can do so here or in a config file. # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. From c7a46b006f0d20d425d3ba6dd90b0ea50db55d9a Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 20:11:59 -0700 Subject: [PATCH 012/126] Using the path-ignore doesn't work for compiled langauges. isolating run to just swift. --- .github/workflows/codeql.yml | 43 +++++++++++++++++------------------- 1 file changed, 20 insertions(+), 23 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 46a669bbf..8ce0aab11 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -138,25 +138,25 @@ jobs: analyze3: - # name: Analyze (${{ matrix.language }}) - # runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} - # permissions: - # # required for all workflows - # security-events: write - # - # # required to fetch internal or private CodeQL packs - # packages: read - # - # # only required for workflows in private repositories - # actions: read - # contents: read - # - # strategy: - # fail-fast: false - # matrix: - # include: - # - language: swift - # build-mode: autobuild + name: Analyze (${{ matrix.language }}) + runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} + permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: read + contents: read + + strategy: + fail-fast: false + matrix: + include: + - language: swift + build-mode: autobuild name: build iOS timeout-minutes: 60 @@ -208,7 +208,7 @@ jobs: if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' run: | cd example/ios - pod install + yarn ios env: NO_FLIPPER: 1 @@ -223,9 +223,6 @@ jobs: with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} - config: | - paths-ignore: - - '**/android/app/main/java/iterable/reactnativesdk/example/** # If you wish to specify custom queries, you can do so here or in a config file. From f38d0a37d096d5498e7558c2f564779927211fb1 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 20:14:49 -0700 Subject: [PATCH 013/126] re-declaring permissions and strategy --- .github/workflows/codeql.yml | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8ce0aab11..26470abe4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -138,7 +138,13 @@ jobs: analyze3: - name: Analyze (${{ matrix.language }}) + name: build iOS + timeout-minutes: 60 +# runs-on: macos-14 + env: + TURBO_CACHE_DIR: .turbo/ios + TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} + TURBO_TEAM: ${{ secrets. TURBO_TEAM }} runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} permissions: # required for all workflows @@ -158,14 +164,6 @@ jobs: - language: swift build-mode: autobuild - name: build iOS - timeout-minutes: 60 - runs-on: macos-14 - env: - TURBO_CACHE_DIR: .turbo/ios - TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} - TURBO_TEAM: ${{ secrets. TURBO_TEAM }} - steps: - name: Checkout uses: actions/checkout@v3 From c6d9f53471e907ce54eec4b976147d7500cbf846 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 20:17:57 -0700 Subject: [PATCH 014/126] Changing how CocoaPod dependencies are called --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 26470abe4..877b5caee 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -206,7 +206,7 @@ jobs: if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' run: | cd example/ios - yarn ios + pod install env: NO_FLIPPER: 1 From a62877313b09e9bcfc7dbbc058b7ca307d819795 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 21:20:26 -0700 Subject: [PATCH 015/126] filtering out the autobuild java and kt results --- .github/workflows/codeql.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 877b5caee..03aba794c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -243,3 +243,14 @@ jobs: uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" + output: sarif-results + upload: failure-only + + - name: filter-sarif + uses: advanced-security/filter-sarif@v1 + with: + patterns: | + -**/*.kt + -**/*.java + input: sarif-results/java.sarif + output: sarif-results/java.sarif From c656ca921e35c3ca3cba2acc54b02a572ac9d236 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 23:02:03 -0700 Subject: [PATCH 016/126] Seems like there is a number of files that cannot be found and the cache still isn't caching --- .github/workflows/codeql.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 03aba794c..9933aac45 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -99,6 +99,7 @@ jobs: include: - language: java-kotlin build-mode: none + steps: - name: Checkout repository uses: actions/checkout@v4 @@ -165,8 +166,8 @@ jobs: build-mode: autobuild steps: - - name: Checkout - uses: actions/checkout@v3 + - name: Checkout react-native-sdk + uses: actions/checkout@v4 - name: Setup uses: ./.github/actions/setup @@ -174,11 +175,18 @@ jobs: - name: Cache turborepo for iOS uses: actions/cache@v4 with: - path: ${{ env.TURBO_CACHE_DIR }} + # path: ${{ env.TURBO_CACHE_DIR }} + path: ~/.cache/yarn key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} restore-keys: | ${{ runner.os }}-turborepo-ios- + - name: Checkout iterable-swift-sdk + uses: actions/checkout@v4 + with: + repository: Iterable/iterable-swift-sdk + + - name: Debug Cache Key run: | echo "Cache key would be: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }}" From fbeaeeeb4c8199f7e17aa5a385c2557ee3a2339d Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 23:05:10 -0700 Subject: [PATCH 017/126] Testing instal of react native sdk inline with the ios example build --- .github/workflows/codeql.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9933aac45..b1f584a0b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -220,6 +220,8 @@ jobs: - name: Build example for iOS run: | + yarn add @iterable/react-native/sdk + yarn add react-native-webview yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" echo "${{ env.TURBO_CACHE_DIR }}" From e71e6490a5388431ee4bf0207a57a634062dd7d1 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 23:07:39 -0700 Subject: [PATCH 018/126] Testing instal of react native sdk inline with the ios example build, v2. --- .github/workflows/codeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b1f584a0b..2596e69da 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -175,8 +175,8 @@ jobs: - name: Cache turborepo for iOS uses: actions/cache@v4 with: - # path: ${{ env.TURBO_CACHE_DIR }} - path: ~/.cache/yarn + path: ${{ env.TURBO_CACHE_DIR }} + # path: ~/.cache/yarn key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} restore-keys: | ${{ runner.os }}-turborepo-ios- From 1a2bbd79302cef980d52e7ae19dcb131e8e025ae Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 23:10:05 -0700 Subject: [PATCH 019/126] Testing instal of react native sdk inline with the ios example build, v3. removing the iterable swift sdk --- .github/workflows/codeql.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2596e69da..83743bb85 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -181,10 +181,10 @@ jobs: restore-keys: | ${{ runner.os }}-turborepo-ios- - - name: Checkout iterable-swift-sdk - uses: actions/checkout@v4 - with: - repository: Iterable/iterable-swift-sdk + # - name: Checkout iterable-swift-sdk + # uses: actions/checkout@v4 + # with: + # repository: Iterable/iterable-swift-sdk - name: Debug Cache Key From f3a251c6da3a96bee431b1e6734f475aa6449020 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Thu, 25 Sep 2025 23:20:49 -0700 Subject: [PATCH 020/126] Testing another variant of build for iOS --- .github/workflows/codeql.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 83743bb85..1c748a3b1 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -220,7 +220,8 @@ jobs: - name: Build example for iOS run: | - yarn add @iterable/react-native/sdk + cd ~/example/ios + yarn add @iterable/react-native-sdk yarn add react-native-webview yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" echo "${{ env.TURBO_CACHE_DIR }}" From 65fbfe788546633cb80fb1edca97aaa6a37f1076 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 00:12:51 -0700 Subject: [PATCH 021/126] using the correct code path --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1c748a3b1..8a2eaf754 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -220,7 +220,7 @@ jobs: - name: Build example for iOS run: | - cd ~/example/ios + cd ~/react-native-sdk/react-native-sdk/example/ios yarn add @iterable/react-native-sdk yarn add react-native-webview yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" From a7a0d11ff9f8395757ebd9ec1c047c2a3468f76e Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 00:18:09 -0700 Subject: [PATCH 022/126] Code path not found, going back to default path --- .github/workflows/codeql.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8a2eaf754..bf4766645 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -220,7 +220,6 @@ jobs: - name: Build example for iOS run: | - cd ~/react-native-sdk/react-native-sdk/example/ios yarn add @iterable/react-native-sdk yarn add react-native-webview yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" From 3e1647fb9333eea8f43b78201d748ae850b00ef3 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 00:21:44 -0700 Subject: [PATCH 023/126] Resolving peer dependency issue --- .github/workflows/codeql.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bf4766645..f94ecc368 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -221,7 +221,6 @@ jobs: - name: Build example for iOS run: | yarn add @iterable/react-native-sdk - yarn add react-native-webview yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" echo "${{ env.TURBO_CACHE_DIR }}" From 7119966e19c4bae959dc0a8c492393b9f977b8b6 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 07:36:28 -0700 Subject: [PATCH 024/126] Changing to manual build --- .github/workflows/codeql.yml | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f94ecc368..cc3575bc6 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -163,7 +163,7 @@ jobs: matrix: include: - language: swift - build-mode: autobuild + build-mode: manual steps: - name: Checkout react-native-sdk @@ -218,11 +218,11 @@ jobs: env: NO_FLIPPER: 1 - - name: Build example for iOS - run: | - yarn add @iterable/react-native-sdk - yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" - echo "${{ env.TURBO_CACHE_DIR }}" + # - name: Build example for iOS + # run: | + # yarn add @iterable/react-native-sdk + # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" + # echo "${{ env.TURBO_CACHE_DIR }}" # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL @@ -242,12 +242,17 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash run: | - echo 'If you are using a "manual" build mode for one or more of the' \ - 'languages you are analyzing, replace this with the commands to build' \ - 'your code, for example:' - echo ' make bootstrap' - echo ' make release' - exit 1 + yarn add @iterable/react-native-sdk + yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" + echo "${{ env.TURBO_CACHE_DIR }}" + +# echo 'If you are using a "manual" build mode for one or more of the' \ +# 'languages you are analyzing, replace this with the commands to build' \ +# 'your code, for example:' +# echo ' make bootstrap' +# echo ' make release' +# exit 1 + - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: From 619a8869bc2555c041b37143c4e630383ea57110 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 08:37:53 -0700 Subject: [PATCH 025/126] Changing to manual build and updating build steps to include xcode build inline --- .github/workflows/codeql.yml | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index cc3575bc6..957334123 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -243,8 +243,29 @@ jobs: shell: bash run: | yarn add @iterable/react-native-sdk - yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" - echo "${{ env.TURBO_CACHE_DIR }}" + + echo "Detecting latest available iOS version..." + + # First try to find iOS 18.x that's available + LATEST_IOS=$(xcrun simctl list runtimes | grep "iOS 18" | grep -v "watchOS" | grep -v "beta" | grep -v "Beta" | grep -v "unavailable" | tail -1 | sed 's/.*iOS \([0-9]*\.[0-9]*\).*/\1/') + # If no iOS 18.x available, fall back to any available iOS version + if [ -z "$LATEST_IOS" ]; then + echo "No iOS 18.x available, falling back to latest available iOS version..." + LATEST_IOS=$(xcrun simctl list runtimes | grep "iOS" | grep -v "watchOS" | grep -v "beta" | grep -v "Beta" | grep -v "unavailable" | tail -1 | sed 's/.*iOS \([0-9]*\.[0-9]*\).*/\1/') + fi + + echo "Using iOS version $LATEST_IOS" + + xcodebuild \ + -project ReactNativeSdkExample.xcodeproj \ + -scheme example \ + -sdk iphonesimulator \ + -destination "platform=iOS Simulator,OS=$LATEST_IOS,name=iPhone 16 Pro" \ + -resultsBundlePath TestResults.xcresult \ + test | xcpretty + +# yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" +# echo "${{ env.TURBO_CACHE_DIR }}" # echo 'If you are using a "manual" build mode for one or more of the' \ # 'languages you are analyzing, replace this with the commands to build' \ From d622f24736a93d5e73b44f2d9699740ba5c0fadf Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 08:43:01 -0700 Subject: [PATCH 026/126] Fixing some yml issues --- .github/workflows/codeql.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 957334123..7310738f3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -146,6 +146,7 @@ jobs: TURBO_CACHE_DIR: .turbo/ios TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} TURBO_TEAM: ${{ secrets. TURBO_TEAM }} + LATEST_IOS: ${{ LATEST_IOS }} runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} permissions: # required for all workflows @@ -244,6 +245,9 @@ jobs: run: | yarn add @iterable/react-native-sdk + echo "Available runtimes:" + xcrun simctl list runtimes + echo "Detecting latest available iOS version..." # First try to find iOS 18.x that's available From 7b25738d72abcc8a03387bd01adfcb155846af5e Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 08:44:53 -0700 Subject: [PATCH 027/126] Fixing some yml more yml issues --- .github/workflows/codeql.yml | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7310738f3..b34d9b52c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -146,7 +146,6 @@ jobs: TURBO_CACHE_DIR: .turbo/ios TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} TURBO_TEAM: ${{ secrets. TURBO_TEAM }} - LATEST_IOS: ${{ LATEST_IOS }} runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} permissions: # required for all workflows @@ -245,26 +244,11 @@ jobs: run: | yarn add @iterable/react-native-sdk - echo "Available runtimes:" - xcrun simctl list runtimes - - echo "Detecting latest available iOS version..." - - # First try to find iOS 18.x that's available - LATEST_IOS=$(xcrun simctl list runtimes | grep "iOS 18" | grep -v "watchOS" | grep -v "beta" | grep -v "Beta" | grep -v "unavailable" | tail -1 | sed 's/.*iOS \([0-9]*\.[0-9]*\).*/\1/') - # If no iOS 18.x available, fall back to any available iOS version - if [ -z "$LATEST_IOS" ]; then - echo "No iOS 18.x available, falling back to latest available iOS version..." - LATEST_IOS=$(xcrun simctl list runtimes | grep "iOS" | grep -v "watchOS" | grep -v "beta" | grep -v "Beta" | grep -v "unavailable" | tail -1 | sed 's/.*iOS \([0-9]*\.[0-9]*\).*/\1/') - fi - - echo "Using iOS version $LATEST_IOS" - xcodebuild \ -project ReactNativeSdkExample.xcodeproj \ -scheme example \ -sdk iphonesimulator \ - -destination "platform=iOS Simulator,OS=$LATEST_IOS,name=iPhone 16 Pro" \ + -destination "platform=iOS Simulator,name=iPhone 16 Pro" \ -resultsBundlePath TestResults.xcresult \ test | xcpretty From cdca9239dc214c3e263e443816eece5b0af4a237 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 09:03:32 -0700 Subject: [PATCH 028/126] Trying again with manual build steps --- .github/workflows/codeql.yml | 45 ++++++++++++++++++------------------ 1 file changed, 22 insertions(+), 23 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b34d9b52c..ec75417d5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -163,7 +163,7 @@ jobs: matrix: include: - language: swift - build-mode: manual + build-mode: autobuild steps: - name: Checkout react-native-sdk @@ -218,11 +218,20 @@ jobs: env: NO_FLIPPER: 1 - # - name: Build example for iOS - # run: | - # yarn add @iterable/react-native-sdk - # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" - # echo "${{ env.TURBO_CACHE_DIR }}" + - name: Build example for iOS + run: | + yarn add @iterable/react-native-sdk + yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" + echo "${{ env.TURBO_CACHE_DIR }}" + + xcodebuild clean build \ + -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name + -scheme ReactNativeSdkExample \ # Replace with your app's scheme name + -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed + -sdk iphonesimulator \ + CODE_SIGN_IDENTITY="" \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL @@ -242,26 +251,16 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash run: | - yarn add @iterable/react-native-sdk - - xcodebuild \ - -project ReactNativeSdkExample.xcodeproj \ - -scheme example \ - -sdk iphonesimulator \ - -destination "platform=iOS Simulator,name=iPhone 16 Pro" \ - -resultsBundlePath TestResults.xcresult \ - test | xcpretty - + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 +# yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" -# echo 'If you are using a "manual" build mode for one or more of the' \ -# 'languages you are analyzing, replace this with the commands to build' \ -# 'your code, for example:' -# echo ' make bootstrap' -# echo ' make release' -# exit 1 - - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: From 62914f6b5374836b1d683720b1ae640965e5e5a7 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 09:35:35 -0700 Subject: [PATCH 029/126] Using project instead of workspace to build manually --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ec75417d5..c3808328e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -225,7 +225,7 @@ jobs: echo "${{ env.TURBO_CACHE_DIR }}" xcodebuild clean build \ - -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name + -project ReactNativeSdkExample.xcodeproj \ # Replace with your workspace name -scheme ReactNativeSdkExample \ # Replace with your app's scheme name -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed -sdk iphonesimulator \ From 7298ff8f8df87e9a4a83c5ff14eb82cee31c18cb Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 10:10:58 -0700 Subject: [PATCH 030/126] output project scheme before attempting to build --- .github/workflows/codeql.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c3808328e..1cb910599 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -220,13 +220,16 @@ jobs: - name: Build example for iOS run: | - yarn add @iterable/react-native-sdk - yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" - echo "${{ env.TURBO_CACHE_DIR }}" + + # yarn add @iterable/react-native-sdk + # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" + # echo "${{ env.TURBO_CACHE_DIR }}" + + xcodebuild -list -workspace ReactNativeSdkExample.xcworkspace xcodebuild clean build \ - -project ReactNativeSdkExample.xcodeproj \ # Replace with your workspace name - -scheme ReactNativeSdkExample \ # Replace with your app's scheme name + -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name + -scheme ReactNativeSdkExample \ # Replace with your app's scheme name -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed -sdk iphonesimulator \ CODE_SIGN_IDENTITY="" \ From 1c3a65e5be70131a5a84a08d3c2671effb5b5ef2 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 10:15:32 -0700 Subject: [PATCH 031/126] yaml formatting issues --- .github/workflows/codeql.yml | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1cb910599..1f03b2118 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -220,22 +220,20 @@ jobs: - name: Build example for iOS run: | - + xcodebuild -list -workspace ReactNativeSdkExample.xcworkspace + + xcodebuild clean build \ + -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name + -scheme ReactNativeSdkExample \ # Replace with your app's scheme name + -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed + -sdk iphonesimulator \ + CODE_SIGN_IDENTITY="" \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" - xcodebuild -list -workspace ReactNativeSdkExample.xcworkspace - - xcodebuild clean build \ - -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name - -scheme ReactNativeSdkExample \ # Replace with your app's scheme name - -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed - -sdk iphonesimulator \ - CODE_SIGN_IDENTITY="" \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO - # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v3 From 3f8edca5f5c4a2f3f27c6c1d2c9765039bd9800a Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 10:22:51 -0700 Subject: [PATCH 032/126] yaml formatting issues again --- .github/workflows/codeql.yml | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1f03b2118..f519a3e83 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -220,16 +220,18 @@ jobs: - name: Build example for iOS run: | - xcodebuild -list -workspace ReactNativeSdkExample.xcworkspace - - xcodebuild clean build \ - -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name - -scheme ReactNativeSdkExample \ # Replace with your app's scheme name - -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed - -sdk iphonesimulator \ - CODE_SIGN_IDENTITY="" \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO + cd example/ios + xcodebuild -list -workspace ReactNativeSdkExample.xcworkspace + + xcodebuild clean build \ + -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name + -scheme ReactNativeSdkExample \ # Replace with your app's scheme name + -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed + -sdk iphonesimulator \ + CODE_SIGN_IDENTITY="" \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO + # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" From 219fc64ec3855a1d761b434d44b3eff87a68c230 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 10:33:11 -0700 Subject: [PATCH 033/126] trying to build with another scheme --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f519a3e83..57cde663b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -225,7 +225,7 @@ jobs: xcodebuild clean build \ -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name - -scheme ReactNativeSdkExample \ # Replace with your app's scheme name + -scheme Pods-ReactNativeSdkExample \ # Replace with your app's scheme name -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed -sdk iphonesimulator \ CODE_SIGN_IDENTITY="" \ From 2d98553bcc671c4d62bfaf74cd619d12d7c96a1d Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 10:55:04 -0700 Subject: [PATCH 034/126] Saw an error about not being able to access the schema/project if somehow xcode wasn't set up properly --- .github/workflows/codeql.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 57cde663b..d5a1b586c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -186,6 +186,12 @@ jobs: # with: # repository: Iterable/iterable-swift-sdk + - name: setup xcode + runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} + steps: + - uses: maxim-lobanov/setup-xcodev@1 + with: + xcode-version: '15.0' - name: Debug Cache Key run: | From 545f90a116768ebb5ac20666a98e2bf0b02c955b Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 10:58:21 -0700 Subject: [PATCH 035/126] I hate yaml --- .github/workflows/codeql.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d5a1b586c..9b8fec01b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -187,11 +187,9 @@ jobs: # repository: Iterable/iterable-swift-sdk - name: setup xcode - runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} - steps: - - uses: maxim-lobanov/setup-xcodev@1 - with: - xcode-version: '15.0' + uses: maxim-lobanov/setup-xcodev@1 + with: + xcode-version: '15.0' - name: Debug Cache Key run: | From b09aa889c7946e1a2f4dc289b1edcf9220ebfc3a Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 11:03:06 -0700 Subject: [PATCH 036/126] I hate yaml, wrong order of declaration for setting up xcode --- .github/workflows/codeql.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9b8fec01b..e152ba7b4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -186,11 +186,6 @@ jobs: # with: # repository: Iterable/iterable-swift-sdk - - name: setup xcode - uses: maxim-lobanov/setup-xcodev@1 - with: - xcode-version: '15.0' - - name: Debug Cache Key run: | echo "Cache key would be: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }}" @@ -222,6 +217,11 @@ jobs: env: NO_FLIPPER: 1 + - name: Setup Xcode version + uses: maxim-lobanov/setup-xcode@v1.6.0 + with: + xcode-version: latest-stable + - name: Build example for iOS run: | cd example/ios From 08d1c2d8e58109eb20d77b555df2c1eb9c6fd31f Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 11:10:16 -0700 Subject: [PATCH 037/126] list schemes before trying to build --- .github/workflows/codeql.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e152ba7b4..53f282164 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -217,15 +217,10 @@ jobs: env: NO_FLIPPER: 1 - - name: Setup Xcode version - uses: maxim-lobanov/setup-xcode@v1.6.0 - with: - xcode-version: latest-stable - - name: Build example for iOS run: | cd example/ios - xcodebuild -list -workspace ReactNativeSdkExample.xcworkspace + xcodebuild -workspace ReactNativeSdkExample.xcworkspace -list xcodebuild clean build \ -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name From f25ea2b84ae94d4c99d27d904705969ba9b0ca03 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 11:14:26 -0700 Subject: [PATCH 038/126] changing the scheme again --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 53f282164..71b1d88e5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -224,7 +224,7 @@ jobs: xcodebuild clean build \ -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name - -scheme Pods-ReactNativeSdkExample \ # Replace with your app's scheme name + -scheme Iterable-iOS-SDK \ # Replace with your app's scheme name -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed -sdk iphonesimulator \ CODE_SIGN_IDENTITY="" \ From be12b84c5f3ba792d2627692aa073877756c9d32 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 11:20:24 -0700 Subject: [PATCH 039/126] trying to get it to list the available info for xcode build --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 71b1d88e5..6cbac8c49 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -220,7 +220,7 @@ jobs: - name: Build example for iOS run: | cd example/ios - xcodebuild -workspace ReactNativeSdkExample.xcworkspace -list + xcodebuild -list xcodebuild clean build \ -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name From 896e8e86e9866d2ec658864c2c1507ee2d90b252 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 11:24:45 -0700 Subject: [PATCH 040/126] changed from workspace to project --- .github/workflows/codeql.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6cbac8c49..6b61526e9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -222,9 +222,9 @@ jobs: cd example/ios xcodebuild -list - xcodebuild clean build \ - -workspace ReactNativeSdkExample.xcworkspace \ # Replace with your workspace name - -scheme Iterable-iOS-SDK \ # Replace with your app's scheme name + xcodebuild build \ + -project ReactNativeSdkExample.xcproject \ # Replace with your workspace name + -scheme ReactNativeSdkExample \ # Replace with your app's scheme name -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed -sdk iphonesimulator \ CODE_SIGN_IDENTITY="" \ From 2fc5562147ad3764f17c09bf9f0cdc8262d1ad3e Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 11:30:39 -0700 Subject: [PATCH 041/126] removing comments from command line operations --- .github/workflows/codeql.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6b61526e9..262eae6c2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -222,10 +222,10 @@ jobs: cd example/ios xcodebuild -list - xcodebuild build \ - -project ReactNativeSdkExample.xcproject \ # Replace with your workspace name - -scheme ReactNativeSdkExample \ # Replace with your app's scheme name - -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ # Adjust simulator as needed + xcodebuild clean build \ + -project ReactNativeSdkExample.xcproject \ + -scheme ReactNativeSdkExample \ + -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ -sdk iphonesimulator \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ From 74a37e9fd62c0f02d308ace5101a9e350a0b28db Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 11:37:02 -0700 Subject: [PATCH 042/126] Fixing typo in the file name for the project --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 262eae6c2..a494eb4b5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -223,7 +223,7 @@ jobs: xcodebuild -list xcodebuild clean build \ - -project ReactNativeSdkExample.xcproject \ + -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ -sdk iphonesimulator \ From 3d8013f536f46522b1657474e4f3c9e7fae27ff8 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 12:37:39 -0700 Subject: [PATCH 043/126] trying to fix the build output. --- example/ios/ReactNativeSdkExample.xcodeproj/project.pbxproj | 1 + 1 file changed, 1 insertion(+) diff --git a/example/ios/ReactNativeSdkExample.xcodeproj/project.pbxproj b/example/ios/ReactNativeSdkExample.xcodeproj/project.pbxproj index c6390b76b..8441d4136 100644 --- a/example/ios/ReactNativeSdkExample.xcodeproj/project.pbxproj +++ b/example/ios/ReactNativeSdkExample.xcodeproj/project.pbxproj @@ -255,6 +255,7 @@ ); name = "Bundle React Native code and images"; outputPaths = ( + "$(REACT_NATIVE_PATH)/" ); runOnlyForDeploymentPostprocessing = 0; shellPath = /bin/sh; From 6c8129a7497a1fd7399321920740ac81f4af6308 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 12:44:05 -0700 Subject: [PATCH 044/126] trying to fix build. removing some of the options. --- .github/workflows/codeql.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a494eb4b5..58fd6cc15 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -225,8 +225,6 @@ jobs: xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ - -destination 'platform=iOS Simulator,name=iPhone 16 Pro' \ - -sdk iphonesimulator \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO From d4f64eca01dd3eec344ba3cb3bdafcba8fa0ae2b Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 12:51:51 -0700 Subject: [PATCH 045/126] trying to fix build. had some conflicting settings --- .github/workflows/codeql.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 58fd6cc15..a0fd5fac9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -225,6 +225,8 @@ jobs: xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ + -destination 'platform=iOS Simulator,name=iPhone 15.1 Pro' \ + -sdk iphoneos \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO From d437686f41ca02ffa1f0a912ba66a24346238bb3 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 12:56:33 -0700 Subject: [PATCH 046/126] trying to fix build. no simulator. --- .github/workflows/codeql.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a0fd5fac9..832761da7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -225,7 +225,6 @@ jobs: xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ - -destination 'platform=iOS Simulator,name=iPhone 15.1 Pro' \ -sdk iphoneos \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ From 1d60ad6390fb90428f8c8196c58698c5acdd2e8e Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 15:49:30 -0700 Subject: [PATCH 047/126] Maybe some kind of conflict between macos-15 and latest? --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 832761da7..bce215da8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -146,7 +146,7 @@ jobs: TURBO_CACHE_DIR: .turbo/ios TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} TURBO_TEAM: ${{ secrets. TURBO_TEAM }} - runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} + runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} permissions: # required for all workflows security-events: write From 047b372873606a0f03b62e968cbafc8317ba02ae Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 16:09:59 -0700 Subject: [PATCH 048/126] Thank you for being so easy to debug. --- .github/workflows/codeql.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bce215da8..88b8a9554 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -146,7 +146,7 @@ jobs: TURBO_CACHE_DIR: .turbo/ios TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} TURBO_TEAM: ${{ secrets. TURBO_TEAM }} - runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} + runs-on: ${{ (matrix.language == 'swift' && 'macos-14') || 'ubuntu-latest' }} permissions: # required for all workflows security-events: write @@ -228,7 +228,9 @@ jobs: -sdk iphoneos \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO + CODE_SIGNING_ALLOWED=NO \ + BUILD_LIBRARY_FOR_DISTRIBUTION=YES \ + SKIP_INSTALL=NO # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" From 567577655affc18c68843481a4680b492b1e274b Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 16:21:35 -0700 Subject: [PATCH 049/126] tweaking the iphone dev target version. --- .github/workflows/codeql.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 88b8a9554..32258b463 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -229,8 +229,10 @@ jobs: CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO \ - BUILD_LIBRARY_FOR_DISTRIBUTION=YES \ - SKIP_INSTALL=NO + BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ + APPLICATION_EXTENSION_API_ONLY=YES \ + SKIP_INSTALL=NO \ + IPHONEOS_DEVELOPMENT_TARGET=13.2 # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" From 50fd797d7eba5e69e89835edfc0bdb9e317a53d1 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 18:00:40 -0700 Subject: [PATCH 050/126] trying to verify that the architechture isn't messing with the build --- .github/workflows/codeql.yml | 41 ++++++++++++++++++------------------ 1 file changed, 21 insertions(+), 20 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 32258b463..b65deb6b2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -146,7 +146,7 @@ jobs: TURBO_CACHE_DIR: .turbo/ios TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} TURBO_TEAM: ${{ secrets. TURBO_TEAM }} - runs-on: ${{ (matrix.language == 'swift' && 'macos-14') || 'ubuntu-latest' }} + runs-on: ${{ (matrix.language == 'swift' && 'macos-13') || 'ubuntu-latest' }} permissions: # required for all workflows security-events: write @@ -190,24 +190,24 @@ jobs: run: | echo "Cache key would be: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }}" - - name: Check turborepo cache for iOS - run: | - TURBO_CACHE_STATUS=$(node -p "($(yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => t.task === 'build:ios').cache.status") - - if [[ $TURBO_CACHE_STATUS == "HIT" ]]; then - echo "turbo_cache_hit=1" >> $GITHUB_ENV - fi - - - name: Cache cocoapods - if: env.turbo_cache_hit != 1 - id: cocoapods-cache - uses: actions/cache@v4 - with: - path: | - **/ios/Pods - key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} - restore-keys: | - ${{ runner.os }}-cocoapods- +# - name: Check turborepo cache for iOS +# run: | +# TURBO_CACHE_STATUS=$(node -p "($(yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => t.task === 'build:ios').cache.status") +# +# if [[ $TURBO_CACHE_STATUS == "HIT" ]]; then +# echo "turbo_cache_hit=1" >> $GITHUB_ENV +# fi +# +# - name: Cache cocoapods +# if: env.turbo_cache_hit != 1 +# id: cocoapods-cache +# uses: actions/cache@v4 +# with: +# path: | +# **/ios/Pods +# key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} +# restore-keys: | +# ${{ runner.os }}-cocoapods- - name: Install cocoapods if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' @@ -232,7 +232,8 @@ jobs: BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ APPLICATION_EXTENSION_API_ONLY=YES \ SKIP_INSTALL=NO \ - IPHONEOS_DEVELOPMENT_TARGET=13.2 + IPHONEOS_DEVELOPMENT_TARGET=13.0 + ARCHS="arm64 x86_64" # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" From 14b8d18a66173460def15853146eb664960b6af7 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 18:12:19 -0700 Subject: [PATCH 051/126] trying to do a clean before the build. --- .github/workflows/codeql.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b65deb6b2..6186a09e0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -169,6 +169,11 @@ jobs: - name: Checkout react-native-sdk uses: actions/checkout@v4 + - name: Clean DerivedData folder + run: | + rm -rf ~/Library/Developer/Xcode/DerivedData/* + shell: bash + - name: Setup uses: ./.github/actions/setup From 8bb4a390ec2cbfdb7a74b2ae4b913a22c16af36d Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 18:13:42 -0700 Subject: [PATCH 052/126] trying to do a clean before the build without using bash to run the command. --- .github/workflows/codeql.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6186a09e0..665e11c75 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -172,7 +172,6 @@ jobs: - name: Clean DerivedData folder run: | rm -rf ~/Library/Developer/Xcode/DerivedData/* - shell: bash - name: Setup uses: ./.github/actions/setup From d59d791429ba8263018b8f698adc2acadae7a5c7 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 18:25:07 -0700 Subject: [PATCH 053/126] changing the sdk to iphoneos13.2 --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 665e11c75..c62a0feab 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -229,7 +229,7 @@ jobs: xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ - -sdk iphoneos \ + -sdk iphoneos13.2 \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO \ From 6029f2f356bb80d6f2dfbe84c65b82ded99daa04 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 18:31:15 -0700 Subject: [PATCH 054/126] changing the sdk back to just iphoneos --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c62a0feab..665e11c75 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -229,7 +229,7 @@ jobs: xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ - -sdk iphoneos13.2 \ + -sdk iphoneos \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO \ From 21167cdece881cd46517a2c59a3504a15eb13e1b Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 18:38:32 -0700 Subject: [PATCH 055/126] fiddling with the build config again. removing a few things. --- .github/workflows/codeql.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 665e11c75..73957145d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -229,15 +229,15 @@ jobs: xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ - -sdk iphoneos \ +# -sdk iphoneos \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO \ BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ APPLICATION_EXTENSION_API_ONLY=YES \ - SKIP_INSTALL=NO \ +# SKIP_INSTALL=NO \ IPHONEOS_DEVELOPMENT_TARGET=13.0 - ARCHS="arm64 x86_64" + ARCHS=arm64 # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" From 5f021c795b067b38ecb2a2424e6f8d6a6f0b6c0f Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Fri, 26 Sep 2025 18:40:21 -0700 Subject: [PATCH 056/126] i still hate yml --- .github/workflows/codeql.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 73957145d..02bb7b497 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -229,16 +229,17 @@ jobs: xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ -# -sdk iphoneos \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO \ BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ APPLICATION_EXTENSION_API_ONLY=YES \ -# SKIP_INSTALL=NO \ IPHONEOS_DEVELOPMENT_TARGET=13.0 ARCHS=arm64 + # -sdk iphoneos \ + # SKIP_INSTALL=NO \ + # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" From 4d67a2b37463ab03d5cf8764949c13b32088c1f9 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 04:56:08 -0700 Subject: [PATCH 057/126] modified some build settings and set continue on error to true --- .github/workflows/codeql.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 02bb7b497..fe3dca434 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -229,13 +229,16 @@ jobs: xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ + -sdk iphoneos \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO \ BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ APPLICATION_EXTENSION_API_ONLY=YES \ IPHONEOS_DEVELOPMENT_TARGET=13.0 - ARCHS=arm64 + continue-on-error: true + + # ARCHS=arm64 # -sdk iphoneos \ # SKIP_INSTALL=NO \ From 61d9fbedf0d8964d668fa09302929b5b5397edaa Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 05:49:44 -0700 Subject: [PATCH 058/126] moving manual build steps to under the analyze with codeql steps. --- .github/workflows/codeql.yml | 63 ++++++++++++++++++++++-------------- 1 file changed, 39 insertions(+), 24 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fe3dca434..211db9cd2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -163,7 +163,7 @@ jobs: matrix: include: - language: swift - build-mode: autobuild + build-mode: manual steps: - name: Checkout react-native-sdk @@ -221,22 +221,22 @@ jobs: env: NO_FLIPPER: 1 - - name: Build example for iOS - run: | - cd example/ios - xcodebuild -list - - xcodebuild clean build \ - -project ReactNativeSdkExample.xcodeproj \ - -scheme ReactNativeSdkExample \ - -sdk iphoneos \ - CODE_SIGN_IDENTITY="" \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO \ - BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ - APPLICATION_EXTENSION_API_ONLY=YES \ - IPHONEOS_DEVELOPMENT_TARGET=13.0 - continue-on-error: true +# - name: Build example for iOS +# run: | +# cd example/ios +# xcodebuild -list +# +# xcodebuild clean build \ +# -project ReactNativeSdkExample.xcodeproj \ +# -scheme ReactNativeSdkExample \ +# -sdk iphoneos \ +# CODE_SIGN_IDENTITY="" \ +# CODE_SIGNING_REQUIRED=NO \ +# CODE_SIGNING_ALLOWED=NO \ +# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ +# APPLICATION_EXTENSION_API_ONLY=YES \ +# IPHONEOS_DEVELOPMENT_TARGET=13.0 +# continue-on-error: true # ARCHS=arm64 @@ -264,13 +264,28 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash - run: | - echo 'If you are using a "manual" build mode for one or more of the' \ - 'languages you are analyzing, replace this with the commands to build' \ - 'your code, for example:' - echo ' make bootstrap' - echo ' make release' - exit 1 + cd example/ios + xcodebuild -list + + xcodebuild clean build \ + -project ReactNativeSdkExample.xcodeproj \ + -scheme ReactNativeSdkExample \ + -sdk iphoneos \ + CODE_SIGN_IDENTITY="" \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO \ + BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ + APPLICATION_EXTENSION_API_ONLY=YES \ + IPHONEOS_DEVELOPMENT_TARGET=13.0 + continue-on-error: true + +# run: | +# echo 'If you are using a "manual" build mode for one or more of the' \ +# 'languages you are analyzing, replace this with the commands to build' \ +# 'your code, for example:' +# echo ' make bootstrap' +# echo ' make release' +# exit 1 # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" From e5cfb618f0bcde7701c8e39e2a9c4cae079b5441 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 05:50:42 -0700 Subject: [PATCH 059/126] moving manual build steps to under the analyze with codeql steps with Run this time. --- .github/workflows/codeql.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 211db9cd2..8bbd2a034 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -264,6 +264,7 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash + run: cd example/ios xcodebuild -list From 730d4218ff04acc962c81fcb987a6f789c9a9bc4 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 06:09:35 -0700 Subject: [PATCH 060/126] putting the build step between init and analyze --- .github/workflows/codeql.yml | 56 +++++++++++++----------------------- 1 file changed, 20 insertions(+), 36 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8bbd2a034..f257a70ab 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -163,7 +163,7 @@ jobs: matrix: include: - language: swift - build-mode: manual + build-mode: autobuild steps: - name: Checkout react-native-sdk @@ -221,32 +221,6 @@ jobs: env: NO_FLIPPER: 1 -# - name: Build example for iOS -# run: | -# cd example/ios -# xcodebuild -list -# -# xcodebuild clean build \ -# -project ReactNativeSdkExample.xcodeproj \ -# -scheme ReactNativeSdkExample \ -# -sdk iphoneos \ -# CODE_SIGN_IDENTITY="" \ -# CODE_SIGNING_REQUIRED=NO \ -# CODE_SIGNING_ALLOWED=NO \ -# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ -# APPLICATION_EXTENSION_API_ONLY=YES \ -# IPHONEOS_DEVELOPMENT_TARGET=13.0 -# continue-on-error: true - - # ARCHS=arm64 - - # -sdk iphoneos \ - # SKIP_INSTALL=NO \ - - # yarn add @iterable/react-native-sdk - # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" - # echo "${{ env.TURBO_CACHE_DIR }}" - # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v3 @@ -264,9 +238,20 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash - run: + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 +# yarn add @iterable/react-native-sdk +# yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" +# echo "${{ env.TURBO_CACHE_DIR }}" + + - name: Build example for iOS + run: | cd example/ios - xcodebuild -list xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ @@ -280,17 +265,16 @@ jobs: IPHONEOS_DEVELOPMENT_TARGET=13.0 continue-on-error: true -# run: | -# echo 'If you are using a "manual" build mode for one or more of the' \ -# 'languages you are analyzing, replace this with the commands to build' \ -# 'your code, for example:' -# echo ' make bootstrap' -# echo ' make release' -# exit 1 +# ARCHS=arm64 +# +# -sdk iphoneos \ +# SKIP_INSTALL=NO \ +# # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" + - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: From 99372eb567d664e448da19ae4383ca184f101643 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 06:47:28 -0700 Subject: [PATCH 061/126] swift version mismatch? --- .github/workflows/codeql.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f257a70ab..02a54f172 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -212,6 +212,13 @@ jobs: # key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} # restore-keys: | # ${{ runner.os }}-cocoapods- + - name: setup swift + uses: swift-actions/setup-swift@v2 + with: + swift-version: "6.0" + + - name: verify swift version + run: swift --version - name: Install cocoapods if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' From b9fcf37cf825d1aeb52b029cd516f630cb6bb374 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 07:04:27 -0700 Subject: [PATCH 062/126] swift version mismatch 6.0 => 5.9 --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 02a54f172..f9fe9c0be 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -215,7 +215,7 @@ jobs: - name: setup swift uses: swift-actions/setup-swift@v2 with: - swift-version: "6.0" + swift-version: "5.9" - name: verify swift version run: swift --version From 58c7b0ca6b606af3792a34fb2c1d0c6703b76277 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 07:48:44 -0700 Subject: [PATCH 063/126] reactnativedependencies build fail fix --- .github/workflows/codeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f9fe9c0be..9516e87a9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -146,7 +146,7 @@ jobs: TURBO_CACHE_DIR: .turbo/ios TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} TURBO_TEAM: ${{ secrets. TURBO_TEAM }} - runs-on: ${{ (matrix.language == 'swift' && 'macos-13') || 'ubuntu-latest' }} + runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} permissions: # required for all workflows security-events: write @@ -215,7 +215,7 @@ jobs: - name: setup swift uses: swift-actions/setup-swift@v2 with: - swift-version: "5.9" + swift-version: "6.0" - name: verify swift version run: swift --version From 15036a82cd862f6eeabb3004bc2eeee2dd499c85 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 09:02:27 -0700 Subject: [PATCH 064/126] react native binary doesn't get saved. --- .github/workflows/codeql.yml | 2 +- example/ios/ReactNativeSdkExample.xcodeproj/project.pbxproj | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9516e87a9..46483f94f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -224,7 +224,7 @@ jobs: if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' run: | cd example/ios - pod install + pod install --repo-update env: NO_FLIPPER: 1 diff --git a/example/ios/ReactNativeSdkExample.xcodeproj/project.pbxproj b/example/ios/ReactNativeSdkExample.xcodeproj/project.pbxproj index 8441d4136..c6390b76b 100644 --- a/example/ios/ReactNativeSdkExample.xcodeproj/project.pbxproj +++ b/example/ios/ReactNativeSdkExample.xcodeproj/project.pbxproj @@ -255,7 +255,6 @@ ); name = "Bundle React Native code and images"; outputPaths = ( - "$(REACT_NATIVE_PATH)/" ); runOnlyForDeploymentPostprocessing = 0; shellPath = /bin/sh; From 04bad05a69eb3f17022509560da77a9835f658b2 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 09:10:38 -0700 Subject: [PATCH 065/126] switching back to manual build inside the init state. --- .github/workflows/codeql.yml | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 46483f94f..7062ce704 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -163,7 +163,7 @@ jobs: matrix: include: - language: swift - build-mode: autobuild + build-mode: manual steps: - name: Checkout react-native-sdk @@ -246,12 +246,26 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash run: | - echo 'If you are using a "manual" build mode for one or more of the' \ - 'languages you are analyzing, replace this with the commands to build' \ - 'your code, for example:' - echo ' make bootstrap' - echo ' make release' - exit 1 + cd example/ios + + xcodebuild clean build \ + -project ReactNativeSdkExample.xcodeproj \ + -scheme ReactNativeSdkExample \ + -sdk iphoneos \ + CODE_SIGN_IDENTITY="" \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO \ + BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ + APPLICATION_EXTENSION_API_ONLY=YES \ + IPHONEOS_DEVELOPMENT_TARGET=13.0 + continue-on-error: true + +# echo 'If you are using a "manual" build mode for one or more of the' \ +# 'languages you are analyzing, replace this with the commands to build' \ +# 'your code, for example:' +# echo ' make bootstrap' +# echo ' make release' +# exit 1 # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" From 50d2b44295c51c849ea3d44eceaed69a128a6dac Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 09:17:47 -0700 Subject: [PATCH 066/126] switching back to manual build inside the init state and commenting out the separate build step. --- .github/workflows/codeql.yml | 30 +++++++++++++++--------------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7062ce704..208f2e64a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -270,21 +270,21 @@ jobs: # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" - - name: Build example for iOS - run: | - cd example/ios - - xcodebuild clean build \ - -project ReactNativeSdkExample.xcodeproj \ - -scheme ReactNativeSdkExample \ - -sdk iphoneos \ - CODE_SIGN_IDENTITY="" \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO \ - BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ - APPLICATION_EXTENSION_API_ONLY=YES \ - IPHONEOS_DEVELOPMENT_TARGET=13.0 - continue-on-error: true +# - name: Build example for iOS +# run: | +# cd example/ios +# +# xcodebuild clean build \ +# -project ReactNativeSdkExample.xcodeproj \ +# -scheme ReactNativeSdkExample \ +# -sdk iphoneos \ +# CODE_SIGN_IDENTITY="" \ +# CODE_SIGNING_REQUIRED=NO \ +# CODE_SIGNING_ALLOWED=NO \ +# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ +# APPLICATION_EXTENSION_API_ONLY=YES \ +# IPHONEOS_DEVELOPMENT_TARGET=13.0 +# continue-on-error: true # ARCHS=arm64 # From 991e9a3c11b1225db29e58ee62728d1d546f3593 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 09:43:19 -0700 Subject: [PATCH 067/126] refining manual steps for building the project --- .github/workflows/codeql.yml | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 208f2e64a..6372b564d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -248,16 +248,11 @@ jobs: run: | cd example/ios + codeql database trace-command -- \ + xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ - -sdk iphoneos \ - CODE_SIGN_IDENTITY="" \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO \ - BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ - APPLICATION_EXTENSION_API_ONLY=YES \ - IPHONEOS_DEVELOPMENT_TARGET=13.0 continue-on-error: true # echo 'If you are using a "manual" build mode for one or more of the' \ From 98de6091cf52df88e97651ebb38d46f3139c38e2 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 09:48:48 -0700 Subject: [PATCH 068/126] I can't call codeql inside the run script. --- .github/workflows/codeql.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6372b564d..33a662db3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -248,8 +248,6 @@ jobs: run: | cd example/ios - codeql database trace-command -- \ - xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ From 606e04382f4ac118b81c52469ca3b91c7882dfa5 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 10:04:07 -0700 Subject: [PATCH 069/126] building manual inside of the init did not work at all and codeql failed to initialize. --- .github/workflows/codeql.yml | 54 +++++++++++++----------------------- 1 file changed, 20 insertions(+), 34 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 33a662db3..4a5a912a2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -163,7 +163,7 @@ jobs: matrix: include: - language: swift - build-mode: manual + build-mode: autobuild steps: - name: Checkout react-native-sdk @@ -212,13 +212,13 @@ jobs: # key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} # restore-keys: | # ${{ runner.os }}-cocoapods- - - name: setup swift - uses: swift-actions/setup-swift@v2 - with: - swift-version: "6.0" - - - name: verify swift version - run: swift --version +# - name: setup swift +# uses: swift-actions/setup-swift@v2 +# with: +# swift-version: "6.0" +# +# - name: verify swift version +# run: swift --version - name: Install cocoapods if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' @@ -245,6 +245,18 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 +# yarn add @iterable/react-native-sdk +# yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" +# echo "${{ env.TURBO_CACHE_DIR }}" + + - name: Build example for iOS run: | cd example/ios @@ -253,32 +265,6 @@ jobs: -scheme ReactNativeSdkExample \ continue-on-error: true -# echo 'If you are using a "manual" build mode for one or more of the' \ -# 'languages you are analyzing, replace this with the commands to build' \ -# 'your code, for example:' -# echo ' make bootstrap' -# echo ' make release' -# exit 1 -# yarn add @iterable/react-native-sdk -# yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" -# echo "${{ env.TURBO_CACHE_DIR }}" - -# - name: Build example for iOS -# run: | -# cd example/ios -# -# xcodebuild clean build \ -# -project ReactNativeSdkExample.xcodeproj \ -# -scheme ReactNativeSdkExample \ -# -sdk iphoneos \ -# CODE_SIGN_IDENTITY="" \ -# CODE_SIGNING_REQUIRED=NO \ -# CODE_SIGNING_ALLOWED=NO \ -# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ -# APPLICATION_EXTENSION_API_ONLY=YES \ -# IPHONEOS_DEVELOPMENT_TARGET=13.0 -# continue-on-error: true - # ARCHS=arm64 # # -sdk iphoneos \ From 47567b0864ce561f28afb01815a06022bc5524fe Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 10:10:11 -0700 Subject: [PATCH 070/126] turned code signing back off. --- .github/workflows/codeql.yml | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4a5a912a2..6d2332f0e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -176,23 +176,23 @@ jobs: - name: Setup uses: ./.github/actions/setup - - name: Cache turborepo for iOS - uses: actions/cache@v4 - with: - path: ${{ env.TURBO_CACHE_DIR }} - # path: ~/.cache/yarn - key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} - restore-keys: | - ${{ runner.os }}-turborepo-ios- +# - name: Cache turborepo for iOS +# uses: actions/cache@v4 +# with: +# path: ${{ env.TURBO_CACHE_DIR }} +# # path: ~/.cache/yarn +# key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} +# restore-keys: | +# ${{ runner.os }}-turborepo-ios- # - name: Checkout iterable-swift-sdk # uses: actions/checkout@v4 # with: # repository: Iterable/iterable-swift-sdk - - name: Debug Cache Key - run: | - echo "Cache key would be: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }}" +# - name: Debug Cache Key +# run: | +# echo "Cache key would be: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }}" # - name: Check turborepo cache for iOS # run: | @@ -263,6 +263,11 @@ jobs: xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ + CODE_SIGN_IDENTITY="" \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO \ + BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ + APPLICATION_EXTENSION_API_ONLY=YES \ continue-on-error: true # ARCHS=arm64 From 13fe939064bace27a96b7193351991da15bbf571 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 10:42:11 -0700 Subject: [PATCH 071/126] still debugging... --- .github/workflows/codeql.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6d2332f0e..2ac83a932 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -260,6 +260,10 @@ jobs: run: | cd example/ios + xcodebuild -list -workspace ReactNativeSdkExample.xcworkspace + + xcodebuild -list -project ReactNativeSdkExample.xcodeproj + xcodebuild clean build \ -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ From 5e93de8bc8b7d4691389d9fbf02ea4d2df3fc143 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 10:48:07 -0700 Subject: [PATCH 072/126] does workspace also fail? --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2ac83a932..ae861c355 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -265,7 +265,7 @@ jobs: xcodebuild -list -project ReactNativeSdkExample.xcodeproj xcodebuild clean build \ - -project ReactNativeSdkExample.xcodeproj \ + -workspace ReactNativeSdkExample.xcworkspace \ -scheme ReactNativeSdkExample \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ From e0526e4c06a08a09801118dff193a8390faf12ca Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 11:36:30 -0700 Subject: [PATCH 073/126] changing to a build mode that seems to have worked at some point --- .github/workflows/codeql.yml | 82 +++++++++++++++--------------------- 1 file changed, 35 insertions(+), 47 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ae861c355..d25ad9066 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -176,32 +176,26 @@ jobs: - name: Setup uses: ./.github/actions/setup -# - name: Cache turborepo for iOS -# uses: actions/cache@v4 -# with: -# path: ${{ env.TURBO_CACHE_DIR }} -# # path: ~/.cache/yarn -# key: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }} -# restore-keys: | -# ${{ runner.os }}-turborepo-ios- + - name: Install macOS dependencies + run: | + brew tap wix/brew + brew install applesimutils + env: + HOMEBREW_NO_AUTO_UPDATE: 1 + HOMEBREW_NO_INSTALL_CLEANUP: 1 - # - name: Checkout iterable-swift-sdk - # uses: actions/checkout@v4 - # with: - # repository: Iterable/iterable-swift-sdk + - name: Setup Ruby + uses: ruby/setup-ruby@v1 + with: + bundler-cache: true + ruby-version: 2.6.10 -# - name: Debug Cache Key -# run: | -# echo "Cache key would be: ${{ runner.os }}-turborepo-ios-${{ hashFiles('yarn.lock') }}" + - name: Example App Yarn install + run: | + cd example + yarn install --frozen-lockfile + cd .. -# - name: Check turborepo cache for iOS -# run: | -# TURBO_CACHE_STATUS=$(node -p "($(yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => t.task === 'build:ios').cache.status") -# -# if [[ $TURBO_CACHE_STATUS == "HIT" ]]; then -# echo "turbo_cache_hit=1" >> $GITHUB_ENV -# fi -# # - name: Cache cocoapods # if: env.turbo_cache_hit != 1 # id: cocoapods-cache @@ -212,19 +206,13 @@ jobs: # key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} # restore-keys: | # ${{ runner.os }}-cocoapods- -# - name: setup swift -# uses: swift-actions/setup-swift@v2 -# with: -# swift-version: "6.0" -# -# - name: verify swift version -# run: swift --version - name: Install cocoapods if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' run: | cd example/ios pod install --repo-update + cd - env: NO_FLIPPER: 1 @@ -256,23 +244,23 @@ jobs: # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" - - name: Build example for iOS - run: | - cd example/ios - - xcodebuild -list -workspace ReactNativeSdkExample.xcworkspace - - xcodebuild -list -project ReactNativeSdkExample.xcodeproj - - xcodebuild clean build \ - -workspace ReactNativeSdkExample.xcworkspace \ - -scheme ReactNativeSdkExample \ - CODE_SIGN_IDENTITY="" \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO \ - BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ - APPLICATION_EXTENSION_API_ONLY=YES \ - continue-on-error: true +# - name: Build example for iOS +# run: | +# cd example/ios +# +# xcodebuild -list -workspace ReactNativeSdkExample.xcworkspace +# +# xcodebuild -list -project ReactNativeSdkExample.xcodeproj +# +# xcodebuild clean build \ +# -workspace ReactNativeSdkExample.xcworkspace \ +# -scheme ReactNativeSdkExample \ +# CODE_SIGN_IDENTITY="" \ +# CODE_SIGNING_REQUIRED=NO \ +# CODE_SIGNING_ALLOWED=NO \ +# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ +# APPLICATION_EXTENSION_API_ONLY=YES \ +# continue-on-error: true # ARCHS=arm64 # From 65c1241dbd9c43d895b8abc061db3f65026f9f4a Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 12:07:05 -0700 Subject: [PATCH 074/126] example app installs, but has no code, so fail. --- .github/workflows/codeql.yml | 52 +++++++++++------------------------- 1 file changed, 15 insertions(+), 37 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d25ad9066..45cdc513e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -176,26 +176,6 @@ jobs: - name: Setup uses: ./.github/actions/setup - - name: Install macOS dependencies - run: | - brew tap wix/brew - brew install applesimutils - env: - HOMEBREW_NO_AUTO_UPDATE: 1 - HOMEBREW_NO_INSTALL_CLEANUP: 1 - - - name: Setup Ruby - uses: ruby/setup-ruby@v1 - with: - bundler-cache: true - ruby-version: 2.6.10 - - - name: Example App Yarn install - run: | - cd example - yarn install --frozen-lockfile - cd .. - # - name: Cache cocoapods # if: env.turbo_cache_hit != 1 # id: cocoapods-cache @@ -244,23 +224,21 @@ jobs: # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" -# - name: Build example for iOS -# run: | -# cd example/ios -# -# xcodebuild -list -workspace ReactNativeSdkExample.xcworkspace -# -# xcodebuild -list -project ReactNativeSdkExample.xcodeproj -# -# xcodebuild clean build \ -# -workspace ReactNativeSdkExample.xcworkspace \ -# -scheme ReactNativeSdkExample \ -# CODE_SIGN_IDENTITY="" \ -# CODE_SIGNING_REQUIRED=NO \ -# CODE_SIGNING_ALLOWED=NO \ -# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ -# APPLICATION_EXTENSION_API_ONLY=YES \ -# continue-on-error: true + - name: Build example for iOS + run: | + cd example/ios + + xcodebuild clean + + xcodebuild build \ + -workspace ReactNativeSdkExample.xcworkspace \ + -scheme ReactNativeSdkExample \ + CODE_SIGN_IDENTITY="" \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO \ + BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ + APPLICATION_EXTENSION_API_ONLY=NO \ + continue-on-error: true # ARCHS=arm64 # From f19f3d74968012df3615aa3d06c51f1ef4296928 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 12:13:10 -0700 Subject: [PATCH 075/126] breaking clean into it's own step didn't work --- .github/workflows/codeql.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 45cdc513e..22cc49395 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -228,9 +228,7 @@ jobs: run: | cd example/ios - xcodebuild clean - - xcodebuild build \ + xcodebuild clean build \ -workspace ReactNativeSdkExample.xcworkspace \ -scheme ReactNativeSdkExample \ CODE_SIGN_IDENTITY="" \ From 70ba8b906a6041d4ea6b7bae54812cef59d33eb8 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 13:16:43 -0700 Subject: [PATCH 076/126] use modular headers? --- example/ios/Podfile | 1 + 1 file changed, 1 insertion(+) diff --git a/example/ios/Podfile b/example/ios/Podfile index 833bd46c8..040b61c7c 100644 --- a/example/ios/Podfile +++ b/example/ios/Podfile @@ -1,4 +1,5 @@ ENV['RCT_NEW_ARCH_ENABLED'] = '1' +use_modular_headers! # Resolve react_native_pods.rb with node to allow for hoisting require Pod::Executable.execute_command('node', ['-p', From b711179e879e3b8df4933e1ec6383edcad2553f8 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 14:01:07 -0700 Subject: [PATCH 077/126] use modular headers in podfile --- example/ios/Podfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/example/ios/Podfile b/example/ios/Podfile index 040b61c7c..0eee2ee67 100644 --- a/example/ios/Podfile +++ b/example/ios/Podfile @@ -1,5 +1,4 @@ ENV['RCT_NEW_ARCH_ENABLED'] = '1' -use_modular_headers! # Resolve react_native_pods.rb with node to allow for hoisting require Pod::Executable.execute_command('node', ['-p', @@ -18,7 +17,7 @@ if linkage != nil end target 'ReactNativeSdkExample' do - config = use_native_modules! + config = use_native_modules! && use_modular_headers! use_react_native!( :path => config[:reactNativePath], From 704825791bb0dc7408e1c1dd1416e0a825ba4158 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 14:04:41 -0700 Subject: [PATCH 078/126] use modular headers in podfile, wrong location. --- example/ios/Podfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/example/ios/Podfile b/example/ios/Podfile index 0eee2ee67..4affe7f10 100644 --- a/example/ios/Podfile +++ b/example/ios/Podfile @@ -16,8 +16,10 @@ if linkage != nil use_frameworks! :linkage => linkage.to_sym end +use_modular_headers! + target 'ReactNativeSdkExample' do - config = use_native_modules! && use_modular_headers! + config = use_native_modules! use_react_native!( :path => config[:reactNativePath], From bdce427af38d5be5eca4f0fa0bb1db7f3f9c8d27 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 14:43:57 -0700 Subject: [PATCH 079/126] hermes enabled in podfile --- example/ios/Podfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/example/ios/Podfile b/example/ios/Podfile index 4affe7f10..2b2b58466 100644 --- a/example/ios/Podfile +++ b/example/ios/Podfile @@ -16,13 +16,13 @@ if linkage != nil use_frameworks! :linkage => linkage.to_sym end -use_modular_headers! target 'ReactNativeSdkExample' do config = use_native_modules! use_react_native!( :path => config[:reactNativePath], + :hermes_enabled => true, # An absolute path to your application root. :app_path => "#{Pod::Config.instance.installation_root}/.." ) From 33f76a794f079f080aeb554cffa5b63080cad71d Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 15:34:40 -0700 Subject: [PATCH 080/126] added @react-native-community/cli to build example for ios --- .github/workflows/codeql.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 22cc49395..dc5f5aa85 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -236,6 +236,8 @@ jobs: CODE_SIGNING_ALLOWED=NO \ BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ APPLICATION_EXTENSION_API_ONLY=NO \ + + yarn add -D @react-native-community/cli continue-on-error: true # ARCHS=arm64 From 36e97ad0894705ee231821c921800cf958b481bf Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 16:42:29 -0700 Subject: [PATCH 081/126] trying to use the build after codeql init --- .github/workflows/codeql.yml | 34 ++++++++++++++++++++-------------- 1 file changed, 20 insertions(+), 14 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index dc5f5aa85..fd81d4da5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -163,7 +163,7 @@ jobs: matrix: include: - language: swift - build-mode: autobuild + build-mode: manual steps: - name: Checkout react-native-sdk @@ -213,18 +213,6 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash - run: | - echo 'If you are using a "manual" build mode for one or more of the' \ - 'languages you are analyzing, replace this with the commands to build' \ - 'your code, for example:' - echo ' make bootstrap' - echo ' make release' - exit 1 -# yarn add @iterable/react-native-sdk -# yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" -# echo "${{ env.TURBO_CACHE_DIR }}" - - - name: Build example for iOS run: | cd example/ios @@ -236,8 +224,26 @@ jobs: CODE_SIGNING_ALLOWED=NO \ BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ APPLICATION_EXTENSION_API_ONLY=NO \ + exit 1 - yarn add -D @react-native-community/cli +# yarn add @iterable/react-native-sdk +# yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" +# echo "${{ env.TURBO_CACHE_DIR }}" + +# - name: Build example for iOS +# run: | +# cd example/ios +# +# xcodebuild clean build \ +# -workspace ReactNativeSdkExample.xcworkspace \ +# -scheme ReactNativeSdkExample \ +# CODE_SIGN_IDENTITY="" \ +# CODE_SIGNING_REQUIRED=NO \ +# CODE_SIGNING_ALLOWED=NO \ +# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ +# APPLICATION_EXTENSION_API_ONLY=NO \ +# +# yarn add -D @react-native-community/cli continue-on-error: true # ARCHS=arm64 From 4fa21624f7cd8d8da2bc9110d2d2edb712327801 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 17:17:59 -0700 Subject: [PATCH 082/126] running code build separately. --- .github/workflows/codeql.yml | 42 +++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fd81d4da5..0845f6c55 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -163,7 +163,7 @@ jobs: matrix: include: - language: swift - build-mode: manual + build-mode: autobuild steps: - name: Checkout react-native-sdk @@ -213,6 +213,19 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 + +# yarn add @iterable/react-native-sdk +# yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" +# echo "${{ env.TURBO_CACHE_DIR }}" + + - name: Build example for iOS run: | cd example/ios @@ -224,26 +237,8 @@ jobs: CODE_SIGNING_ALLOWED=NO \ BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ APPLICATION_EXTENSION_API_ONLY=NO \ - exit 1 -# yarn add @iterable/react-native-sdk -# yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" -# echo "${{ env.TURBO_CACHE_DIR }}" - -# - name: Build example for iOS -# run: | -# cd example/ios -# -# xcodebuild clean build \ -# -workspace ReactNativeSdkExample.xcworkspace \ -# -scheme ReactNativeSdkExample \ -# CODE_SIGN_IDENTITY="" \ -# CODE_SIGNING_REQUIRED=NO \ -# CODE_SIGNING_ALLOWED=NO \ -# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ -# APPLICATION_EXTENSION_API_ONLY=NO \ -# -# yarn add -D @react-native-community/cli + yarn add -D @react-native-community/cli continue-on-error: true # ARCHS=arm64 @@ -255,6 +250,13 @@ jobs: # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" +# - uses: actions/upload-artifact@v4 +# with: +# name: my-artifact +# include-hidden-files: true +# path: | +# path/output/ +# !path/output/.production.env - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 From db2e93c05913bcfae0da2468310467dfaf2a4312 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 17:51:59 -0700 Subject: [PATCH 083/126] fixing error with RNIterableAPI access --- example/ios/Podfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/example/ios/Podfile b/example/ios/Podfile index 2b2b58466..833bd46c8 100644 --- a/example/ios/Podfile +++ b/example/ios/Podfile @@ -16,13 +16,11 @@ if linkage != nil use_frameworks! :linkage => linkage.to_sym end - target 'ReactNativeSdkExample' do config = use_native_modules! use_react_native!( :path => config[:reactNativePath], - :hermes_enabled => true, # An absolute path to your application root. :app_path => "#{Pod::Config.instance.installation_root}/.." ) From 4cd8afc247538dcf688945dd2c5392b02ff068dc Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 19:16:45 -0700 Subject: [PATCH 084/126] Enabling hermes and fabric --- example/ios/Podfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/example/ios/Podfile b/example/ios/Podfile index 833bd46c8..d5127dc25 100644 --- a/example/ios/Podfile +++ b/example/ios/Podfile @@ -21,6 +21,8 @@ target 'ReactNativeSdkExample' do use_react_native!( :path => config[:reactNativePath], + :hermes_enabled => true => podfile_properties['expo.jsEngine'] == 'hermes', + :fabric_enabled => flags[:fabric_enabled], # An absolute path to your application root. :app_path => "#{Pod::Config.instance.installation_root}/.." ) From 8882ca9ae7649f4b75f11e49ad4d79674905403e Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 19:20:53 -0700 Subject: [PATCH 085/126] Enabling hermes and fabric changed config --- example/ios/Podfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/example/ios/Podfile b/example/ios/Podfile index d5127dc25..e9a2adb44 100644 --- a/example/ios/Podfile +++ b/example/ios/Podfile @@ -21,7 +21,7 @@ target 'ReactNativeSdkExample' do use_react_native!( :path => config[:reactNativePath], - :hermes_enabled => true => podfile_properties['expo.jsEngine'] == 'hermes', + :hermes_enabled => podfile_properties['expo.jsEngine'] == 'hermes', :fabric_enabled => flags[:fabric_enabled], # An absolute path to your application root. :app_path => "#{Pod::Config.instance.installation_root}/.." From 3e718d9f7df469a92c8c94fb94a09ff48cb13b4b Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 19:26:49 -0700 Subject: [PATCH 086/126] Enabling hermes and fabric changed config, a different podfile config attempt --- example/ios/Podfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/example/ios/Podfile b/example/ios/Podfile index e9a2adb44..6cb6dd785 100644 --- a/example/ios/Podfile +++ b/example/ios/Podfile @@ -21,7 +21,7 @@ target 'ReactNativeSdkExample' do use_react_native!( :path => config[:reactNativePath], - :hermes_enabled => podfile_properties['expo.jsEngine'] == 'hermes', + :hermes_enabled => true, :fabric_enabled => flags[:fabric_enabled], # An absolute path to your application root. :app_path => "#{Pod::Config.instance.installation_root}/.." From 7369cafb0004ff408e638ce4f3000fccd9826876 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 19:29:40 -0700 Subject: [PATCH 087/126] Enabling hermes and fabric changed config, a different podfile config attempt v2 --- example/ios/Podfile | 1 - 1 file changed, 1 deletion(-) diff --git a/example/ios/Podfile b/example/ios/Podfile index 6cb6dd785..412f18d11 100644 --- a/example/ios/Podfile +++ b/example/ios/Podfile @@ -22,7 +22,6 @@ target 'ReactNativeSdkExample' do use_react_native!( :path => config[:reactNativePath], :hermes_enabled => true, - :fabric_enabled => flags[:fabric_enabled], # An absolute path to your application root. :app_path => "#{Pod::Config.instance.installation_root}/.." ) From 10bb2f3ba0261f29438a0ab75c8b2ca5c4885b81 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 20:00:40 -0700 Subject: [PATCH 088/126] seeing if the build works from the project perspective --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 0845f6c55..0401bfe6b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -230,7 +230,7 @@ jobs: cd example/ios xcodebuild clean build \ - -workspace ReactNativeSdkExample.xcworkspace \ + -project ReactNativeSdkExample.xcodeproj \ -scheme ReactNativeSdkExample \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ From 682300178457a7659eaa1e56d00d75f9a8057c33 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sat, 27 Sep 2025 20:21:56 -0700 Subject: [PATCH 089/126] changing back to workspace. --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 0401bfe6b..0845f6c55 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -230,7 +230,7 @@ jobs: cd example/ios xcodebuild clean build \ - -project ReactNativeSdkExample.xcodeproj \ + -workspace ReactNativeSdkExample.xcworkspace \ -scheme ReactNativeSdkExample \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ From 2d8550a5a064248e0daee9f1a38e8d18ca166a6f Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sun, 28 Sep 2025 13:11:31 -0700 Subject: [PATCH 090/126] attempting to use the command line from packaage.json --- .github/workflows/codeql.yml | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 0845f6c55..09a33f0de 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -227,18 +227,22 @@ jobs: - name: Build example for iOS run: | - cd example/ios - - xcodebuild clean build \ - -workspace ReactNativeSdkExample.xcworkspace \ - -scheme ReactNativeSdkExample \ - CODE_SIGN_IDENTITY="" \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO \ - BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ - APPLICATION_EXTENSION_API_ONLY=NO \ + react-native build-ios --scheme ReactNativeSdkExample --mode Debug --extra-params "-sdk iphonesimulator CC=clang CPLUSPLUS=clang++ LD=clang LDPLUSPLUS=clang++ GCC_OPTIMIZATION_LEVEL=0 GCC_PRECOMPILE_PREFIX_HEADER=YES ASSETCATALOG_COMPILER_OPTIMIZATION=time DEBUG_INFORMATION_FORMAT=dwarf COMPILER_INDEX_STORE_ENABLE=NO" - yarn add -D @react-native-community/cli + exit 1 +# run: | +# cd example/ios +# +# xcodebuild clean build \ +# -workspace ReactNativeSdkExample.xcworkspace \ +# -scheme ReactNativeSdkExample \ +# CODE_SIGN_IDENTITY="" \ +# CODE_SIGNING_REQUIRED=NO \ +# CODE_SIGNING_ALLOWED=NO \ +# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ +# APPLICATION_EXTENSION_API_ONLY=NO \ +# +# yarn add -D @react-native-community/cli continue-on-error: true # ARCHS=arm64 From fab7e5ad5f4b8d73bb3c56f6dcb2c31f9094658e Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sun, 28 Sep 2025 13:25:03 -0700 Subject: [PATCH 091/126] trying to use react to build-ios --- .github/workflows/codeql.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 09a33f0de..6906382f5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -227,6 +227,10 @@ jobs: - name: Build example for iOS run: | + nmp install -g react-native-cli + + react-native --version + react-native build-ios --scheme ReactNativeSdkExample --mode Debug --extra-params "-sdk iphonesimulator CC=clang CPLUSPLUS=clang++ LD=clang LDPLUSPLUS=clang++ GCC_OPTIMIZATION_LEVEL=0 GCC_PRECOMPILE_PREFIX_HEADER=YES ASSETCATALOG_COMPILER_OPTIMIZATION=time DEBUG_INFORMATION_FORMAT=dwarf COMPILER_INDEX_STORE_ENABLE=NO" exit 1 From 6388dad96c7b981630748996c92b13c396bff637 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sun, 28 Sep 2025 13:29:34 -0700 Subject: [PATCH 092/126] trying to use react to build-ios, fixing typo --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6906382f5..93f6d11a4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -227,7 +227,7 @@ jobs: - name: Build example for iOS run: | - nmp install -g react-native-cli + npm install -g react-native-cli react-native --version From 3e7ad7aa9bd8e17323ddc9cee1d3982d379bac6d Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sun, 28 Sep 2025 13:37:42 -0700 Subject: [PATCH 093/126] heckin' heck. community cli replaced the old one. need to fix this globally --- .github/workflows/codeql.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 93f6d11a4..d8374303d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -227,8 +227,10 @@ jobs: - name: Build example for iOS run: | - npm install -g react-native-cli + npm uninstall -g react-native-cli @react-native-community/cli + npm install --save-dev @react-native-community/cli-platform-ios + react-native --version react-native build-ios --scheme ReactNativeSdkExample --mode Debug --extra-params "-sdk iphonesimulator CC=clang CPLUSPLUS=clang++ LD=clang LDPLUSPLUS=clang++ GCC_OPTIMIZATION_LEVEL=0 GCC_PRECOMPILE_PREFIX_HEADER=YES ASSETCATALOG_COMPILER_OPTIMIZATION=time DEBUG_INFORMATION_FORMAT=dwarf COMPILER_INDEX_STORE_ENABLE=NO" From 33049ee9507eacd90a476ccc6cb1bfd6e5c165ef Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sun, 28 Sep 2025 13:42:56 -0700 Subject: [PATCH 094/126] this is borked to all hell --- .github/workflows/codeql.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d8374303d..f3d1714e8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -227,10 +227,6 @@ jobs: - name: Build example for iOS run: | - npm uninstall -g react-native-cli @react-native-community/cli - - npm install --save-dev @react-native-community/cli-platform-ios - react-native --version react-native build-ios --scheme ReactNativeSdkExample --mode Debug --extra-params "-sdk iphonesimulator CC=clang CPLUSPLUS=clang++ LD=clang LDPLUSPLUS=clang++ GCC_OPTIMIZATION_LEVEL=0 GCC_PRECOMPILE_PREFIX_HEADER=YES ASSETCATALOG_COMPILER_OPTIMIZATION=time DEBUG_INFORMATION_FORMAT=dwarf COMPILER_INDEX_STORE_ENABLE=NO" From 3bd222620b8b880bc05bcaf46b9271e3060290d3 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sun, 28 Sep 2025 13:49:41 -0700 Subject: [PATCH 095/126] looks like the command from the package.json doesn't work because of dependency hell. --- .github/workflows/codeql.yml | 26 +++++++++----------------- 1 file changed, 9 insertions(+), 17 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f3d1714e8..7f1b85f21 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -227,24 +227,16 @@ jobs: - name: Build example for iOS run: | - react-native --version - - react-native build-ios --scheme ReactNativeSdkExample --mode Debug --extra-params "-sdk iphonesimulator CC=clang CPLUSPLUS=clang++ LD=clang LDPLUSPLUS=clang++ GCC_OPTIMIZATION_LEVEL=0 GCC_PRECOMPILE_PREFIX_HEADER=YES ASSETCATALOG_COMPILER_OPTIMIZATION=time DEBUG_INFORMATION_FORMAT=dwarf COMPILER_INDEX_STORE_ENABLE=NO" + cd example/ios - exit 1 -# run: | -# cd example/ios -# -# xcodebuild clean build \ -# -workspace ReactNativeSdkExample.xcworkspace \ -# -scheme ReactNativeSdkExample \ -# CODE_SIGN_IDENTITY="" \ -# CODE_SIGNING_REQUIRED=NO \ -# CODE_SIGNING_ALLOWED=NO \ -# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ -# APPLICATION_EXTENSION_API_ONLY=NO \ -# -# yarn add -D @react-native-community/cli + xcodebuild clean build \ + -workspace ReactNativeSdkExample.xcworkspace \ + -scheme ReactNativeSdkExample \ + CODE_SIGN_IDENTITY="" \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO \ + BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ + APPLICATION_EXTENSION_API_ONLY=NO \ continue-on-error: true # ARCHS=arm64 From 417c47058d9bb58b60975483788c865f2f0e250f Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sun, 28 Sep 2025 13:50:49 -0700 Subject: [PATCH 096/126] looks like the command from the package.json doesn't work because of dependency hell. + one more change --- .github/workflows/codeql.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7f1b85f21..034e18b4e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -192,7 +192,6 @@ jobs: run: | cd example/ios pod install --repo-update - cd - env: NO_FLIPPER: 1 From 74a4a41018072b0b88848ad1388402d74dc6bec6 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sun, 28 Sep 2025 22:59:05 -0700 Subject: [PATCH 097/126] switching back to manual build --- .github/workflows/codeql.yml | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 034e18b4e..c5148dd02 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -163,7 +163,7 @@ jobs: matrix: include: - language: swift - build-mode: autobuild + build-mode: manual steps: - name: Checkout react-native-sdk @@ -213,12 +213,26 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash run: | - echo 'If you are using a "manual" build mode for one or more of the' \ - 'languages you are analyzing, replace this with the commands to build' \ - 'your code, for example:' - echo ' make bootstrap' - echo ' make release' - exit 1 + cd example/ios + + xcodebuild clean build \ + -workspace ReactNativeSdkExample.xcworkspace \ + -scheme ReactNativeSdkExample \ + CODE_SIGN_IDENTITY="" \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO \ + BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ + APPLICATION_EXTENSION_API_ONLY=NO \ + continue-on-error: true +# +# +# +# echo 'If you are using a "manual" build mode for one or more of the' \ +# 'languages you are analyzing, replace this with the commands to build' \ +# 'your code, for example:' +# echo ' make bootstrap' +# echo ' make release' +# exit 1 # yarn add @iterable/react-native-sdk # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" From 60299d00dde483a8bb28246596ce59446ee29db7 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sun, 28 Sep 2025 23:05:57 -0700 Subject: [PATCH 098/126] switching back to manual build, and removing the separate step. --- .github/workflows/codeql.yml | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c5148dd02..4b7d9e339 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -238,19 +238,19 @@ jobs: # yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" # echo "${{ env.TURBO_CACHE_DIR }}" - - name: Build example for iOS - run: | - cd example/ios - - xcodebuild clean build \ - -workspace ReactNativeSdkExample.xcworkspace \ - -scheme ReactNativeSdkExample \ - CODE_SIGN_IDENTITY="" \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO \ - BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ - APPLICATION_EXTENSION_API_ONLY=NO \ - continue-on-error: true +# - name: Build example for iOS +# run: | +# cd example/ios +# +# xcodebuild clean build \ +# -workspace ReactNativeSdkExample.xcworkspace \ +# -scheme ReactNativeSdkExample \ +# CODE_SIGN_IDENTITY="" \ +# CODE_SIGNING_REQUIRED=NO \ +# CODE_SIGNING_ALLOWED=NO \ +# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ +# APPLICATION_EXTENSION_API_ONLY=NO \ +# continue-on-error: true # ARCHS=arm64 # From 2c70e28fd2e86ced47911af554c84fd2c3ec6dbc Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Sun, 28 Sep 2025 23:57:32 -0700 Subject: [PATCH 099/126] so close... --- .github/workflows/codeql.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4b7d9e339..92e778806 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -273,8 +273,9 @@ jobs: uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" - output: sarif-results - upload: failure-only + +# output: sarif-results +# upload: failure-only - name: filter-sarif uses: advanced-security/filter-sarif@v1 From 078e6c7d67b70c228568c2cdc97e4e405f48a193 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 29 Sep 2025 00:02:19 -0700 Subject: [PATCH 100/126] so close... pulling the sarif-results --- .github/workflows/codeql.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 92e778806..1da92a6fc 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -277,11 +277,11 @@ jobs: # output: sarif-results # upload: failure-only - - name: filter-sarif - uses: advanced-security/filter-sarif@v1 - with: - patterns: | - -**/*.kt - -**/*.java - input: sarif-results/java.sarif - output: sarif-results/java.sarif +# - name: filter-sarif +# uses: advanced-security/filter-sarif@v1 +# with: +# patterns: | +# -**/*.kt +# -**/*.java +# input: sarif-results/java.sarif +# output: sarif-results/java.sarif From b9f8e70d0c26396e96fd60156438f2bbb2e9bd0c Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 29 Sep 2025 01:05:39 -0700 Subject: [PATCH 101/126] checking to see if the same works targeting the rniterableapi --- .github/workflows/codeql.yml | 93 ++++++------------------------------ 1 file changed, 14 insertions(+), 79 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1da92a6fc..676f58204 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -139,21 +139,14 @@ jobs: analyze3: - name: build iOS + name: Analyze (${{ matrix.language }}) timeout-minutes: 60 -# runs-on: macos-14 - env: - TURBO_CACHE_DIR: .turbo/ios - TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} - TURBO_TEAM: ${{ secrets. TURBO_TEAM }} runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} permissions: # required for all workflows security-events: write - # required to fetch internal or private CodeQL packs packages: read - # only required for workflows in private repositories actions: read contents: read @@ -176,16 +169,16 @@ jobs: - name: Setup uses: ./.github/actions/setup -# - name: Cache cocoapods -# if: env.turbo_cache_hit != 1 -# id: cocoapods-cache -# uses: actions/cache@v4 -# with: -# path: | -# **/ios/Pods -# key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} -# restore-keys: | -# ${{ runner.os }}-cocoapods- + - name: Cache cocoapods + if: env.turbo_cache_hit != 1 + id: cocoapods-cache + uses: actions/cache@v4 + with: + path: | + **/ios/Pods + key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} + restore-keys: | + ${{ runner.os }}-cocoapods- - name: Install cocoapods if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' @@ -201,8 +194,6 @@ jobs: with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} - - # If you wish to specify custom queries, you can do so here or in a config file. # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. @@ -213,75 +204,19 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash run: | - cd example/ios + cd ios xcodebuild clean build \ - -workspace ReactNativeSdkExample.xcworkspace \ - -scheme ReactNativeSdkExample \ + -project RNIterableAPI.xcodeproj \ + -scheme RNIterableAPI \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO \ BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ APPLICATION_EXTENSION_API_ONLY=NO \ continue-on-error: true -# -# -# -# echo 'If you are using a "manual" build mode for one or more of the' \ -# 'languages you are analyzing, replace this with the commands to build' \ -# 'your code, for example:' -# echo ' make bootstrap' -# echo ' make release' -# exit 1 - -# yarn add @iterable/react-native-sdk -# yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" -# echo "${{ env.TURBO_CACHE_DIR }}" - -# - name: Build example for iOS -# run: | -# cd example/ios -# -# xcodebuild clean build \ -# -workspace ReactNativeSdkExample.xcworkspace \ -# -scheme ReactNativeSdkExample \ -# CODE_SIGN_IDENTITY="" \ -# CODE_SIGNING_REQUIRED=NO \ -# CODE_SIGNING_ALLOWED=NO \ -# BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ -# APPLICATION_EXTENSION_API_ONLY=NO \ -# continue-on-error: true - -# ARCHS=arm64 -# -# -sdk iphoneos \ -# SKIP_INSTALL=NO \ -# -# yarn add @iterable/react-native-sdk -# yarn turbo run build:ios --cache-dir="${{ env.TURBO_CACHE_DIR }}" -# echo "${{ env.TURBO_CACHE_DIR }}" - -# - uses: actions/upload-artifact@v4 -# with: -# name: my-artifact -# include-hidden-files: true -# path: | -# path/output/ -# !path/output/.production.env - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" - -# output: sarif-results -# upload: failure-only - -# - name: filter-sarif -# uses: advanced-security/filter-sarif@v1 -# with: -# patterns: | -# -**/*.kt -# -**/*.java -# input: sarif-results/java.sarif -# output: sarif-results/java.sarif From d211672ee144ed89f91522aa41a7cb6d8e551ce6 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 29 Sep 2025 01:27:59 -0700 Subject: [PATCH 102/126] This builds and analyzes the Example app, which includes the RNIterableAPI/IterableAPI. --- .github/workflows/codeql.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 676f58204..84da31ebc 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -198,17 +198,17 @@ jobs: # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. - # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs queries: ${{ matrix.language && 'security-extended, security-and-quality' }} - if: matrix.build-mode == 'manual' shell: bash run: | - cd ios + cd example/ios xcodebuild clean build \ - -project RNIterableAPI.xcodeproj \ - -scheme RNIterableAPI \ + -workspace ReactNativeSdkExample.xcworkspace \ + -scheme ReactNativeSdkExample \ CODE_SIGN_IDENTITY="" \ CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO \ From e2b91c8bff918cb826498a66ee2fd077656a04f9 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 29 Sep 2025 13:06:16 -0700 Subject: [PATCH 103/126] This builds and analyzes the Example app, which includes the RNIterableAPI/IterableAPI with an increased timeout. --- .github/workflows/codeql.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 84da31ebc..cf1501407 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -140,7 +140,10 @@ jobs: analyze3: name: Analyze (${{ matrix.language }}) - timeout-minutes: 60 + timeout-minutes: 120 + env: + TURBO_CACHE_DIR: .turbo/ios + runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} permissions: # required for all workflows From 9c5d58a963de3adda2907729b62232df46272239 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 29 Sep 2025 16:09:54 -0700 Subject: [PATCH 104/126] This builds and analyzes the Example app, which includes the RNIterableAPI/IterableAPI with an increased timeout and addressing a build failure. --- .github/workflows/codeql.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index cf1501407..cd867af91 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -143,6 +143,8 @@ jobs: timeout-minutes: 120 env: TURBO_CACHE_DIR: .turbo/ios + TURBO_TOKEN: ${{ secrets. TURBO_TOKEN }} + TURBO_TEAM: ${{ secrets. TURBO_TEAM }} runs-on: ${{ (matrix.language == 'swift' && 'macos-15') || 'ubuntu-latest' }} permissions: @@ -216,7 +218,9 @@ jobs: CODE_SIGNING_REQUIRED=NO \ CODE_SIGNING_ALLOWED=NO \ BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ - APPLICATION_EXTENSION_API_ONLY=NO \ + APPLICATION_EXTENSION_API_ONLY=NO + + yarn add -D @react-native-community/cli continue-on-error: true - name: Perform CodeQL Analysis From 17108a7605094413de0726727e1d7aac42573414 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 29 Sep 2025 18:46:28 -0700 Subject: [PATCH 105/126] trying to turn flipper off without modify the Podfile --- .github/workflows/codeql.yml | 2 +- example/ios/Podfile | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index cd867af91..54c69bc10 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -189,7 +189,7 @@ jobs: if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' run: | cd example/ios - pod install --repo-update + NO_FLIPPER=1 bundle exec pod install --repo-update env: NO_FLIPPER: 1 diff --git a/example/ios/Podfile b/example/ios/Podfile index 412f18d11..833bd46c8 100644 --- a/example/ios/Podfile +++ b/example/ios/Podfile @@ -21,7 +21,6 @@ target 'ReactNativeSdkExample' do use_react_native!( :path => config[:reactNativePath], - :hermes_enabled => true, # An absolute path to your application root. :app_path => "#{Pod::Config.instance.installation_root}/.." ) From d29cff6c0314d17145a0d936a0b1753fa24a3b35 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 29 Sep 2025 19:56:24 -0700 Subject: [PATCH 106/126] Modifying codeql.yml to fix build issue --- .github/workflows/codeql.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 54c69bc10..6ed920fb2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -188,8 +188,9 @@ jobs: - name: Install cocoapods if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' run: | - cd example/ios - NO_FLIPPER=1 bundle exec pod install --repo-update + cd ios && + NO_FLIPPER=1 bundle exec pod install --repo-update && + cd .. env: NO_FLIPPER: 1 From f4d1d25eccc7ff1ac6ffe4163d1c54785050629d Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 29 Sep 2025 20:00:47 -0700 Subject: [PATCH 107/126] Modifying codeql.yml to fix build issue, wrong path --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6ed920fb2..1db405acf 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -188,7 +188,7 @@ jobs: - name: Install cocoapods if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' run: | - cd ios && + cd examples/ios && NO_FLIPPER=1 bundle exec pod install --repo-update && cd .. env: From 32e321185ca6dedfaf7574101f99414564b9c10d Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 29 Sep 2025 20:03:06 -0700 Subject: [PATCH 108/126] Modifying codeql.yml to fix build issue, wrong path, typo. --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1db405acf..8e51d977f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -188,7 +188,7 @@ jobs: - name: Install cocoapods if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' run: | - cd examples/ios && + cd example/ios && NO_FLIPPER=1 bundle exec pod install --repo-update && cd .. env: From 5d49da87995c6488643749951251aaf3e92a8986 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 29 Sep 2025 20:05:35 -0700 Subject: [PATCH 109/126] Modifying codeql.yml to fix build issue, pod install broke. --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8e51d977f..ae83272a1 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -189,7 +189,7 @@ jobs: if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' run: | cd example/ios && - NO_FLIPPER=1 bundle exec pod install --repo-update && + NO_FLIPPER=1 pod install --repo-update && cd .. env: NO_FLIPPER: 1 From c98b68f5d5431bf942690d02d08eecba2840116a Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 12:26:06 -0700 Subject: [PATCH 110/126] android example build steps --- .github/workflows/codeql.yml | 69 +++++++++++++++++++++++++++++++----- 1 file changed, 60 insertions(+), 9 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ae83272a1..e19775fb8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -82,6 +82,8 @@ jobs: analyze2: name: Analyze (${{ matrix.language }}) runs-on: ubuntu-latest + env: + TURBO_CACHE_DIR: .turbo/android permissions: # required for all workflows security-events: write @@ -98,7 +100,7 @@ jobs: matrix: include: - language: java-kotlin - build-mode: none + build-mode: manual steps: - name: Checkout repository @@ -110,6 +112,48 @@ jobs: # - name: Setup runtime (example) # uses: actions/setup-example@v1 + - name: Setup + uses: ./.github/actions/setup + + - name: Cache turborepo for Android + uses: actions/cache@v3 + with: + path: ${{ env.TURBO_CACHE_DIR }} + key: ${{ runner.os }}-turborepo-android-${{ hashFiles('yarn.lock') }} + restore-keys: | + ${{ runner.os }}-turborepo-android- + + - name: Check turborepo cache for Android + run: | + TURBO_CACHE_STATUS=$(node -p "($yarn turbo run build:android --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => === 'build:android').ceche.status") + + if [[ $TURBO_CACHE_STATUS == "HIT" ]]; then + echo "turbo_cache_hit=1" >> $GITHUB_ENV + fi + + - name: Install JDK + if: env.turbo_cache_hit != 1 + uses: actions/setup-java@v3 + with: + distribution: 'zulu' + java-version: '17' + + - name: Finalize Android SDK + if: env.turbo_cache_hit !=1 + run: | + /bin/bash -c "yes | $ANDROID_HOME/cmdline-tools/latest/bin/sdkmanager --licenses > dev/null" + + - name: Cache Gradle + if: env.turbo_cache_hit !=1 + uses: actions/cache@v3 + with: + path: | + ~/.gradle/wrapper + ~/.gradle/caches + key: ${{ runner.os }}-gradle-${{ hashFiles('example/android/gradle/wrapper/gradle-wrapper.properties') }} + restore-keys | + ${{ runner.os }}-gradle- + # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v3 @@ -123,15 +167,22 @@ jobs: # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs queries: ${{ matrix.language && 'security-extended, security-and-quality' }} - - if: matrix.build-mode == 'manual' - shell: bash +# - if: matrix.build-mode == 'manual' +# shell: bash +# run: | +# echo 'If you are using a "manual" build mode for one or more of the' \ +# 'languages you are analyzing, replace this with the commands to build' \ +# 'your code, for example:' +# echo ' make bootstrap' +# echo ' make release' +# exit 1 + + - name: build example for Android + env: + JAVA_OPTS: "--XX:MaxHeapSize=6g" run: | - echo 'If you are using a "manual" build mode for one or more of the' \ - 'languages you are analyzing, replace this with the commands to build' \ - 'your code, for example:' - echo ' make bootstrap' - echo ' make release' - exit 1 + yarn turbo run build:android --cache-dir"${{ env.TURBO_CACHE_DIR }}" + - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: From 40a393a0435e50eea1e5289dd9a5d3c170f6f9b5 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 12:38:36 -0700 Subject: [PATCH 111/126] android example build with yarn --- .github/workflows/codeql.yml | 48 ++++++------------------------------ 1 file changed, 7 insertions(+), 41 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e19775fb8..35d3f9123 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -115,22 +115,6 @@ jobs: - name: Setup uses: ./.github/actions/setup - - name: Cache turborepo for Android - uses: actions/cache@v3 - with: - path: ${{ env.TURBO_CACHE_DIR }} - key: ${{ runner.os }}-turborepo-android-${{ hashFiles('yarn.lock') }} - restore-keys: | - ${{ runner.os }}-turborepo-android- - - - name: Check turborepo cache for Android - run: | - TURBO_CACHE_STATUS=$(node -p "($yarn turbo run build:android --cache-dir="${{ env.TURBO_CACHE_DIR }}" --dry=json)).tasks.find(t => === 'build:android').ceche.status") - - if [[ $TURBO_CACHE_STATUS == "HIT" ]]; then - echo "turbo_cache_hit=1" >> $GITHUB_ENV - fi - - name: Install JDK if: env.turbo_cache_hit != 1 uses: actions/setup-java@v3 @@ -143,17 +127,6 @@ jobs: run: | /bin/bash -c "yes | $ANDROID_HOME/cmdline-tools/latest/bin/sdkmanager --licenses > dev/null" - - name: Cache Gradle - if: env.turbo_cache_hit !=1 - uses: actions/cache@v3 - with: - path: | - ~/.gradle/wrapper - ~/.gradle/caches - key: ${{ runner.os }}-gradle-${{ hashFiles('example/android/gradle/wrapper/gradle-wrapper.properties') }} - restore-keys | - ${{ runner.os }}-gradle- - # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v3 @@ -167,21 +140,13 @@ jobs: # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs queries: ${{ matrix.language && 'security-extended, security-and-quality' }} -# - if: matrix.build-mode == 'manual' -# shell: bash -# run: | -# echo 'If you are using a "manual" build mode for one or more of the' \ -# 'languages you are analyzing, replace this with the commands to build' \ -# 'your code, for example:' -# echo ' make bootstrap' -# echo ' make release' -# exit 1 - - - name: build example for Android - env: - JAVA_OPTS: "--XX:MaxHeapSize=6g" + - if: matrix.build-mode == 'manual' + shell: bash run: | - yarn turbo run build:android --cache-dir"${{ env.TURBO_CACHE_DIR }}" + cd example/android + yarn install + +# ./gradlew clean - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 @@ -189,6 +154,7 @@ jobs: category: "/language:${{matrix.language}}" + analyze3: name: Analyze (${{ matrix.language }}) timeout-minutes: 120 From 2c9f6ec4687d7d5502605e6ebe0bf694ec959dd8 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 12:39:45 -0700 Subject: [PATCH 112/126] android example build with yarn, stupid typo --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 35d3f9123..fdbced610 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -125,7 +125,7 @@ jobs: - name: Finalize Android SDK if: env.turbo_cache_hit !=1 run: | - /bin/bash -c "yes | $ANDROID_HOME/cmdline-tools/latest/bin/sdkmanager --licenses > dev/null" + /bin/bash -c "yes | $ANDROID_HOME/cmdline-tools/latest/bin/sdkmanager --licenses > /dev/null" # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL From 499299db6632dc3d9b66e02038deb48491f57669 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 12:50:04 -0700 Subject: [PATCH 113/126] android is choaking on a typescript, new ios instructions --- .github/workflows/codeql.yml | 26 +------------------------- 1 file changed, 1 insertion(+), 25 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fdbced610..1e9f541b1 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -184,24 +184,9 @@ jobs: - name: Checkout react-native-sdk uses: actions/checkout@v4 - - name: Clean DerivedData folder - run: | - rm -rf ~/Library/Developer/Xcode/DerivedData/* - - name: Setup uses: ./.github/actions/setup - - name: Cache cocoapods - if: env.turbo_cache_hit != 1 - id: cocoapods-cache - uses: actions/cache@v4 - with: - path: | - **/ios/Pods - key: ${{ runner.os }}-cocoapods-${{ hashFiles('example/ios/Podfile.lock') }} - restore-keys: | - ${{ runner.os }}-cocoapods- - - name: Install cocoapods if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' run: | @@ -228,17 +213,8 @@ jobs: shell: bash run: | cd example/ios + yarn build - xcodebuild clean build \ - -workspace ReactNativeSdkExample.xcworkspace \ - -scheme ReactNativeSdkExample \ - CODE_SIGN_IDENTITY="" \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO \ - BUILD_LIBRARY_FOR_DISTRIBUTION=NO \ - APPLICATION_EXTENSION_API_ONLY=NO - - yarn add -D @react-native-community/cli continue-on-error: true - name: Perform CodeQL Analysis From 531b0625dcf1fe0cec7495b60cf212805bbf25ad Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 12:55:57 -0700 Subject: [PATCH 114/126] android is choaking on a typescript, new ios instructions changed from 'build' to 'prepare' --- .github/workflows/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1e9f541b1..10d217369 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -213,7 +213,7 @@ jobs: shell: bash run: | cd example/ios - yarn build + yarn prepare continue-on-error: true From 20fe2a871e913418e4b06a6826a724eed1c7f991 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 13:03:44 -0700 Subject: [PATCH 115/126] the steps didn't seem to work out, going back to loren's steps --- .github/workflows/codeql.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 10d217369..fedd74923 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -213,7 +213,8 @@ jobs: shell: bash run: | cd example/ios - yarn prepare + bundle exec + bundle exec pod install continue-on-error: true From 6a2c598b4b446466281fe4b47c275d9aae050f05 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 13:08:11 -0700 Subject: [PATCH 116/126] complained about bundle exec by itself --- .github/workflows/codeql.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index fedd74923..e7cb9564f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -213,7 +213,6 @@ jobs: shell: bash run: | cd example/ios - bundle exec bundle exec pod install continue-on-error: true From a356b071d1a338ab815afd7470098e299f0c8aac Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 13:17:26 -0700 Subject: [PATCH 117/126] complained about a depenency, tryingto just do a pod install --- .github/workflows/codeql.yml | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e7cb9564f..ed5f19047 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -187,15 +187,6 @@ jobs: - name: Setup uses: ./.github/actions/setup - - name: Install cocoapods - if: env.turbo_cache_hit != 1 && steps.cocoapods-cache.outputs.cache-hit != 'true' - run: | - cd example/ios && - NO_FLIPPER=1 pod install --repo-update && - cd .. - env: - NO_FLIPPER: 1 - # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@v3 @@ -212,8 +203,9 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash run: | + yarn install cd example/ios - bundle exec pod install + pod install continue-on-error: true From 4c447031741e96464c13f0abcbb93b230089c5ad Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 13:30:17 -0700 Subject: [PATCH 118/126] did not build the example app. made changes to the android script. --- .github/workflows/codeql.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ed5f19047..27a69af58 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -143,10 +143,9 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash run: | - cd example/android yarn install - -# ./gradlew clean + cd example/android + ./gradlew clean - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 @@ -206,6 +205,7 @@ jobs: yarn install cd example/ios pod install + yarn ios continue-on-error: true From 89a2900747c14a83836b31d5cbe75da3e3dd93c1 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 13:50:18 -0700 Subject: [PATCH 119/126] android is working now, ios seems to stall out building --- .github/workflows/codeql.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 27a69af58..7f3bcea38 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -204,8 +204,9 @@ jobs: run: | yarn install cd example/ios - pod install - yarn ios + bundle install +# pod install +# yarn ios continue-on-error: true From 506265e88cee3674aa344830e53e57203db2d99e Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 13:59:44 -0700 Subject: [PATCH 120/126] out of date dependency, doesn't perform the full install for ios --- .github/workflows/codeql.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7f3bcea38..89f0b835c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -205,6 +205,7 @@ jobs: yarn install cd example/ios bundle install + bundle exec pod install # pod install # yarn ios From eea36d618e6f57b704725ace80a54d1e09da929f Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 14:14:17 -0700 Subject: [PATCH 121/126] out of date dependency, doesn't perform the full install for ios v2 --- .github/workflows/codeql.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 89f0b835c..86401baf7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -206,6 +206,7 @@ jobs: cd example/ios bundle install bundle exec pod install + yarn ios # pod install # yarn ios From 1d9c1f5de55126205cb07fde1fde3f45991a3d03 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 15:26:50 -0700 Subject: [PATCH 122/126] I think this is a final. --- .github/workflows/codeql.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 86401baf7..4016fcb6a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -202,13 +202,10 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash run: | - yarn install cd example/ios bundle install bundle exec pod install yarn ios -# pod install -# yarn ios continue-on-error: true From 961f1646577ea12ee2c859efa80e096bd1cf9e37 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 19:14:46 -0700 Subject: [PATCH 123/126] Incorporating comments from lposen --- .github/workflows/codeql.yml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4016fcb6a..917cb96be 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -18,7 +18,7 @@ on: branches: [ "master" ] jobs: - analyze: + Analyze_Ruby_JSandTS: name: Analyze (${{ matrix.language }}) runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} permissions: @@ -79,7 +79,7 @@ jobs: with: category: "/language:${{matrix.language}}" - analyze2: + Build_Analyze_Android_Example: name: Analyze (${{ matrix.language }}) runs-on: ubuntu-latest env: @@ -143,9 +143,10 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash run: | + cd example yarn install - cd example/android - ./gradlew clean + cd android + ./gradlew build - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 @@ -154,7 +155,7 @@ jobs: - analyze3: + Build_Analyze_iOS_Example: name: Analyze (${{ matrix.language }}) timeout-minutes: 120 env: @@ -202,10 +203,10 @@ jobs: - if: matrix.build-mode == 'manual' shell: bash run: | - cd example/ios - bundle install - bundle exec pod install - yarn ios + cd example + yarn install + cd ios + yarn react-native build-ios --mode-Release continue-on-error: true From 360a41bc0c0406abc1dbeaf71cb86b85a529dcac Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 19:27:13 -0700 Subject: [PATCH 124/126] Changing the build command for ios, changed the gradle command back to clean --- .github/workflows/codeql.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 917cb96be..76e29a800 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -146,7 +146,7 @@ jobs: cd example yarn install cd android - ./gradlew build + ./gradlew clean - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 @@ -206,7 +206,7 @@ jobs: cd example yarn install cd ios - yarn react-native build-ios --mode-Release + xcodebuild -workspace ReactNativeSdkExample.xcworkspace -scheme ReactNativeSdkExample -configuration Debug -destination 'platform=iOS Simulator,name=iPhone 16' build continue-on-error: true From 56ecc9d0cfc5d99b9483b6020a62180adb58e21c Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 19:39:40 -0700 Subject: [PATCH 125/126] Build for Android succeeds on clean, doublechecking build. ios build steps modified --- .github/workflows/codeql.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 76e29a800..27846a0bf 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -146,7 +146,7 @@ jobs: cd example yarn install cd android - ./gradlew clean + ./gradlew build - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 @@ -206,6 +206,8 @@ jobs: cd example yarn install cd ios + bundle install + bundle exec pod install xcodebuild -workspace ReactNativeSdkExample.xcworkspace -scheme ReactNativeSdkExample -configuration Debug -destination 'platform=iOS Simulator,name=iPhone 16' build continue-on-error: true From 48d24e96f9c034ee243583608fd1f3fda58a5ca4 Mon Sep 17 00:00:00 2001 From: Noelle Murata Date: Mon, 6 Oct 2025 20:51:17 -0700 Subject: [PATCH 126/126] Cleaned up the build steps so that the codeql database is populated and comments are addressed --- .github/workflows/codeql.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 27846a0bf..152908530 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -146,15 +146,13 @@ jobs: cd example yarn install cd android - ./gradlew build + ./gradlew clean - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" - - Build_Analyze_iOS_Example: name: Analyze (${{ matrix.language }}) timeout-minutes: 120 @@ -210,8 +208,6 @@ jobs: bundle exec pod install xcodebuild -workspace ReactNativeSdkExample.xcworkspace -scheme ReactNativeSdkExample -configuration Debug -destination 'platform=iOS Simulator,name=iPhone 16' build - continue-on-error: true - - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 with: