mirror of
https://github.com/avinal/nikki.git
synced 2026-07-04 05:50:10 +05:30
Fix security issues from review
Notifications: - VISIBILITY_PRIVATE on all channels and notifications (hides task text from lockscreen) - Remove setFullScreenIntent (requires USE_FULL_SCREEN_INTENT permission; p1 channel already bypasses DND) Auth: - Clear cached token and server URL in memory on logout via AuthRepository.onLogout callback Offline queue: - Replace manual JSON string interpolation with kotlinx.serialization JsonObject/JsonPrimitive (prevents JSON injection from memo content) CI/CD: - Pin all GitHub Actions to commit SHAs - Add permissions: contents: read to build workflow - Decode keystore via env var instead of inline expansion - Sanitize tag name through env var in release upload - Fix test task name: testAndroidHostTest Signed-off-by: Avinal Kumar <avinal.xlvii@gmail.com> Co-Authored-By: Claude Opus 4.6 (1M context)
This commit is contained in:
@@ -36,11 +36,17 @@ kotlin {
|
||||
|
||||
sourceSets {
|
||||
commonMain.dependencies {
|
||||
@Suppress("DEPRECATION")
|
||||
implementation(compose.runtime)
|
||||
@Suppress("DEPRECATION")
|
||||
implementation(compose.foundation)
|
||||
@Suppress("DEPRECATION")
|
||||
implementation(compose.material3)
|
||||
@Suppress("DEPRECATION")
|
||||
implementation(compose.materialIconsExtended)
|
||||
@Suppress("DEPRECATION")
|
||||
implementation(compose.ui)
|
||||
@Suppress("DEPRECATION")
|
||||
implementation(compose.components.resources)
|
||||
|
||||
implementation(libs.androidx.lifecycle.viewmodel)
|
||||
|
||||
Reference in New Issue
Block a user