Feat/improvment#3
Merged
Merged
Conversation
- **Configuration**: - Bump version from `0.2.0` to `0.2.1` in `pubspec.yaml`. - Update `environment.sdk` constraint to include an upper bound (`>=3.10.1 <4.0.0`).
…tion (v0.2.2) - **Initialization & Lifecycle**: - Refactored `FlutterDefender.init()` to be deterministic and thread-safe using a request queue; the latest call now "wins" under concurrency. - Ensured initialization is exception-safe by resetting `initInFlight` in a `finally` block. - Made `WidgetsBindingObserver` registration idempotent to prevent duplicate observers. - Enhanced `dispose()` to properly clear the internal state and pending initialization requests. - **Security & Performance**: - Optimized advanced security detections (root, proxy/VPN, RASP) on both Android and iOS to run asynchronously on background threads, returning cached snapshots to Dart for improved responsiveness. - Refactored authenticated-timeout logic to ensure consistent secure-storage clearing across both cold-start and app-resume paths. - Standardized logout requests into a single internal method `_requestLogout`. - **Platform-Level Implementation**: - **Android**: Improved plugin lifecycle by removing unused mutable context state and tightening detector/cache lifecycles. - **iOS**: Updated `IosSecureStorageHelper` to explicitly throw `FlutterError` on keychain operation failures (delete, write, clear). - **Secure Storage**: Implemented fail-fast semantics across both platforms. Direct storage API calls and timeout-driven clears now propagate platform exceptions instead of failing silently. - **Testing & Documentation**: - Added comprehensive test coverage for concurrent `init()` behavior, fail-fast storage error propagation, and cold-start timeout parity. - Updated `README.md` to document the new failure policy for secure storage. - Bumped version to `0.2.2` in `pubspec.yaml` and updated `CHANGELOG.md`.
…vent race conditions - **Initialization Logic**: - Replace `_initDrainFuture` with a boolean `_isDrainingInit` flag to track the queue draining state. - Introduce `Completer` in `_PendingInitRequest` to ensure specific initialization calls resolve correctly. - Ensure any existing pending initialization is completed (canceled) when a new `init` request arrives. - Wrap `_performInit` in a try-catch block to correctly propagate errors to the caller via the completer. - Use `unawaited` for background queue scheduling to prevent unnecessary future chaining. - **State Management**: - Update `dispose()` to reset the new `_isDrainingInit` state. - **Testing**: - Adjust `flutter_defender_guard_test.dart` to use manual pumping for asynchronous initialization verification.
…on to 0.2.3 - **Lifecycle & Timeouts**: - Adjust timeout logic to trigger exactly at the configured boundary (`>=` instead of `>`) for OTP and authenticated sessions. - Refactor `AppLifecycleState` transitions to prevent overwriting the initial background timestamp during complex state sequences (e.g., Inactive -> Hidden -> Paused). - Ensure `_handleForegroundStateChanged` correctly manages background timing and persistence when the app loses focus. - **Android Implementation**: - Add a fallback mechanism to `isVpnEnabled` in `AdvancedSecurityDetector.kt` using network-interface inspection if the system `ConnectivityManager` fails. - **Project Infrastructure**: - Bump version to `0.2.3` in `pubspec.yaml`. - Update dependencies: `plugin_platform_interface` to `^2.1.8` and `pigeon` to `^26.3.4`. - **Testing**: - Add comprehensive widget tests to verify authenticated and OTP timeout boundaries. - Add tests for Android-specific resume sequences and native foreground state callbacks.
…ility - **Timeout Logic**: - Adjusted `authenticatedBackgroundTimeoutSeconds` and `otpBackgroundTimeoutSeconds` to trigger exactly at the configured boundary. - Fixed native foreground callback timeout handling to ensure Android focus transitions correctly apply background-timeout policies. - **Android Platform**: - Fixed resume handling to prevent `hidden -> inactive -> resumed` transitions from overwriting background timestamps, ensuring consistent logout and OTP dismissal behavior. - Hardened VPN detection to prevent host app crashes when network-state access is unavailable. - **Testing**: - Added regression tests for authenticated/OTP timeouts, Android lifecycle ordering, native foreground callbacks, and cold-start timeout scenarios. - **Configuration**: - Bumped version to `0.2.3` in `CHANGELOG.md`.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.