Skip to content

Need to update to latest Swift version (5) #157

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
toddtarbox-wf wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Need to update to latest Swift version (5) #157

toddtarbox-wf wants to merge 5 commits into from
+306 −277

Conversation

@toddtarbox-wf
Copy link
Contributor

@toddtarbox-wf toddtarbox-wf commented Jul 14, 2020

Description

Need to update to latest Swift version (5).

What Was Changed

  • First, using Xcode 10.1, updated to use Swift 4.2
  • Then, using Xcode 11.5, updated to use Swift 5
  • Bumped version to 6.0.0

Acceptance Criteria

  • Version is bumped to 6.0.0
  • Builds with latest Xcode version

Testing Instructions

N/A

Merge Checklist

  • Author of commit is not a reviewer
  • CR +1
  • +10 (includes code review and pulling in the code/testing)
  • bundle exec pod lib lint WMobileKit.podspec --allow-warnings passes
  • Security review if applicable
  • Bump the WMobileKit.podspec, Source/Info.plist, and Example/WMobileKitExample/Info.plist
    using version_bump.shaccording to semantic versioning.

Example: (5.1.0 is the old version 5.1.1 is the new version)

./version_bump.sh 5.1.0 5.1.1

Please Review: @Workiva/mobile

@aviary2-wf
Copy link

aviary2-wf commented Jul 14, 2020

Security Insights

The items listed below may not capture all security relevant changes. Before providing a security review, be sure to review the entire PR for security impact.

(3) Vulnerable direct dependencies were detected
  • 1 vulns in excon < 0.71.0 via Gemfile.lock
  • 1 vulns in mini_magick < 4.9.4 via Gemfile.lock
  • 1 vulns in rubyzip < 1.3.0 via Gemfile.lock
    • (4) Potential secrets were detected
  • Potential secret found in Podfile.lock on line 23:
    Nimble: 5f8a2fb6fa343a7242dfdd9d42f7267419d464b2
  • Potential secret found in Podfile.lock on line 24:
    Quick: 6d9559f40647bc4d510103842ef2fdd882d753e2
  • Potential secret found in Podfile.lock on line 25:
    SDWebImage: 112503ec94a5a2a41869503844a15e8d8f1ead5c
  • Potential secret found in Podfile.lock on line 26:
    SnapKit: 97b92857e3df3a0c71833cce143274bf6ef8e5eb

    • Action Items

    • Obtain a security review; reviewer should pay special attention to insights listed above
    • Review dependencies for available updates
    • See this Splunk dashboard for more CVE details
    • Validate potential secrets and report non-dev secrets to InfoSec before removing
    • Verify aviary.yaml coverage of security relevant code

    Questions or Comments? Reach out on Slack: #support-infosec.

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

    Reviewers

    No reviews

    Assignees

    No one assigned

    Labels

    Merge Requirements Unmet Security Review Required

    Projects

    None yet

    Milestone

    No milestone

    Development

    Successfully merging this pull request may close these issues.

    5 participants

    @toddtarbox-wf @aviary2-wf @rmconsole-wf @aviary-wf