Main actor isolation

CLAUDE.md

@@ -4,7 +4,7 @@
 
 - `SWIFT_DEFAULT_ACTOR_ISOLATION = MainActor` is set on both app and test targets — don't add explicit `@MainActor` to production code or test structs/functions, it's already the default
 
-## Swift Testing Migration
+## Swift Testing Conventions
 
 - Place `@Test` and `@Suite` annotations on the line **above** the declaration, not inline
 - Use `// when` and `// then` comment blocks; skip `// given` (assumed from context)

PPPC Utility.xcodeproj/project.pbxproj

@@ -560,7 +560,10 @@
 				PRODUCT_BUNDLE_IDENTIFIER = "com.jamf.PPPC-UtilityTests";
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE_SPECIFIER = "";
+				SWIFT_APPROACHABLE_CONCURRENCY = YES;
+				SWIFT_DEFAULT_ACTOR_ISOLATION = MainActor;
 				SWIFT_OPTIMIZATION_LEVEL = "-Onone";
+				SWIFT_STRICT_CONCURRENCY = complete;
 				SWIFT_VERSION = 5.0;
 				TEST_HOST = "$(BUILT_PRODUCTS_DIR)/PPPC Utility.app/Contents/MacOS/PPPC Utility";
 			};
@@ -585,6 +588,9 @@
 				PRODUCT_BUNDLE_IDENTIFIER = "com.jamf.PPPC-UtilityTests";
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE_SPECIFIER = "";
+				SWIFT_APPROACHABLE_CONCURRENCY = YES;
+				SWIFT_DEFAULT_ACTOR_ISOLATION = MainActor;
+				SWIFT_STRICT_CONCURRENCY = complete;
 				SWIFT_VERSION = 5.0;
 				TEST_HOST = "$(BUILT_PRODUCTS_DIR)/PPPC Utility.app/Contents/MacOS/PPPC Utility";
 			};
@@ -727,7 +733,10 @@
 				PRODUCT_BUNDLE_IDENTIFIER = com.jamf.opensource.pppcutility;
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE_SPECIFIER = "";
-				SWIFT_VERSION = 5.0;
+				SWIFT_APPROACHABLE_CONCURRENCY = YES;
+				SWIFT_DEFAULT_ACTOR_ISOLATION = MainActor;
+				SWIFT_STRICT_CONCURRENCY = complete;
+				SWIFT_VERSION = 6.0;
 			};
 			name = Debug;
 		};
@@ -751,7 +760,10 @@
 				PRODUCT_BUNDLE_IDENTIFIER = com.jamf.opensource.pppcutility;
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE_SPECIFIER = "";
-				SWIFT_VERSION = 5.0;
+				SWIFT_APPROACHABLE_CONCURRENCY = YES;
+				SWIFT_DEFAULT_ACTOR_ISOLATION = MainActor;
+				SWIFT_STRICT_CONCURRENCY = complete;
+				SWIFT_VERSION = 6.0;
 			};
 			name = Release;
 		};

PPPC UtilityTests/ModelTests/ModelTests.swift

@@ -38,12 +38,12 @@ struct ModelTests {
     // MARK: - tests for getExecutableFrom*
 
     @Test
-    func getExecutableBasedOnIdentifierAndCodeRequirement_BundleIdentifierType() {
+    func getExecutableBasedOnIdentifierAndCodeRequirement_BundleIdentifierType() async {
         let identifier = "com.example.App"
         let codeRequirement = "testCodeRequirement"
 
         // when
-        let executable = model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
+        let executable = await model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
 
         // then
         #expect(executable.displayName == "App")
@@ -52,12 +52,12 @@ struct ModelTests {
     }
 
     @Test
-    func getExecutableBasedOnIdentifierAndCodeRequirement_PathIdentifierType() {
+    func getExecutableBasedOnIdentifierAndCodeRequirement_PathIdentifierType() async {
         let identifier = "/myGreatPath/Awesome/Binary"
         let codeRequirement = "testCodeRequirement"
 
         // when
-        let executable = model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
+        let executable = await model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
 
         // then
         #expect(executable.displayName == "Binary")
@@ -66,12 +66,12 @@ struct ModelTests {
     }
 
     @Test
-    func getExecutableFromComputerBasedOnIdentifier() {
+    func getExecutableFromComputerBasedOnIdentifier() async {
         let identifier = "com.apple.Safari"
         let codeRequirement = "randomReq"
 
         // when
-        let executable = model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
+        let executable = await model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
 
         // then
         #expect(executable.displayName == "Safari")
@@ -80,10 +80,10 @@ struct ModelTests {
     }
 
     @Test
-    func getExecutableFromSelectedExecutables() {
+    func getExecutableFromSelectedExecutables() async {
         let expectedIdentifier = "com.something.1"
-        let executable = model.getExecutableFrom(identifier: expectedIdentifier, codeRequirement: "testReq")
-        let executableSecond = model.getExecutableFrom(identifier: "com.something.2", codeRequirement: "testReq2")
+        let executable = await model.getExecutableFrom(identifier: expectedIdentifier, codeRequirement: "testReq")
+        let executableSecond = await model.getExecutableFrom(identifier: "com.something.2", codeRequirement: "testReq2")
         model.selectedExecutables = [executable, executableSecond]
 
         // when
@@ -97,11 +97,11 @@ struct ModelTests {
     }
 
     @Test
-    func getExecutableFromSelectedExecutables_Path() {
+    func getExecutableFromSelectedExecutables_Path() async {
         let expectedIdentifier = "/path/something/Special"
-        let executableOneMore = model.getExecutableFrom(identifier: "/path/something/Special1", codeRequirement: "testReq")
-        let executable = model.getExecutableFrom(identifier: expectedIdentifier, codeRequirement: "testReq")
-        let executableSecond = model.getExecutableFrom(identifier: "com.something.2", codeRequirement: "testReq2")
+        let executableOneMore = await model.getExecutableFrom(identifier: "/path/something/Special1", codeRequirement: "testReq")
+        let executable = await model.getExecutableFrom(identifier: expectedIdentifier, codeRequirement: "testReq")
+        let executableSecond = await model.getExecutableFrom(identifier: "com.something.2", codeRequirement: "testReq2")
         model.selectedExecutables = [executableOneMore, executable, executableSecond]
 
         // when
@@ -184,90 +184,90 @@ struct ModelTests {
     // MARK: - tests for importProfile
 
     @Test
-    func importProfileUsingAuthorizationKeyAllow() {
+    func importProfileUsingAuthorizationKeyAllow() async {
         let profile = TCCProfileBuilder().buildProfile(authorization: .allow)
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Allow")
     }
 
     @Test
-    func importProfileUsingAuthorizationKeyDeny() {
+    func importProfileUsingAuthorizationKeyDeny() async {
         let profile = TCCProfileBuilder().buildProfile(authorization: .deny)
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Deny")
     }
 
     @Test
-    func importProfileUsingAuthorizationKeyAllowStandardUsers() {
+    func importProfileUsingAuthorizationKeyAllowStandardUsers() async {
         let profile = TCCProfileBuilder().buildProfile(authorization: .allowStandardUserToSetSystemService)
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Let Standard Users Approve")
     }
 
     @Test
-    func importProfileUsingLegacyAllowKeyTrue() {
+    func importProfileUsingLegacyAllowKeyTrue() async {
         let profile = TCCProfileBuilder().buildProfile(allowed: true)
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Allow")
     }
 
     @Test
-    func importProfileUsingLegacyAllowKeyFalse() {
+    func importProfileUsingLegacyAllowKeyFalse() async {
         let profile = TCCProfileBuilder().buildProfile(allowed: false)
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Deny")
     }
 
     @Test
-    func importProfileUsingAuthorizationKeyThatIsInvalid() {
+    func importProfileUsingAuthorizationKeyThatIsInvalid() async {
         let profile = TCCProfileBuilder().buildProfile(authorization: "invalidkey")
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Deny")
     }
 
     @Test
-    func importProfileUsingAuthorizationKeyTranslatesToAppleEvents() {
+    func importProfileUsingAuthorizationKeyTranslatesToAppleEvents() async {
         let profile = TCCProfileBuilder().buildProfile(authorization: "deny")
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Deny")
     }
 
-    // MARK: - tests for profileToString
+    // MARK: - tests for policyFromString
 
     @Test
     func policyWhenUsingAllow() {

PPPC UtilityTests/NetworkingTests/NetworkAuthManagerTests.swift

@@ -85,7 +85,7 @@ struct NetworkAuthManagerTests {
         networking.errorToThrow = NetworkingError.serverResponse(404, "No such page")
 
         // default is that bearer auth is supported.
-        let firstCheckBearerAuthSupported = await authManager.bearerAuthSupported()
+        let firstCheckBearerAuthSupported = authManager.bearerAuthSupported()
         #expect(firstCheckBearerAuthSupported)
 
         // when/then
@@ -94,7 +94,7 @@ struct NetworkAuthManagerTests {
         }
 
         // The authManager should now know that bearer auth is not supported
-        let secondCheckBearerAuthSupported = await authManager.bearerAuthSupported()
+        let secondCheckBearerAuthSupported = authManager.bearerAuthSupported()
         #expect(!secondCheckBearerAuthSupported)
     }
 

PPPC UtilityTests/TCCProfileImporterTests/TCCProfileImporterTests.swift

@@ -40,15 +40,13 @@ struct TCCProfileImporterTests {
         let tccProfileImporter = TCCProfileImporter()
         let resourceURL = try getResourceProfile(fileName: "TestTCCProfileSigned-Broken")
 
-        tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL) { tccProfileResult in
-            switch tccProfileResult {
-            case .success:
-                Issue.record("Malformed profile should not succeed")
-            case .failure(let tccProfileError):
-                if case TCCProfileImportError.invalidProfileFile = tccProfileError {
-                } else {
-                    Issue.record("Expected invalidProfileFile error, got \(tccProfileError)")
-                }
+        do {
+            _ = try tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL)
+            Issue.record("Malformed profile should not succeed")
+        } catch {
+            if case TCCProfileImportError.invalidProfileFile = error {
+            } else {
+                Issue.record("Expected invalidProfileFile error, got \(error)")
             }
         }
     }
@@ -59,13 +57,11 @@ struct TCCProfileImporterTests {
         let resourceURL = try getResourceProfile(fileName: "TestTCCUnsignedProfile-Empty")
         let expectedTCCProfileError = TCCProfileImportError.invalidProfileFile(description: "PayloadContent")
 
-        tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL) { tccProfileResult in
-            switch tccProfileResult {
-            case .success:
-                Issue.record("Empty Content, it shouldn't be success")
-            case .failure(let tccProfileError):
-                #expect(tccProfileError.localizedDescription == expectedTCCProfileError.localizedDescription)
-            }
+        do {
+            _ = try tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL)
+            Issue.record("Empty Content, it shouldn't be success")
+        } catch {
+            #expect(error.localizedDescription == expectedTCCProfileError.localizedDescription)
         }
     }
 
@@ -74,31 +70,19 @@ struct TCCProfileImporterTests {
         let tccProfileImporter = TCCProfileImporter()
         let resourceURL = try getResourceProfile(fileName: "TestTCCUnsignedProfile")
 
-        tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL) { tccProfileResult in
-            switch tccProfileResult {
-            case .success(let tccProfile):
-                #expect(!tccProfile.content.isEmpty)
-                #expect(!tccProfile.content[0].services.isEmpty)
-            case .failure(let tccProfileError):
-                Issue.record("Unable to read tccProfile \(tccProfileError.localizedDescription)")
-            }
-        }
+        let tccProfile = try tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL)
+        #expect(!tccProfile.content.isEmpty)
+        #expect(!tccProfile.content[0].services.isEmpty)
     }
 
     @Test
     func correctUnsignedProfileContentDataAllLowercase() throws {
         let tccProfileImporter = TCCProfileImporter()
         let resourceURL = try getResourceProfile(fileName: "TestTCCUnsignedProfile-allLower")
 
-        tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL) { tccProfileResult in
-            switch tccProfileResult {
-            case .success(let tccProfile):
-                #expect(!tccProfile.content.isEmpty)
-                #expect(!tccProfile.content[0].services.isEmpty)
-            case .failure(let tccProfileError):
-                Issue.record("Unable to read tccProfile \(tccProfileError.localizedDescription)")
-            }
-        }
+        let tccProfile = try tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL)
+        #expect(!tccProfile.content.isEmpty)
+        #expect(!tccProfile.content[0].services.isEmpty)
     }
 
     @Test
@@ -107,13 +91,11 @@ struct TCCProfileImporterTests {
         let resourceURL = try getResourceProfile(fileName: "TestTCCUnsignedProfile-Broken")
         let expectedTCCProfileError = TCCProfileImportError.invalidProfileFile(description: "The given data was not a valid property list.")
 
-        tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL) { tccProfileResult in
-            switch tccProfileResult {
-            case .success:
-                Issue.record("Broken Unsigned Profile, it shouldn't be success")
-            case .failure(let tccProfileError):
-                #expect(tccProfileError.localizedDescription == expectedTCCProfileError.localizedDescription)
-            }
+        do {
+            _ = try tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL)
+            Issue.record("Broken Unsigned Profile, it shouldn't be success")
+        } catch {
+            #expect(error.localizedDescription == expectedTCCProfileError.localizedDescription)
         }
     }
 

PPPC UtilityTests/TCCProfileImporterTests/TCCProfileTests.swift

@@ -154,7 +154,7 @@ struct TCCProfileTests {
     // unit tests for handling both Auth and allowed keys should fail?
 
     @Test
-    func settingLegacyAllowValueNullifiesAuthorization() throws {
+    func settingLegacyAllowValueNullifiesAuthorization() {
         var tccPolicy = TCCPolicy(identifier: "id", codeRequirement: "req", receiverIdentifier: "recId", receiverCodeRequirement: "recreq")
         tccPolicy.authorization = .allow
 
@@ -180,12 +180,12 @@ struct TCCProfileTests {
     }
 
     @Test
-    func jamfProAPIData() throws {
+    func jamfProAPIData() async throws {
         let tccProfile = TCCProfileBuilder().buildProfile(allowed: false, authorization: .allow)
         let expected = try loadTextFile(fileName: "TestTCCProfileForJamfProAPI").trimmingCharacters(in: .whitespacesAndNewlines)
 
         // when
-        let data = try tccProfile.jamfProAPIData(signingIdentity: nil, site: nil)
+        let data = try await tccProfile.jamfProAPIData(signingIdentity: nil, site: nil)
 
         // then
         let xmlString = String(data: data, encoding: .utf8)

Source/AppDelegate.swift

@@ -27,7 +27,7 @@
 
 import Cocoa
 
-@NSApplicationMain
+@main
 class AppDelegate: NSObject, NSApplicationDelegate {
 
     func applicationDidFinishLaunching(_ aNotification: Notification) {}