Repo improvement

[cp-pratik-k]

Summary by CodeRabbit

• New Features
  • Enhanced error reporting for media downloads from Google Drive through integration with Firebase Crashlytics.
  • Added Firebase Crashlytics for error reporting in the home screen.
• Bug Fixes
  • Improved disposal process for temporary files in the network image preview, preventing errors from deleting non-existent files.
• Chores
  • Simplified workflow configuration for publishing to App Store Connect, now triggering on any push event.
• Dependencies
  • Added new dependencies for Firebase Crashlytics and related plugins.

[coderabbitai]

Walkthrough

The changes in this pull request primarily involve updates to various Dart package references in the .idea/libraries/Dart_Packages.xml file, where older package versions have been removed. Additionally, the dispose method in the NetworkImagePreviewStateNotifier class has been updated to an asynchronous version for improved error handling. The error handling logic in the MediaProcessRepo class has been enhanced by adding a parameter for logging stack traces with Firebase Crashlytics. Lastly, the GitHub Actions workflow for iOS deployment has been simplified to trigger on any push event without branch-specific conditions.

Changes

File Path	Change Summary
.idea/libraries/Dart_Packages.xml	Removed entries for older versions of Dart packages, retaining or adding newer versions.
app/lib/ui/flow/media_preview/components/network_image_preview/network_image_preview_view_model.dart	Updated dispose method to be asynchronous, checking for tempFile existence before deletion.
data/lib/repositories/media_process_repository.dart	Enhanced error handling in _downloadFromGoogleDrive method by adding a parameter to log stack traces with Firebase Crashlytics.
.github/workflows/ios_deploy.yml	Simplified trigger conditions to run on any push event, removing branch-specific and manual trigger options while keeping job steps unchanged.
app/lib/ui/flow/home/home_screen_view_model.dart	Added import for Firebase Crashlytics and integrated error logging in downloadFromGoogleDrive method.
data/.flutter-plugins	Added new entries for various Flutter plugins and their versions.
data/.flutter-plugins-dependencies	Added Firebase-related plugins across various platforms, updating the dependency graph accordingly.
data/pubspec.yaml	Added new dependency for firebase_crashlytics with version constraint ^4.2.0.

Possibly related PRs

• Implement Crashlytics Support #59: Implement Crashlytics Support - This PR adds Firebase Crashlytics integration, which is directly related to the updates in the main PR that involve modifications to the .idea/libraries/Dart_Packages.xml file, specifically regarding the inclusion of Firebase-related packages.
• Fix ios pipeline #64: Fix ios pipeline - This PR includes changes to the iOS deployment workflow that may indirectly relate to the overall integration of Firebase services, as the main PR updates library dependencies that include Firebase packages.

🐰 In the meadow where we play,
Old packages have gone away.
With new ones here, we hop and cheer,
As code flows smoothly, crystal clear.
Let’s celebrate with joy and glee,
For updates bring us harmony! 🌼

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Experiment)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 4

🧹 Outside diff range and nitpick comments (3)

.github/workflows/android_deploy.yml (3)

Line range hint 29-36: Enhance security for sensitive file handling

While the secret handling is comprehensive, consider adding validation and cleanup steps for sensitive files.

Add validation and cleanup:

 run: |
   cd app
   echo $FIREBASE_OPTIONS_BASE64 | base64 -di > lib/firebase_options.dart
+  [ -s lib/firebase_options.dart ] || exit 1  # Validate file exists and is not empty
   echo $GOOGLE_SERVICES_JSON_BASE64 | base64 -di > android/app/google-services.json
+  [ -s android/app/google-services.json ] || exit 1
   echo $FIREBASE_JSON_BASE64 | base64 --decode > firebase.json
+  [ -s firebase.json ] || exit 1
   cd ../data
   echo $APP_SECRETS_BASE64 | base64 --decode > lib/apis/network/secrets.dart
+  [ -s lib/apis/network/secrets.dart ] || exit 1

And at the end of the workflow:

 bundle exec fastlane upload_internal versionName:$buildName versionCode:$buildNumber
+# Cleanup sensitive files
+rm -f lib/firebase_options.dart android/app/google-services.json firebase.json ../data/lib/apis/network/secrets.dart ../../release.keystore google_play_api_key.json

Also applies to: 64-68

---

Line range hint 71-82: Improve version handling robustness

The current version handling lacks validation and error handling which could lead to deployment failures.

Add validation and error handling:

 cd app
-file='VERSION'
-fileData=`cat $file`
-IFS='.'
-read -a versionValue <<< "$fileData"
-buildNumber=$(( ${versionValue[0]} * 1000000 + ${versionValue[1]} * 10000 + ${{ github.run_number }} ))
-IFS=''
-buildName="${versionValue[0]}.${versionValue[1]}.${{ github.run_number }}"
+VERSION_FILE='VERSION'
+if [ ! -f "$VERSION_FILE" ]; then
+  echo "Error: VERSION file not found"
+  exit 1
+fi
+
+# Validate version format (expecting X.Y format)
+if ! grep -qE '^[0-9]+\.[0-9]+$' "$VERSION_FILE"; then
+  echo "Error: Invalid version format in VERSION file. Expected format: X.Y"
+  exit 1
+fi
+
+fileData=$(cat "$VERSION_FILE")
+IFS='.' read -r major minor <<< "$fileData"
+
+# Validate number ranges
+if [ "$major" -gt 999 ] || [ "$minor" -gt 999 ] || [ ${{ github.run_number }} -gt 9999 ]; then
+  echo "Error: Version numbers exceed maximum allowed values"
+  exit 1
+fi
+
+buildNumber=$(( major * 1000000 + minor * 10000 + ${{ github.run_number }} ))
+buildName="${major}.${minor}.${{ github.run_number }}"

---

Line range hint 56-63: Optimize workflow performance and reliability

The current sequential package preparation could be optimized for better performance and reliability.

Consider these improvements:

1. Use GitHub Actions' built-in retry mechanism for network operations:

- name: Install dependencies
  uses: nick-fields/retry@v2
  with:
    timeout_minutes: 10
    max_attempts: 3
    command: |
      cd app && flutter clean && flutter pub get
      cd ../data && flutter clean && flutter pub get
      cd ../style && flutter clean && flutter pub get

2. Consider using a composite action to reduce duplication:

# .github/actions/flutter-setup/action.yml
name: 'Setup Flutter Package'
inputs:
  package-path:
    required: true
runs:
  using: 'composite'
  steps:
    - run: |
        cd ${{ inputs.package-path }}
        flutter clean
        flutter pub get
      shell: bash

This would make the workflow more maintainable and reliable.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e92d8e1 and b697a52.

📒 Files selected for processing (4)

• .github/workflows/android_deploy.yml (1 hunks)
• .idea/libraries/Dart_Packages.xml (0 hunks)
• app/lib/ui/flow/media_preview/components/network_image_preview/network_image_preview_view_model.dart (1 hunks)
• data/lib/repositories/media_process_repository.dart (1 hunks)

💤 Files with no reviewable changes (1)

• .idea/libraries/Dart_Packages.xml

[coderabbitai]

⚠️ Potential issue

Restrict workflow trigger to production branches only

The current trigger configuration will run the Play Store deployment on any push to any branch, which could lead to unintended deployments. For production deployments, it's crucial to have controlled triggers.

Consider using this more restrictive configuration:

-on: push
+on:
+  push:
+    branches:
+      - main      # or your production branch
+      - release/* # for release branches if applicable
+  workflow_dispatch: # for manual triggers when needed

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	on: push
	on:
	push:
	branches:
	- main # or your production branch
	- release/* # for release branches if applicable
	workflow_dispatch: # for manual triggers when needed

[coderabbitai]

⚠️ Potential issue

Consider calling super.dispose() first

While the async file cleanup is a good improvement, calling super.dispose() after async operations can be problematic as the parent class might be disposed while operations are still pending.

Consider this refactor:

-void dispose() async {
+@override
+Future<void> dispose() async {
+  super.dispose();
   if (tempFile != null && await tempFile!.exists()) {
     await tempFile!.delete();
   }
   cancelToken?.cancel();
-  super.dispose();
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	void dispose() async {
	if (tempFile != null && await tempFile!.exists()) {
	await tempFile!.delete();
	}
	@override
	Future<void> dispose() async {
	super.dispose();
	if (tempFile != null && await tempFile!.exists()) {
	await tempFile!.delete();
	}
	cancelToken?.cancel();
	}

[coderabbitai]

🛠️ Refactor suggestion

Maintain consistent error handling across providers

The error handling differs between Google Drive and Dropbox downloads. While Google Drive rethrows the error, Dropbox silently handles it. This inconsistency could lead to different behavior depending on the provider.

Consider applying the same error handling pattern to both providers. Either:

1. Add rethrow to Dropbox download (if errors need to be handled by callers)
2. Remove rethrow from Google Drive download (if errors should be handled locally)

The choice depends on whether the calling code needs to handle these errors.

---

⚠️ Potential issue

Fix error handling flow

The rethrow statement is placed before the error notification and status update, which means these important error handling steps will never execute. This could leave the UI in an inconsistent state and the user uninformed about the failure.

Consider this fix:

    } catch (error) {
      if (error is DioException && error.type == DioExceptionType.cancel) {
        showNotification('Download from Google Drive cancelled');
        return;
      }

-     rethrow;
-
      showNotification('Failed to download from Google Drive');

      await updateDownloadProcessStatus(
        status: MediaQueueProcessStatus.failed,
        id: process.id,
      );
+     rethrow;
    }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	rethrow;
	if (error is DioException && error.type == DioExceptionType.cancel) {
	showNotification('Download from Google Drive cancelled');
	return;
	}
	showNotification('Failed to download from Google Drive');
	await updateDownloadProcessStatus(
	status: MediaQueueProcessStatus.failed,
	id: process.id,
	);
	rethrow;

[coderabbitai]

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (2)

.github/workflows/ios_deploy.yml (2)

Line range hint 82-91: Consider implementing semantic versioning checks

The current version management reads from a VERSION file and constructs the build number using a formula. While functional, it could benefit from additional validation and semantic versioning enforcement.

Consider adding version validation before deployment:

       run: |
         cd app
         file='VERSION'
         fileData=`cat $file`
+        # Validate semantic versioning format
+        if ! [[ $fileData =~ ^[0-9]+\.[0-9]+$ ]]; then
+          echo "Error: VERSION file must contain semantic version (X.Y)"
+          exit 1
+        fi
         IFS='.'
         read -a versionValue <<< "$fileData"
         buildNumber=$(( ${versionValue[0]} * 1000000 + ${versionValue[1]} * 10000 + ${{ github.run_number }} ))

---

Line range hint 93-96: Add post-deployment notification step

For better visibility and tracking of deployments, consider adding a notification step after successful deployment.

Add a notification step after the publish step:

      - name: Notify deployment status
        if: always()
        run: |
          VERSION=$(cat app/VERSION)
          BUILD_NUMBER=${{ github.run_number }}
          if [ "${{ job.status }}" = "success" ]; then
            echo "Successfully deployed version $VERSION (build $BUILD_NUMBER) to App Store Connect"
          else
            echo "Failed to deploy version $VERSION (build $BUILD_NUMBER) to App Store Connect"
          fi

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b697a52 and 2d987ba.

📒 Files selected for processing (1)

• .github/workflows/ios_deploy.yml (1 hunks)

🔇 Additional comments (1)

.github/workflows/ios_deploy.yml (1)

Line range hint 31-41: Verify the security of secret handling

The workflow handles multiple sensitive base64-encoded secrets. Let's verify their security configuration.

✅ Verification successful

Let me try another verification approach to check the security configuration of these secrets.

---

Secrets handling follows secure practices

The verification shows that:

• All secrets are properly referenced using GitHub's secure ${{ secrets.* }} syntax
• Secrets are only used for their intended purpose of decoding base64 content into configuration files
• No secrets are exposed in conditions or debug outputs
• Base64 decoding is done directly to files without intermediate storage
• The same secure pattern is consistently used across all workflow files

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if secrets are properly configured and not exposed in workflow runs

# Check if the repository has the required secrets configured
gh api repos/canopas/cloud-gallery/actions/secrets | jq -r '.secrets[] | select(.name | match("FIREBASE_|APP_STORE_|DIST_")) | .name' || echo "Failed to fetch secrets"

# Check recent workflow runs for any exposed secrets
gh run list --workflow=ios_deploy.yml --json conclusion,databaseId --jq '.[] | select(.conclusion=="success") | .databaseId' | head -n 5 | while read -r run_id; do
  gh run view "$run_id" --log | grep -i "warning about secrets" || true
done

Length of output: 910

---

Script:

#!/bin/bash
# Check the workflow file for proper secret handling practices
rg -U "secrets\." .github/workflows/ios_deploy.yml

# Check if secrets are used in conditions or exposed in debug/output commands
rg "if.*secrets\.|echo.*secrets\." .github/workflows/

# Check for any direct base64 output or debug steps
rg "base64.*>" .github/workflows/

Length of output: 4407

[coderabbitai]

⚠️ Potential issue

Critical: Restrict deployment triggers to production-ready branches

The current trigger configuration will run the deployment workflow on any push to any branch, which could lead to unintended deployments to App Store Connect. This is particularly risky for a production deployment workflow.

Consider restricting the workflow to run only on production-ready branches and tags:

-on: push
+on:
+  push:
+    branches:
+      - main
+      - release/*
+    tags:
+      - 'v*'
+  workflow_dispatch:  # Allow manual triggers for flexibility

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	on: push
	on:
	push:
	branches:
	- main
	- release/*
	tags:
	- 'v*'
	workflow_dispatch: # Allow manual triggers for flexibility

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2d987ba and 56d971c.

📒 Files selected for processing (5)

• app/lib/ui/flow/home/home_screen_view_model.dart (2 hunks)
• data/.flutter-plugins (1 hunks)
• data/.flutter-plugins-dependencies (1 hunks)
• data/lib/repositories/media_process_repository.dart (2 hunks)
• data/pubspec.yaml (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• data/.flutter-plugins

🚧 Files skipped from review as they are similar to previous changes (1)

• data/lib/repositories/media_process_repository.dart

🔇 Additional comments (3)

data/pubspec.yaml (1)

22-22: Ensure firebase_crashlytics dependency version is up-to-date

Please verify that the specified version ^4.2.0 of firebase_crashlytics is the latest stable version and is compatible with your project's dependencies. This helps avoid potential conflicts and ensures you have the latest features and security updates.

app/lib/ui/flow/home/home_screen_view_model.dart (2)

12-12: Import statement correctly added

The import for firebase_crashlytics is added appropriately.

---

520-520: ⚠️ Potential issue

Ensure no sensitive data is sent to Crashlytics

When recording errors using FirebaseCrashlytics.instance.recordError(e, s);, please ensure that e and s do not contain any personally identifiable information (PII) or sensitive user data to comply with privacy regulations.

[coderabbitai]

⚠️ Potential issue

Do not commit generated files to version control

This file is auto-generated and includes the notice: "This is a generated file; do not edit or check into version control." Committing this file may lead to merge conflicts and unnecessary diffs.