Merge branch 'main' into mdmathias/async-support

Author: petea

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,31 @@
+---
+name: Bug Report
+about: Submit a bug report if something isn't working as expected.
+title: ""
+labels: bug, triage
+assignees: ""
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Tap on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Environment**
+- Device: [ e.g. iPhone 13, MacBook Pro, etc ]
+- OS: [ e.g. iOS 15, macOS 11, etc ]
+- Browser: [ e.g. Safari, Chrome, etc ]
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1 @@
+blank_issues_enabled: false

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,19 @@
+---
+name: Feature Request
+about: Make a feature request if you have a suggestion for something new.
+title: ""
+labels: enhancement, triage
+assignees: ""
+---
+
+**Is your feature request related to a problem you're having? Please describe.**
+A clear and concise description of what the problem is.
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/workflows/builds.yml

@@ -13,7 +13,7 @@ jobs:
         os: [macos-11, macos-12]
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Archive for iOS
       run: |
         xcodebuild \

.github/workflows/integration_tests.yml

@@ -0,0 +1,42 @@
+name: integration_tests
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+
+  swift-button-functional-test:
+    runs-on: macOS-12
+    # Don't run if triggered by a PR from a fork since our Secrets won't be provided to the runner.
+    if: "!github.event.pull_request.head.repo.fork"
+    defaults:
+      run:
+        working-directory: Samples/Swift/DaysUntilBirthday
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+    - name: Build test target for Google Sign-in button for Swift
+      run: |
+        xcodebuild \
+          -project DaysUntilBirthday.xcodeproj \
+          build-for-testing \
+          -scheme DaysUntilBirthday\ \(iOS\) \
+          -sdk iphonesimulator \
+          -destination 'platform=iOS Simulator,name=iPhone 11'
+    - name: Run test target for Google Sign-in button for Swift
+      env:
+        EMAIL_SECRET : ${{ secrets.EMAIL_SECRET }}
+        PASSWORD_SECRET : ${{ secrets.PASSWORD_SECRET }}
+      run: |
+        xcodebuild \
+          -project DaysUntilBirthday.xcodeproj \
+          test-without-building \
+          -scheme DaysUntilBirthday\ \(iOS\) \
+          -sdk iphonesimulator \
+          -destination 'platform=iOS Simulator,name=iPhone 11' \
+          EMAIL_SECRET=$EMAIL_SECRET \
+          PASSWORD_SECRET=$PASSWORD_SECRET

.github/workflows/pr_notification.yml

@@ -10,10 +10,14 @@ jobs:
     steps:
     - name: Pull Request Details
       run: |
-        echo "Pull Request: ${{ github.event.pull_request.title }}"
+        echo "Pull Request: ${{ github.event.pull_request.number }}"
         echo "Author: ${{ github.event.pull_request.user.login }}"
 
     - name: Google Chat Notification
+      shell: bash
+      env:
+        TITLE: ${{ github.event.pull_request.title }}
+        LABELS: ${{ join(github.event.pull_request.labels.*.name, ', ') }}
       run: |
         curl --location --request POST '${{ secrets.WEBHOOK_URL }}' \
         --header 'Content-Type: application/json' \
@@ -36,7 +40,7 @@ jobs:
                     {
                       "keyValue": {
                         "topLabel": "Title",
-                        "content": "${{ github.event.pull_request.title }}"
+                        "content": "'"$TITLE"'"
                       }
                     },
                     {
@@ -66,7 +70,7 @@ jobs:
                     {
                       "keyValue": {
                         "topLabel": "Labels",
-                        "content": "- ${{ join(github.event.pull_request.labels.*.name, ', ') }}"
+                        "content": "- '"$LABELS"'"
                       }
                     },
                     {

.github/workflows/push_notification.yml

@@ -8,6 +8,8 @@ on:
 jobs:
   notify-push-main:
     runs-on: ubuntu-latest
+    env:
+      COMMIT: ${{ github.event.head_commit.message }}
     steps:
     - name: Main Branch Push
       run: |
@@ -24,7 +26,7 @@ jobs:
             {
               "header": {
                 "title": "Push to main branch",
-                "subtitle": "${{ github.event.head_commit.message }}"
+                "subtitle": "'"$COMMIT"'"
               },
               "sections": [
                 {

.github/workflows/scorecards.yml

@@ -0,0 +1,62 @@
+name: Scorecards supply-chain security
+on:
+  # Only the default branch is supported.
+  branch_protection_rule:
+  schedule:
+    - cron: '36 4 * * 3'
+  push:
+    branches: [ "main" ]
+
+# Declare default permissions as read only.
+permissions: read-all
+
+jobs:
+  analysis:
+    name: Scorecards analysis
+    runs-on: ubuntu-latest
+    permissions:
+      # Needed to upload the results to code-scanning dashboard.
+      security-events: write
+      # Used to receive a badge. (Upcoming feature)
+      id-token: write
+      # Needs for private repositories.
+      contents: read
+      actions: read
+    
+    steps:
+      - name: "Checkout code"
+        uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # tag=v3.0.0
+        with:
+          persist-credentials: false
+
+      - name: "Run analysis"
+        uses: ossf/scorecard-action@3e15ea8318eee9b333819ec77a36aca8d39df13e # tag=v1.1.1
+        with:
+          results_file: results.sarif
+          results_format: sarif
+          # (Optional) Read-only PAT token. Uncomment the `repo_token` line below if:
+          # - you want to enable the Branch-Protection check on a *public* repository, or
+          # - you are installing Scorecards on a *private* repository
+          # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
+          # repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
+
+          # Publish the results for public repositories to enable scorecard badges. For more details, see
+          # https://github.com/ossf/scorecard-action#publishing-results. 
+          # For private repositories, `publish_results` will automatically be set to `false`, regardless 
+          # of the value entered here.
+          publish_results: true
+
+      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
+      # format to the repository Actions tab.
+      - name: "Upload artifact"
+        uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # tag=v3.0.0
+        with:
+          name: SARIF file
+          path: results.sarif
+          retention-days: 5
+      
+      # Upload the results to GitHub's code scanning dashboard.
+      - name: "Upload to code-scanning"
+        uses: github/codeql-action/upload-sarif@5f532563584d71fdef14ee64d17bafb34f751ce5 # tag=v1.0.26
+        with:
+          sarif_file: results.sarif

.github/workflows/tests.yml

@@ -5,8 +5,6 @@ on:
     branches:
       - main
   pull_request:
-    branches:
-      - main
   workflow_dispatch:
 
 jobs:
@@ -27,7 +25,7 @@ jobs:
           - podspec: GoogleSignInSwiftSupport.podspec
             includePodspecFlag: "--include-podspecs='GoogleSignIn.podspec'"
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Update Bundler
       run: bundle update --bundler
     - name: Install Ruby gems with Bundler
@@ -50,7 +48,7 @@ jobs:
           - sdk: 'iphonesimulator'
             destination: '"platform=iOS Simulator,name=iPhone 11"'
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Build unit test target
       run: |
         xcodebuild \
@@ -66,33 +64,3 @@ jobs:
           -destination ${{ matrix.destination }} \
           test-without-building
 
-  swift-button-functional-test:
-    if: ${{ false }} # Disable integration tests while we figure out OTAs
-    runs-on: macOS-latest
-    defaults:
-      run:
-        working-directory: Samples/Swift/DaysUntilBirthday
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v2
-    - name: Build test target for Google Sign-in button for Swift
-      run: |
-        xcodebuild \
-          -project DaysUntilBirthday.xcodeproj \
-          build-for-testing \
-          -scheme DaysUntilBirthday\ \(iOS\) \
-          -sdk iphonesimulator \
-          -destination 'platform=iOS Simulator,name=iPhone 11'
-    - name: Run test target for Google Sign-in button for Swift
-      env:
-        EMAIL_SECRET : ${{ secrets.EMAIL_SECRET }}
-        PASSWORD_SECRET : ${{ secrets.PASSWORD_SECRET }}
-      run: |
-        xcodebuild \
-          -project DaysUntilBirthday.xcodeproj \
-          test-without-building \
-          -scheme DaysUntilBirthday\ \(iOS\) \
-          -sdk iphonesimulator \
-          -destination 'platform=iOS Simulator,name=iPhone 11' \
-          EMAIL_SECRET=$EMAIL_SECRET \
-          PASSWORD_SECRET=$PASSWORD_SECRET

CHANGELOG.md

@@ -1,3 +1,10 @@
+# 6.2.4 (2022-9-13)
+- Updated the GTMSessionFetcher dependency to allow 2.x versions. ([#207](https://github.com/google/GoogleSignIn-iOS/pull/207))
+
+# 6.2.3 (2022-8-18)
+- Fix resource loading in GoogleSignInSwift with CocoaPods use_frameworks! ([#197](https://github.com/google/GoogleSignIn-iOS/pull/197))
+- Prevent build errors for GoogleSignInSwift in certain scenarios when using Swift Package Manager. ([#166](https://github.com/google/GoogleSignIn-iOS/pull/166))
+
 # 6.2.2 (2022-5-27)
 - Prevent build errors for GoogleSignInSwift when using Swift Package Manager. ([#157](https://github.com/google/GoogleSignIn-iOS/pull/157))
 - Prevent a build error on Xcode 12 and earlier. ([#158](https://github.com/google/GoogleSignIn-iOS/pull/158))