chore: sync plus with upstream main (conflicts)#55
Conversation
Reverts "chore: bump main to 9.0.0-dev.0 (ionic-team#8320)" and “chore: update latest workflow to only allow pointing at 8.x” This reverts commit c5476c8 and 0412d46
…8338) Co-authored-by: Mark Anderson <mark.anderson@outsystems.com>
Co-authored-by: Mark Anderson <mark.anderson@outsystems.com> Co-authored-by: Mark Anderson <emer@emer.net>
Co-authored-by: Stein Jakob Nordbø <steinjak@gmail.com> Co-authored-by: Pedro Bilro <pedro.gustavo.bilro@outsystems.com>
…onic-team#7528) Co-authored-by: Pedro Bilro <pedro.gustavo.bilro@outsystems.com> Co-authored-by: jcesarmobile <jcesarmobile@gmail.com>
Co-authored-by: Pedro Bilro <pedro.gustavo.bilro@outsystems.com>
Closes ionic-team#8367 Fixes regression introduced by ionic-team#8357
…onic-team#8391) Co-authored-by: Pedro Bilro <pedro.gustavo.bilro@outsystems.com>
…eam#8377) Co-authored-by: jcesarmobile <jcesarmobile@gmail.com>
…ic-team#8351) Co-authored-by: OS-pedrogustavobilro <pedro.gustavo.bilro@outsystems.com>
Co-authored-by: OS-ruimoreiramendes <rui.moreira.mendes@outsystems.com>
Co-authored-by: OS-ruimoreiramendes <rui.moreira.mendes@outsystems.com> Co-authored-by: Pedro Bilro <pedro.gustavo.bilro@outsystems.com>
📝 WalkthroughWalkthroughThis PR executes a major upstream synchronization merging Ionic's Capacitor v8.3.1 into the repository, updating package metadata across all modules, introducing SPM support in iOS CLI tooling, enhancing native bridge fetch proxy handling, refactoring SystemBars style caching and inset management, improving HTTP boundary parsing, and adding new GitHub automation workflows—all while containing unresolved merge conflict markers in multiple changelog and package manifest files. Changes
Estimated code review effort🎯 4 (Complex) | ⏱️ ~75 minutes Possibly related issues
Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: a1a73b3c1d
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| "@ionic/eslint-config": "^0.4.0", | ||
| "@ionic/prettier-config": "^4.0.0", | ||
| "@ionic/swiftlint-config": "^2.0.0", | ||
| <<<<<<< HEAD |
There was a problem hiding this comment.
Remove merge conflict markers from package manifests
This commit leaves unresolved conflict markers (<<<<<<<, =======, >>>>>>>) in package.json (with the same pattern also present in other JSON manifests), which makes the file invalid JSON. Tooling parses these manifests before running scripts, so dependency install and workspace commands will fail immediately until the conflict is fully resolved to one valid JSON state.
Useful? React with 👍 / 👎.
|
|
||
| export async function generatePackageText(config: Config, plugins: Plugin[]): Promise<string> { | ||
| const iosPlatformVersion = await getCapacitorPackageVersion(config, config.ios.name); | ||
| <<<<<<< HEAD |
There was a problem hiding this comment.
Resolve merge conflict markers in generatePackageText
The generatePackageText implementation still contains raw merge markers, so cli/src/util/spm.ts is not valid TypeScript. Any CLI build or command path that compiles this file will fail at parse time, making the synced branch unusable until the conflict block is removed and one branch of logic is kept.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Actionable comments posted: 20
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (5)
CHANGELOG.md (1)
6-532:⚠️ Potential issue | 🔴 CriticalResolve merge conflict markers and remove manual changelog edits before merge.
Line 6, Line 457, and Line 532 still include git conflict markers (
<<<<<<<,=======,>>>>>>>), which leaves this PR in an unresolved merge state and is the root cause of the markdown heading-level warnings in this hunk. Please resolve the conflict and keepCHANGELOG.mdout of manual edits for this PR.As per coding guidelines, "Do not manually edit
CHANGELOG.md; it is managed automatically by CI/CD".🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@CHANGELOG.md` around lines 6 - 532, The changelog contains unresolved git conflict markers (<<<<<<< HEAD, =======, >>>>>>> upstream/main) around competing release sections (e.g., "## [8.0.8]" vs "## [8.3.1]"); remove the conflict markers, choose the correct CI-generated changelog content to keep (or discard the manual edits that introduced the "8.0.8" block), and restore CHANGELOG.md to the version produced by the automated release process so no manual edits remain in this PR; ensure the final file contains only one coherent changelog section (no <<<<<<</=======/>>>>>>>) before merging.android/CHANGELOG.md (1)
6-260:⚠️ Potential issue | 🟠 MajorRemove the unresolved Git conflict block from the Android changelog.
This section still has merge markers and two different release streams merged into one document. Please resolve the hunk before merging; otherwise
android/CHANGELOG.mdremains inconsistent and clearly signals an incomplete upstream sync.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@android/CHANGELOG.md` around lines 6 - 260, The changelog contains leftover Git conflict markers (<<<<<<< HEAD, =======, >>>>>>> upstream/main) merging two release streams; remove the conflict block and duplicate entries and retain a single coherent changelog (prefer the upstream/main release stream entries such as the [8.3.1]/[8.3.0] headers and their notes or the intended local release if required), ensuring no <<<<<<<, =======, or >>>>>>> markers remain and the headings (e.g., "## [8.3.1]" or "## [8.0.8]") and their associated sections are kept consistent as the final content.core/CHANGELOG.md (1)
6-163:⚠️ Potential issue | 🟠 MajorResolve the merge markers in the release-history block.
This hunk still contains
<<<<<<<,=======, and>>>>>>>, and it currently splices together two different changelog histories (@capacitor-plus/corevs@capacitor/core). Please resolve the hunk instead of committing both sides; otherwise the published changelog stays inconsistent and misleading.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@core/CHANGELOG.md` around lines 6 - 163, The changelog contains unresolved Git merge markers (<<<<<<<, =======, >>>>>>>) merging two different histories (entries starting with "## [8.0.8]..." and "## [8.3.1]..."); remove the conflict markers and produce a single coherent release-history block by choosing the correct history to keep (either the `@capacitor-plus/core` block beginning "## [8.0.8]" or the upstream `@capacitor/core` block beginning "## [8.3.1]"), or merge their entries deterministically (combine non-duplicate release entries in chronological order), then delete the leftover markers and ensure headings/MD formatting remain valid (search for the strings "<<<<<<<", "=======", ">>>>>>>", "## [8.0.8]", and "## [8.3.1]" to locate the conflict).ios/CHANGELOG.md (1)
6-231:⚠️ Potential issue | 🟠 MajorFinish the changelog merge here.
This section still contains raw Git conflict markers and two competing version histories. Keeping the file in this state will ship an invalid
ios/CHANGELOG.mdand makes it unclear whether the branch is documenting Capacitor+ releases or upstream Capacitor releases.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@ios/CHANGELOG.md` around lines 6 - 231, The file contains unresolved git conflict markers (<<<<<<< HEAD, =======, >>>>>>> upstream/main) mixing two competing changelog histories (e.g., headings like "## [8.0.8]" and "## [8.3.1]"); resolve the merge by removing the conflict markers and choosing or combining the appropriate history so only one coherent changelog remains (either keep the Capacitor+ entries such as "## [8.0.8]" or the upstream entries like "## [8.3.1]" or merge them in chronological order), ensure all version headings and bullet lists are intact and the file is valid Markdown with no leftover markers.cli/CHANGELOG.md (1)
6-286:⚠️ Potential issue | 🔴 CriticalUnresolved merge conflict markers must be resolved.
This changelog contains Git conflict markers (
<<<<<<< HEAD,=======,>>>>>>> upstream/main) spanning lines 6–286. The conflict includes overlapping version histories from both@capacitor-plus(8.0.8→8.0.1) and upstream@capacitor(8.3.1→8.0.1).To resolve, decide whether to:
- Keep Capacitor+ entries and append upstream entries below, or
- Replace with upstream entries and add Capacitor+ specific notes as needed
Remove all conflict markers and ensure the changelog follows a single consistent versioning narrative.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@cli/CHANGELOG.md` around lines 6 - 286, The changelog contains unresolved Git conflict markers (<<<<<<< HEAD, =======, >>>>>>> upstream/main) that merge Capacitor+ entries (starting with 8.0.8 → 8.0.1) and upstream entries (8.3.1 → 8.0.1); remove all conflict markers and produce a single coherent history by either keeping the Capacitor+ section and appending upstream changes (or vice versa), ensuring versions like 8.0.8 and 8.3.1 are ordered correctly, duplicate entries (e.g., 8.0.1) are deduplicated, and the file contains no leftover markers.
🧹 Nitpick comments (5)
cli/src/tasks/migrate-spm.ts (1)
16-16: Use strict equality operator.Line 16 uses
==instead of===. While functionally equivalent here (comparing string literals), using strict equality is a TypeScript best practice for consistency and clarity.♻️ Proposed fix
- if ((await config.ios.packageManager) == 'SPM') { + if ((await config.ios.packageManager) === 'SPM') {🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@cli/src/tasks/migrate-spm.ts` at line 16, Change the loose equality to strict equality in the SPM check: in migrate-spm.ts update the conditional that reads (await config.ios.packageManager) == 'SPM' to use === instead; locate the conditional around the SPM branch (the expression referencing config.ios.packageManager) and replace the operator so the comparison uses strict equality.cli/src/config.ts (2)
428-435: Inconsistent use of synchronous vs asynchronous filesystem calls.
existsSync(line 433) is synchronous while the rest of the function uses asyncpathExists. Since this is already an async function wrapped inlazy(), consider usingpathExistsfor consistency and to avoid blocking the event loop.♻️ Suggested refactor
async function determinePackageManager( rootDir: string, platformDir: any, nativeProjectDirAbs: string, ): Promise<PackageManager> { - if (existsSync(resolve(nativeProjectDirAbs, 'CapApp-SPM'))) { + if (await pathExists(resolve(nativeProjectDirAbs, 'CapApp-SPM'))) { return 'SPM'; }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@cli/src/config.ts` around lines 428 - 435, The function determinePackageManager uses the synchronous existsSync to check for 'CapApp-SPM' which blocks the event loop; replace that call with the async pathExists (or fs.promises access) and await its result to keep the function fully asynchronous. Update the check inside determinePackageManager to await pathExists(resolve(nativeProjectDirAbs, 'CapApp-SPM')) and return 'SPM' when true, ensuring imports/util helpers for pathExists are used and removing the existsSync reference.
464-468: Edge case: Empty Gemfile handling may be redundant.If
readFilesucceeds, calling.toString()on an empty buffer returns'', which is falsy. However, the regex test on line 469 would also fail for an empty string, making this early return potentially redundant. Consider simplifying or adding a comment clarifying the intent.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@cli/src/config.ts` around lines 464 - 468, The early return on an empty Gemfile in the block that reads gemfilePath is redundant because gemfileText = (await readFile(gemfilePath)).toString() being '' will also fail subsequent regex tests; update the code in that section to either remove the explicit if (!gemfileText) return 'Cocoapods'; check or, if you want to keep it for clarity, replace it with a brief comment explaining the intent; locate the readFile call and the gemfileText variable in the function around gemfilePath and adjust accordingly so behavior is unchanged but the redundancy is eliminated or documented.cli/src/tasks/update.ts (1)
48-62: Checks are replaced rather than accumulated when multiple platforms are selected.If
platformsincludes both iOS and another platform,checksis reassigned (not accumulated) on each iOS iteration. While this may be intentional since Android/Web have no checks, it could cause issues if future platforms add checks. Consider usingpushorconcatfor clarity and future-proofing.♻️ Suggested refactor
export async function addUpdateChecks(config: Config, platforms: string[]): Promise<CheckFunction[]> { - let checks: CheckFunction[] = []; + const checks: CheckFunction[] = []; for (const platformName of platforms) { if (platformName === config.ios.name) { - checks = await getCommonChecks(config); + checks.push(...(await getCommonChecks(config))); } else if (platformName === config.android.name) { continue; } else if (platformName === config.web.name) { continue; } else { throw `Platform ${platformName} is not valid.`; } } return checks; }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@cli/src/tasks/update.ts` around lines 48 - 62, The function addUpdateChecks currently reassigns checks inside the loop (checks = await getCommonChecks(config)) which replaces prior platform checks instead of accumulating them; change it to accumulate results from getCommonChecks by concatenating or pushing them into the existing checks array (e.g., await getCommonChecks(config) then checks.push(...newChecks) or checks = checks.concat(newChecks)) so addUpdateChecks accumulates checks across multiple platforms (refer to addUpdateChecks and getCommonChecks).ios/Capacitor/Capacitor/CapacitorBridge.swift (1)
96-99: Remove obsolete temp-window state and its leftover observer wiring.
tmpWindow/tmpVCAppearedare now labeled obsolete, but the init path still keeps related observer logic alive (Line 226–Line 228). Consider removing both declarations and that observer to complete the cleanup.♻️ Proposed cleanup
- `@available`(*, deprecated, message: "obsolete") - var tmpWindow: UIWindow? - `@available`(*, deprecated, message: "obsolete") - static let tmpVCAppeared = Notification(name: Notification.Name(rawValue: "tmpViewControllerAppeared")) @@ - observers.append(NotificationCenter.default.addObserver(forName: type(of: self).tmpVCAppeared.name, object: .none, queue: .none) { [weak self] _ in - self?.tmpWindow = nil - })🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@ios/Capacitor/Capacitor/CapacitorBridge.swift` around lines 96 - 99, Remove the obsolete temporary window state and its observer wiring: delete the var tmpWindow and static let tmpVCAppeared declarations and remove the observer registration and any related notification posting in the initializer (the code that adds/removes observer for tmpVCAppeared); also search the CapacitorBridge class for any remaining references to tmpWindow or tmpVCAppeared (including notification posting or observer removal) and eliminate or refactor those usages so there are no dangling observers or unused state left.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In @.github/workflows/needs-reply.yml:
- Around line 12-15: Replace the mutable third-party action tag and the custom
PAT usage: pin imhoffd/needs-reply@v2 to its exact commit SHA (replace the `@v2`
reference with the repo's specific commit hash) and stop passing a custom secret
via repo-token (repo-token: ${{ secrets.BOT_TOKEN }}); instead use the built-in
github.token by removing the repo-token input and declaring explicit permissions
for issues/pulls at the workflow level (permissions: { issues: write,
pull-requests: write } or the minimal set required) so the action runs with a
scoped, immutable token and the action version is pinned immutably.
In @.github/workflows/publish-ios.yml:
- Around line 21-24: The checkout step currently hard-codes ref: 'main', which
can cause the workflow to checkout the wrong commit; update the actions/checkout
usage in the publish workflow so it does not force 'main' — either remove the
ref field entirely to let the runner use the workflow's triggered ref, or set it
to the exact commit/ref from the event (e.g., use the workflow context like
github.sha or the dispatch input) so the checkout uses the caller/dispatch
commit rather than main.
In `@android/capacitor/src/main/java/com/getcapacitor/plugin/SystemBars.java`:
- Around line 321-329: The getWebViewMajorVersion method uses
Integer.valueOf(versionSegments[0]) which can throw NumberFormatException for
malformed versionName; update getWebViewMajorVersion to defensively parse the
first segment (from WebViewCompat.getCurrentWebViewPackage(...).versionName and
versionSegments) inside a try/catch or using safe numeric check and return 0 on
failure, ensuring any nulls or empty strings are handled before parsing.
In
`@android/capacitor/src/main/java/com/getcapacitor/plugin/util/CapacitorHttpUrlConnection.java`:
- Around line 323-346: In
CapacitorHttpUrlConnection.extractBoundaryFromContentType, add a null-check for
the contentType parameter at the start and return null if it's null; after
extracting and trimming the boundary string ensure you treat empty strings as
absent (return null if boundary.isEmpty()); and make the unquote guard robust by
only removing surrounding quotes when boundary.length() >= 2 and
boundary.startsWith("\"") && boundary.endsWith("\"") to avoid
StringIndexOutOfBoundsException for single-character boundaries.
In `@android/capacitor/src/main/java/com/getcapacitor/WebViewLocalServer.java`:
- Around line 131-138: Fix the malformed Javadoc in WebViewLocalServer's
deprecated method comment by removing the stray extra "</p>" tag (the second
closing paragraph tag) so the Javadoc is well-formed; ensure the block still
documents deprecation and references {`@link` `#buildDefaultResponseHeaders`()}
correctly without the extra closing tag.
In `@android/package.json`:
- Around line 2-14: The package.json contains unresolved git merge conflict
markers around the package identity fields ("name", "version", "description",
"homepage", "author"); remove the conflict markers (<<<<<<<, =======, >>>>>>>)
and reconcile the two variants by choosing the correct values for these fields
(either the `@capacitor-plus/android` entries or the upstream `@capacitor/android`
entries) so package.json contains a single valid JSON object with a consistent
"name", "version", "description", "homepage", and "author".
- Around line 34-39: Remove the unresolved merge conflict markers in
package.json's peerDependencies block and choose the intended dependency set:
either restore both entries ("@capacitor-plus/core" and "@capacitor/core") under
peerDependencies or keep only the upstream version ("@capacitor/core"); update
the JSON so it is valid (no <<<<<<<, =======, >>>>>>> markers) and ensure the
chosen package names and versions are present exactly as "@capacitor-plus/core"
and/or "@capacitor/core" in the peerDependencies object.
In `@cli/package.json`:
- Around line 2-14: Remove the git conflict markers and resolve the package
identity in cli/package.json by choosing and keeping the desired fields (e.g.,
"name": "@capacitor-plus/cli" and update "version" to "8.3.1"), ensuring the
final JSON contains a single "name", "version", "description", "homepage", and
"author" block (no <<<<<<<, =======, >>>>>>> markers) so package.json parses
correctly.
In `@cli/src/declarations.ts`:
- Line 535: Fix the typo in the JSDoc comment that currently reads "If you need
to set this property to 6.0 or higher, make sure to throughrouly test your iOS
app." by changing "throughrouly" to "thoroughly" so the comment reads "... make
sure to thoroughly test your iOS app."; update the JSDoc line containing that
exact sentence in cli/src/declarations.ts.
In `@cli/src/index.ts`:
- Around line 30-38: Update getPackageManager to validate and normalize the
incoming packageManager input: treat values case-insensitively, accept only
'cocoapods' or 'spm' (and undefined/null to mean default), and if a non-empty
unrecognized value is passed, emit a warning (or throw if you prefer stricter
behavior) and then fall back to 'SPM'; keep the existing bundler check by
consulting config.ios.packageManager when normalized value === 'cocoapods'. Also
remove the redundant runtime check elsewhere that compares
packagemanager?.toLowerCase() === 'CocoaPods'.toLowerCase(), since
getPackageManager now centralizes normalization and validation.
In `@cli/src/tasks/run.ts`:
- Line 114: Update the live-reload status template string that currently reads
"`App running with live reload listing for: ${options.https ? 'https' :
'http'}://${options.host}${options.port ? `:${options.port}` : ''}. Press Ctrl+C
to quit.`" to use "listening" instead of "listing"; locate this template in the
run task where the status message is built (references: the template string and
the options object) and correct the typo so the message reads "App running with
live reload listening for: ...".
In `@cli/src/util/spm.ts`:
- Around line 100-106: Remove the unresolved Git conflict markers and produce a
single consistent implementation: decide whether to use getMajorMinoriOSVersion
or getMajoriOSVersion (prefer the upstream getMajoriOSVersion if imports/backing
code changed), delete the <<<<<<<, =======, and >>>>>>> lines, and ensure the
variables packageTraits and swiftToolsVersion are present (add packageTraits =
config.app.extConfig.experimental?.ios?.spm?.packageTraits ?? {} and
swiftToolsVersion =
config.app.extConfig.experimental?.ios?.spm?.swiftToolsVersion ?? '5.9' if you
keep the upstream call, or if you keep getMajorMinoriOSVersion also add those
two variables so later code compiles). Ensure the final code references only the
chosen function name and includes packageTraits and swiftToolsVersion so
TypeScript parsing/building succeeds.
In `@core/package.json`:
- Around line 2-14: Remove the unresolved merge conflict markers (<<<<<<<,
=======, >>>>>>>) and pick a single package identity for the JSON fields so the
file parses; for example, keep the Capacitor+ values by setting "name":
"@capacitor-plus/core", "version": "8.0.8" (or update as needed), "description":
"Capacitor+: Enhanced Capacitor with automated upstream sync - Cross-platform
apps with JavaScript and the web", "homepage":
"https://capgo.app/docs/plugins/capacitor-plus/", and "author": "Capgo Team
<support@capgo.app> (https://capgo.app)", ensuring proper JSON syntax (commas,
quotes) around those keys so npm install no longer fails.
In `@ios/Capacitor/Capacitor/CapacitorBridge.swift`:
- Around line 750-756: presentVC and dismissVC are deprecated and unused; either
remove them or, if keeping for backwards compatibility, make them main‑thread
safe by dispatching UI calls to the main queue instead of calling
self.viewController?.present/dismiss directly (e.g., wrap the calls in
DispatchQueue.main.async or guard Thread.isMainThread), and add a deprecation
comment referencing the protocol guidance; update the methods presentVC(_:,
animated:, completion:) and dismissVC(animated:, completion:) accordingly and
document their thread-safety expectation.
In `@ios/Capacitor/Capacitor/CAPBridgedJSTypes.m`:
- Around line 32-38: The method implementation for getArray:defaultValue: in
CAPBridgedJSTypes.m has a stray semicolon before the opening brace causing a
compile error; remove the extraneous ";" after the method signature so the
implementation reads as a normal Objective-C method (i.e., change "- (NSArray *
_Nullable)getArray:(NSString * _Nonnull)key defaultValue:(NSArray *
_Nullable)defaultValue; {" to remove the semicolon and begin the body
immediately), leaving the rest of the method logic intact.
In `@ios/Capacitor/Capacitor/Plugins/CapacitorUrlRequest.swift`:
- Around line 94-109: The extractBoundary(from:) function can return an empty
string for inputs like "boundary=" or "boundary=\"\"", which callers that only
nil-check may treat as valid; update extractBoundary(from:) to trim surrounding
quotes and whitespace and treat an empty result as invalid by returning nil
instead of an empty string so callers (those invoking extractBoundary(from:))
won't proceed with an empty multipart delimiter.
In `@ios/package.json`:
- Around line 2-14: The package.json contains unresolved Git conflict markers
around identity fields (name, version, description, homepage, author); remove
the conflict markers and choose the canonical values used by the project (align
with other package.json files) so the identity section is a single valid JSON
object—ensure the fields "name", "version", "description", "homepage", and
"author" in ios/package.json are consistent and valid JSON with no <<<<<<<,
=======, or >>>>>>> markers.
- Around line 36-41: Remove the Git merge conflict markers and resolve the
peerDependencies section to match the resolution used in android/package.json:
delete the conflict lines (<<<<<<<, =======, >>>>>>>) and ensure only a single
"@capacitor/core" entry remains with the chosen version ("^8.3.0"), removing the
"@capacitor-plus/core" duplicate; verify the resulting JSON is valid and that
the peerDependencies block contains just the resolved dependency key/value.
In `@lerna.json`:
- Around line 16-20: The lerna.json contains unresolved Git conflict markers
around the "version" field; remove the conflict markers (<<<<<<< HEAD, =======,
>>>>>>> upstream/main) and set "version" to "8.3.1" so the file is clean and
matches upstream; ensure only a single valid JSON "version" entry remains (the
"version" key in lerna.json) and that the file remains valid JSON after the
change.
In `@package.json`:
- Around line 35-55: Remove the Git conflict markers and produce a valid
package.json by merging the two sides: keep a single consistent set of
devDependencies (choose and normalize versions for "@types/node", "eslint", and
"tar") and ensure the prettier script and its dependency match—if the
package.json includes a "prettier" npm script that invokes
"prettier-pretty-check", add "prettier-pretty-check" to devDependencies (or else
change the script to use only "prettier"); specifically edit the devDependencies
block (symbols: "@types/node", "eslint", "tar", "prettier-pretty-check",
"prettier") to remove conflict markers, pick the desired versions, and make the
prettier script and dependency consistent so the JSON parses and CI no longer
errors.
---
Outside diff comments:
In `@android/CHANGELOG.md`:
- Around line 6-260: The changelog contains leftover Git conflict markers
(<<<<<<< HEAD, =======, >>>>>>> upstream/main) merging two release streams;
remove the conflict block and duplicate entries and retain a single coherent
changelog (prefer the upstream/main release stream entries such as the
[8.3.1]/[8.3.0] headers and their notes or the intended local release if
required), ensuring no <<<<<<<, =======, or >>>>>>> markers remain and the
headings (e.g., "## [8.3.1]" or "## [8.0.8]") and their associated sections are
kept consistent as the final content.
In `@CHANGELOG.md`:
- Around line 6-532: The changelog contains unresolved git conflict markers
(<<<<<<< HEAD, =======, >>>>>>> upstream/main) around competing release sections
(e.g., "## [8.0.8]" vs "## [8.3.1]"); remove the conflict markers, choose the
correct CI-generated changelog content to keep (or discard the manual edits that
introduced the "8.0.8" block), and restore CHANGELOG.md to the version produced
by the automated release process so no manual edits remain in this PR; ensure
the final file contains only one coherent changelog section (no
<<<<<<</=======/>>>>>>>) before merging.
In `@cli/CHANGELOG.md`:
- Around line 6-286: The changelog contains unresolved Git conflict markers
(<<<<<<< HEAD, =======, >>>>>>> upstream/main) that merge Capacitor+ entries
(starting with 8.0.8 → 8.0.1) and upstream entries (8.3.1 → 8.0.1); remove all
conflict markers and produce a single coherent history by either keeping the
Capacitor+ section and appending upstream changes (or vice versa), ensuring
versions like 8.0.8 and 8.3.1 are ordered correctly, duplicate entries (e.g.,
8.0.1) are deduplicated, and the file contains no leftover markers.
In `@core/CHANGELOG.md`:
- Around line 6-163: The changelog contains unresolved Git merge markers
(<<<<<<<, =======, >>>>>>>) merging two different histories (entries starting
with "## [8.0.8]..." and "## [8.3.1]..."); remove the conflict markers and
produce a single coherent release-history block by choosing the correct history
to keep (either the `@capacitor-plus/core` block beginning "## [8.0.8]" or the
upstream `@capacitor/core` block beginning "## [8.3.1]"), or merge their entries
deterministically (combine non-duplicate release entries in chronological
order), then delete the leftover markers and ensure headings/MD formatting
remain valid (search for the strings "<<<<<<<", "=======", ">>>>>>>", "##
[8.0.8]", and "## [8.3.1]" to locate the conflict).
In `@ios/CHANGELOG.md`:
- Around line 6-231: The file contains unresolved git conflict markers (<<<<<<<
HEAD, =======, >>>>>>> upstream/main) mixing two competing changelog histories
(e.g., headings like "## [8.0.8]" and "## [8.3.1]"); resolve the merge by
removing the conflict markers and choosing or combining the appropriate history
so only one coherent changelog remains (either keep the Capacitor+ entries such
as "## [8.0.8]" or the upstream entries like "## [8.3.1]" or merge them in
chronological order), ensure all version headings and bullet lists are intact
and the file is valid Markdown with no leftover markers.
---
Nitpick comments:
In `@cli/src/config.ts`:
- Around line 428-435: The function determinePackageManager uses the synchronous
existsSync to check for 'CapApp-SPM' which blocks the event loop; replace that
call with the async pathExists (or fs.promises access) and await its result to
keep the function fully asynchronous. Update the check inside
determinePackageManager to await pathExists(resolve(nativeProjectDirAbs,
'CapApp-SPM')) and return 'SPM' when true, ensuring imports/util helpers for
pathExists are used and removing the existsSync reference.
- Around line 464-468: The early return on an empty Gemfile in the block that
reads gemfilePath is redundant because gemfileText = (await
readFile(gemfilePath)).toString() being '' will also fail subsequent regex
tests; update the code in that section to either remove the explicit if
(!gemfileText) return 'Cocoapods'; check or, if you want to keep it for clarity,
replace it with a brief comment explaining the intent; locate the readFile call
and the gemfileText variable in the function around gemfilePath and adjust
accordingly so behavior is unchanged but the redundancy is eliminated or
documented.
In `@cli/src/tasks/migrate-spm.ts`:
- Line 16: Change the loose equality to strict equality in the SPM check: in
migrate-spm.ts update the conditional that reads (await
config.ios.packageManager) == 'SPM' to use === instead; locate the conditional
around the SPM branch (the expression referencing config.ios.packageManager) and
replace the operator so the comparison uses strict equality.
In `@cli/src/tasks/update.ts`:
- Around line 48-62: The function addUpdateChecks currently reassigns checks
inside the loop (checks = await getCommonChecks(config)) which replaces prior
platform checks instead of accumulating them; change it to accumulate results
from getCommonChecks by concatenating or pushing them into the existing checks
array (e.g., await getCommonChecks(config) then checks.push(...newChecks) or
checks = checks.concat(newChecks)) so addUpdateChecks accumulates checks across
multiple platforms (refer to addUpdateChecks and getCommonChecks).
In `@ios/Capacitor/Capacitor/CapacitorBridge.swift`:
- Around line 96-99: Remove the obsolete temporary window state and its observer
wiring: delete the var tmpWindow and static let tmpVCAppeared declarations and
remove the observer registration and any related notification posting in the
initializer (the code that adds/removes observer for tmpVCAppeared); also search
the CapacitorBridge class for any remaining references to tmpWindow or
tmpVCAppeared (including notification posting or observer removal) and eliminate
or refactor those usages so there are no dangling observers or unused state
left.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 17ceb2d6-3ea6-47c3-b1b2-76b47f319f20
📒 Files selected for processing (54)
.github/ISSUE_TEMPLATE/config.yml.github/ISSUE_TEMPLATE/feature-request.yml.github/ionic-issue-bot.yml.github/workflows/needs-reply.yml.github/workflows/publish-ios.yml.github/workflows/test.ymlCHANGELOG.mdandroid/CHANGELOG.mdandroid/capacitor/src/main/assets/native-bridge.jsandroid/capacitor/src/main/java/com/getcapacitor/Bridge.javaandroid/capacitor/src/main/java/com/getcapacitor/BridgeActivity.javaandroid/capacitor/src/main/java/com/getcapacitor/WebViewLocalServer.javaandroid/capacitor/src/main/java/com/getcapacitor/plugin/SystemBars.javaandroid/capacitor/src/main/java/com/getcapacitor/plugin/util/CapacitorHttpUrlConnection.javaandroid/package.jsoncli/CHANGELOG.mdcli/package.jsoncli/src/config.tscli/src/declarations.tscli/src/definitions.tscli/src/index.tscli/src/ios/build.tscli/src/ios/common.tscli/src/ios/doctor.tscli/src/ios/open.tscli/src/ios/run.tscli/src/ios/update.tscli/src/tasks/add.tscli/src/tasks/migrate-spm.tscli/src/tasks/migrate.tscli/src/tasks/run.tscli/src/tasks/sourcemaps.tscli/src/tasks/sync.tscli/src/tasks/update.tscli/src/util/livereload.tscli/src/util/spm.tscli/src/util/template.tscore/CHANGELOG.mdcore/native-bridge.tscore/package.jsoncore/src/core-plugins.tscore/system-bars.mdios-spm-template/App/CapApp-SPM/README.mdios/CHANGELOG.mdios/Capacitor/Capacitor/CAPBridgeProtocol.swiftios/Capacitor/Capacitor/CAPBridgedJSTypes.hios/Capacitor/Capacitor/CAPBridgedJSTypes.mios/Capacitor/Capacitor/CapacitorBridge.swiftios/Capacitor/Capacitor/Plugins/CapacitorUrlRequest.swiftios/Capacitor/Capacitor/assets/native-bridge.jsios/package.jsonlerna.jsonpackage.jsonscripts/pack-cli-assets.mjs
💤 Files with no reviewable changes (1)
- .github/ISSUE_TEMPLATE/feature-request.yml
| uses: imhoffd/needs-reply@v2 | ||
| with: | ||
| repo-token: ${{ secrets.BOT_TOKEN }} | ||
| issue-label: 'needs reply' |
There was a problem hiding this comment.
🧩 Analysis chain
🌐 Web query:
What commit SHA is currently referenced by the v2tag ofimhoffd/needs-reply, and what does GitHub’s official guidance recommend for pinning third-party GitHub Actions?
💡 Result:
The v2 tag of imhoffd/needs-reply currently points to commit SHA unknown, as no sources explicitly state the full SHA. The repository has a latest release v2.0.0 from 2020-12-30, and the tag is used as imhoffd/needs-reply@v2 in workflows, likely resolving to the v2.0.0 tag commit since last push was 2024 but releases are old. GitHub's official guidance recommends pinning third-party GitHub Actions to a full-length commit SHA (e.g., owner/action@<40-char-sha>) rather than tags or branches. This is the only immutable way to use an action securely, preventing supply chain attacks where tags can be moved to malicious commits. Verify the SHA is from the original repository, not a fork. Tags are acceptable only if you fully trust the creator (e.g., verified creator badge), but SHA pinning is preferred. Use the repository's tag page to find the SHA for a tag.
Citations:
- 1: https://github.com/imhoffd/needs-reply
- 2: https://github.com/marketplace/actions/close-issues-after-no-reply
- 3: https://github.blog/changelog/2025-08-15-github-actions-policy-now-supports-blocking-and-sha-pinning-actions/
- 4: https://stackoverflow.com/questions/78903499/how-do-i-pin-an-action-to-a-specific-sha
- 5: Pin third party actions to commit sha cli/cli#10731
Harden third-party action usage before merge.
Line 12 uses a mutable tag (@v2). Pin to a commit SHA instead, as GitHub's official guidance recommends—this is the only immutable way to prevent supply chain attacks. Line 14 passes a custom PAT secret into a third-party action; replace with github.token with explicit permissions defined at the workflow level.
Suggested hardening diff
name: Close old issues that need reply
on:
schedule:
- cron: "0 0 * * *"
+permissions:
+ issues: write
+ contents: read
+
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Close old issues that need reply
- uses: imhoffd/needs-reply@v2
+ uses: imhoffd/needs-reply@<pinned-commit-sha>
with:
- repo-token: ${{ secrets.BOT_TOKEN }}
+ repo-token: ${{ github.token }}
issue-label: 'needs reply'
days-before-close: 7🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.github/workflows/needs-reply.yml around lines 12 - 15, Replace the mutable
third-party action tag and the custom PAT usage: pin imhoffd/needs-reply@v2 to
its exact commit SHA (replace the `@v2` reference with the repo's specific commit
hash) and stop passing a custom secret via repo-token (repo-token: ${{
secrets.BOT_TOKEN }}); instead use the built-in github.token by removing the
repo-token input and declaring explicit permissions for issues/pulls at the
workflow level (permissions: { issues: write, pull-requests: write } or the
minimal set required) so the action runs with a scoped, immutable token and the
action version is pinned immutably.
| - uses: actions/checkout@v5 | ||
| with: | ||
| fetch-depth: 0 | ||
| ref: 'main' |
There was a problem hiding this comment.
Do not hard-code checkout to main in publish workflow.
Line [24] forces publishing from main, which can diverge from the caller/dispatch commit and ship the wrong code.
Proposed fix
- uses: actions/checkout@v5
with:
fetch-depth: 0
- ref: 'main'
+ ref: ${{ github.sha }}📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| ref: 'main' | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.sha }} |
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In @.github/workflows/publish-ios.yml around lines 21 - 24, The checkout step
currently hard-codes ref: 'main', which can cause the workflow to checkout the
wrong commit; update the actions/checkout usage in the publish workflow so it
does not force 'main' — either remove the ref field entirely to let the runner
use the workflow's triggered ref, or set it to the exact commit/ref from the
event (e.g., use the workflow context like github.sha or the dispatch input) so
the checkout uses the caller/dispatch commit rather than main.
| private Integer getWebViewMajorVersion() { | ||
| PackageInfo info = WebViewCompat.getCurrentWebViewPackage(getContext()); | ||
| if (info != null && info.versionName != null) { | ||
| String[] versionSegments = info.versionName.split("\\."); | ||
| return Integer.valueOf(versionSegments[0]); | ||
| } | ||
|
|
||
| return 0; | ||
| } |
There was a problem hiding this comment.
Potential NumberFormatException if WebView version string is malformed.
Integer.valueOf(versionSegments[0]) will throw if the first segment isn't a valid integer. While unlikely with standard WebView packages, defensive parsing would be safer.
🛡️ Proposed defensive fix
private Integer getWebViewMajorVersion() {
PackageInfo info = WebViewCompat.getCurrentWebViewPackage(getContext());
if (info != null && info.versionName != null) {
String[] versionSegments = info.versionName.split("\\.");
- return Integer.valueOf(versionSegments[0]);
+ try {
+ return Integer.valueOf(versionSegments[0]);
+ } catch (NumberFormatException e) {
+ return 0;
+ }
}
return 0;
}🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@android/capacitor/src/main/java/com/getcapacitor/plugin/SystemBars.java`
around lines 321 - 329, The getWebViewMajorVersion method uses
Integer.valueOf(versionSegments[0]) which can throw NumberFormatException for
malformed versionName; update getWebViewMajorVersion to defensively parse the
first segment (from WebViewCompat.getCurrentWebViewPackage(...).versionName and
versionSegments) inside a try/catch or using safe numeric check and return 0 on
failure, ensuring any nulls or empty strings are handled before parsing.
| public static String extractBoundaryFromContentType(String contentType) { | ||
| String boundaryPrefix = "boundary="; | ||
| int boundaryIndex = contentType.indexOf(boundaryPrefix); | ||
| if (boundaryIndex == -1) { | ||
| return null; | ||
| } | ||
|
|
||
| // Extract the substring starting right after "boundary=" | ||
| String boundary = contentType.substring(boundaryIndex + boundaryPrefix.length()); | ||
|
|
||
| // Find the end of the boundary value by looking for the next ";" | ||
| int endIndex = boundary.indexOf(";"); | ||
| if (endIndex != -1) { | ||
| boundary = boundary.substring(0, endIndex); | ||
| } | ||
|
|
||
| // Remove surrounding double quotes if present | ||
| boundary = boundary.trim(); | ||
| if (boundary.startsWith("\"") && boundary.endsWith("\"")) { | ||
| boundary = boundary.substring(1, boundary.length() - 1); | ||
| } | ||
|
|
||
| return boundary; | ||
| } |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Verify helper contract and callsite expectations for boundary extraction.
# Expected:
# 1) Only null is treated as "missing boundary" at callsites.
# 2) No caller currently guards against empty-string boundaries.
rg -n -C3 'extractBoundaryFromContentType\s*\(' --type=java
rg -n -C3 'boundary\s*==\s*null|boundary\.isEmpty\(\)' --type=javaRepository: Cap-go/capacitor-plus
Length of output: 3462
🏁 Script executed:
# Check the full context around the callsite to see if contentType is null-checked before the method call
sed -n '220,240p' android/capacitor/src/main/java/com/getcapacitor/plugin/util/CapacitorHttpUrlConnection.java
# Search for all other usages of extractBoundaryFromContentType to identify all callsites
rg -n 'extractBoundaryFromContentType' --type=javaRepository: Cap-go/capacitor-plus
Length of output: 1562
🏁 Script executed:
# Read the complete implementation of extractBoundaryFromContentType to verify the exact behavior
sed -n '323,350p' android/capacitor/src/main/java/com/getcapacitor/plugin/util/CapacitorHttpUrlConnection.javaRepository: Cap-go/capacitor-plus
Length of output: 1114
Add guards for null contentType and empty boundary values.
The method lacks a null-check on the contentType parameter, causing a NullPointerException at line 325. Additionally, empty boundary strings (e.g., boundary=) are returned as valid since the callsite only checks for null, not empty values. Finally, the unquote logic at line 342 can throw StringIndexOutOfBoundsException if the boundary is a single quote character.
The proposed fixes are necessary:
- Add null-check on
contentTypeat method entry - Guard substring operation with
length >= 2check - Return
nullfor empty boundary values after parsing
Proposed fix
public static String extractBoundaryFromContentType(String contentType) {
+ if (contentType == null) {
+ return null;
+ }
String boundaryPrefix = "boundary=";
int boundaryIndex = contentType.indexOf(boundaryPrefix);
if (boundaryIndex == -1) {
return null;
}
@@
boundary = boundary.trim();
- if (boundary.startsWith("\"") && boundary.endsWith("\"")) {
+ if (boundary.startsWith("\"") && boundary.endsWith("\"") && boundary.length() >= 2) {
boundary = boundary.substring(1, boundary.length() - 1);
}
- return boundary;
+ return boundary.isEmpty() ? null : boundary;
}🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In
`@android/capacitor/src/main/java/com/getcapacitor/plugin/util/CapacitorHttpUrlConnection.java`
around lines 323 - 346, In
CapacitorHttpUrlConnection.extractBoundaryFromContentType, add a null-check for
the contentType parameter at the start and return null if it's null; after
extracting and trimming the boundary string ensure you treat empty strings as
absent (return null if boundary.isEmpty()); and make the unquote guard robust by
only removing surrounding quotes when boundary.length() >= 2 and
boundary.startsWith("\"") && boundary.endsWith("\"") to avoid
StringIndexOutOfBoundsException for single-character boundaries.
| /** | ||
| * @deprecated This method may return incorrect headers in concurrent range requests. | ||
| * <p> | ||
| * Use {@link #buildDefaultResponseHeaders()} instead, which returns a copy of the map. | ||
| * </p> | ||
| * This method will be removed in a future major version of Capacitor. | ||
| * </p> | ||
| */ |
There was a problem hiding this comment.
Fix malformed Javadoc in the deprecation comment.
Line 137 has an extra </p> tag, which can trip doclint/javadoc checks.
Suggested fix
/**
* `@deprecated` This method may return incorrect headers in concurrent range requests.
* <p>
* Use {`@link` `#buildDefaultResponseHeaders`()} instead, which returns a copy of the map.
* </p>
* This method will be removed in a future major version of Capacitor.
- * </p>
*/🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@android/capacitor/src/main/java/com/getcapacitor/WebViewLocalServer.java`
around lines 131 - 138, Fix the malformed Javadoc in WebViewLocalServer's
deprecated method comment by removing the stray extra "</p>" tag (the second
closing paragraph tag) so the Javadoc is well-formed; ensure the block still
documents deprecation and references {`@link` `#buildDefaultResponseHeaders`()}
correctly without the extra closing tag.
| private func extractBoundary(from contentType: String) -> String? { | ||
| if let boundaryRange = contentType.range(of: "boundary=") { | ||
| var boundary = contentType[boundaryRange.upperBound...] | ||
| if let endRange = boundary.range(of: ";") { | ||
| boundary = boundary[..<endRange.lowerBound] | ||
| } | ||
|
|
||
| if boundary.hasPrefix("\"") && boundary.hasSuffix("\"") { | ||
| return String(boundary.dropFirst().dropLast()) | ||
| } else { | ||
| return String(boundary) | ||
| } | ||
| } | ||
|
|
||
| return nil | ||
| } |
There was a problem hiding this comment.
Treat empty parsed boundary as invalid.
At Line 101-105, an empty boundary value can be returned (e.g., boundary= / boundary=""). Since callers at Line 69 and Line 134 only nil-check, they may write multipart bodies with an empty delimiter.
Proposed fix
private func extractBoundary(from contentType: String) -> String? {
if let boundaryRange = contentType.range(of: "boundary=") {
var boundary = contentType[boundaryRange.upperBound...]
if let endRange = boundary.range(of: ";") {
boundary = boundary[..<endRange.lowerBound]
}
-
- if boundary.hasPrefix("\"") && boundary.hasSuffix("\"") {
- return String(boundary.dropFirst().dropLast())
- } else {
- return String(boundary)
- }
+
+ var parsed = String(boundary).trimmingCharacters(in: .whitespacesAndNewlines)
+ if parsed.hasPrefix("\""), parsed.hasSuffix("\""), parsed.count >= 2 {
+ parsed = String(parsed.dropFirst().dropLast())
+ }
+
+ return parsed.isEmpty ? nil : parsed
}
return nil
}🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@ios/Capacitor/Capacitor/Plugins/CapacitorUrlRequest.swift` around lines 94 -
109, The extractBoundary(from:) function can return an empty string for inputs
like "boundary=" or "boundary=\"\"", which callers that only nil-check may treat
as valid; update extractBoundary(from:) to trim surrounding quotes and
whitespace and treat an empty result as invalid by returning nil instead of an
empty string so callers (those invoking extractBoundary(from:)) won't proceed
with an empty multipart delimiter.
| <<<<<<< HEAD | ||
| "name": "@capacitor-plus/ios", | ||
| "version": "8.0.8", | ||
| "description": "Capacitor+: Enhanced Capacitor with automated upstream sync - Cross-platform apps with JavaScript and the web", | ||
| "homepage": "https://capgo.app/docs/plugins/capacitor-plus/", | ||
| "author": "Capgo Team <support@capgo.app> (https://capgo.app)", | ||
| ======= | ||
| "name": "@capacitor/ios", | ||
| "version": "8.3.1", | ||
| "description": "Capacitor: Cross-platform apps with JavaScript and the web", | ||
| "homepage": "https://capacitorjs.com", | ||
| "author": "Ionic Team <hi@ionic.io> (https://ionic.io)", | ||
| >>>>>>> upstream/main |
There was a problem hiding this comment.
Unresolved merge conflict markers (identity section).
Lines 2–14 contain conflict markers around package identity fields. Same resolution approach as other package.json files.
🧰 Tools
🪛 Biome (2.4.12)
[error] 2-2: unexpected character <
(parse)
[error] 2-2: unexpected character <
(parse)
[error] 2-2: unexpected character <
(parse)
[error] 2-2: unexpected character <
(parse)
[error] 2-2: unexpected character <
(parse)
[error] 2-2: unexpected character <
(parse)
[error] 2-2: unexpected character <
(parse)
[error] 2-2: String values must be double quoted.
(parse)
[error] 3-3: End of file expected
(parse)
[error] 3-3: End of file expected
(parse)
[error] 3-3: End of file expected
(parse)
[error] 3-3: End of file expected
(parse)
[error] 4-4: End of file expected
(parse)
[error] 4-4: End of file expected
(parse)
[error] 4-4: End of file expected
(parse)
[error] 4-4: End of file expected
(parse)
[error] 5-5: End of file expected
(parse)
[error] 5-5: End of file expected
(parse)
[error] 5-5: End of file expected
(parse)
[error] 5-5: End of file expected
(parse)
[error] 6-6: End of file expected
(parse)
[error] 6-6: End of file expected
(parse)
[error] 6-6: End of file expected
(parse)
[error] 6-6: End of file expected
(parse)
[error] 7-7: End of file expected
(parse)
[error] 7-7: End of file expected
(parse)
[error] 7-7: End of file expected
(parse)
[error] 7-8: End of file expected
(parse)
[error] 8-8: unexpected character =
(parse)
[error] 8-8: unexpected character =
(parse)
[error] 8-8: unexpected character =
(parse)
[error] 8-8: unexpected character =
(parse)
[error] 8-8: unexpected character =
(parse)
[error] 8-8: unexpected character =
(parse)
[error] 8-8: unexpected character =
(parse)
[error] 9-9: End of file expected
(parse)
[error] 9-9: End of file expected
(parse)
[error] 9-9: End of file expected
(parse)
[error] 9-9: End of file expected
(parse)
[error] 10-10: End of file expected
(parse)
[error] 10-10: End of file expected
(parse)
[error] 10-10: End of file expected
(parse)
[error] 10-10: End of file expected
(parse)
[error] 11-11: End of file expected
(parse)
[error] 11-11: End of file expected
(parse)
[error] 11-11: End of file expected
(parse)
[error] 11-11: End of file expected
(parse)
[error] 12-12: End of file expected
(parse)
[error] 12-12: End of file expected
(parse)
[error] 12-12: End of file expected
(parse)
[error] 12-12: End of file expected
(parse)
[error] 13-13: End of file expected
(parse)
[error] 13-13: End of file expected
(parse)
[error] 13-13: End of file expected
(parse)
[error] 13-14: End of file expected
(parse)
[error] 14-14: unexpected character >
(parse)
[error] 14-14: unexpected character >
(parse)
[error] 14-14: unexpected character >
(parse)
[error] 14-14: unexpected character >
(parse)
[error] 14-14: unexpected character >
(parse)
[error] 14-14: unexpected character >
(parse)
[error] 14-14: unexpected character >
(parse)
[error] 14-14: unexpected character /
(parse)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@ios/package.json` around lines 2 - 14, The package.json contains unresolved
Git conflict markers around identity fields (name, version, description,
homepage, author); remove the conflict markers and choose the canonical values
used by the project (align with other package.json files) so the identity
section is a single valid JSON object—ensure the fields "name", "version",
"description", "homepage", and "author" in ios/package.json are consistent and
valid JSON with no <<<<<<<, =======, or >>>>>>> markers.
| <<<<<<< HEAD | ||
| "@capacitor-plus/core": "^8.0.0", | ||
| "@capacitor/core": "^8.0.0" | ||
| ======= | ||
| "@capacitor/core": "^8.3.0" | ||
| >>>>>>> upstream/main |
There was a problem hiding this comment.
Unresolved merge conflict markers (peerDependencies section).
Lines 36–41 contain a second conflict region. Apply same resolution pattern as android/package.json.
🧰 Tools
🪛 Biome (2.4.12)
[error] 36-36: unexpected character <
(parse)
[error] 36-36: unexpected character <
(parse)
[error] 36-36: unexpected character <
(parse)
[error] 36-36: unexpected character <
(parse)
[error] 36-36: unexpected character <
(parse)
[error] 36-36: unexpected character <
(parse)
[error] 36-36: unexpected character <
(parse)
[error] 36-36: String values must be double quoted.
(parse)
[error] 37-37: End of file expected
(parse)
[error] 37-37: End of file expected
(parse)
[error] 37-37: End of file expected
(parse)
[error] 37-37: End of file expected
(parse)
[error] 38-38: End of file expected
(parse)
[error] 38-38: End of file expected
(parse)
[error] 38-38: End of file expected
(parse)
[error] 39-39: unexpected character =
(parse)
[error] 39-39: unexpected character =
(parse)
[error] 39-39: unexpected character =
(parse)
[error] 39-39: unexpected character =
(parse)
[error] 39-39: unexpected character =
(parse)
[error] 39-39: unexpected character =
(parse)
[error] 39-39: unexpected character =
(parse)
[error] 40-40: End of file expected
(parse)
[error] 40-40: End of file expected
(parse)
[error] 40-40: End of file expected
(parse)
[error] 41-41: unexpected character >
(parse)
[error] 41-41: unexpected character >
(parse)
[error] 41-41: unexpected character >
(parse)
[error] 41-41: unexpected character >
(parse)
[error] 41-41: unexpected character >
(parse)
[error] 41-41: unexpected character >
(parse)
[error] 41-41: unexpected character >
(parse)
[error] 41-41: String values must be double quoted.
(parse)
[error] 41-41: unexpected character /
(parse)
[error] 41-41: String values must be double quoted.
(parse)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@ios/package.json` around lines 36 - 41, Remove the Git merge conflict markers
and resolve the peerDependencies section to match the resolution used in
android/package.json: delete the conflict lines (<<<<<<<, =======, >>>>>>>) and
ensure only a single "@capacitor/core" entry remains with the chosen version
("^8.3.0"), removing the "@capacitor-plus/core" duplicate; verify the resulting
JSON is valid and that the peerDependencies block contains just the resolved
dependency key/value.
| <<<<<<< HEAD | ||
| "version": "8.0.8", | ||
| ======= | ||
| "version": "8.3.1", | ||
| >>>>>>> upstream/main |
There was a problem hiding this comment.
Unresolved merge conflict in lerna.json version field.
Remove conflict markers and set the version. Since this PR syncs with upstream 8.3.1, the version should likely be updated to match:
Proposed fix
},
-<<<<<<< HEAD
- "version": "8.0.8",
-=======
- "version": "8.3.1",
->>>>>>> upstream/main
+ "version": "8.3.1",
"$schema": "node_modules/lerna/schemas/lerna-schema.json"📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| <<<<<<< HEAD | |
| "version": "8.0.8", | |
| ======= | |
| "version": "8.3.1", | |
| >>>>>>> upstream/main | |
| "version": "8.3.1", |
🧰 Tools
🪛 Biome (2.4.12)
[error] 16-16: unexpected character <
(parse)
[error] 16-16: unexpected character <
(parse)
[error] 16-16: unexpected character <
(parse)
[error] 16-16: unexpected character <
(parse)
[error] 16-16: unexpected character <
(parse)
[error] 16-16: unexpected character <
(parse)
[error] 16-16: unexpected character <
(parse)
[error] 16-16: String values must be double quoted.
(parse)
[error] 17-17: End of file expected
(parse)
[error] 17-17: End of file expected
(parse)
[error] 17-17: End of file expected
(parse)
[error] 17-18: End of file expected
(parse)
[error] 18-18: unexpected character =
(parse)
[error] 18-18: unexpected character =
(parse)
[error] 18-18: unexpected character =
(parse)
[error] 18-18: unexpected character =
(parse)
[error] 18-18: unexpected character =
(parse)
[error] 18-18: unexpected character =
(parse)
[error] 18-18: unexpected character =
(parse)
[error] 19-19: End of file expected
(parse)
[error] 19-19: End of file expected
(parse)
[error] 19-19: End of file expected
(parse)
[error] 19-20: End of file expected
(parse)
[error] 20-20: unexpected character >
(parse)
[error] 20-20: unexpected character >
(parse)
[error] 20-20: unexpected character >
(parse)
[error] 20-20: unexpected character >
(parse)
[error] 20-20: unexpected character >
(parse)
[error] 20-20: unexpected character >
(parse)
[error] 20-20: unexpected character >
(parse)
[error] 20-20: unexpected character /
(parse)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@lerna.json` around lines 16 - 20, The lerna.json contains unresolved Git
conflict markers around the "version" field; remove the conflict markers
(<<<<<<< HEAD, =======, >>>>>>> upstream/main) and set "version" to "8.3.1" so
the file is clean and matches upstream; ensure only a single valid JSON
"version" entry remains (the "version" key in lerna.json) and that the file
remains valid JSON after the change.
| <<<<<<< HEAD | ||
| "@types/node": "^24.10.1", | ||
| "@types/tar": "^6.1.2", | ||
| "eslint": "^8.57.1", | ||
| "eslint-plugin-import": "^2.31.0", | ||
| ======= | ||
| "@types/node": "18.18.6", | ||
| "eslint": "^8.57.0", | ||
| >>>>>>> upstream/main | ||
| "lerna": "^7.1.3", | ||
| "prettier": "^3.6.2", | ||
| "prettier-plugin-java": "^2.7.7", | ||
| "rimraf": "^6.1.0", | ||
| "semver": "^7.3.7", | ||
| "swiftlint": "^2.0.0", | ||
| <<<<<<< HEAD | ||
| "tar": "^6.1.11", | ||
| "prettier-pretty-check": "^0.2.0" | ||
| ======= | ||
| "tar": "^7.5.3" | ||
| >>>>>>> upstream/main |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "Check the prettier script:"
rg -n '"prettier"\s*:' package.json
echo
echo "Check whether prettier-pretty-check is still referenced anywhere:"
rg -n 'prettier-pretty-check' --glob 'package.json' .Repository: Cap-go/capacitor-plus
Length of output: 520
Resolve this manifest conflict before merge, and keep the prettier script consistent.
These conflict markers make package.json invalid JSON, which is already breaking CI with EJSONPARSE. The prettier script at line 22 invokes prettier-pretty-check, which is present on the HEAD side but removed on the upstream side. Taking the upstream resolution verbatim will leave the script without its required dependency, causing subsequent failures.
🧰 Tools
🪛 Biome (2.4.12)
[error] 35-35: unexpected character <
(parse)
[error] 35-35: unexpected character <
(parse)
[error] 35-35: unexpected character <
(parse)
[error] 35-35: unexpected character <
(parse)
[error] 35-35: unexpected character <
(parse)
[error] 35-35: unexpected character <
(parse)
[error] 35-35: unexpected character <
(parse)
[error] 35-35: String values must be double quoted.
(parse)
[error] 36-36: End of file expected
(parse)
[error] 36-36: End of file expected
(parse)
[error] 36-36: End of file expected
(parse)
[error] 36-36: End of file expected
(parse)
[error] 37-37: End of file expected
(parse)
[error] 37-37: End of file expected
(parse)
[error] 37-37: End of file expected
(parse)
[error] 37-37: End of file expected
(parse)
[error] 38-38: End of file expected
(parse)
[error] 38-38: End of file expected
(parse)
[error] 38-38: End of file expected
(parse)
[error] 38-38: End of file expected
(parse)
[error] 39-39: End of file expected
(parse)
[error] 39-39: End of file expected
(parse)
[error] 39-39: End of file expected
(parse)
[error] 39-40: End of file expected
(parse)
[error] 40-40: unexpected character =
(parse)
[error] 40-40: unexpected character =
(parse)
[error] 40-40: unexpected character =
(parse)
[error] 40-40: unexpected character =
(parse)
[error] 40-40: unexpected character =
(parse)
[error] 40-40: unexpected character =
(parse)
[error] 40-40: unexpected character =
(parse)
[error] 41-41: End of file expected
(parse)
[error] 41-41: End of file expected
(parse)
[error] 41-41: End of file expected
(parse)
[error] 41-41: End of file expected
(parse)
[error] 42-42: End of file expected
(parse)
[error] 42-42: End of file expected
(parse)
[error] 42-42: End of file expected
(parse)
[error] 42-43: End of file expected
(parse)
[error] 43-43: unexpected character >
(parse)
[error] 43-43: unexpected character >
(parse)
[error] 43-43: unexpected character >
(parse)
[error] 43-43: unexpected character >
(parse)
[error] 43-43: unexpected character >
(parse)
[error] 43-43: unexpected character >
(parse)
[error] 43-43: unexpected character >
(parse)
[error] 43-43: unexpected character /
(parse)
[error] 44-44: End of file expected
(parse)
[error] 44-44: End of file expected
(parse)
[error] 44-44: End of file expected
(parse)
[error] 44-44: End of file expected
(parse)
[error] 45-45: End of file expected
(parse)
[error] 45-45: End of file expected
(parse)
[error] 45-45: End of file expected
(parse)
[error] 45-45: End of file expected
(parse)
[error] 46-46: End of file expected
(parse)
[error] 46-46: End of file expected
(parse)
[error] 46-46: End of file expected
(parse)
[error] 46-46: End of file expected
(parse)
[error] 47-47: End of file expected
(parse)
[error] 47-47: End of file expected
(parse)
[error] 47-47: End of file expected
(parse)
[error] 47-47: End of file expected
(parse)
[error] 48-48: End of file expected
(parse)
[error] 48-48: End of file expected
(parse)
[error] 48-48: End of file expected
(parse)
[error] 48-48: End of file expected
(parse)
[error] 49-49: End of file expected
(parse)
[error] 49-49: End of file expected
(parse)
[error] 49-49: End of file expected
(parse)
[error] 49-50: End of file expected
(parse)
[error] 50-50: unexpected character <
(parse)
[error] 50-50: unexpected character <
(parse)
[error] 50-50: unexpected character <
(parse)
[error] 50-50: unexpected character <
(parse)
[error] 50-50: unexpected character <
(parse)
[error] 50-50: unexpected character <
(parse)
[error] 50-50: unexpected character <
(parse)
[error] 51-51: End of file expected
(parse)
[error] 51-51: End of file expected
(parse)
[error] 51-51: End of file expected
(parse)
[error] 51-51: End of file expected
(parse)
[error] 52-52: End of file expected
(parse)
[error] 52-52: End of file expected
(parse)
[error] 52-52: End of file expected
(parse)
[error] 53-53: unexpected character =
(parse)
[error] 53-53: unexpected character =
(parse)
[error] 53-53: unexpected character =
(parse)
[error] 53-53: unexpected character =
(parse)
[error] 53-53: unexpected character =
(parse)
[error] 53-53: unexpected character =
(parse)
[error] 53-53: unexpected character =
(parse)
[error] 54-54: End of file expected
(parse)
[error] 54-54: End of file expected
(parse)
[error] 54-54: End of file expected
(parse)
[error] 55-55: unexpected character >
(parse)
[error] 55-55: unexpected character >
(parse)
[error] 55-55: unexpected character >
(parse)
[error] 55-55: unexpected character >
(parse)
[error] 55-55: unexpected character >
(parse)
[error] 55-55: unexpected character >
(parse)
[error] 55-55: unexpected character >
(parse)
[error] 55-55: String values must be double quoted.
(parse)
[error] 55-55: unexpected character /
(parse)
[error] 55-55: String values must be double quoted.
(parse)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@package.json` around lines 35 - 55, Remove the Git conflict markers and
produce a valid package.json by merging the two sides: keep a single consistent
set of devDependencies (choose and normalize versions for "@types/node",
"eslint", and "tar") and ensure the prettier script and its dependency match—if
the package.json includes a "prettier" npm script that invokes
"prettier-pretty-check", add "prettier-pretty-check" to devDependencies (or else
change the script to use only "prettier"); specifically edit the devDependencies
block (symbols: "@types/node", "eslint", "tar", "prettier-pretty-check",
"prettier") to remove conflict markers, pick the desired versions, and make the
prettier script and dependency consistent so the JSON parses and CI no longer
errors.
Merge Conflict Resolution Required
The automatic sync of the
plusbranch with upstream main encountered merge conflicts.What happened
Action needed: Review the branch and resolve any remaining concerns before merging.
This PR was created automatically by the Capacitor+ sync workflow
Summary by CodeRabbit
New Features
URLobjects in fetch API proxying for both Android and iOSBug Fixes
Improvements
Documentation