Skip to content

chore: Release 5.5.2#1670

Merged
nan-li merged 4 commits into
mainfrom
rel/5.5.2
Jun 3, 2026
Merged

chore: Release 5.5.2#1670
nan-li merged 4 commits into
mainfrom
rel/5.5.2

Conversation

@github-actions
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot commented Jun 3, 2026
edited by nan-li
Loading

Channels: Current

🐛 Bug Fixes

✨ Improvements

@nan-li nan-li requested review from a team and nan-li June 3, 2026 01:26
claude[bot]
claude Bot reviewed Jun 3, 2026
View reviewed changes
Comment thread Package.swift
@nan-li @claude
fix: repair Package.swift for 5.5.2 SPM distribution
7a72ad8 
The release tooling (update_swift_package.sh) edits Package.swift by hardcoded
line numbers, which had drifted, so it overwrote the .binaryTarget boundaries
with new url/checksum lines and left the old ones in place — producing an
unparseable manifest that breaks every SwiftPM consumer of 5.5.2.

Restore the correct structure (10 .binaryTarget entries) with each url bumped
to 5.5.2 and the 5.5.2 checksums computed during this release. Verified with
swift package dump-package.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@nan-li
Copy link
Copy Markdown
Contributor

nan-li commented Jun 3, 2026

@claude review

claude[bot]
claude Bot reviewed Jun 3, 2026
View reviewed changes
Copy link
Copy Markdown

@claude claude Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Package.swift fix in 7a72ad8 resolves the SPM manifest issue I flagged earlier — the rest of the PR is a standard release version bump.

Extended reasoning...

Overview

This is the 5.5.2 release PR, bumping podspecs and ONESIGNAL_VERSION from 5.5.1 to 5.5.2, refreshing all 9 xcframework binaries and their checksums, and pointing Package.swift binary targets at the new 5.5.2 release URLs. Substantive code changes were already shipped via #1669 (prewarm identity fix) and #1667 (identifier-read refactor); this PR is just packaging.

Security risks

None specific to this change. The xcframework binaries are signed (CodeDirectory/CodeSignature updated alongside CodeResources), and the SPM consumers receive the binaries by URL pinned to a SHA-256 checksum that matches the released zip. No auth/crypto/permissions surface is touched here.

Level of scrutiny

Low-medium — release packaging changes are mechanical, but the SPM manifest is the documented integration path so it has to actually parse. My prior review caught a release-tooling bug that corrupted Package.swift (deleted ),\n .binaryTarget( separators between targets and left duplicate 5.5.1 url/checksum lines). Commit 7a72ad8 fixed it by restoring the in-place url/checksum update pattern that 5.5.1 and earlier releases used.

Other factors

I re-read Package.swift at HEAD: lines 110–117 close .target(name: "OneSignalLiveActivitiesWrapper", ..., path: "OneSignalLiveActivitiesWrapper") properly, and lines 118–167 are 10 well-formed .binaryTarget(name:, url:, checksum:) calls separated by commas, every URL now points at the 5.5.2 release and every checksum is the new 5.5.2 value with no leftover 5.5.1 lines. No outstanding reviewer comments.

@nan-li nan-li merged commit e9b42df into main Jun 3, 2026
3 of 5 checks passed
@nan-li nan-li deleted the rel/5.5.2 branch June 3, 2026 02:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claude claude[bot] claude[bot] left review comments

@fadi-george fadi-george fadi-george approved these changes

@nan-li nan-li Awaiting requested review from nan-li

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nan-li @fadi-george