Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.20.4 to 2.21.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.21.0 - 19 Jul 2023</h2>
<ul>
<li>CodeQL Action now requires CodeQL CLI 2.9.4 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.20.4. <a href="https://redirect.github.com/github/codeql-action/pull/1724">#1724</a></li>
</ul>
<h2>2.20.4 - 14 Jul 2023</h2>
<ul>
<li>This is the last release of the Action that supports CodeQL CLI versions 2.8.5 to 2.9.3. These versions of the CodeQL CLI were deprecated on June 20, 2023 alongside GitHub Enterprise Server 3.5 and will not be supported by the next release of the CodeQL Action (2.21.0).
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.9.4 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.8.5 and 2.9.3, you can replace 'github/codeql-action/<em><a href="https://github.com/v2"><code>@âv2</code></a>' by 'github/codeql-action/</em><a href="https://github.com/v2"><code>@âv2</code></a>.20.4' in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
<li>We are rolling out a feature in July 2023 that will slightly reduce the default amount of RAM used for query execution, in proportion to the runner's total memory. This will help to avoid out-of-memory failures on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1760">#1760</a></li>
<li>Update default CodeQL bundle version to 2.14.0. <a href="https://redirect.github.com/github/codeql-action/pull/1762">#1762</a></li>
</ul>
<h2>2.20.3 - 06 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/1743">#1743</a></li>
</ul>
<h2>2.20.2 - 03 Jul 2023</h2>
<p>No user facing changes.</p>
<h2>2.20.1 - 21 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.4. <a href="https://redirect.github.com/github/codeql-action/pull/1721">#1721</a></li>
<li>Experimental: add a new <code>resolve-environment</code> action which attempts to infer a configuration for the build environment that is required to build a given project. Do not use this in production as it is part of an internal experiment and subject to change at any time.</li>
</ul>
<h2>2.20.0 - 13 Jun 2023</h2>
<ul>
<li>Bump the version of the Action to 2.20.0. This ensures that users who received a Dependabot upgrade to <a href="cdcdbb5797"><code>cdcdbb5</code></a>, which was mistakenly marked as Action version 2.13.4, continue to receive updates to the CodeQL Action. Full details in <a href="https://redirect.github.com/github/codeql-action/pull/1729">#1729</a></li>
</ul>
<h2>2.3.6 - 01 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.3. <a href="https://redirect.github.com/github/codeql-action/pull/1698">#1698</a></li>
</ul>
<h2>2.3.5 - 25 May 2023</h2>
<ul>
<li>Allow invalid URIs to be used as values to <code>artifactLocation.uri</code> properties. This reverses a change from <a href="https://redirect.github.com/github/codeql-action/pull/1668">#1668</a> that inadvertently led to stricter validation of some URI values. <a href="https://redirect.github.com/github/codeql-action/pull/1705">#1705</a></li>
<li>Gracefully handle invalid URIs when fingerprinting. <a href="https://redirect.github.com/github/codeql-action/pull/1694">#1694</a></li>
</ul>
<h2>2.3.4 - 24 May 2023</h2>
<ul>
<li>Updated the SARIF 2.1.0 JSON schema file to the latest from <a href="123e95847b/Schemata/sarif-schema-2.1.0.json">oasis-tcs/sarif-spec</a>. <a href="https://redirect.github.com/github/codeql-action/pull/1668">#1668</a></li>
<li>We are rolling out a feature in May 2023 that will disable Python dependency installation for new users of the CodeQL Action. This improves the speed of analysis while having only a very minor impact on results. <a href="https://redirect.github.com/github/codeql-action/pull/1676">#1676</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1813ca74c3"><code>1813ca7</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1791">#1791</a> from github/update-v2.21.0-6ae46f7a9</li>
<li><a href="6843540876"><code>6843540</code></a> Update changelog for v2.21.0</li>
<li><a href="6ae46f7a92"><code>6ae46f7</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1790">#1790</a> from github/henrymercer/aborted-user-error</li>
<li><a href="0cae69e062"><code>0cae69e</code></a> Report user errors in the abort stage appropriately</li>
<li><a href="d2ed0a05b6"><code>d2ed0a0</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1786">#1786</a> from github/dependabot/npm_and_yarn/npm-0a410f26d2</li>
<li><a href="651d09131a"><code>651d091</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1788">#1788</a> from github/henrymercer/fix-feature-flag-usage</li>
<li><a href="e0f0892f83"><code>e0f0892</code></a> Add tests for new analysis summary feature flag</li>
<li><a href="27d3b2f857"><code>27d3b2f</code></a> Fix scaling reserved RAM feature flag naming</li>
<li><a href="da4e0a06c0"><code>da4e0a0</code></a> Fix CodeQL version checks</li>
<li><a href="e266801e21"><code>e266801</code></a> Update checked-in dependencies</li>
<li>Additional commits viewable in <a href="489225d82a...1813ca74c3">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Updates the README to use code excerpts from the unit test file, adjusting the existing test code slightly to make it suitable for use in the example.
Also fleshes out the example a bit more, to make it look more like a real class.
Finally, adds a note about `base`, linking to the ongoing discussion, since we don't have a decision yet, but people may well wonder why this class exists given `base`.
Part of https://github.com/flutter/flutter/issues/102679
Most of the things installed by the Dockerfile are for tests that have moved to LUCI, so are no longer used. This simlifies down to just the FTL requirements while we work on that final conversion.
The test currently takes about 45 minutes; this starts the process of spliting it into two shards, as on Linux, to bring it more in line with the other repo test durations.
As of https://github.com/flutter/flutter/pull/125003 the current method these tests use to get the screen width throws an exception, since it assumes that the first widget in the tree has certain properties. To make the test more robust, this get the width of the outmost Column, which is part of the test setup, rather than whatever the first widget is.
Unblocks the flutter->packgaes roller.
Rolls Flutter `master` to f842ed916514879fe6898b2a5a4053c63c3308fe manually.
The switch to Material 3 by default broke the expectations of the `dynamic_layouts` package; this updates them to handle the values reported starting with that switch.
Updates the Android implementation package's example app to use the latest version of the platform interface APIs, in preparation for formally deprecating the older versions.
Removes incorrect assumption causing image stream to stop emitting data after subscription to stream is canceled and then the stream is listened to again.
Fixes https://github.com/flutter/flutter/issues/130005.
This PR fixes crash in `video_player` package on iOS.
https://github.com/flutter/flutter/issues/124937
### Detailed description
I can observe the crash when displaying a couple of the different players (different URLs) inside a `ListView`. The crash happens inside of `AVFoundation` framework:
```objc
[AVPlayer _createAndConfigureFigPlayerWithType:completionHandler:]
```
In order to debug the issue, I ran the application using the plugin with `Zombie Objects` inspection turned on. The `Zombie Objects` reports the following issue:
```
*** -[FLTVideoPlayer retainWeakReference]: message sent to deallocated instance 0x6030009b2e10
```
This, in conjunction with the `NSKeyValueWillChange` line present in the stack trace led me to believe, that culprit is sending a KVO notification to the `FLTVideoPlayer` instance that's deallocated.
Next, I examined the plugin code and identified one property that doesn't have the KVO removed. In `addObserversForItem:player:` method in `FLTVideoPlayerPlugin.m`:
```
[player addObserver:self
forKeyPath:@"rate"
options:NSKeyValueObservingOptionInitial | NSKeyValueObservingOptionNew
context:rateContext];
```
The observer for `@"rate"` is never cleaned up. To be entirely sure that the issue comes from KVO that's not cleaned up, I've added the following class:
```
@implementation EmptyObserver
- (void)observeValueForKeyPath:(NSString *)path
ofObject:(id)object
change:(NSDictionary *)change
context:(void *)context {}
@end
```
and registered the observation as follows (notice that `EmptyObserver` is never retained and deallocated instantly):
```
[player addObserver:[[EmptyObserver alloc] init]
forKeyPath:@"rate"
options:NSKeyValueObservingOptionInitial | NSKeyValueObservingOptionNew
context:rateContext];
```
The exception I got seems to be matching the underlying issue:
```
*** -[EmptyObserver retainWeakReference]: message sent to deallocated instance 0x6020001ceb70
```
This means the fix for the issue is to add the following to `disposeSansEventChannel` method:
```
[self.player removeObserver:self forKeyPath:@"rate"];
```
After applying the patch, I can no longer crash the player.
Enables the new emulator support for the Linux custom package test targets, and enables the emulator-based Android integration tests for Pigeon.
Drops the cores from the high-core config (32) to the default (8) since the emulator requires KVM, and there are currently no 32-core KVM machines in the pool. In practice, it appears that this doesn't have much affect on the runtime.
Fixes https://github.com/flutter/flutter/issues/111505
When watching a live stream, if the playback buffers but the AVPlayerItem is likely to keep up, it is necessary to recheck AVPlayerItem.isPlaybackLikelyToKeepUp. If isPlaybackLikelyToKeepUp, a bufferingEnd event should be immediately triggered. I am encountering an issue with my product where, when watching a live stream, if I seek to the latest time, it continuously `bufferingStart` and does not come to an `bufferingEnd`.
The only package that was using the `equatable` package removed it, so we no longer need this allowance.
The only package depending on `xml` was `flutter_migrate`, but it never actually used it, so that can be removed as well.
Part of https://github.com/flutter/flutter/issues/122713
- Converts all 32-core Linux configs to 8-core; comparing all task for two complete runs in each configuration over the weekend, I didn't see any evidence that doing so would meaningfully increase any runtimes, so it appears that we're using high-core configs for no real benefit.
- Adds a shard to web platform tests, since it's somewhat overloaded (~35m for shard 1, ~19m for shard 2)
- Adds a shard to Windows platform tests, since it's definitely overloaded (~45 minutes)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.20.3 to 2.20.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p>
<h2>2.20.4 - 14 Jul 2023</h2>
<ul>
<li>This is the last release of the Action that supports CodeQL CLI versions 2.8.5 to 2.9.3. These versions of the CodeQL CLI were deprecated on June 20, 2023 alongside GitHub Enterprise Server 3.5 and will not be supported by the next release of the CodeQL Action (2.21.0).
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI version 2.9.4 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.8.5 and 2.9.3, you can replace 'github/codeql-action/<em><a href="https://github.com/v2"><code>@âv2</code></a>' by 'github/codeql-action/</em><a href="https://github.com/v2"><code>@âv2</code></a>.20.4' in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li>
</ul>
</li>
<li>We are rolling out a feature in July 2023 that will slightly reduce the default amount of RAM used for query execution, in proportion to the runner's total memory. This will help to avoid out-of-memory failures on larger runners. <a href="https://redirect.github.com/github/codeql-action/pull/1760">#1760</a></li>
<li>Update default CodeQL bundle version to 2.14.0. <a href="https://redirect.github.com/github/codeql-action/pull/1762">#1762</a></li>
</ul>
<h2>2.20.3 - 06 Jul 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/1743">#1743</a></li>
</ul>
<h2>2.20.2 - 03 Jul 2023</h2>
<p>No user facing changes.</p>
<h2>2.20.1 - 21 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.4. <a href="https://redirect.github.com/github/codeql-action/pull/1721">#1721</a></li>
<li>Experimental: add a new <code>resolve-environment</code> action which attempts to infer a configuration for the build environment that is required to build a given project. Do not use this in production as it is part of an internal experiment and subject to change at any time.</li>
</ul>
<h2>2.20.0 - 13 Jun 2023</h2>
<ul>
<li>Bump the version of the Action to 2.20.0. This ensures that users who received a Dependabot upgrade to <a href="cdcdbb5797"><code>cdcdbb5</code></a>, which was mistakenly marked as Action version 2.13.4, continue to receive updates to the CodeQL Action. Full details in <a href="https://redirect.github.com/github/codeql-action/pull/1729">#1729</a></li>
</ul>
<h2>2.3.6 - 01 Jun 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.3. <a href="https://redirect.github.com/github/codeql-action/pull/1698">#1698</a></li>
</ul>
<h2>2.3.5 - 25 May 2023</h2>
<ul>
<li>Allow invalid URIs to be used as values to <code>artifactLocation.uri</code> properties. This reverses a change from <a href="https://redirect.github.com/github/codeql-action/pull/1668">#1668</a> that inadvertently led to stricter validation of some URI values. <a href="https://redirect.github.com/github/codeql-action/pull/1705">#1705</a></li>
<li>Gracefully handle invalid URIs when fingerprinting. <a href="https://redirect.github.com/github/codeql-action/pull/1694">#1694</a></li>
</ul>
<h2>2.3.4 - 24 May 2023</h2>
<ul>
<li>Updated the SARIF 2.1.0 JSON schema file to the latest from <a href="123e95847b/Schemata/sarif-schema-2.1.0.json">oasis-tcs/sarif-spec</a>. <a href="https://redirect.github.com/github/codeql-action/pull/1668">#1668</a></li>
<li>We are rolling out a feature in May 2023 that will disable Python dependency installation for new users of the CodeQL Action. This improves the speed of analysis while having only a very minor impact on results. <a href="https://redirect.github.com/github/codeql-action/pull/1676">#1676</a></li>
<li>We are improving the way that <a href="https://github.com/github/codeql-action/releases">CodeQL bundles</a> are tagged to make it possible to easily identify bundles by their CodeQL semantic version. <a href="https://redirect.github.com/github/codeql-action/pull/1682">#1682</a>
<ul>
<li>As of CodeQL CLI 2.13.4, CodeQL bundles will be tagged using semantic versions, for example <code>codeql-bundle-v2.13.4</code>, instead of timestamps, like <code>codeql-bundle-20230615</code>.</li>
<li>This change does not affect the majority of workflows, and we will not be changing tags for existing bundle releases.</li>
<li>Some workflows with custom logic that depends on the specific format of the CodeQL bundle tag may need to be updated. For example, if your workflow matches CodeQL bundle tag names against a <code>codeql-bundle-yyyymmdd</code> pattern, you should update it to also recognize <code>codeql-bundle-vx.y.z</code> tags.</li>
</ul>
</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="489225d82a"><code>489225d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1777">#1777</a> from github/update-v2.20.4-a148c5807</li>
<li><a href="1b6383d6be"><code>1b6383d</code></a> Update changelog for v2.20.4</li>
<li><a href="a148c58075"><code>a148c58</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1776">#1776</a> from github/aeisenberg/changelog-releases</li>
<li><a href="50527c5dba"><code>50527c5</code></a> Add link to releases page in changelog</li>
<li><a href="814b2edab6"><code>814b2ed</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1762">#1762</a> from github/update-bundle/codeql-bundle-v2.14.0</li>
<li><a href="d2baed4b69"><code>d2baed4</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.14.0</li>
<li><a href="c5526174a5"><code>c552617</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/1774">#1774</a> from github/dependabot/npm_and_yarn/npm-a34e423e98</li>
<li><a href="c1f49580cf"><code>c1f4958</code></a> Fix dependency incompatibilities</li>
<li><a href="40a500c743"><code>40a500c</code></a> Update checked-in dependencies</li>
<li><a href="4fad06f438"><code>4fad06f</code></a> Bump the npm group with 21 updates</li>
<li>Additional commits viewable in <a href="46ed16ded9...489225d82a">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
This moves Android unit tests from Cirrus to LUCI. In order to accomplish this:
- Switches the Android LUCI bots from JDK 11 to JDK 12, to resolve a crash when compiling `camera_android` unit tests with 11.
- Adds wrappers to SDK checks where necessary for testability, since the hack to override `Build.VERSION.SDK_INT` in unit tests (which was already giving warnings when run with JDK 11) no longer works at all in JDK 12.
Part of https://github.com/flutter/flutter/issues/114373
Marks all Dart-wrapped Android native classes as `@immutable`. They are all immutable anyway because they extend `JavaObject` which is immutable, but marking them as immutable explicitly avoids lint warnings caused by [`must_be_immutable`](https://dart.dev/tools/diagnostic-messages#must_be_immutable) when generated mocks of these classes are used (see https://github.com/dart-lang/mockito/issues/200).
Also, updates `CONTRIBUTING.md` to include marking wrapped classes as immutable and extending `JavaObject` as requirements for adding new wrapped classes.
cc @ChristianEdwardPadilla: this should fix the internal lint errors caused by `JavaObject` being immutable.
Replaces the `process` dependency with direct use of `io.Process`, to reduce external dependencies, since this is a `path_provider` dependency and thus a core package.
Fixes https://github.com/flutter/flutter/issues/129787
This PR is an extension of the previous PR #4300 that I submitted. The previous PR, being based on the main branch, was closed and the contents were copied to a new branch in order to make further contributions.ð
In the previous PR, an assertion error was fixed by adding `routeInformationProvider` to `MaterialApp.router`. After a series of code reviews, we updated to use routerConfig and added some test codes.
All the contents have been transferred to the current `bugfix/RouterConfig` branch.
---
*Replace this paragraph with a description of what this PR is changing or adding, and why. Consider including before/after screenshots.*
*List which issues are fixed by this PR. You must list at least one issue.*
*If you had to change anything in the [flutter/tests] repo, include a link to the migration guide as per the [breaking change policy].*
Fixes https://github.com/flutter/flutter/issues/106205 by regenerating goldens.
This is a follow-up to https://github.com/flutter/packages/pull/2493.
This won't work until https://github.com/flutter/flutter/pull/129851 lands and rolls into this repo.
I ran a script that I use to remove trailing spaces in the wrong directory and it cleaned up a couple of other files. The changes seem harmless so I left them in.
As this is only adding tests, this does not require a new version.
Adding tests found two bugs; one, there was a dead code branch in the tokenizer (code is now removed), and two, it found a bug in the framework (see link to PR above).
While using package ``file_selector`` making for multiple file request in web platform we are not able to get any data if user clicks cancel button on file selection window. This PR fixes it by watching the ``focus event`` and if ``onChange`` is not fired then return empty array, Empty array will only return if multiple selection is enabled with ``openFiles()``.
*List which issues are fixed by this PR. You must list at least one issue.*
[Issue #121328](https://github.com/flutter/flutter/issues/121328)
Moves the check that README snippets using code excerpting are up to date to LUCI. Now that the check has been rewritten to be extremely fast, it's folded into the existing repo checks instead of being a separate task.
Also adjusts the tooling slightly so that it logs the count of snippets checked, for auditability in CI, like the old version of the excerpt update tooling did.
Part of https://github.com/flutter/flutter/issues/114373
