Skip to content

Fix CodeQL alerts and remove green gradients#1982

Merged
lostf1sh merged 4 commits into
masterfrom
fix-codeql-gradients
May 13, 2026
Merged

Fix CodeQL alerts and remove green gradients#1982
lostf1sh merged 4 commits into
masterfrom
fix-codeql-gradients

Conversation

@lostf1sh

@lostf1sh lostf1sh commented May 12, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • remove green gradient treatments from the About hero card and Telegram login background
  • make sleep timer PendingIntent targets explicitly component-bound
  • document and suppress Netease API-required weak crypto wire formats for CodeQL

Verification

  • git diff --check
  • attempted ./gradlew :app:compileDebugKotlin, but JAVA_HOME/java is not configured in this environment

@daedaevibin

daedaevibin commented May 13, 2026

Copy link
Copy Markdown
Contributor

@lostf1sh

CodeQL seems to fail, please attempt clearing this up if possible.

Also test from your end if you have not and let me or @theovilardo know what the status is.

@lostf1sh

lostf1sh commented May 13, 2026

Copy link
Copy Markdown
Collaborator Author

@lostf1sh

CodeQL seems to fail, please attempt clearing this up if possible.

Also test from your end if you have not and let me or @theovilardo know what the status is.

we never pr before testing, thats the rules here, for codeql, i'm about to fix it.

lostf1sh added 2 commits May 13, 2026 20:10
@lostf1sh
Fix implicit PendingIntent CodeQL alerts
7d143d3 
Switch sleep-timer Intent construction to the explicit
Intent(context, ReceiverClass) form so CodeQL's
java/android/implicit-pendingintents rule recognises the
target at construction time instead of after a component
assignment.
@lostf1sh
Inline sleep-timer Intent into PendingIntent helper
010923f 
CodeQL data-flow couldn't follow the explicit
Intent(context, ReceiverClass) constructor through the
separate sleepTimerIntent() helper, so it still flagged
the alarmManager.set* calls. Building the Intent in the
same function as PendingIntent.getBroadcast matches the
pattern that already silenced the alerts in MusicService.
@lostf1sh lostf1sh merged commit 90b9b06 into master May 13, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lostf1sh @daedaevibin