diff --git a/.github/workflows/package-publish.yml b/.github/workflows/package-publish.yml index f550647..df51391 100644 --- a/.github/workflows/package-publish.yml +++ b/.github/workflows/package-publish.yml @@ -4,6 +4,10 @@ on: release: types: [created] +permissions: + id-token: write + contents: read + jobs: check-readme-and-changelog: runs-on: ubuntu-latest @@ -46,7 +50,7 @@ jobs: run: flutter pub get - name: Publish to Pub.dev - run: pub publish --dry-run + run: flutter pub publish --dry-run - name: push build status to Slack uses: 8398a7/action-slack@v3 diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml new file mode 100644 index 0000000..a67a727 --- /dev/null +++ b/.github/workflows/security-scan.yml @@ -0,0 +1,25 @@ +name: Security scan on all changes (Commits/PRs) +on: + push: + branches: ["main", "master", "pilot", "dev"] + pull_request: + types: + - opened +jobs: + code-check: + runs-on: ubuntu-latest + env: + OS: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Checkmarx One CLI Action + uses: checkmarx/ast-github-action@main + with: + project_name: Flutter-v3 + cx_tenant: Flutterwave + base_uri: https://eu.ast.checkmarx.net/ + cx_client_id: ${{ secrets.CX_CLIENT_ID }} + cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} + additional_params: --scan-types sast,iac-security,api-security,sca,container-security diff --git a/CHANGELOG.md b/CHANGELOG.md index e6adeec..04e5da2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ -## [1.1.0] | 2025-04-10 +## [1.1.1] | April 24, 2025 -### Version Changes +Changes include: + +- Added checkmarx security scan to the package build pipeline. + +## [1.1.0] | April 11, 2025 + +Changes include: - Modified `Flutterwave.charge()` method to accept a BuildContext parameter. - Added context.mounted checks to prevent setState calls after widget disposal. @@ -11,19 +17,26 @@ - Updated the SDK requirements to `>=2.17.0`. - Upgraded dependencies to the latest versions. - Removed unused dependencies: webview_flutter, modal_bottom_sheet and uuid. +- Update deployment workflow. ## [1.0.7] - February, 2023 +Changes include: + - Fixed iOS bug where webview couldn't close when close buttons are clicked - Removed required `name` and `phone number` fields in `Customer` object ## [1.0.6] - October, 2022 +Changes include: + - Fixed bug where transaction gets stuck after redirecting on webview - Fixed iOS build bug by removing inAppBrowser library ## [1.0.5] - October, 2022 +Changes include: + - Fixed null when transaction is cancelled. - Removed modal pop up before launching web view. - Removed intermediate make payment screen before webview. @@ -32,22 +45,32 @@ ## [1.0.4] - July 4, 2022 +Changes include: + - Renamed property `isDebug` to `isTestMode` - Made property `redirectUrl` required - Updated README file ## [1.0.3] - October 4, 2021. +Changes include: + - Fixed issue with webview ## [1.0.2] - September 23, 2021. +Changes include: + - Fixed bug where cancel payment buttons are not clickable on iOS devices. ## [1.0.1] - September 14, 2021. +Changes include: + - Fixed bug where response is not returned to initiating screen when user cancels transaction. ## [1.0.0] - September 9, 2021. +Changes include: + - Initial release diff --git a/README.md b/README.md index 8e73a45..c2d3de6 100644 --- a/README.md +++ b/README.md @@ -26,12 +26,12 @@ Available features include: 1. Flutterwave for business [API Keys](https://developer.flutterwave.com/docs/integration-guides/authentication) 2. Supported Flutter version >= 1.17.0 3. Dart SDK >= 2.17.0 -4. For Android: Ensure the NDK version >= 27.0.12077973 on your project's android/app/build.gradle.kts file with android { ndkVersion = "27.0.12077973" } +4. For Android development, ensure the NDK version >= `27.0.12077973` on your project's `android/app/build.gradle.kts` file with android `{ ndkVersion = "27.0.12077973" }`. ## Installation 1. Add the dependency to your project. In your `pubspec.yaml` file add: `flutterwave_standard: 1.1.0` -2. Run `flutter pub get` +2. Run `flutter pub get`. ## Usage @@ -90,30 +90,28 @@ Calling the `.charge()` method returns a `Future` of `ChargeResponse` which we a Call the verify transaction [endpoint](https://developer.flutterwave.com/docs/transaction-verification) with the `transactionID` returned in `response.transactionId` or the `txRef` you provided to verify transaction before offering value to customer #### Note - - `ChargeResponse` can be null, depending on if the user cancels the transaction by pressing back. - You need to confirm the transaction status is successful. Ensure that the txRef, amount, and status are correct and successful. Be sure to [verify the transaction details](https://developer.flutterwave.com/docs/transaction-verification) before providing value. - Some payment methods are not instant, such a `Pay with Bank Transfers, Pay with Bank`, and so you would need to rely on [webhooks](https://developer.flutterwave.com/docs/webhooks) or call the transaction verification service using the [`transactionId`](https://developer.flutterwave.com/reference/verify-transaction), or transaction reference you created(`txRef`) - For such long payments like the above, closing the payment page returns a `cancelled` status, so your final source of truth has to be calling the transaction verification service. -## Support +## Support For additional assistance using this library, contact the developer experience (DX) team via [email](mailto:developers@flutterwavego.com) or on [slack](https://bit.ly/34Vkzcg). You can also follow us [@FlutterwaveEng](https://twitter.com/FlutterwaveEng) and let us know what you think 😊. + ## Contribution guidelines +Read more about our community contribution guidelines [here](CONTRIBUTING.md). -Read more about our community contribution guidelines [here](https://www.notion.so/flutterwavego/Community-contribution-guide-ca1d8a876ba04d45ab4b663c758ae42a). ## License - By contributing to the Flutter library, you agree that your contributions will be licensed under its [MIT license](/LICENSE). Copyright (c) Flutterwave Inc. ## Built Using - - [flutter](https://flutter.dev/) - [http](https://pub.dev/packages/http) - [flutter_inappwebview](https://pub.dev/packages/flutter_inappwebview) @@ -121,8 +119,7 @@ Copyright (c) Flutterwave Inc. -## Flutterwave API References - +## Other Resources - [Flutterwave API Doc](https://developer.flutterwave.com) - [Flutterwave Inline Payment Doc](https://developer.flutterwave.com/docs/inline) - [Flutterwave Dashboard](https://dashboard.flutterwave.com/login) diff --git a/example/pubspec.lock b/example/pubspec.lock index 428577a..012d218 100644 --- a/example/pubspec.lock +++ b/example/pubspec.lock @@ -254,7 +254,7 @@ packages: path: ".." relative: true source: path - version: "1.0.7" + version: "1.1.1" glob: dependency: transitive description: diff --git a/lib/view/flutterwave_in_app_browser.dart b/lib/view/flutterwave_in_app_browser.dart index 86eee36..13680b0 100644 --- a/lib/view/flutterwave_in_app_browser.dart +++ b/lib/view/flutterwave_in_app_browser.dart @@ -33,7 +33,6 @@ class FlutterwaveInAppBrowser extends InAppBrowser { _checkHasCompletedProcessing(final Uri uri) { final status = uri.queryParameters["status"]; final txRef = uri.queryParameters["tx_ref"]; - final id = uri.queryParameters["transaction_id"]; if (status != null && txRef != null) { _finish(uri); } diff --git a/pubspec.yaml b/pubspec.yaml index 02fec2c..426b517 100644 --- a/pubspec.yaml +++ b/pubspec.yaml @@ -1,6 +1,6 @@ name: flutterwave_standard description: Flutterwave's official library that wraps the standard implementation. -version: 1.0.7 +version: 1.1.0 homepage: https://github.com/Flutterwave/flutter_standard environment: sdk: ">=2.17.0 <4.0.0"