Ci/cd

[yeray-yas]

It's necessary to merge ci/cd branch into master

Summary by CodeRabbit

• Chores
  • Updated development toolchain: Kotlin, Android Gradle Plugin, and Gradle wrapper to latest stable versions.
  • Upgraded Java compatibility to version 17 across CI/CD and build configurations.
  • Modernized Android SDK targets and bumped core dependencies (AndroidX, Hilt, Room, Retrofit, coroutines, and testing libraries).
  • Enhanced build robustness with added JVM runtime flags, improved preflight checks and validations, CI branch filter formatting, and minor formatting fixes.
  • Removed an Android testing CI workflow and updated local SDK path configuration.

[coderabbitai]

Walkthrough

Upgrades build toolchain and dependencies: JDK 11→17, Kotlin 1.6→1.9, AGP 4.1.3→8.1.0, Gradle wrapper 7.4→8.5, compile/target SDK →34, many AndroidX/test/library bumps, added JVM --add-opens, and enhanced gradlew pre-flight checks. Removed .github/workflows/testing.yml.

Changes

Cohort / File(s)	Summary
CI workflow .github/workflows/ci.yml, .github/workflows/testing.yml	ci.yml: JDK changed from 11 → 17; branch filters reformatted; EOF newline added. testing.yml removed.
Project build and plugins build.gradle, gradle.properties, gradle/wrapper/gradle-wrapper.properties, gradle/wrapper/*, gradle-wrapper.properties	Kotlin bumped 1.6.10 → 1.9.0; Hilt 2.35 → 2.48; AGP 4.1.3 → 8.1.0; Gradle wrapper updated to 8.5; gradle.properties JVM args extended with many --add-opens entries; networkTimeout and validateDistributionUrl added.
Wrapper script gradlew	Added POSIX-safe pre-flight checks: use command -v java, verify xargs, suppress cd output with /dev/null, improved error messages and comments; core exec logic retained.
App module build app/build.gradle	compileSdkVersion/targetSdkVersion → 34; added namespace; Java/Kotlin compatibility → Java 17/JVM target 17; upgraded AndroidX, lifecycle, fragment/activity, Retrofit, coroutines, Room, and test dependencies.
Local config local.properties	Replaced SDK path (macOS → Windows-style path) and updated header timestamp.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Developer
  participant CI as GitHub Actions CI
  participant Wrapper as gradlew
  participant JVM as Java Runtime
  note over Wrapper: New pre-flight checks added
  Developer->>CI: push / pull_request
  CI->>Wrapper: run `./gradlew ...`
  Wrapper->>Wrapper: check `command -v java`
  Wrapper-->>Wrapper: check `xargs`
  alt checks pass
    Wrapper->>JVM: exec Gradle with JVM args (`--add-opens` from gradle.properties)
    JVM->>Wrapper: run build/tasks
  else checks fail
    Wrapper-->>Developer: error and exit
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

🐰
I hopped through lines of build and script,
Swapped my JDK boots for seventeen's tip.
Gradle spun to eight-point-five,
Kotlin leapt, the deps alive—
A buttery carrot of a successful build. 🥕

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title Check	❓ Inconclusive	The title "Ci/cd" is vague and generic, failing to convey meaningful information about the changeset. While the PR does include CI/CD workflow modifications (.github/workflows/ci.yml), the primary changes are comprehensive build system upgrades: JDK 11→17, Android SDK 31→34, Kotlin 1.6.10→1.9.0, Android Gradle Plugin 4.1.3→8.1.0, and numerous dependency updates. The title appears to be merely the branch name rather than a descriptive summary of these substantial changes, leaving a developer scanning PR history uncertain about the actual scope of the modifications.	The title should be more descriptive about the main changes. Consider updating it to something like "Update JDK to 17, Android SDK to 34, and modernize build dependencies" or "Upgrade build system and dependencies to October 2025 versions" to clearly communicate the primary purpose of this changeset to reviewers and future reference.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3c04557 and ef9bdac.

📒 Files selected for processing (1)

• .github/workflows/testing.yml (0 hunks)

💤 Files with no reviewable changes (1)

• .github/workflows/testing.yml

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[yeray-yas]

el nuevo PR tiene codigo actualizado a Octubre 2025. El programa arranca to bombita

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

local.properties (1)

1-8: CRITICAL: Remove local.properties from version control.

This file explicitly states it "must NOT be checked into Version Control Systems" (Line 1) because it contains machine-specific configuration. The SDK path C:\\Users\\Administrador\\AppData\\Local\\Android\\Sdk is specific to one developer's Windows machine and will break builds for other team members.

Action required:

1. Remove this file from the repository
2. Add local.properties to .gitignore if not already present
3. Document the required format in README or a local.properties.example file

#!/bin/bash
# Verify if local.properties is in .gitignore
if [ -f .gitignore ]; then
  if grep -q "local.properties" .gitignore; then
    echo "✓ local.properties is in .gitignore"
  else
    echo "✗ local.properties is NOT in .gitignore - needs to be added"
  fi
else
  echo "✗ No .gitignore file found"
fi

# Check git history to see if this was previously ignored
git log --all --full-history -- local.properties | head -20

🧹 Nitpick comments (4)

gradle.properties (1)

9-9: Extensive reflective access workarounds may indicate plugin compatibility issues.

The long list of --add-opens arguments is a common workaround for Java 17+ module system restrictions, but such an extensive list may signal that some Gradle plugins or annotation processors haven't been fully updated for modern JDK versions. While this enables the build to work, it bypasses Java's module encapsulation.

Consider:

1. Documenting which specific plugins/tools require these arguments
2. Checking if updated versions of those plugins exist that don't require these workarounds
3. Monitoring build output for illegal reflective access warnings to identify the actual sources

#!/bin/bash
# Search for known compatibility issues with the current plugin versions
echo "=== Checking for Gradle 8.5 + JDK 17 compatibility notes ==="

# Check if any plugins document required --add-opens flags
rg -i "add-opens|reflective|illegal.*access" --type gradle -C3

.github/workflows/ci.yml (1)

24-24: Consider adding test execution to CI workflow.

The CI workflow only builds the app (./gradlew assemble) but doesn't run tests. Consider adding test execution to catch issues early.

Add a test step after the build:

      - name: Build app
        run: ./gradlew assemble
      - name: Run tests
        run: ./gradlew test
      - name: Run instrumented tests
        uses: reactivecircus/android-emulator-runner@v2
        with:
          api-level: 34
          script: ./gradlew connectedCheck

Note: Instrumented tests require an emulator and will increase CI time significantly.

app/build.gradle (1)

10-15: ---

Consider updating to Android SDK 35 or 36 for October 2025.

As of October 2025, the latest Android platform SDK is Android 16 with API level 36. SDK 34 targets Android 14 (released in 2023) and is now 2 API levels behind. Updating to SDK 35 (Android 15) or SDK 36 (Android 16) would provide access to security patches, performance improvements, and modern Android features appropriate for current development.

build.gradle (1)

10-10: Update AGP to latest stable version 8.13.0

The latest stable Android Gradle Plugin as of October 2025 is 8.13.0. Consider updating from 8.1.0 to benefit from bug fixes, improvements, and enhanced compatibility with newer Android tooling versions.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 14d0639 and 3c04557.

⛔ Files ignored due to path filters (1)

• gradle/wrapper/gradle-wrapper.jar is excluded by !**/*.jar

📒 Files selected for processing (7)

• .github/workflows/ci.yml (1 hunks)
• app/build.gradle (3 hunks)
• build.gradle (1 hunks)
• gradle.properties (1 hunks)
• gradle/wrapper/gradle-wrapper.properties (1 hunks)
• gradlew (4 hunks)
• local.properties (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.8)

.github/workflows/ci.yml

14-14: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

16-16: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🔇 Additional comments (10)

gradle.properties (1)

15-15: Nice catch on the typo fix!

Good correction from app"s to app's.

app/build.gradle (3)

9-9: Good addition of namespace declaration.

The namespace declaration is required for Android Gradle Plugin 8.0+. This is correctly added.

---

28-35: Java 17 compatibility correctly configured.

The source/target compatibility and JVM target are properly set to Java 17, aligning with the JDK upgrade in the CI workflow.

---

45-76: Consider updating several dependencies to their latest stable versions (October 2025).

Verification confirms multiple newer stable versions are available for the dependencies in this PR:

• androidx.core:core-ktx: 1.12.0 → 1.17.0
• androidx.appcompat:appcompat: 1.6.1 → 1.7.1
• com.google.android.material:material: 1.11.0 → 1.13.0
• androidx.lifecycle:lifecycle-viewmodel-ktx: 2.7.0 → 2.9.4 (also lifecycle-livedata-ktx)
• androidx.room:room-ktx: 2.6.1 → 2.8.2 (and room-compiler)
• org.jetbrains.kotlinx:kotlinx-coroutines-android: 1.7.3 → 1.10.2
• io.mockk:mockk: 1.13.8 → 1.14.3

Before updating, verify compatibility with your codebase and test thoroughly, as some updates involve minor/major version bumps with potential API changes.

gradlew (4)

58-58: Good practice: Updated branch reference.

Changing from master to HEAD is more generic and future-proof.

---

83-87: Improved CDPATH handling.

The addition of output redirection to /dev/null and shellcheck annotations prevents issues when CDPATH is set in the user's environment. This is a standard improvement from newer Gradle wrapper versions.

---

134-141: More robust Java detection.

Replacing which java with command -v java is more POSIX-compliant and portable. The improved error message is also clearer.

---

217-221: Proactive xargs availability check.

Adding an explicit check for xargs availability prevents cryptic failures later in the script. This is a good defensive programming practice.

gradle/wrapper/gradle-wrapper.properties (1)

3-5: Good security and reliability improvements. Consider upgrading to Gradle 9.1.0 after testing.

The changes add network timeout for reliability and distribution URL validation for security—both are excellent. Gradle 8.5 (2024) can be updated to the latest stable release, 9.1.0 (September 2025). However, this is a major version upgrade, so test thoroughly for compatibility before upgrading to ensure no breaking changes affect your build.

build.gradle (1)

3-4: Versions are stable and secure; no actionable issues found.

Kotlin 1.9.0 is a stable release from July 6, 2023. No known security vulnerabilities exist for Hilt 2.48. Both versions are appropriate choices without CVE concerns.

Note for future reference: Latest versions are Kotlin 2.2.0 and Hilt 2.56.2. Upgrading Hilt beyond 2.48 introduces breaking changes including default behavior changes for generic bindings, removal of deprecated Factory.create overloads, and collection type requirements for Kotlin sources. Monitor these if planning future upgrades.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

JDK 17 upgrade correctly implemented, but GitHub Actions are outdated.

The JDK 17 upgrade aligns perfectly with the project's infrastructure modernization. However, the static analysis correctly identifies that actions/checkout@v3 and actions/setup-java@v3 are deprecated.

Apply this diff to update to current action versions:

     steps:
-      - uses: actions/checkout@v3
-      - name: set up JDK 17
-        uses: actions/setup-java@v3
+      - uses: actions/checkout@v4
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
         with:
           java-version: '17'

Based on static analysis hints.

Committable suggestion skipped: line range outside the PR's diff.

🧰 Tools

🪛 actionlint (1.7.8)

16-16: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents

.github/workflows/ci.yml around lines 15 to 19: the workflow currently uses
deprecated action versions; replace actions/checkout@v3 and
actions/setup-java@v3 with their current stable major releases (e.g.,
actions/checkout@v4 and actions/setup-java@v4), and update any related input
keys if required by the newer major versions (verify java-version/distribution
inputs remain correct and adjust syntax per the new action docs); run a quick
workflow lint or test run to confirm the updated actions work as expected.