Prevent position polling timer from firing with frequency < 60s (protects
against 0s values that saturate the API). Also filter out 0 from location
capability options in the frequency selector.
Comment out the navigation entry points for the wifi settings flow
from the device settings list and for the forgot-password link from
the login screen while these flows wait for product sign-off. The
underlying screens and providers stay in place so re-enabling them is
a single uncomment.
Add debugPrint entries before and after POST /universal-notifications/push
so we can trace whether a given token was accepted by the backend
during debugging of push delivery issues.
Replace the bare centered text with a rounded dialog that leads with a
mail icon, keeps the activation-code message, and adds an explicit OK
button to dismiss. Aligns the dialog with the rest of the legacy
design system.
Extend CheckSessionUseCase to fetch /devices after confirming the
session and return InitialRoute.deviceSetup when the list is empty
(or the call fails). The splash builder now injects a
SharedDevicesRepository alongside the user repository, and the app
router maps the new route to legacyDeviceSetup / deviceSetup per
shell. The legacy builder reads legacyDevicesProvider to derive
isFirstDevice so the setup screen adapts its copy accordingly.
The two fields had been flipped, pointing API calls at the origin host
(platform.savefamily.app) and sending the Origin header as the gateway
host (api-platform.savefamily.app). Restore the intended wiring:
gateway handles /api, and Origin is the platform domain.
Introduce LegacyDeviceSetupErrorEvent and two mappers for the
generate-activation-key and create-device endpoints. 403 on
activation-key maps to invalidIdentificator; 404 to deviceNotFound;
401 (already activated or B2B) unifies as deviceNotAvailable. On
create-device, 403 → invalidField and 404 → invalidActivationKey.
The view state now splits validation vs API errors with a
displayErrorKey extension, replacing the previous e.toString() leak
that could surface stack traces to users.
Map PUT /auth/reset-password and PUT /auth/recovery-password failures
into LegacyRecoverPasswordErrorEvent. Reset-password now treats 404
(email not found) as success and surfaces a generic sent-if-exists
flow, closing an account enumeration vector. Recovery-password
differentiates 401 (tokenExpired), 404 (tokenNotFound), 403+Property
(invalidField) from 403 without Property (weakPassword). The view
state splits validation vs API errors with a displayErrorKey extension
for the inline error text.
Introduce LegacySignupErrorEvent to map backend failures from
POST /auth/signup: 400 → emailAlreadyExists, 403 → invalidField,
429 → tooManyAttempts, timeout → network. The view state now
separates validationErrorKey (pre-submit i18n keys) from apiErrorEvent
(typed API outcomes), and the screen listens to both to show proper
i18n messages instead of leaking raw backend text.
Replace the raw errorMessage string in the login view state with a
typed LegacyAuthErrorEvent that classifies backend failures by HTTP
status (403/404 → invalidCredentials, 423 → accountLocked, 401 +
NOT_VERIFIED/expired → dedicated events, 429 → tooManyAttempts,
timeout → network). The login screen and 2FA sheet now switch on the
enum to show specific i18n messages instead of surfacing raw backend
text. Adds auth i18n keys for the full set of mapped states.
Replace the untyped Exception(msg) thrown by mapDioError with an
ApiException that exposes statusCode and isNetworkError alongside the
message. Callers can now classify failures by HTTP status without
string-matching on the error message — this unblocks typed error
mapping in the auth feature modules.
Introduce a shared RefreshableErrorState widget that wraps the retry
hint in a RefreshIndicator with an explicit 'pull down to retry'
caption, so users can recover from load failures without navigating
away. Wire it into the location screen's error fallbacks and make the
control_panel body pull-to-refresh at any time, invalidating the device
list so the dashboard picks up fresh data.
Add a setNetwork action that sends the setWifi command for a saved
network and waits for wifiCurrent confirmation with a 15s timeout.
Saved network cards are now tappable to trigger the switch, and
dedicated success/error states surface the result via snackbar.
Convert the shared command guard to an async check that refetches
/devices when the cached state is older than 30s, so the isDisconnect
flag reflects reality before a command runs. A TopSnackBar explains the
check only if the fetch takes longer than 400ms, avoiding noise on fast
responses. Update all 44 call sites to await the guard.
Route FCM and local notification taps to the device alerts screen
when the user is already inside the legacy dashboard. Adds payload
parsing with command-based routing and richer debug logs.
Device providers (legacyDevicesProvider, selectedDeviceProvider), repository,
datasource, and GetDevicesResponseModel now live in sf_shared. Also moved
dio_error_mapper (safeCall, mapDioError, formatErrorMessage) to sf_infrastructure.
Consumers import directly from sf_shared instead of re-exporting through legacy_shared.
- Add AntelopAwareMessagingService so the Antelop SDK gets first dibs on every
FCM push before delegating to firebase_messaging. Unblocks SCA wallet
activation on Android, which was waiting forever for pushes that the
FlutterFirebaseMessagingService was swallowing ever since Firebase was
integrated. Remove the stock Antelop and firebase_messaging services via
manifest-merge so only the wrapper handles MESSAGING_EVENT.
- Add Copy AntelopRelease Build Phase in Xcode to copy
Runner/AntelopRelease-{flavor}.plist over the fixed AntelopRelease.plist
inside the .app bundle based on CONFIGURATION. Without this the iOS SDK
silently used the production plist on every flavor.
- Revert the six applicationId values (3 AndroidManifest + 3 AntelopRelease
plist) to the sample id 4713640103500149457, which is the only one
provisioned in Antelop's backend today. The four env+platform ids they
provided all fail with 9999 / cryptography: Error while decrypting data.
To be updated once Treezor confirms the real ids.
- Add packages/flutter_treezor_entrust_sdk_bridge/example as a pub workspace
member and bump its Dart SDK and flutter_lints constraints so
'melos bootstrap' stops failing with 'dependencies for
flutter_treezor_entrust_sdk_bridge_example missing'.
