[MOSIP-42820] Updated build.gradle

[Ivanmeneges]

Summary by CodeRabbit

• Chores
  • Enhanced CI/CD with automated checks: DCO, CodeQL and SonarQube integrated.
  • Expanded pull-request automation and restructured build/analysis job sequencing for clearer dependencies.
  • Enabled manual workflow triggers with a configurable SERVER_BASE_URL and updated default to the sandbox environment.
  • CI now updates the configured server URL during builds and ensures Android build scripts are executable.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[ghost]

https://github.com/mosip/android-registration-client/blob/develop/.github/workflows/build-android.yml#L14-L54
This is the existing script which is working fine
and is building the apk
command to build apk is "flutter build apk"
keys required to sign the apk is taken from secrets
kindly check

[coderabbitai]

Walkthrough

Adds workflow_dispatch inputs and pull_request triggers to CI workflows, inserts DCO and CodeQL jobs, reorders/renames build and analysis jobs to depend on those checks, adds steps to replace serverBaseURL and make gradlew executable, and updates Android serverBaseURL to a sandbox endpoint.

Changes

Cohort / File(s)	Summary
GitHub Actions: build workflow \.github/workflows/build-android.yml	Added workflow_dispatch input defaultServerBaseURL; extended triggers to include pull_request with opened, reopened, synchronize; introduced SERVER_BASE_URL env from the input; added step to replace api-internal.sandbox.xyz.net occurrences in android/build.gradle*; added step to make gradlew executable.
GitHub Actions: push workflow (CI pipeline) \.github/workflows/push_trigger.yml	Added workflow_dispatch with serverBaseURL input; added pull_request trigger branches; added new jobs dco and codeql; renamed/restructured build-android → Android Registration-Client Build (now depends on [dco, codeql]); renamed sonar-analysis → SonarQube Analysis (depends on build); updated checkout, JDK, cache/Gradle keys, and consolidated build/Sonar steps; added Update serverBaseURL step and Upload APK artifact step.
Android build config android/build.gradle	Updated ext.serverBaseURL value from https://api-internal.qa-base.mosip.net to https://api-internal.sandbox.xyz.net.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant User as Trigger (push / pull_request / workflow_dispatch)
  participant GH as GitHub Actions
  participant DCO as DCO Job
  participant CodeQL as CodeQL Job
  participant Build as Android Registration-Client Build
  participant Sonar as SonarQube Analysis

  Note over GH: Workflow starts
  User->>GH: trigger workflow
  GH->>DCO: run dco
  GH->>CodeQL: run codeql
  alt dco & codeql succeed
    DCO-->>GH: success
    CodeQL-->>GH: success
    GH->>Build: checkout -> set SERVER_BASE_URL -> Replace serverBaseURL in files -> make gradlew executable -> run Gradle build
    Build-->>GH: build artifact (APK)
    GH->>Sonar: run SonarQube Analysis (uses build outputs)
    Sonar-->>GH: analysis result
  else any fail
    DCO-->>GH: fail
    CodeQL-->>GH: fail
    GH-->>User: pipeline halted
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

• Check consistency of workflow_dispatch input names (defaultServerBaseURL vs serverBaseURL) and environment variable usage.
• Review the Replace serverBaseURL step pattern and target file globs (android/build.gradle*) for correctness.
• Verify gradlew permission change placement and build step ordering.
• Confirm job dependency names and that Sonar job depends on the correct build job.

Poem

🐰 A hop, a patch, a workflow new,
Inputs set and checks in view,
DCO and CodeQL take their place,
Server URL points to sandbox space —
Gradlew hops ready, builds race through! 🎋

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title 'MOSIP-42820 Updated build.gradle' refers to updating build.gradle, but the changeset encompasses significantly more: workflow configuration changes in two YAML files (.github/workflows/build-android.yml and push_trigger.yml), introduction of DCO and CodeQL checks, job restructuring, and server URL updates. The title is misleading as it emphasizes only one minor change while omitting the major workflow restructuring.	Use a more comprehensive title that captures the primary changes, such as 'Add CI/CD checks and restructure Android build workflows' or 'Integrate DCO and CodeQL checks with enhanced server configuration'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (3)

.github/workflows/push_trigger.yml (3)

23-56: Update outdated GitHub Actions versions to latest.

The new DCO and CodeQL jobs use older versions of GitHub Actions:

• Line 31: actions/checkout@v3 → should be v4
• Line 48: actions/checkout@v3 → should be v4
• Lines 52, 56: github/codeql-action@v2 → should be v3

Updating to the latest versions ensures access to bug fixes, security patches, and new features.

Apply this diff to update action versions:

      - name: Checkout code
-       uses: actions/checkout@v3
+       uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Initialize CodeQL
-       uses: github/codeql-action/init@v2
+       uses: github/codeql-action/init@v3
        with:
          languages: ${{ matrix.language }}
      - name: Perform CodeQL Analysis
-       uses: github/codeql-action/analyze@v2
+       uses: github/codeql-action/analyze@v3

Also update line 31:

      - name: Checkout code
-       uses: actions/checkout@v3
+       uses: actions/checkout@v4

---

64-64: Update outdated actions/checkout version.

Line 64 uses actions/checkout@v3, which is outdated. Update to v4 for the latest features and security patches.

Apply this diff:

      - name: Checkout code
-       uses: actions/checkout@v3
+       uses: actions/checkout@v4

---

90-121: Update outdated action versions in sonar-analysis job.

Lines 91 and 96 use older versions of GitHub Actions:

• Line 91: actions/checkout@v3 → should be v4
• Line 96: actions/setup-java@v3 → should be v4

These should be updated for consistency and access to the latest improvements.

Apply this diff:

      - name: Checkout repository
-       uses: actions/checkout@v3
+       uses: actions/checkout@v4
         with:
           fetch-depth: 0

       - name: Set up JDK 11
-       uses: actions/setup-java@v3
+       uses: actions/setup-java@v4
         with:
           java-version: '11'

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8f46caa and ca5e89d.

📒 Files selected for processing (3)

• .github/workflows/build-android.yml (1 hunks)
• .github/workflows/push_trigger.yml (2 hunks)
• android/build.gradle (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.8)

.github/workflows/push_trigger.yml

31-31: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

48-48: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

52-52: the runner of "github/codeql-action/init@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

56-56: the runner of "github/codeql-action/analyze@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

64-64: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

91-91: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

96-96: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build

🔇 Additional comments (2)

android/build.gradle (1)

61-61: Verify the sandbox environment endpoint is correct and intended.

The serverBaseURL has been updated from a QA environment to a sandbox environment (sandbox.xyz.net). Please confirm this endpoint is valid, reachable, and represents the intended target environment for this build configuration.

.github/workflows/push_trigger.yml (1)

71-77: Build command differs between workflows.

Line 75 uses cd client && ./gradlew assembleDebug, but the build-android.yml workflow uses flutter build apk (line 55). These produce different output types (debug Gradle build vs. release Flutter build). Clarify which build variant is intended for this push_trigger workflow, and consider standardizing across workflows.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Critical: serverBaseURL input is unavailable during push events.

Line 70's sed replacement uses ${{ github.event.inputs.serverBaseURL }}, but github.event.inputs is only populated for workflow_dispatch events. During push events, this variable is empty, causing the sed command to replace api-internal.sandbox.xyz.net with an empty string, which will break the build.

To fix this, either:

1. Provide a default value in the sed command using bash parameter expansion: ${{ github.event.inputs.serverBaseURL || 'api-internal.sandbox.xyz.net' }}
2. Or conditionally run this step only on workflow_dispatch events using if: github.event_name == 'workflow_dispatch'

Apply this diff to safely handle missing input:

      - name: Update serverBaseURL
         run: |
-          find . -type f -name "*build.gradle" -print0 | xargs -0 sed -i "s/api-internal.sandbox.xyz.net/${{ github.event.inputs.serverBaseURL }}/g"
+          find . -type f -name "*build.gradle" -print0 | xargs -0 sed -i "s/api-internal.sandbox.xyz.net/${{ github.event.inputs.serverBaseURL || 'api-internal.sandbox.xyz.net' }}/g"

Alternatively, make this step conditional:

+     - name: Update serverBaseURL
+       if: github.event_name == 'workflow_dispatch'
         run: |
           find . -type f -name "*build.gradle" -print0 | xargs -0 sed -i "s/api-internal.sandbox.xyz.net/${{ github.event.inputs.serverBaseURL }}/g"

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Update serverBaseURL
	run: |
	find . -type f -name "*build.gradle" -print0 | xargs -0 sed -i "s/api-internal.sandbox.xyz.net/${{ github.event.inputs.defaultServerBaseURL }}/g"
	find . -type f -name "*build.gradle" -print0 | xargs -0 sed -i "s/api-internal.sandbox.xyz.net/${{ github.event.inputs.serverBaseURL }}/g"
	- name: Build Android Registration-Client
	run: |
	cd client
	chmod +x gradlew
	./gradlew assembleDebug
	ls app/build/outputs/apk/debug
	- name: Update serverBaseURL
	run: |
	find . -type f -name "*build.gradle" -print0 | xargs -0 sed -i "s/api-internal.sandbox.xyz.net/${{ github.event.inputs.serverBaseURL || 'api-internal.sandbox.xyz.net' }}/g"
	- name: Build Android Registration-Client
	run: |
	cd client
	chmod +x gradlew
	./gradlew assembleDebug
	ls app/build/outputs/apk/debug

🤖 Prompt for AI Agents

In .github/workflows/push_trigger.yml around lines 68-76 the sed replacement
uses `${{ github.event.inputs.serverBaseURL }}` which is empty on push events
and wipes out the host; change the step to either (A) keep it for all events but
use a safe default when the input is missing by using bash/GitHub expressions to
fall back to the original host (e.g. expand the variable with a default in the
sed command), or (B) restrict the step to only run on workflow_dispatch by
adding an if condition (`if: github.event_name == 'workflow_dispatch'`) so the
replacement never runs during push; implement one of these fixes and verify the
build step still finds a valid serverBaseURL.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

.github/workflows/push_trigger.yml (1)

77-79: 🔴 Critical: serverBaseURL input unavailable on push events will break the build.

Lines 77-79 use ${{ github.event.inputs.serverBaseURL }}, which is only populated for workflow_dispatch events. When the workflow runs on push events (line 11), this variable is empty, causing sed to replace api-internal.sandbox.xyz.net with an empty string and breaking the build.

Choose one of these fixes:

Option A: Safe default fallback (allow both push and workflow_dispatch):

-          find . -type f -name "*build.gradle" -print0 | xargs -0 sed -i "s/api-internal.sandbox.xyz.net/${{ github.event.inputs.serverBaseURL }}/g"
+          find . -type f -name "*build.gradle" -print0 | xargs -0 sed -i "s/api-internal.sandbox.xyz.net/${{ github.event.inputs.serverBaseURL || 'api-internal.sandbox.xyz.net' }}/g"

Option B: Conditional execution (only customize URL on workflow_dispatch):

       - name: Update serverBaseURL
+        if: github.event_name == 'workflow_dispatch'
         run: |
           find . -type f -name "*build.gradle" -print0 | xargs -0 sed -i "s/api-internal.sandbox.xyz.net/${{ github.event.inputs.serverBaseURL }}/g"

🧹 Nitpick comments (4)

.github/workflows/push_trigger.yml (4)

32-42: Update outdated GitHub Actions to latest versions.

The DCO Check job uses actions/checkout@v3, which is outdated. GitHub Actions recommends upgrading to v4 (or later) for better performance and security updates.

       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

---

44-65: Update outdated GitHub Actions in CodeQL job.

The CodeQL Analysis job uses multiple outdated actions that should be upgraded to their latest versions for security and compatibility:

       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3

---

67-92: Update outdated actions/checkout in build-android job.

The build-android job uses actions/checkout@v3 (line 73), which is outdated. Upgrade to the latest version.

       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

---

94-130: Update outdated GitHub Actions in sonar-analysis job.

The sonar-analysis job uses outdated actions that should be upgraded:

       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0

       - name: Set up JDK 11
-        uses: actions/setup-java@v3
+        uses: actions/setup-java@v4
         with:
           java-version: '11'

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ca5e89d and ee10a3a.

📒 Files selected for processing (1)

• .github/workflows/push_trigger.yml (2 hunks)

🧰 Additional context used

🪛 actionlint (1.7.8)

.github/workflows/push_trigger.yml

40-40: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

57-57: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

61-61: the runner of "github/codeql-action/init@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

65-65: the runner of "github/codeql-action/analyze@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

73-73: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

100-100: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

105-105: the runner of "actions/setup-java@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: CodeQL Analysis (javascript)
• GitHub Check: build

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

⚠️ Unresolved: serverBaseURL default still mismatches build configuration.

The workflow_dispatch input defaults to "api-internal.qacore.mosip.net" (line 9), but previous reviews flagged that android/build.gradle uses "https://api-internal.sandbox.xyz.net". This inconsistency remains unaddressed. Please either:

• Align the default to match build.gradle: "https://api-internal.sandbox.xyz.net", or
• Document which environment (QA vs sandbox) should be used and clarify in code comments.

---

🏁 Script executed:

#!/bin/bash
# Find build.gradle files in the repository
fd -t f 'build\.gradle' | head -20

Length of output: 221

---

🏁 Script executed:

#!/bin/bash
# Search for serverBaseURL references in the codebase
rg -n 'serverBaseURL' --type gradle --type yaml

Length of output: 308

---

🏁 Script executed:

#!/bin/bash
# Examine the full push_trigger.yml workflow file to understand context
cat .github/workflows/push_trigger.yml | head -150

Length of output: 3369

---

🔴 Critical: sed command breaks on push events; inputs unavailable outside workflow_dispatch.

The sed command at line 79 uses ${{ github.event.inputs.serverBaseURL }}, which is only populated by workflow_dispatch. However, the workflow also triggers on push (line 10) and pull_request (line 21), where inputs are empty. This causes sed to replace api-internal.sandbox.xyz.net with an empty string, corrupting the build.gradle file.

Fix: Either conditionally run the sed step only on workflow_dispatch, or restructure the workflow to avoid using inputs on push/pull_request triggers:

- name: Update serverBaseURL
  if: github.event_name == 'workflow_dispatch'
  run: find . -type f -name "*build.gradle" -print0 | xargs -0 sed -i "s/api-internal.sandbox.xyz.net/${{ github.event.inputs.serverBaseURL }}/g"

Alternatively, provide a fallback value for push events or remove the push trigger if only manual workflow_dispatch is intended.

🤖 Prompt for AI Agents

In .github/workflows/push_trigger.yml around lines 4-9 (and the sed step at
~line 79), the sed command uses ${{ github.event.inputs.serverBaseURL }} which
is only populated for workflow_dispatch and will be empty on push/pull_request,
causing an accidental replacement; fix by restricting the sed step to run only
for workflow_dispatch events (add an if: github.event_name ==
'workflow_dispatch' to that step) or alternatively provide a safe
fallback/default value or environment variable for serverBaseURL when the event
is not workflow_dispatch so the sed replacement never substitutes an empty
string.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ee10a3a and 2e1001b.

📒 Files selected for processing (1)

• .github/workflows/build-android.yml (2 hunks)

🧰 Additional context used

🪛 actionlint (1.7.8)

.github/workflows/build-android.yml

24-24: the runner of "actions/checkout@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: build

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

⚠️ Critical: SERVER_BASE_URL environment variable will be empty for pull_request and push events.

The environment variable SERVER_BASE_URL (line 21) references github.event.inputs.defaultServerBaseURL, which only exists during workflow_dispatch events. The pull_request trigger added on lines 11–12 and the existing push trigger (line 13) will cause the "Replace serverBaseURL" step (lines 25–28) to execute with an empty $SERVER_BASE_URL, resulting in sed replacing all occurrences of api-internal.sandbox.xyz.net with an empty string and corrupting the build.gradle files.

Add a conditional to guard the sed step or provide a proper fallback for non-workflow_dispatch events:

      - name: Replace serverBaseURL
+       if: github.event_name == 'workflow_dispatch'
        run: |
          find android -type f -name "build.gradle*" -print0 \
          | xargs -0 sed -i "s#api-internal.sandbox.xyz.net#${SERVER_BASE_URL}#g"

Alternatively, define SERVER_BASE_URL with a proper conditional or default based on the event type:

      env:
-       SERVER_BASE_URL: ${{ github.event.inputs.defaultServerBaseURL || 'https://api.default.example.com' }}
+       SERVER_BASE_URL: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.defaultServerBaseURL || 'https://api-internal.sandbox.xyz.net' }}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	pull_request:
	types: [opened, reopened, synchronize]
	push:
	branches:
	- release*
	- 'release*'
	- develop
	jobs:
	build:
	runs-on: ubuntu-latest
	env:
	SERVER_BASE_URL: ${{ github.event.inputs.defaultServerBaseURL || 'https://api.default.example.com' }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v2
	- name: Replace serverBaseURL
	run: |
	find android -type f -name "build.gradle*" -print0 \
	| xargs -0 sed -i "s#api-internal.sandbox.xyz.net#${SERVER_BASE_URL}#g"
	pull_request:
	types: [opened, reopened, synchronize]
	push:
	branches:
	- 'release*'
	- develop
	jobs:
	build:
	runs-on: ubuntu-latest
	env:
	SERVER_BASE_URL: ${{ github.event.inputs.defaultServerBaseURL || 'https://api.default.example.com' }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v2
	- name: Replace serverBaseURL
	if: github.event_name == 'workflow_dispatch'
	run: |
	find android -type f -name "build.gradle*" -print0 \
	| xargs -0 sed -i "s#api-internal.sandbox.xyz.net#${SERVER_BASE_URL}#g"

Suggested change

	pull_request:
	types: [opened, reopened, synchronize]
	push:
	branches:
	- release*
	- 'release*'
	- develop
	jobs:
	build:
	runs-on: ubuntu-latest
	env:
	SERVER_BASE_URL: ${{ github.event.inputs.defaultServerBaseURL || 'https://api.default.example.com' }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v2
	- name: Replace serverBaseURL
	run: |
	find android -type f -name "build.gradle*" -print0 \
	| xargs -0 sed -i "s#api-internal.sandbox.xyz.net#${SERVER_BASE_URL}#g"
	pull_request:
	types: [opened, reopened, synchronize]
	push:
	branches:
	- 'release*'
	- develop
	jobs:
	build:
	runs-on: ubuntu-latest
	env:
	SERVER_BASE_URL: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.defaultServerBaseURL || 'https://api-internal.sandbox.xyz.net' }}
	steps:
	- name: Checkout code
	uses: actions/checkout@v2
	- name: Replace serverBaseURL
	run: |
	find android -type f -name "build.gradle*" -print0 \
	| xargs -0 sed -i "s#api-internal.sandbox.xyz.net#${SERVER_BASE_URL}#g"

🧰 Tools

🪛 actionlint (1.7.8)

24-24: the runner of "actions/checkout@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents

In .github/workflows/build-android.yml around lines 11 to 28, the
SERVER_BASE_URL env uses github.event.inputs.defaultServerBaseURL which is only
set for workflow_dispatch, so for pull_request and push events it will be empty
and sed will erase hostnames in build.gradle files; update the workflow to
either skip the "Replace serverBaseURL" step when SERVER_BASE_URL is empty or
set a safe default per event type — implement a conditional around the step
(e.g., run only if github.event_name == 'workflow_dispatch' or if env var is
non-empty) or compute SERVER_BASE_URL using an expression that falls back to a
fixed default when github.event.inputs.defaultServerBaseURL is undefined,
ensuring sed only runs with a valid non-empty replacement.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Update outdated actions/checkout to v4.

The actions/checkout@v2 action (line 24) is deprecated and no longer maintained. Update to the latest stable version (v4) to ensure security patches and compatibility with current GitHub Actions runners.

      - name: Checkout code
-       uses: actions/checkout@v2
+       uses: actions/checkout@v4

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	uses: actions/checkout@v2
	- name: Checkout code
	uses: actions/checkout@v4

🧰 Tools

🪛 actionlint (1.7.8)

24-24: the runner of "actions/checkout@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents

In .github/workflows/build-android.yml around line 24, the workflow uses
actions/checkout@v2 which is outdated; update the reference to
actions/checkout@v4. Edit the workflow file to replace the version tag for the
checkout action from v2 to v4 (or use the full major tag actions/checkout@v4) to
pick up the latest maintained release, then run or validate the workflow to
ensure no breaking changes affect downstream steps.