From 5b07665f914afabf596a7f7f8c46ab317464c6a4 Mon Sep 17 00:00:00 2001
From: KiruthikaJeyashankar
 <81218987+KiruthikaJeyashankar@users.noreply.github.com>
Date: Fri, 12 Jan 2024 14:53:47 +0530
Subject: [PATCH 1/6] [INJI-597] add sonar-check in CI

Co-authored-by:  PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com>
Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
---
 .github/workflows/internal-build.yml          |  41 +-
 .github/workflows/push-triggers.yml           |  44 +-
 .talismanrc                                   |  22 +-
 android/app/build.gradle                      |   8 +-
 android/app/lint-baseline.xml                 | 403 ++++++++++++++++++
 ios/Podfile.lock                              |  12 +-
 package-lock.json                             |  14 +-
 package.json                                  |   6 +-
 patches/@mosip+tuvali+0.4.9.patch             |  21 +
 .../@react-native-picker+picker+2.4.8.patch   |  15 +
 ...native-bluetooth-state-manager+1.3.4.patch |  13 +
 patches/react-native-location+2.5.0.patch     |  20 +-
 scripts/check-sonar-critical-issues.sh        |  24 ++
 sonar-project.properties                      |   8 +-
 14 files changed, 599 insertions(+), 52 deletions(-)
 create mode 100644 android/app/lint-baseline.xml
 create mode 100644 patches/@mosip+tuvali+0.4.9.patch
 create mode 100644 patches/@react-native-picker+picker+2.4.8.patch
 create mode 100644 patches/react-native-bluetooth-state-manager+1.3.4.patch
 create mode 100644 scripts/check-sonar-critical-issues.sh

diff --git a/.github/workflows/internal-build.yml b/.github/workflows/internal-build.yml
index a43fa4be39..6ed19945fb 100644
--- a/.github/workflows/internal-build.yml
+++ b/.github/workflows/internal-build.yml
@@ -165,13 +165,34 @@ jobs:
       MATCH_PASSWORD: '${{ secrets.INJI_IOS_MATCH_PASSWORD }}'
       SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_INJI_TEAM }}'
 
-  # sonar-check:
-  #   uses: mosip/kattu/.github/workflows/gradlew-sonar-analysis.yml@master
-  #   with:
-  #     SERVICE_LOCATION: '.'
-  #     ANDROID_LOCATION: 'android'
-  #     SONAR_ARGS: -Dsonarqube
-  #   secrets:
-  #     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-  #     SONAR_ORGANIZATION: ${{ secrets.ORG_KEY }}
-  #     SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_INJI_TEAM }}'
\ No newline at end of file
+  sonar-check:
+    uses: mosip/kattu/.github/workflows/gradlew-sonar-analysis.yml@master
+    with:
+      SERVICE_LOCATION: '.'
+      NODE_VERSION: '18.x'
+      NPM_BUILD_TYPE: 'BOB'
+      SONAR_SOURCES: '.'
+      SONAR_TESTS: '.'
+      SONAR_EXCLUSIONS: '.github/**, .vscode/**, android/**, assets/**, build/**, ios/**, node_modules/**, scripts/**, **/*.java, **/*.typegen.ts'
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      ORG_KEY: ${{ secrets.ORG_KEY }}
+      SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_INJI_TEAM }}'
+
+  check-sonar-critical-issues:
+    needs: sonar-check
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Check for critical bugs
+        run: |
+          cd scripts
+          BRANCH_NAME=${GITHUB_REF##*/}
+          ./check-sonar-critical-issues.sh BRANCH_NAME
+      - uses: 8398a7/action-slack@v3
+        if: failure()
+        with:
+          status: ${{ job.status }}
+          fields: repo,message,author,commit,workflow,job
+        env:
+          SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_INJI_TEAM }}'
diff --git a/.github/workflows/push-triggers.yml b/.github/workflows/push-triggers.yml
index f5d64e9e47..684907653c 100644
--- a/.github/workflows/push-triggers.yml
+++ b/.github/workflows/push-triggers.yml
@@ -38,13 +38,37 @@ jobs:
       IOS_SERVICE_LOCATION: 'ios'
       SCRIPT_NAME: "fastlane ios_app_build"
 
-  # sonar-check:
-  #   if: ${{ github.event_name != 'pull_request' }}
-  #   uses: mosip/kattu/.github/workflows/gradlew-sonar-analysis.yml@master
-  #   with:
-  #     SERVICE_LOCATION: '.'
-  #     ANDROID_LOCATION: 'android'
-  #   secrets:
-  #     SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-  #     SONAR_ORGANIZATION: ${{ secrets.ORG_KEY }}
-  #     SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_INJI_TEAM }}'
\ No newline at end of file
+  sonar-check-on-push:
+    name: Sonar check
+    if: ${{ github.event_name != 'pull_request' }}
+    needs: [build-android, build-ios]
+    uses: mosip/kattu/.github/workflows/gradlew-sonar-analysis.yml@master
+    with:
+      SERVICE_LOCATION: '.'
+      NODE_VERSION: '18.x'
+      NPM_BUILD_TYPE: 'BOB'
+      SONAR_SOURCES: '.'
+      SONAR_TESTS: '.'
+      SONAR_EXCLUSIONS: '.github/**, .vscode/**, android/**, assets/**, build/**, ios/**, node_modules/**, scripts/**, **/*.java, **/*.typegen.ts'
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      ORG_KEY: ${{ secrets.ORG_KEY }}
+      SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_INJI_TEAM }}'
+
+  check-sonar-critical-issues:
+    needs: sonar-check-on-push
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Check for critical bugs
+        run: |
+          cd scripts
+          BRANCH_NAME=${GITHUB_REF##*/}
+          ./check-sonar-critical-issues.sh BRANCH_NAME
+      - uses: 8398a7/action-slack@v3
+        if: failure()
+        with:
+          status: ${{ job.status }}
+          fields: repo,message,author,commit,workflow,job
+        env:
+          SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_INJI_TEAM }}'
diff --git a/.talismanrc b/.talismanrc
index 91da0677cc..25cff5055c 100644
--- a/.talismanrc
+++ b/.talismanrc
@@ -1,8 +1,8 @@
 fileignoreconfig:
   - filename: package.json
-    checksum: e09253939abe4c3509c9322ecd97ce2cdbc25fb25e55ce30ed8c70b6320aa9ca
+    checksum: 36092db5daadd744889a8b2797a0e0cf14c1eb3260dcc63d5e08798f00cb28de
   - filename: package-lock.json
-    checksum: 723cd12daeea0e51e30ec3abdba469b693bdfae12a1de6486fe8782c564340eb
+    checksum: 229b7c669673846100642867badeb547061e6caa4332e21d088b00e19c1f46d4
   - filename: lib/jsonld-signatures/suites/ed255192018/ed25519.ts
     checksum: 493b6e31144116cb612c24d98b97d8adcad5609c0a52c865a6847ced0a0ddc3a
   - filename: components/PasscodeVerify.tsx
@@ -42,7 +42,7 @@ fileignoreconfig:
   - filename: screens/Issuers/IssuersScreen.tsx
     checksum: 9c53e3770dbefe26e0de67ee4b7d5cc9c52d9823cbb136a1a5104dcb0a101071
   - filename: ios/Podfile.lock
-    checksum: 2487c4e11fb1bd95032cc4511435d9420fc0dfc62f3c015d177213fa089df7f2
+    checksum: 616fe84ac61ed732245c86b2f30ec2b5000d31fa71f05272925972e81e5188a4
   - filename: screens/Home/IntroSlidersScreen.tsx
     checksum: 72ef913857448ef05763e52e32356faa2d1f3de8130a1c638d1897f44823031f
   - filename: shared/commonUtil.ts
@@ -86,23 +86,27 @@ fileignoreconfig:
   - filename: assets/Flip_Camera_Icon.svg
     checksum: 736b5a7ddb86bd4376229ce198dbf8a663e7ac89fc3311bd4f19afd4a2b36ffd
   - filename: ios/fastlane/Fastfile
-    checksum: 086080bc7a04accf5094c457b5acf84d9fec5d7dfa72eaaaf02e433ecf4f996b    
+    checksum: 086080bc7a04accf5094c457b5acf84d9fec5d7dfa72eaaaf02e433ecf4f996b
   - filename: assets/Finger_Print_Icon.svg
     checksum: 776d4fe4fc4b54d185ccf97daf0511b9fe2c0e0f7c1a809047020e5e8a100db6
   - filename: android/app/build.gradle
     checksum: d5409b8eda2e1bf5b2552a909595a9e0aea4fd4e7572cf1746c99eee1583b83a
   - filename: .github/workflows/push-triggers.yml
-    checksum: abc19ea38c8d7b79f15695d015709cc88a34a995181aaf12bc8344f940f3cbc4
+    checksum: b756907546401ee829074984603070c2c69a682af236b8822c69a7fab8c03256
   - filename: ios/fastlane/Fastfile
     checksum: 086080bc7a04accf5094c457b5acf84d9fec5d7dfa72eaaaf02e433ecf4f996b
   - filename: android/fastlane/Fastfile
     checksum: a25f155bcbbae7ab09563637c23771f7349738f12a6ddc8ae71c29c61ed535af
   - filename: .github/workflows/internal-build.yml
-    checksum: e9b85cf0405d777faee9345269f6f9eb861ed205728dca63cf27a5db79c876a7
+    checksum: 8ebb8304ad1834a0de5eb1ec14cf9e36569361f9d73a656709ce0e8fee9c6261
   - filename: assets/Issuer_search_clearing_button.svg
     checksum: f4e8a054fc4168e08bc9e9fe3e644cebabacdfc31ef0cbe36dd281766f47df5e
   - filename: screens/Home/MyVcs/IdInputModal.tsx
-    checksum: 7ee46d8ef4761c0e9b59f3e602e6e30be5f47221817c819e91ab10ca2203089f 
+    checksum: 7ee46d8ef4761c0e9b59f3e602e6e30be5f47221817c819e91ab10ca2203089f
   - filename: screens/Home/MyVcs/OtpVerificationModal.tsx
-    checksum: 1db1f39701019383e1e40e6ed5278177e6c9bb3d28def0935cf6d4bd9e41e63a 
-    version: ""
\ No newline at end of file
+    checksum: 1db1f39701019383e1e40e6ed5278177e6c9bb3d28def0935cf6d4bd9e41e63a
+  - filename: android/app/lint-baseline.xml
+    checksum: b5c0463fe4bac47004d6943a20d38ab023ff74c761723e50e8a1c2bfe717b0e1
+  - filename: scripts/check-sonar-critical-issues.sh
+    checksum: 100f7359a6b57025bd53e84f014326811f6d9fd13a63805de40ecaa64ea90cde
+    version: ""
diff --git a/android/app/build.gradle b/android/app/build.gradle
index 8f14f7f589..e144020b8a 100644
--- a/android/app/build.gradle
+++ b/android/app/build.gradle
@@ -123,6 +123,12 @@ android {
         }
     }
 
+    lintOptions {
+        abortOnError false
+        absolutePaths false
+        baseline file("lint-baseline.xml")
+    }
+
     signingConfigs {
         release {
             // for sonarqube job we will generate dummy release keystore to sign the app as we are not doing it in workflow
@@ -296,4 +302,4 @@ dependencies {
 }
 
 apply from: file("../../node_modules/@react-native-community/cli-platform-android/native_modules.gradle"); applyNativeModulesAppBuildGradle(project)
-apply from: "./eas-build.gradle"
\ No newline at end of file
+apply from: "./eas-build.gradle"
diff --git a/android/app/lint-baseline.xml b/android/app/lint-baseline.xml
new file mode 100644
index 0000000000..bc898bb75e
--- /dev/null
+++ b/android/app/lint-baseline.xml
@@ -0,0 +1,403 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<issues format="6" by="lint 7.4.2" type="baseline" client="gradle" dependencies="false" name="AGP (7.4.2)" variant="all" version="7.4.2">
+
+    <issue
+            id="ScopedStorage"
+            message="WRITE_EXTERNAL_STORAGE no longer provides write access when targeting Android 10+"
+            errorLine1="  &lt;uses-permission android:name=&quot;android.permission.WRITE_EXTERNAL_STORAGE&quot;/>"
+            errorLine2="                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/AndroidManifest.xml"
+                line="16"
+                column="34"/>
+    </issue>
+
+    <issue
+            id="NotificationPermission"
+            message="When targeting Android 13 or higher, posting a permission requires holding the `POST_NOTIFICATIONS` permission (usage from com.bumptech.glide.request.target.NotificationTarget)">
+        <location
+                file="src/main/AndroidManifest.xml"/>
+    </issue>
+
+    <issue
+            id="UnusedAttribute"
+            message="Attribute `usesPermissionFlags` is only used in API level 31 and higher (current min is 23)"
+            errorLine1="                     android:usesPermissionFlags=&quot;neverForLocation&quot; />"
+            errorLine2="                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/debug/AndroidManifest.xml"
+                line="6"
+                column="22"/>
+    </issue>
+
+    <issue
+            id="UnusedAttribute"
+            message="Attribute `usesPermissionFlags` is only used in API level 31 and higher (current min is 23)"
+            errorLine1="  &lt;uses-permission android:name=&quot;android.permission.BLUETOOTH_SCAN&quot; android:usesPermissionFlags=&quot;neverForLocation&quot;/>"
+            errorLine2="                                                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/AndroidManifest.xml"
+                line="10"
+                column="69"/>
+    </issue>
+
+    <issue
+            id="RedundantLabel"
+            message="Redundant label can be removed"
+            errorLine1="    &lt;activity android:name=&quot;.MainActivity&quot; android:exported=&quot;true&quot; android:label=&quot;@string/app_name&quot; android:configChanges=&quot;keyboard|keyboardHidden|orientation|screenLayout|screenSize|smallestScreenSize|uiMode|locale|layoutDirection&quot; android:launchMode=&quot;singleTask&quot; android:windowSoftInputMode=&quot;adjustResize&quot; android:theme=&quot;@style/Theme.App.SplashScreen&quot; android:screenOrientation=&quot;portrait&quot;>"
+            errorLine2="                                                                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/AndroidManifest.xml"
+                line="30"
+                column="68"/>
+    </issue>
+
+    <issue
+            id="GradleDependency"
+            message="A newer version of com.facebook.soloader:soloader than 0.10.1.+ is available: 0.10.4"
+            errorLine1="    implementation &apos;com.facebook.soloader:soloader:0.10.1+&apos;"
+            errorLine2="                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="build.gradle"
+                line="235"
+                column="20"/>
+    </issue>
+
+    <issue
+            id="GradleDependency"
+            message="A newer version of com.facebook.fresco:fresco than 2.0.0 is available: 2.6.0"
+            errorLine1="        implementation &apos;com.facebook.fresco:fresco:2.0.0&apos;"
+            errorLine2="                       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="build.gradle"
+                line="244"
+                column="24"/>
+    </issue>
+
+    <issue
+            id="GradleDependency"
+            message="A newer version of com.facebook.fresco:imagepipeline-okhttp3 than 2.0.0 is available: 2.5.0"
+            errorLine1="        implementation &apos;com.facebook.fresco:imagepipeline-okhttp3:2.0.0&apos;"
+            errorLine2="                       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="build.gradle"
+                line="245"
+                column="24"/>
+    </issue>
+
+    <issue
+            id="GradleDependency"
+            message="A newer version of com.squareup.okhttp3:okhttp-urlconnection than 4.4.1 is available: 4.9.2"
+            errorLine1="        implementation &apos;com.squareup.okhttp3:okhttp-urlconnection:4.4.1&apos;"
+            errorLine2="                       ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="build.gradle"
+                line="246"
+                column="24"/>
+    </issue>
+
+    <issue
+            id="GradleDependency"
+            message="A newer version of androidx.swiperefreshlayout:swiperefreshlayout than 1.0.0 is available: 1.1.0"
+            errorLine1="    implementation &quot;androidx.swiperefreshlayout:swiperefreshlayout:1.0.0&quot;"
+            errorLine2="                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="build.gradle"
+                line="263"
+                column="20"/>
+    </issue>
+
+    <issue
+            id="GradleDynamicVersion"
+            message="Avoid using + in version numbers; can lead to unpredictable and unrepeatable builds (com.facebook.soloader:soloader:0.10.1+)"
+            errorLine1="    implementation &apos;com.facebook.soloader:soloader:0.10.1+&apos;"
+            errorLine2="                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="build.gradle"
+                line="235"
+                column="20"/>
+    </issue>
+
+    <issue
+            id="LockedOrientationActivity"
+            message="Expecting `android:screenOrientation=&quot;unspecified&quot;` or `&quot;fullSensor&quot;` for this activity so the user can use the application in any orientation and provide a great experience on Chrome OS devices"
+            errorLine1="    &lt;activity android:name=&quot;.MainActivity&quot; android:exported=&quot;true&quot; android:label=&quot;@string/app_name&quot; android:configChanges=&quot;keyboard|keyboardHidden|orientation|screenLayout|screenSize|smallestScreenSize|uiMode|locale|layoutDirection&quot; android:launchMode=&quot;singleTask&quot; android:windowSoftInputMode=&quot;adjustResize&quot; android:theme=&quot;@style/Theme.App.SplashScreen&quot; android:screenOrientation=&quot;portrait&quot;>"
+            errorLine2="                                                                                                                                                                                                                                                                                                                                                                  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/AndroidManifest.xml"
+                line="30"
+                column="355"/>
+    </issue>
+
+    <issue
+            id="VisibleForTests"
+            message="This method should only be accessed from tests or within private scope"
+            errorLine1="      ReactContext reactContext = reactInstanceManager.getCurrentReactContext();"
+            errorLine2="                                                       ~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/debug/java/io/mosip/residentapp/ReactNativeFlipper.java"
+                line="54"
+                column="56"/>
+    </issue>
+
+    <issue
+            id="ExtraText"
+            message="Unexpected text found in manifest file: &quot;>&quot;"
+            errorLine1="    &lt;application tools:targetApi=&quot;28&quot; tools:ignore=&quot;GoogleAppIndexingWarning&quot; android:networkSecurityConfig=&quot;@xml/network_security_config&quot;>>"
+            errorLine2="                                                                                                                                           ~">
+        <location
+                file="src/debug/AndroidManifest.xml"
+                line="15"
+                column="140"/>
+    </issue>
+
+    <issue
+            id="LogNotTimber"
+            message="Using &apos;Log&apos; instead of &apos;Timber&apos;"
+            errorLine1="        Log.d(&quot;Main&quot;, &quot;Denied&quot;);"
+            errorLine2="        ~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/java/io/mosip/residentapp/MainActivity.java"
+                line="108"
+                column="9"/>
+    </issue>
+
+    <issue
+            id="TrustAllX509TrustManager"
+            message="`checkClientTrusted` is empty, which could cause insecure network traffic due to trusting arbitrary TLS/SSL certificates presented by peers">
+        <location
+                file="$GRADLE_USER_HOME/caches/modules-2/files-2.1/org.bouncycastle/bcpkix-jdk15to18/1.68/f8a3b0a62642ceaca476845241952e559fc8965c/bcpkix-jdk15to18-1.68.jar"/>
+    </issue>
+
+    <issue
+            id="TrustAllX509TrustManager"
+            message="`checkClientTrusted` is empty, which could cause insecure network traffic due to trusting arbitrary TLS/SSL certificates presented by peers">
+        <location
+                file="$GRADLE_USER_HOME/caches/modules-2/files-2.1/org.bouncycastle/bcpkix-jdk15to18/1.68/f8a3b0a62642ceaca476845241952e559fc8965c/bcpkix-jdk15to18-1.68.jar"/>
+    </issue>
+
+    <issue
+            id="TrustAllX509TrustManager"
+            message="`checkServerTrusted` is empty, which could cause insecure network traffic due to trusting arbitrary TLS/SSL certificates presented by peers">
+        <location
+                file="$GRADLE_USER_HOME/caches/modules-2/files-2.1/org.bouncycastle/bcpkix-jdk15to18/1.68/f8a3b0a62642ceaca476845241952e559fc8965c/bcpkix-jdk15to18-1.68.jar"/>
+    </issue>
+
+    <issue
+            id="TrustAllX509TrustManager"
+            message="`checkClientTrusted` is empty, which could cause insecure network traffic due to trusting arbitrary TLS/SSL certificates presented by peers">
+        <location
+                file="node_modules/react-native-app-auth/android/build/.transforms/ebbe563582e7655317ae792249bc3b30/transformed/out/jars/classes.jar"/>
+    </issue>
+
+    <issue
+            id="TrustAllX509TrustManager"
+            message="`checkServerTrusted` is empty, which could cause insecure network traffic due to trusting arbitrary TLS/SSL certificates presented by peers">
+        <location
+                file="node_modules/react-native-app-auth/android/build/.transforms/ebbe563582e7655317ae792249bc3b30/transformed/out/jars/classes.jar"/>
+    </issue>
+
+    <issue
+            id="DataExtractionRules"
+            message="The attribute `android:allowBackup` is deprecated from Android 12 and higher and may be removed in future versions. Consider adding the attribute `android:dataExtractionRules` specifying an `@xml` resource which configures cloud backups and device transfers on Android 12 and higher."
+            errorLine1="  &lt;application tools:replace=&quot;usesCleartextTraffic&quot; android:name=&quot;.MainApplication&quot; android:label=&quot;@string/app_name&quot; android:icon=&quot;@mipmap/ic_launcher&quot; android:roundIcon=&quot;@mipmap/ic_launcher_round&quot; android:allowBackup=&quot;false&quot; android:theme=&quot;@style/AppTheme&quot; android:usesCleartextTraffic=&quot;false&quot;>"
+            errorLine2="                                                                                                                                                                                                                           ~~~~~">
+        <location
+                file="src/main/AndroidManifest.xml"
+                line="24"
+                column="220"/>
+    </issue>
+
+    <issue
+            id="ObsoleteSdkInt"
+            message="Unnecessary; SDK_INT is always >= 23"
+            errorLine1="  @RequiresApi(api = Build.VERSION_CODES.M)"
+            errorLine2="  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/java/io/mosip/residentapp/MainActivity.java"
+                line="57"
+                column="3"/>
+    </issue>
+
+    <issue
+            id="ObsoleteSdkInt"
+            message="Unnecessary; SDK_INT is always >= 23"
+            errorLine1="    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {"
+            errorLine2="        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/java/io/mosip/residentapp/MainActivity.java"
+                line="62"
+                column="9"/>
+    </issue>
+
+    <issue
+            id="UnusedResources"
+            message="The resource `R.integer.react_native_dev_server_port` appears to be unused">
+        <location
+                file="build.gradle"/>
+    </issue>
+
+    <issue
+            id="UnusedResources"
+            message="The resource `R.integer.react_native_inspector_proxy_port` appears to be unused">
+        <location
+                file="build.gradle"/>
+    </issue>
+
+    <issue
+            id="UnusedResources"
+            message="The resource `R.color.iconBackground` appears to be unused"
+            errorLine1="  &lt;color name=&quot;iconBackground&quot;>#FFFFFF&lt;/color>"
+            errorLine2="         ~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/res/values/colors.xml"
+                line="3"
+                column="10"/>
+    </issue>
+
+    <issue
+            id="UnusedResources"
+            message="The resource `R.drawable.ic_launcher_background` appears to be unused"
+            errorLine1="&lt;vector"
+            errorLine2="^">
+        <location
+                file="src/main/res/drawable/ic_launcher_background.xml"
+                line="2"
+                column="1"/>
+    </issue>
+
+    <issue
+            id="UnusedResources"
+            message="The resource `R.mipmap.ic_launcher_foreground` appears to be unused">
+        <location
+                file="src/main/res/mipmap-hdpi/ic_launcher_foreground.png"/>
+    </issue>
+
+    <issue
+            id="UnusedResources"
+            message="The resource `R.drawable.splashscreen_image` appears to be unused">
+        <location
+                file="src/main/res/drawable-hdpi/splashscreen_image.png"/>
+    </issue>
+
+    <issue
+            id="UnusedResources"
+            message="The resource `R.string.expo_splash_screen_resize_mode` appears to be unused"
+            errorLine1="  &lt;string name=&quot;expo_splash_screen_resize_mode&quot; translatable=&quot;false&quot;>cover&lt;/string>"
+            errorLine2="          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/res/values/strings.xml"
+                line="2"
+                column="11"/>
+    </issue>
+
+    <issue
+            id="UnusedResources"
+            message="The resource `R.string.expo_splash_screen_status_bar_translucent` appears to be unused"
+            errorLine1="  &lt;string name=&quot;expo_splash_screen_status_bar_translucent&quot; translatable=&quot;false&quot;>false&lt;/string>"
+            errorLine2="          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/res/values/strings.xml"
+                line="3"
+                column="11"/>
+    </issue>
+
+    <issue
+            id="UnusedResources"
+            message="The resource `R.string.ExpoLocalization_supportsRTL` appears to be unused"
+            errorLine1="  &lt;string name=&quot;ExpoLocalization_supportsRTL&quot; translatable=&quot;false&quot;>undefined&lt;/string>"
+            errorLine2="          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~">
+        <location
+                file="src/main/res/values/strings.xml"
+                line="4"
+                column="11"/>
+    </issue>
+
+    <issue
+            id="IconLauncherShape"
+            message="Launcher icons should not fill every pixel of their square region; see the design guide for details">
+        <location
+                file="src/main/res/mipmap-mdpi/ic_launcher.png"/>
+    </issue>
+
+    <issue
+            id="IconLauncherShape"
+            message="Launcher icons should not fill every pixel of their square region; see the design guide for details">
+        <location
+                file="src/main/res/mipmap-mdpi/ic_launcher_mosip.png"/>
+    </issue>
+
+    <issue
+            id="IconLauncherShape"
+            message="Launcher icon used as round icon did not have a circular shape">
+        <location
+                file="src/main/res/mipmap-xxxhdpi/ic_launcher_round.png"/>
+    </issue>
+
+    <issue
+            id="IconLauncherShape"
+            message="Launcher icons should not fill every pixel of their square region; see the design guide for details">
+        <location
+                file="src/main/res/mipmap-hdpi/ic_launcher_round.png"/>
+    </issue>
+
+    <issue
+            id="IconLauncherShape"
+            message="Launcher icons should not fill every pixel of their square region; see the design guide for details">
+        <location
+                file="src/main/res/mipmap-mdpi/ic_launcher_round.png"/>
+    </issue>
+
+    <issue
+            id="IconLocation"
+            message="Found bitmap drawable `res/drawable/splash_image.png` in densityless folder">
+        <location
+                file="src/main/res/drawable/splash_image.png"/>
+    </issue>
+
+    <issue
+            id="IconDuplicates"
+            message="The following unrelated icon files have identical contents: ic_launcher_foreground.png, ic_launcher_mosip.png">
+        <location
+                file="src/main/res/mipmap-hdpi/ic_launcher_mosip.png"/>
+        <location
+                file="src/main/res/mipmap-hdpi/ic_launcher_foreground.png"/>
+    </issue>
+
+    <issue
+            id="IconDuplicates"
+            message="The following unrelated icon files have identical contents: ic_launcher_foreground.png, ic_launcher_mosip.png">
+        <location
+                file="src/main/res/mipmap-mdpi/ic_launcher_mosip.png"/>
+        <location
+                file="src/main/res/mipmap-mdpi/ic_launcher_foreground.png"/>
+    </issue>
+
+    <issue
+            id="IconDuplicates"
+            message="The following unrelated icon files have identical contents: ic_launcher_foreground.png, ic_launcher_mosip.png">
+        <location
+                file="src/main/res/mipmap-xhdpi/ic_launcher_mosip.png"/>
+        <location
+                file="src/main/res/mipmap-xhdpi/ic_launcher_foreground.png"/>
+    </issue>
+
+    <issue
+            id="IconDuplicates"
+            message="The following unrelated icon files have identical contents: ic_launcher_foreground.png, ic_launcher_mosip.png">
+        <location
+                file="src/main/res/mipmap-xxhdpi/ic_launcher_mosip.png"/>
+        <location
+                file="src/main/res/mipmap-xxhdpi/ic_launcher_foreground.png"/>
+    </issue>
+
+    <issue
+            id="IconDuplicates"
+            message="The following unrelated icon files have identical contents: ic_launcher_foreground.png, ic_launcher_mosip.png">
+        <location
+                file="src/main/res/mipmap-xxxhdpi/ic_launcher_mosip.png"/>
+        <location
+                file="src/main/res/mipmap-xxxhdpi/ic_launcher_foreground.png"/>
+    </issue>
+
+</issues>
diff --git a/ios/Podfile.lock b/ios/Podfile.lock
index f2a019ff3b..9ab4b33d2e 100644
--- a/ios/Podfile.lock
+++ b/ios/Podfile.lock
@@ -12,7 +12,7 @@ PODS:
   - BiometricSdk (0.5.9):
     - TensorFlowLiteObjC (= 2.12.0)
   - boost (1.76.0)
-  - BVLinearGradient (2.8.2):
+  - BVLinearGradient (2.8.3):
     - React-Core
   - CatCrypto (0.3.2)
   - CrcSwift (0.0.3)
@@ -470,7 +470,7 @@ PODS:
     - React-Core
   - RNGestureHandler (2.9.0):
     - React-Core
-  - RNKeychain (8.0.0):
+  - RNKeychain (8.1.2):
     - React-Core
   - RNLocalize (3.0.2):
     - React-Core
@@ -780,8 +780,8 @@ SPEC CHECKSUMS:
   ASN1Decoder: 6110fdeacfdb41559b1481457a1645be716610aa
   biometric-sdk-react-native: d2a3a1279013cc4a7514a1b43fe557eb76e4e4c1
   BiometricSdk: 303e7329404ea4d922dc14108449d10d21574f77
-  boost: 64032b9e9b938fda23325e68a3771f0fabf414dc
-  BVLinearGradient: 916632041121a658c704df89d99f04acb038de0f
+  boost: 57d2868c099736d80fcd648bf211b4431e51a558
+  BVLinearGradient: 880f91a7854faff2df62518f0281afb1c60d49a3
   CatCrypto: a477899b6be4954e75be4897e732da098cc0a5a8
   CrcSwift: f85dea6b41dddb5f98bb3743fd777ce58b77bc2e
   DoubleConversion: 5189b271737e1565bdce30deb4a08d647e3f5f54
@@ -861,7 +861,7 @@ SPEC CHECKSUMS:
   RNDeviceInfo: aad3c663b25752a52bf8fce93f2354001dd185aa
   RNFS: 4ac0f0ea233904cb798630b3c077808c06931688
   RNGestureHandler: 071d7a9ad81e8b83fe7663b303d132406a7d8f39
-  RNKeychain: 4f63aada75ebafd26f4bc2c670199461eab85d94
+  RNKeychain: a65256b6ca6ba6976132cc4124b238a5b13b3d9c
   RNLocalize: dbea38dcb344bf80ff18a1757b1becf11f70cae4
   RNPermissions: f1b49dd05fa9b83993cd05a9ee115247944d8f1a
   RNScreens: 218801c16a2782546d30bd2026bb625c0302d70f
@@ -876,4 +876,4 @@ SPEC CHECKSUMS:
 
 PODFILE CHECKSUM: 01f58b130fa221dabb14b2d82d981ef24dcaba53
 
-COCOAPODS: 1.14.3
+COCOAPODS: 1.14.2
diff --git a/package-lock.json b/package-lock.json
index 8eb9cefc5b..2aaee320f6 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -61,7 +61,7 @@
         "react-native-elements": "3.4.3",
         "react-native-fs": "^2.18.0",
         "react-native-gesture-handler": "~2.9.0",
-        "react-native-keychain": "^8.0.0",
+        "react-native-keychain": "^8.1.2",
         "react-native-linear-gradient": "^2.8.0",
         "react-native-localize": "^3.0.2",
         "react-native-location": "^2.5.0",
@@ -24672,9 +24672,9 @@
       "integrity": "sha512-1dVk9NwhoyKHCSxcrM6vY6cxmojeATsBobDicX0ZKr7DgUF2cBQRTKsimQFvzH8XhOVXyH8p4HyDSZNIFI8OlQ=="
     },
     "node_modules/react-native-keychain": {
-      "version": "8.0.0",
-      "resolved": "https://registry.npmjs.org/react-native-keychain/-/react-native-keychain-8.0.0.tgz",
-      "integrity": "sha512-c7Cs+YQN26UaQsRG1dmlXL7VL2ctnXwH/dl0IOMEQ7ZaL2NdN313YSAI8ZEZZjrVhNmPsyWEuvTFqWrdpItqQg=="
+      "version": "8.1.2",
+      "resolved": "https://registry.npmjs.org/react-native-keychain/-/react-native-keychain-8.1.2.tgz",
+      "integrity": "sha512-bhHEui+yMp3Us41NMoRGtnWEJiBE0g8tw5VFpq4mpmXAx6XJYahuM6K3WN5CsUeUl83hYysSL9oFZNKSTPSvYw=="
     },
     "node_modules/react-native-linear-gradient": {
       "version": "2.8.3",
@@ -47464,9 +47464,9 @@
       "integrity": "sha512-1dVk9NwhoyKHCSxcrM6vY6cxmojeATsBobDicX0ZKr7DgUF2cBQRTKsimQFvzH8XhOVXyH8p4HyDSZNIFI8OlQ=="
     },
     "react-native-keychain": {
-      "version": "8.0.0",
-      "resolved": "https://registry.npmjs.org/react-native-keychain/-/react-native-keychain-8.0.0.tgz",
-      "integrity": "sha512-c7Cs+YQN26UaQsRG1dmlXL7VL2ctnXwH/dl0IOMEQ7ZaL2NdN313YSAI8ZEZZjrVhNmPsyWEuvTFqWrdpItqQg=="
+      "version": "8.1.2",
+      "resolved": "https://registry.npmjs.org/react-native-keychain/-/react-native-keychain-8.1.2.tgz",
+      "integrity": "sha512-bhHEui+yMp3Us41NMoRGtnWEJiBE0g8tw5VFpq4mpmXAx6XJYahuM6K3WN5CsUeUl83hYysSL9oFZNKSTPSvYw=="
     },
     "react-native-linear-gradient": {
       "version": "2.8.3",
diff --git a/package.json b/package.json
index 058e592107..d36b330dd3 100644
--- a/package.json
+++ b/package.json
@@ -8,7 +8,9 @@
     "build:android:mosip": "cd android && ./gradlew :app:assembleResidentappRelease && cd ..",
     "lint": "eslint . --ext .js,.jsx,.ts,.tsx --fix",
     "test": "jest",
-    "postinstall": "patch-package && npm run jetify && sh tools/talisman/talisman-precommit.sh"
+    "postinstall": "patch-package && npm run jetify && sh tools/talisman/talisman-precommit.sh",
+    "build": "cd android && ./gradlew lint && cd .. && jest --coverage --passWithNoTests",
+    "sonar": "node_modules/sonar-scanner/bin/sonar-scanner"
   },
   "dependencies": {
     "@digitalbazaar/ed25519-signature-2018": "digitalbazaar/ed25519-signature-2018",
@@ -63,7 +65,7 @@
     "react-native-elements": "3.4.3",
     "react-native-fs": "^2.18.0",
     "react-native-gesture-handler": "~2.9.0",
-    "react-native-keychain": "^8.0.0",
+    "react-native-keychain": "^8.1.2",
     "react-native-linear-gradient": "^2.8.0",
     "react-native-localize": "^3.0.2",
     "react-native-location": "^2.5.0",
diff --git a/patches/@mosip+tuvali+0.4.9.patch b/patches/@mosip+tuvali+0.4.9.patch
new file mode 100644
index 0000000000..a7298c03eb
--- /dev/null
+++ b/patches/@mosip+tuvali+0.4.9.patch
@@ -0,0 +1,21 @@
+diff --git a/node_modules/@mosip/tuvali/android/src/main/java/io/mosip/tuvali/rnModule/RNEventMapper.kt b/node_modules/@mosip/tuvali/android/src/main/java/io/mosip/tuvali/rnModule/RNEventMapper.kt
+index 1f5128b..0e04199 100644
+--- a/node_modules/@mosip/tuvali/android/src/main/java/io/mosip/tuvali/rnModule/RNEventMapper.kt
++++ b/node_modules/@mosip/tuvali/android/src/main/java/io/mosip/tuvali/rnModule/RNEventMapper.kt
+@@ -35,14 +35,14 @@ class RNEventMapper {
+     }
+ 
+     private fun populateProperties(event: Event, writableMap: WritableMap) {
+-      event::class.memberProperties.forEach { property ->
++      for (property in event::class.memberProperties) {
+         if (property.visibility == KVisibility.PUBLIC) {
+           try {
+             populateProperty(property, event, writableMap)
+           } catch (e: Exception) {
+             println("Unable to populate RN event ${property.name}")
+           }
+-        }
++          }
+       }
+     }
+ 
diff --git a/patches/@react-native-picker+picker+2.4.8.patch b/patches/@react-native-picker+picker+2.4.8.patch
new file mode 100644
index 0000000000..59a2a31c3c
--- /dev/null
+++ b/patches/@react-native-picker+picker+2.4.8.patch
@@ -0,0 +1,15 @@
+diff --git a/node_modules/@react-native-picker/picker/android/build.gradle b/node_modules/@react-native-picker/picker/android/build.gradle
+index b700d8c..4d0e00c 100644
+--- a/node_modules/@react-native-picker/picker/android/build.gradle
++++ b/node_modules/@react-native-picker/picker/android/build.gradle
+@@ -24,6 +24,10 @@ android {
+   compileSdkVersion getExtOrIntegerDefault('compileSdkVersion')
+   buildToolsVersion getExtOrDefault('buildToolsVersion')
+ 
++  lintOptions { 
++    abortOnError false 
++  } 
++
+   defaultConfig {
+     minSdkVersion getExtOrIntegerDefault('minSdkVersion')
+     targetSdkVersion getExtOrIntegerDefault('targetSdkVersion')
diff --git a/patches/react-native-bluetooth-state-manager+1.3.4.patch b/patches/react-native-bluetooth-state-manager+1.3.4.patch
new file mode 100644
index 0000000000..4776e2c312
--- /dev/null
+++ b/patches/react-native-bluetooth-state-manager+1.3.4.patch
@@ -0,0 +1,13 @@
+diff --git a/node_modules/react-native-bluetooth-state-manager/android/build.gradle b/node_modules/react-native-bluetooth-state-manager/android/build.gradle
+index 74fb93a..3185e90 100644
+--- a/node_modules/react-native-bluetooth-state-manager/android/build.gradle
++++ b/node_modules/react-native-bluetooth-state-manager/android/build.gradle
+@@ -17,7 +17,7 @@ android {
+     buildToolsVersion "27.0.3"
+ 
+     defaultConfig {
+-        minSdkVersion 18
++        minSdkVersion 21
+         targetSdkVersion 28
+         versionCode 1
+         versionName "1.1.0"
diff --git a/patches/react-native-location+2.5.0.patch b/patches/react-native-location+2.5.0.patch
index cb14dfcd57..bcdf629198 100644
--- a/patches/react-native-location+2.5.0.patch
+++ b/patches/react-native-location+2.5.0.patch
@@ -1,14 +1,26 @@
+diff --git a/node_modules/react-native-location/android/build.gradle b/node_modules/react-native-location/android/build.gradle
+index ffc0e4d..bf1e117 100755
+--- a/node_modules/react-native-location/android/build.gradle
++++ b/node_modules/react-native-location/android/build.gradle
+@@ -10,7 +10,7 @@ android {
+   buildToolsVersion rootProject.hasProperty('buildToolsVersion') ? rootProject.buildToolsVersion : DEFAULT_BUILD_TOOLS_VERSION
+ 
+   defaultConfig {
+-    minSdkVersion 16
++    minSdkVersion 18
+     targetSdkVersion rootProject.hasProperty('targetSdkVersion') ? rootProject.targetSdkVersion : DEFAULT_TARGET_SDK_VERSION
+   }
+ 
 diff --git a/node_modules/react-native-location/android/src/main/java/com/github/reactnativecommunity/location/RNPlayServicesLocationProvider.java b/node_modules/react-native-location/android/src/main/java/com/github/reactnativecommunity/location/RNPlayServicesLocationProvider.java
-index 6dbdd3b..1a4de95 100644
+index 6dbdd3b..4514980 100644
 --- a/node_modules/react-native-location/android/src/main/java/com/github/reactnativecommunity/location/RNPlayServicesLocationProvider.java
 +++ b/node_modules/react-native-location/android/src/main/java/com/github/reactnativecommunity/location/RNPlayServicesLocationProvider.java
-@@ -6,8 +6,9 @@ import android.content.Intent;
+@@ -6,8 +6,8 @@ import android.content.Intent;
  import android.content.IntentSender;
  import android.content.pm.PackageManager;
  import android.location.Location;
 -import android.support.annotation.NonNull;
 -import android.support.v4.app.ActivityCompat;
-+
 +import androidx.annotation.NonNull;
 +import androidx.core.app.ActivityCompat;
  
@@ -26,4 +38,4 @@ index 6059fdc..b66dd63 100644
 +import androidx.annotation.Nullable;
  
  import com.facebook.react.bridge.Arguments;
- import com.facebook.react.bridge.ReactApplicationContext;
\ No newline at end of file
+ import com.facebook.react.bridge.ReactApplicationContext;
diff --git a/scripts/check-sonar-critical-issues.sh b/scripts/check-sonar-critical-issues.sh
new file mode 100644
index 0000000000..d4fe56c777
--- /dev/null
+++ b/scripts/check-sonar-critical-issues.sh
@@ -0,0 +1,24 @@
+SONAR_HOST_URL=https://sonarcloud.io
+SONAR_PROJECT_KEY=mosip_inji
+FILTER=severities="CRITICAL&statuses=OPEN&createdAfter=2024-01-04"
+
+if [[ $1 ]]; then
+    BRANCH_NAME=$1
+    FILTER=severities="CRITICAL&statuses=OPEN&createdAfter=2024-01-04&branch=${BRANCH_NAME}"
+fi
+
+echo "${FILTER}"
+
+# sonar check for critical issues is analyzed only for newly created issues. Once the existing critical issues ( use createdBefore=2024-01-04 search) are resolved, this createdAfter can be removed
+response=$(curl -s "${SONAR_HOST_URL}/api/issues/search?componentKeys=${SONAR_PROJECT_KEY}&${FILTER}")
+echo "The response is $response"
+
+issues_count=$(echo "$response" | jq '.issues | length')
+echo "The number of issues $issues_count"
+
+if [ "$issues_count" -eq 0 ]; then
+    echo "No critical issues found."
+else
+    echo "Critical issues found. Failing the pipeline"
+    exit 1
+fi
diff --git a/sonar-project.properties b/sonar-project.properties
index f1b767f186..82e09fd957 100644
--- a/sonar-project.properties
+++ b/sonar-project.properties
@@ -1,3 +1,5 @@
-sonar.projectKey=mosip_inji
-sonar.organization=mosip
-sonar.exclusions=.github/**, .vscode/**, android/**, assets/**, build/**, ios/**, node_modules/**, scripts/**, **/*.java
\ No newline at end of file
+sonar.sources=.
+sonar.tests=.
+sonar.test.inclusions=**/*.spec.ts
+sonar.exclusions=.github/**, .vscode/**, android/**, assets/**, build/**, ios/**, node_modules/**, scripts/**, **/*.java, **/*.typegen.ts
+sonar.typescript.lcov.reportPaths=coverage/lcov.info

From 38fb4275318377f52757520555558d47c0b05516 Mon Sep 17 00:00:00 2001
From: KiruthikaJeyashankar
 <81218987+KiruthikaJeyashankar@users.noreply.github.com>
Date: Fri, 12 Jan 2024 14:57:33 +0530
Subject: [PATCH 2/6] [INJI-597] remove duplicate jobs in internal-build

Co-authored-by:  PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com>
Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
---
 .github/workflows/internal-build.yml | 25 -------------------------
 1 file changed, 25 deletions(-)

diff --git a/.github/workflows/internal-build.yml b/.github/workflows/internal-build.yml
index 6ed19945fb..092d51b06a 100644
--- a/.github/workflows/internal-build.yml
+++ b/.github/workflows/internal-build.yml
@@ -106,31 +106,6 @@ jobs:
       INJI_ANDROID_PLAY_STORE_CONFIG_JSON: ${{ secrets.INJI_ANDROID_PLAY_STORE_CONFIG_JSON }}
       SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_INJI_TEAM }}'
 
-  build-android-beta:
-    if: ${{ inputs.release == 'beta' && (inputs.buildFor == 'Both[Android and IOS]' || inputs.buildFor == 'Android') }}
-    uses: mosip/kattu/.github/workflows/android-publish.yml@master
-    with:
-      RELEASE: ${{ inputs.release }}
-      NODE_VERSION: '18.x'
-      RELEASE_KEYSTORE_ALIAS: androidreleasekey
-      MIMOTO_HOST: ${{ inputs.mimotoBackendServiceUrl }}
-      ESIGNET_HOST: ${{ inputs.esignetBackendServiceUrl }}
-      APPLICATION_THEME: ${{ inputs.theme }}
-      BUILD_DESCRIPTION: ${{ inputs.buildDescription }}
-      ALLOW_ENV_EDIT: ${{ inputs.allow_env_edit }}
-      APP_FLAVOR: ${{ inputs.injiFlavor }}
-      SERVICE_LOCATION: '.'
-      ANDROID_SERVICE_LOCATION: 'android'
-      BUILD_SCRIPT_LOCATION: 'scripts'
-      SCRIPT_NAME: "./${{ inputs.release }}.sh"
-      ANDROID_ARTIFACT_NAME: ${{ inputs.buildname }}
-      ANDROID_ARTIFACT_PATH: "android/app/build/outputs/apk/${{ inputs.injiFlavor }}/release/Inji_universal.apk"
-    secrets:
-      ANDROID_KEYSTORE_FILE: ${{ secrets.INJI_ANDROID_RELEASE_KEYSTORE }}
-      RELEASE_KEYSTORE_PASSWORD: '${{ secrets.INJI_ANDROID_RELEASE_STOREPASS }}'
-      INJI_ANDROID_PLAY_STORE_CONFIG_JSON: ${{ secrets.INJI_ANDROID_PLAY_STORE_CONFIG_JSON }}
-      SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_INJI_TEAM }}'
-
   build-ios:
     if: ${{ inputs.buildFor == 'Both[Android and IOS]' || inputs.buildFor == 'IOS'}}
     uses: mosip/kattu/.github/workflows/ios-publish.yml@master

From 8c6ce5b4e24d065d12e08a48baaf0f7edb7ea2ee Mon Sep 17 00:00:00 2001
From: KiruthikaJeyashankar
 <81218987+KiruthikaJeyashankar@users.noreply.github.com>
Date: Mon, 8 Jan 2024 17:13:21 +0530
Subject: [PATCH 3/6] [INJI-597] replace var with let / const

Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
---
 .talismanrc                                      |  2 ++
 machines/QrLoginMachine.ts                       |  2 +-
 .../ExistingMosipVCItemMachine.ts                |  2 +-
 machines/VCItemMachine/commonSelectors.ts        |  2 +-
 screens/QrLogin/QrLoginController.ts             |  2 +-
 shared/commonprops/commonProps.ts                |  4 ++--
 shared/cryptoutil/cryptoUtil.ts                  |  2 +-
 shared/keystore/SecureKeystore.ts                |  8 +++-----
 shared/storage.ts                                | 16 +++++-----------
 9 files changed, 17 insertions(+), 23 deletions(-)

diff --git a/.talismanrc b/.talismanrc
index 25cff5055c..e61132f064 100644
--- a/.talismanrc
+++ b/.talismanrc
@@ -109,4 +109,6 @@ fileignoreconfig:
     checksum: b5c0463fe4bac47004d6943a20d38ab023ff74c761723e50e8a1c2bfe717b0e1
   - filename: scripts/check-sonar-critical-issues.sh
     checksum: 100f7359a6b57025bd53e84f014326811f6d9fd13a63805de40ecaa64ea90cde
+  - filename: shared/keystore/SecureKeystore.ts
+    checksum: 7b9ae6042973405d1a41fb51b50b4ba09f131547b964cfc952967be919aae9b1
     version: ""
diff --git a/machines/QrLoginMachine.ts b/machines/QrLoginMachine.ts
index 70894a32a8..97393550bf 100644
--- a/machines/QrLoginMachine.ts
+++ b/machines/QrLoginMachine.ts
@@ -401,7 +401,7 @@ export const qrLoginMachine =
             );
           }
 
-          var config = await getAllConfigurations();
+          const config = await getAllConfigurations();
           const header = {
             alg: 'RS256',
             'x5t#S256': context.thumbprint,
diff --git a/machines/VCItemMachine/ExistingMosipVCItem/ExistingMosipVCItemMachine.ts b/machines/VCItemMachine/ExistingMosipVCItem/ExistingMosipVCItemMachine.ts
index 6783b0fc6a..5e622e51f9 100644
--- a/machines/VCItemMachine/ExistingMosipVCItem/ExistingMosipVCItemMachine.ts
+++ b/machines/VCItemMachine/ExistingMosipVCItem/ExistingMosipVCItemMachine.ts
@@ -1272,7 +1272,7 @@ export const ExistingMosipVCItemMachine =
 
       services: {
         loadDownloadLimitConfig: async context => {
-          var resp = await getAllConfigurations();
+          const resp = await getAllConfigurations();
           const maxLimit: number = resp.vcDownloadMaxRetry;
           const vcDownloadPoolInterval: number = resp.vcDownloadPoolInterval;
 
diff --git a/machines/VCItemMachine/commonSelectors.ts b/machines/VCItemMachine/commonSelectors.ts
index f6324455a1..784cb9b9d8 100644
--- a/machines/VCItemMachine/commonSelectors.ts
+++ b/machines/VCItemMachine/commonSelectors.ts
@@ -27,7 +27,7 @@ export function selectWalletBindingSuccess(state: State) {
 }
 
 export function selectEmptyWalletBindingId(state: State) {
-  var val = state.context.walletBindingResponse
+  const val = state.context.walletBindingResponse
     ? state.context.walletBindingResponse.walletBindingId
     : undefined;
   return val == undefined || val == null || val.length <= 0 ? true : false;
diff --git a/screens/QrLogin/QrLoginController.ts b/screens/QrLogin/QrLoginController.ts
index 114caec6bd..f4e9606ad9 100644
--- a/screens/QrLogin/QrLoginController.ts
+++ b/screens/QrLogin/QrLoginController.ts
@@ -49,7 +49,7 @@ export function useQrLogin({service}: QrLoginProps) {
       (index: number) =>
       (
         vcRef: ActorRefFrom<
-          typeof EsignetMosipVCItemMachine | typeof EsignetMosipVCItemMachine
+          typeof ExistingMosipVCItemMachine | typeof EsignetMosipVCItemMachine
         >,
       ) => {
         setSelectedIndex(index);
diff --git a/shared/commonprops/commonProps.ts b/shared/commonprops/commonProps.ts
index 4600d407eb..66db2787ad 100644
--- a/shared/commonprops/commonProps.ts
+++ b/shared/commonprops/commonProps.ts
@@ -24,7 +24,7 @@ export default async function getAllConfigurations(
 export async function downloadModel() {
   try {
     console.log('restart Face model init');
-    var injiProp = await getAllConfigurations();
+    const injiProp = await getAllConfigurations();
     const maxRetryStr = injiProp.modelDownloadMaxRetry;
     const maxRetry = parseInt(maxRetryStr);
     const resp: string = injiProp != null ? injiProp.faceSdkModelUrl : null;
@@ -32,7 +32,7 @@ export async function downloadModel() {
     if (resp != null) {
       for (let counter = 0; counter < maxRetry; counter++) {
         let config = faceMatchConfig(resp);
-        var result = await configure(config);
+        const result = await configure(config);
         console.log('model download result is = ' + result);
         if (result) {
           sendImpressionEvent(
diff --git a/shared/cryptoutil/cryptoUtil.ts b/shared/cryptoutil/cryptoUtil.ts
index 3a1683c9d7..d99a6e3ee0 100644
--- a/shared/cryptoutil/cryptoUtil.ts
+++ b/shared/cryptoutil/cryptoUtil.ts
@@ -160,7 +160,7 @@ function encryptWithForge(text: string, key: string): EncryptedOutput {
   cipher.start({iv: iv});
   cipher.update(forge.util.createBuffer(text, 'utf8'));
   cipher.finish();
-  var cipherText = forge.util.encode64(cipher.output.getBytes());
+  const cipherText = forge.util.encode64(cipher.output.getBytes());
   const encryptedData = new EncryptedOutput(
     cipherText,
     forge.util.encode64(iv),
diff --git a/shared/keystore/SecureKeystore.ts b/shared/keystore/SecureKeystore.ts
index b4cd959d74..20a01db778 100644
--- a/shared/keystore/SecureKeystore.ts
+++ b/shared/keystore/SecureKeystore.ts
@@ -1,17 +1,15 @@
-import RNSecureKeyStore, { ACCESSIBLE } from 'react-native-secure-key-store';
+import RNSecureKeyStore, {ACCESSIBLE} from 'react-native-secure-key-store';
 
 const bindingCertificate = '-bindingCertificate';
 
 export async function savePrivateKey(id: string, privateKey: string) {
-  var result = await RNSecureKeyStore.set(id, privateKey, {
+  return await RNSecureKeyStore.set(id, privateKey, {
     accessible: ACCESSIBLE.ALWAYS_THIS_DEVICE_ONLY,
   });
-  return result;
 }
 
 export async function getPrivateKey(id: string) {
-  var result = await RNSecureKeyStore.get(id);
-  return result;
+  return await RNSecureKeyStore.get(id);
 }
 
 export function getBindingCertificateConstant(id: string) {
diff --git a/shared/storage.ts b/shared/storage.ts
index fd4e81b95e..d4e6dab9e0 100644
--- a/shared/storage.ts
+++ b/shared/storage.ts
@@ -13,14 +13,8 @@ import {
   isHardwareKeystoreExists,
 } from './cryptoutil/cryptoUtil';
 import {VCMetadata} from './VCMetadata';
-import {ENOENT, getItem} from '../machines/store';
-import {
-  androidVersion,
-  isAndroid,
-  MY_VCS_STORE_KEY,
-  RECEIVED_VCS_STORE_KEY,
-  SETTINGS_STORE_KEY,
-} from './constants';
+import {ENOENT} from '../machines/store';
+import {androidVersion, isAndroid, SETTINGS_STORE_KEY} from './constants';
 import FileStorage, {
   getFilePath,
   getFilePathOfEncryptedHmac,
@@ -43,7 +37,7 @@ export const API_CACHED_STORAGE_KEYS = {
   fetchIssuerConfig: (issuerId: string) =>
     `CACHE_FETCH_ISSUER_CONFIG_${issuerId}`,
   fetchIssuerWellknownConfig: (issuerId: string) =>
-      `CACHE_FETCH_ISSUER_WELLKNOWN_CONFIG_${issuerId}`,
+    `CACHE_FETCH_ISSUER_WELLKNOWN_CONFIG_${issuerId}`,
 };
 
 async function generateHmac(
@@ -269,8 +263,8 @@ class Storage {
 
   // TODO: INJI-612 refactor
   private static hexEncode(inp: string) {
-    var hex, i;
-    var result = '';
+    let hex, i;
+    let result = '';
     for (i = 0; i < inp.length; i++) {
       hex = inp.charCodeAt(i).toString(16);
       result += ('000' + hex).slice(-4);

From f972db736f00921e03af1d2aca9ad368ffa04619 Mon Sep 17 00:00:00 2001
From: KiruthikaJeyashankar
 <81218987+KiruthikaJeyashankar@users.noreply.github.com>
Date: Fri, 12 Jan 2024 16:09:26 +0530
Subject: [PATCH 4/6] [INJI-597] revert sonar changes in build.gradle

Co-authored-by:  PuBHARGAVI <46226958+PuBHARGAVI@users.noreply.github.com>
Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
---
 .talismanrc              |  2 +-
 android/app/build.gradle | 45 ++++++----------------------------------
 2 files changed, 7 insertions(+), 40 deletions(-)

diff --git a/.talismanrc b/.talismanrc
index e61132f064..4ea00be57c 100644
--- a/.talismanrc
+++ b/.talismanrc
@@ -90,7 +90,7 @@ fileignoreconfig:
   - filename: assets/Finger_Print_Icon.svg
     checksum: 776d4fe4fc4b54d185ccf97daf0511b9fe2c0e0f7c1a809047020e5e8a100db6
   - filename: android/app/build.gradle
-    checksum: d5409b8eda2e1bf5b2552a909595a9e0aea4fd4e7572cf1746c99eee1583b83a
+    checksum: f8d34e6fb45518fe527ce263b4a22c7e507d8904f215e06a338a55713dc72177
   - filename: .github/workflows/push-triggers.yml
     checksum: b756907546401ee829074984603070c2c69a682af236b8822c69a7fab8c03256
   - filename: ios/fastlane/Fastfile
diff --git a/android/app/build.gradle b/android/app/build.gradle
index e144020b8a..944aa89926 100644
--- a/android/app/build.gradle
+++ b/android/app/build.gradle
@@ -4,7 +4,6 @@ plugins {
 
 apply plugin: "com.android.application"
 apply plugin: "com.facebook.react"
-apply plugin: "org.sonarqube"
 
 react {
     /* Folders */
@@ -131,36 +130,13 @@ android {
 
     signingConfigs {
         release {
-            // for sonarqube job we will generate dummy release keystore to sign the app as we are not doing it in workflow
-            def hasSonarqube = System.properties.containsKey("sonarqube")
-            def keystore = file('release.keystore').exists() ? file('release.keystore') : file('dummyrelease.keystore')
+            def keystore = file('release.keystore')
             storeFile file("$keystore")
-            if (hasSonarqube && !keystore.exists() ) {
-                exec {
-                    commandLine 'keytool',
-                            '-genkey',
-                            '-v',
-                            '-storetype', 'PKCS12',
-                            '-keyalg', 'RSA',
-                            '-keysize', '2048',
-                            '-validity', '10000',
-                            '-storepass', 'password',
-                            '-keypass', 'password',
-                            '-alias', 'androidreleasekey',
-                            '-keystore', 'dummyrelease.keystore',
-                            '-dname', 'CN=,OU=,O=,L=,S=,C=US'
-                }
-                storePassword "password"
-                keyAlias "androidreleasekey"
-                keyPassword "password"
-            }
-            else{
-                def keystoreAlias = System.getenv("RELEASE_KEYSTORE_ALIAS")
-                def keystorePass = System.getenv("RELEASE_KEYSTORE_PASSWORD")
-                storePassword "$keystorePass"
-                keyAlias "$keystoreAlias"
-                keyPassword "$keystorePass"
-            }
+            def keystoreAlias = System.getenv("RELEASE_KEYSTORE_ALIAS")
+            def keystorePass = System.getenv("RELEASE_KEYSTORE_PASSWORD")
+            storePassword "$keystorePass"
+            keyAlias "$keystoreAlias"
+            keyPassword "$keystorePass"
             v2SigningEnabled true
             v1SigningEnabled false
         }
@@ -239,15 +215,6 @@ android {
         }
     }
 
-    android.applicationVariants.all { variant ->
-        variant.outputs.all { output ->
-            if (variant.flavorName == "collab") {
-                sonarqube {
-                    androidVariant variant.name
-                }
-            }
-        }
-    }
 }
 
 dependencies {

From d27974d9e102d80ad63e23dcdaae995a4270a801 Mon Sep 17 00:00:00 2001
From: KiruthikaJeyashankar
 <81218987+KiruthikaJeyashankar@users.noreply.github.com>
Date: Tue, 16 Jan 2024 11:42:15 +0530
Subject: [PATCH 5/6] [INJI-597]  send branch name for sonar analysis

Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
---
 .github/workflows/internal-build.yml | 7 ++++---
 .github/workflows/push-triggers.yml  | 7 ++++---
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/internal-build.yml b/.github/workflows/internal-build.yml
index 092d51b06a..9d10e54681 100644
--- a/.github/workflows/internal-build.yml
+++ b/.github/workflows/internal-build.yml
@@ -141,7 +141,7 @@ jobs:
       SLACK_WEBHOOK_URL: '${{ secrets.SLACK_WEBHOOK_INJI_TEAM }}'
 
   sonar-check:
-    uses: mosip/kattu/.github/workflows/gradlew-sonar-analysis.yml@master
+    uses: mosip/kattu/.github/workflows/npm-sonar-analysis.yml@master
     with:
       SERVICE_LOCATION: '.'
       NODE_VERSION: '18.x'
@@ -149,6 +149,7 @@ jobs:
       SONAR_SOURCES: '.'
       SONAR_TESTS: '.'
       SONAR_EXCLUSIONS: '.github/**, .vscode/**, android/**, assets/**, build/**, ios/**, node_modules/**, scripts/**, **/*.java, **/*.typegen.ts'
+      SONAR_ARGS: " -Dsonar.branch.name=${GITHUB_REF_NAME} -Dsonar.scanner.force-deprecated-java-version=true"
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
       ORG_KEY: ${{ secrets.ORG_KEY }}
@@ -162,8 +163,8 @@ jobs:
       - name: Check for critical bugs
         run: |
           cd scripts
-          BRANCH_NAME=${GITHUB_REF##*/}
-          ./check-sonar-critical-issues.sh BRANCH_NAME
+          BRANCH_NAME=${GITHUB_REF_NAME}
+          ./check-sonar-critical-issues.sh $BRANCH_NAME
       - uses: 8398a7/action-slack@v3
         if: failure()
         with:
diff --git a/.github/workflows/push-triggers.yml b/.github/workflows/push-triggers.yml
index 684907653c..6051426f9c 100644
--- a/.github/workflows/push-triggers.yml
+++ b/.github/workflows/push-triggers.yml
@@ -42,7 +42,7 @@ jobs:
     name: Sonar check
     if: ${{ github.event_name != 'pull_request' }}
     needs: [build-android, build-ios]
-    uses: mosip/kattu/.github/workflows/gradlew-sonar-analysis.yml@master
+    uses: mosip/kattu/.github/workflows/npm-sonar-analysis.yml@master
     with:
       SERVICE_LOCATION: '.'
       NODE_VERSION: '18.x'
@@ -50,6 +50,7 @@ jobs:
       SONAR_SOURCES: '.'
       SONAR_TESTS: '.'
       SONAR_EXCLUSIONS: '.github/**, .vscode/**, android/**, assets/**, build/**, ios/**, node_modules/**, scripts/**, **/*.java, **/*.typegen.ts'
+      SONAR_ARGS: " -Dsonar.branch.name=${GITHUB_REF_NAME} -Dsonar.scanner.force-deprecated-java-version=true"
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
       ORG_KEY: ${{ secrets.ORG_KEY }}
@@ -63,8 +64,8 @@ jobs:
       - name: Check for critical bugs
         run: |
           cd scripts
-          BRANCH_NAME=${GITHUB_REF##*/}
-          ./check-sonar-critical-issues.sh BRANCH_NAME
+          BRANCH_NAME=${GITHUB_REF_NAME}
+          ./check-sonar-critical-issues.sh $BRANCH_NAME
       - uses: 8398a7/action-slack@v3
         if: failure()
         with:

From d51ca1779f54dcc584630159f9462150d1516f51 Mon Sep 17 00:00:00 2001
From: KiruthikaJeyashankar
 <81218987+KiruthikaJeyashankar@users.noreply.github.com>
Date: Tue, 16 Jan 2024 11:43:25 +0530
Subject: [PATCH 6/6] [INJI-597] deploy build only when no critical issues
 exist

Signed-off-by: KiruthikaJeyashankar <81218987+KiruthikaJeyashankar@users.noreply.github.com>
---
 .github/workflows/internal-build.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/internal-build.yml b/.github/workflows/internal-build.yml
index 9d10e54681..be74d5ee10 100644
--- a/.github/workflows/internal-build.yml
+++ b/.github/workflows/internal-build.yml
@@ -83,6 +83,7 @@ on:
 jobs:
   build-android:
     if: ${{ inputs.buildFor == 'Both[Android and IOS]' || inputs.buildFor == 'Android'}}
+    needs: check-sonar-critical-issues
     uses: mosip/kattu/.github/workflows/android-publish.yml@master
     with:
       RELEASE: ${{ inputs.release }}
@@ -108,6 +109,7 @@ jobs:
 
   build-ios:
     if: ${{ inputs.buildFor == 'Both[Android and IOS]' || inputs.buildFor == 'IOS'}}
+    needs: check-sonar-critical-issues
     uses: mosip/kattu/.github/workflows/ios-publish.yml@master
     with:
       NODE_VERSION: '18.x'