Main actor isolation

.github/workflows/tests.yml

@@ -11,7 +11,7 @@ permissions:
 
 jobs:
   test:
-    runs-on: macos-latest
+    runs-on: macos-26
     steps:
       - uses: actions/checkout@v4
 

CLAUDE.md

@@ -4,7 +4,7 @@
 
 - `SWIFT_DEFAULT_ACTOR_ISOLATION = MainActor` is set on both app and test targets — don't add explicit `@MainActor` to production code or test structs/functions, it's already the default
 
-## Swift Testing Migration
+## Swift Testing Conventions
 
 - Place `@Test` and `@Suite` annotations on the line **above** the declaration, not inline
 - Use `// when` and `// then` comment blocks; skip `// given` (assumed from context)

PPPC Utility.xcodeproj/project.pbxproj

@@ -560,8 +560,11 @@
 				PRODUCT_BUNDLE_IDENTIFIER = "com.jamf.PPPC-UtilityTests";
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE_SPECIFIER = "";
+				SWIFT_APPROACHABLE_CONCURRENCY = YES;
+				SWIFT_DEFAULT_ACTOR_ISOLATION = MainActor;
 				SWIFT_OPTIMIZATION_LEVEL = "-Onone";
-				SWIFT_VERSION = 5.0;
+				SWIFT_STRICT_CONCURRENCY = complete;
+				SWIFT_VERSION = 6.0;
 				TEST_HOST = "$(BUILT_PRODUCTS_DIR)/PPPC Utility.app/Contents/MacOS/PPPC Utility";
 			};
 			name = Debug;
@@ -585,7 +588,10 @@
 				PRODUCT_BUNDLE_IDENTIFIER = "com.jamf.PPPC-UtilityTests";
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE_SPECIFIER = "";
-				SWIFT_VERSION = 5.0;
+				SWIFT_APPROACHABLE_CONCURRENCY = YES;
+				SWIFT_DEFAULT_ACTOR_ISOLATION = MainActor;
+				SWIFT_STRICT_CONCURRENCY = complete;
+				SWIFT_VERSION = 6.0;
 				TEST_HOST = "$(BUILT_PRODUCTS_DIR)/PPPC Utility.app/Contents/MacOS/PPPC Utility";
 			};
 			name = Release;
@@ -727,7 +733,10 @@
 				PRODUCT_BUNDLE_IDENTIFIER = com.jamf.opensource.pppcutility;
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE_SPECIFIER = "";
-				SWIFT_VERSION = 5.0;
+				SWIFT_APPROACHABLE_CONCURRENCY = YES;
+				SWIFT_DEFAULT_ACTOR_ISOLATION = MainActor;
+				SWIFT_STRICT_CONCURRENCY = complete;
+				SWIFT_VERSION = 6.0;
 			};
 			name = Debug;
 		};
@@ -751,7 +760,10 @@
 				PRODUCT_BUNDLE_IDENTIFIER = com.jamf.opensource.pppcutility;
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				PROVISIONING_PROFILE_SPECIFIER = "";
-				SWIFT_VERSION = 5.0;
+				SWIFT_APPROACHABLE_CONCURRENCY = YES;
+				SWIFT_DEFAULT_ACTOR_ISOLATION = MainActor;
+				SWIFT_STRICT_CONCURRENCY = complete;
+				SWIFT_VERSION = 6.0;
 			};
 			name = Release;
 		};

PPPC UtilityTests/ModelTests/ModelTests.swift

@@ -38,12 +38,12 @@ struct ModelTests {
     // MARK: - tests for getExecutableFrom*
 
     @Test
-    func getExecutableBasedOnIdentifierAndCodeRequirement_BundleIdentifierType() {
+    func getExecutableBasedOnIdentifierAndCodeRequirement_BundleIdentifierType() async {
         let identifier = "com.example.App"
         let codeRequirement = "testCodeRequirement"
 
         // when
-        let executable = model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
+        let executable = await model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
 
         // then
         #expect(executable.displayName == "App")
@@ -52,12 +52,12 @@ struct ModelTests {
     }
 
     @Test
-    func getExecutableBasedOnIdentifierAndCodeRequirement_PathIdentifierType() {
+    func getExecutableBasedOnIdentifierAndCodeRequirement_PathIdentifierType() async {
         let identifier = "/myGreatPath/Awesome/Binary"
         let codeRequirement = "testCodeRequirement"
 
         // when
-        let executable = model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
+        let executable = await model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
 
         // then
         #expect(executable.displayName == "Binary")
@@ -66,12 +66,12 @@ struct ModelTests {
     }
 
     @Test
-    func getExecutableFromComputerBasedOnIdentifier() {
+    func getExecutableFromComputerBasedOnIdentifier() async {
         let identifier = "com.apple.Safari"
         let codeRequirement = "randomReq"
 
         // when
-        let executable = model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
+        let executable = await model.getExecutableFrom(identifier: identifier, codeRequirement: codeRequirement)
 
         // then
         #expect(executable.displayName == "Safari")
@@ -80,10 +80,10 @@ struct ModelTests {
     }
 
     @Test
-    func getExecutableFromSelectedExecutables() {
+    func getExecutableFromSelectedExecutables() async {
         let expectedIdentifier = "com.something.1"
-        let executable = model.getExecutableFrom(identifier: expectedIdentifier, codeRequirement: "testReq")
-        let executableSecond = model.getExecutableFrom(identifier: "com.something.2", codeRequirement: "testReq2")
+        let executable = await model.getExecutableFrom(identifier: expectedIdentifier, codeRequirement: "testReq")
+        let executableSecond = await model.getExecutableFrom(identifier: "com.something.2", codeRequirement: "testReq2")
         model.selectedExecutables = [executable, executableSecond]
 
         // when
@@ -97,11 +97,11 @@ struct ModelTests {
     }
 
     @Test
-    func getExecutableFromSelectedExecutables_Path() {
+    func getExecutableFromSelectedExecutables_Path() async {
         let expectedIdentifier = "/path/something/Special"
-        let executableOneMore = model.getExecutableFrom(identifier: "/path/something/Special1", codeRequirement: "testReq")
-        let executable = model.getExecutableFrom(identifier: expectedIdentifier, codeRequirement: "testReq")
-        let executableSecond = model.getExecutableFrom(identifier: "com.something.2", codeRequirement: "testReq2")
+        let executableOneMore = await model.getExecutableFrom(identifier: "/path/something/Special1", codeRequirement: "testReq")
+        let executable = await model.getExecutableFrom(identifier: expectedIdentifier, codeRequirement: "testReq")
+        let executableSecond = await model.getExecutableFrom(identifier: "com.something.2", codeRequirement: "testReq2")
         model.selectedExecutables = [executableOneMore, executable, executableSecond]
 
         // when
@@ -184,90 +184,90 @@ struct ModelTests {
     // MARK: - tests for importProfile
 
     @Test
-    func importProfileUsingAuthorizationKeyAllow() {
+    func importProfileUsingAuthorizationKeyAllow() async {
         let profile = TCCProfileBuilder().buildProfile(authorization: .allow)
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Allow")
     }
 
     @Test
-    func importProfileUsingAuthorizationKeyDeny() {
+    func importProfileUsingAuthorizationKeyDeny() async {
         let profile = TCCProfileBuilder().buildProfile(authorization: .deny)
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Deny")
     }
 
     @Test
-    func importProfileUsingAuthorizationKeyAllowStandardUsers() {
+    func importProfileUsingAuthorizationKeyAllowStandardUsers() async {
         let profile = TCCProfileBuilder().buildProfile(authorization: .allowStandardUserToSetSystemService)
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Let Standard Users Approve")
     }
 
     @Test
-    func importProfileUsingLegacyAllowKeyTrue() {
+    func importProfileUsingLegacyAllowKeyTrue() async {
         let profile = TCCProfileBuilder().buildProfile(allowed: true)
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Allow")
     }
 
     @Test
-    func importProfileUsingLegacyAllowKeyFalse() {
+    func importProfileUsingLegacyAllowKeyFalse() async {
         let profile = TCCProfileBuilder().buildProfile(allowed: false)
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Deny")
     }
 
     @Test
-    func importProfileUsingAuthorizationKeyThatIsInvalid() {
+    func importProfileUsingAuthorizationKeyThatIsInvalid() async {
         let profile = TCCProfileBuilder().buildProfile(authorization: "invalidkey")
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Deny")
     }
 
     @Test
-    func importProfileUsingAuthorizationKeyTranslatesToAppleEvents() {
+    func importProfileUsingAuthorizationKeyTranslatesToAppleEvents() async {
         let profile = TCCProfileBuilder().buildProfile(authorization: "deny")
 
         // when
-        model.importProfile(tccProfile: profile)
+        await model.importProfile(tccProfile: profile)
 
         // then
         #expect(model.selectedExecutables.count == 1)
         #expect(model.selectedExecutables.first?.policy.SystemPolicyAllFiles == "Deny")
     }
 
-    // MARK: - tests for profileToString
+    // MARK: - tests for policyFromString
 
     @Test
     func policyWhenUsingAllow() {

PPPC UtilityTests/NetworkingTests/NetworkAuthManagerTests.swift

@@ -111,33 +111,33 @@ struct NetworkAuthManagerTests {
     }
 
     @Test
-    func basicAuthString() throws {
+    func basicAuthString() async throws {
         let authManager = NetworkAuthManager(username: "test", password: "none")
 
         // when
-        let actual = try authManager.basicAuthString()
+        let actual = try await authManager.basicAuthString()
 
         // then
         #expect(actual == "dGVzdDpub25l")
     }
 
     @Test
-    func basicAuthStringEmptyUsername() {
+    func basicAuthStringEmptyUsername() async throws {
         let authManager = NetworkAuthManager(username: "", password: "none")
 
         // when/then
-        #expect(throws: AuthError.invalidUsernamePassword) {
-            try authManager.basicAuthString()
+        await #expect(throws: AuthError.invalidUsernamePassword) {
+            try await authManager.basicAuthString()
         }
     }
 
     @Test
-    func basicAuthStringEmptyPassword() {
+    func basicAuthStringEmptyPassword() async throws {
         let authManager = NetworkAuthManager(username: "mine", password: "")
 
         // when/then
-        #expect(throws: AuthError.invalidUsernamePassword) {
-            try authManager.basicAuthString()
+        await #expect(throws: AuthError.invalidUsernamePassword) {
+            try await authManager.basicAuthString()
         }
     }
 }

PPPC UtilityTests/TCCProfileImporterTests/TCCProfileImporterTests.swift

@@ -40,15 +40,13 @@ struct TCCProfileImporterTests {
         let tccProfileImporter = TCCProfileImporter()
         let resourceURL = try getResourceProfile(fileName: "TestTCCProfileSigned-Broken")
 
-        tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL) { tccProfileResult in
-            switch tccProfileResult {
-            case .success:
-                Issue.record("Malformed profile should not succeed")
-            case .failure(let tccProfileError):
-                if case TCCProfileImportError.invalidProfileFile = tccProfileError {
-                } else {
-                    Issue.record("Expected invalidProfileFile error, got \(tccProfileError)")
-                }
+        do {
+            _ = try tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL)
+            Issue.record("Malformed profile should not succeed")
+        } catch {
+            if case TCCProfileImportError.invalidProfileFile = error {
+            } else {
+                Issue.record("Expected invalidProfileFile error, got \(error)")
             }
         }
     }
@@ -59,13 +57,11 @@ struct TCCProfileImporterTests {
         let resourceURL = try getResourceProfile(fileName: "TestTCCUnsignedProfile-Empty")
         let expectedTCCProfileError = TCCProfileImportError.invalidProfileFile(description: "PayloadContent")
 
-        tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL) { tccProfileResult in
-            switch tccProfileResult {
-            case .success:
-                Issue.record("Empty Content, it shouldn't be success")
-            case .failure(let tccProfileError):
-                #expect(tccProfileError.localizedDescription == expectedTCCProfileError.localizedDescription)
-            }
+        do {
+            _ = try tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL)
+            Issue.record("Empty Content, it shouldn't be success")
+        } catch {
+            #expect(error.localizedDescription == expectedTCCProfileError.localizedDescription)
         }
     }
 
@@ -74,31 +70,19 @@ struct TCCProfileImporterTests {
         let tccProfileImporter = TCCProfileImporter()
         let resourceURL = try getResourceProfile(fileName: "TestTCCUnsignedProfile")
 
-        tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL) { tccProfileResult in
-            switch tccProfileResult {
-            case .success(let tccProfile):
-                #expect(!tccProfile.content.isEmpty)
-                #expect(!tccProfile.content[0].services.isEmpty)
-            case .failure(let tccProfileError):
-                Issue.record("Unable to read tccProfile \(tccProfileError.localizedDescription)")
-            }
-        }
+        let tccProfile = try tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL)
+        #expect(!tccProfile.content.isEmpty)
+        #expect(!tccProfile.content[0].services.isEmpty)
     }
 
     @Test
     func correctUnsignedProfileContentDataAllLowercase() throws {
         let tccProfileImporter = TCCProfileImporter()
         let resourceURL = try getResourceProfile(fileName: "TestTCCUnsignedProfile-allLower")
 
-        tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL) { tccProfileResult in
-            switch tccProfileResult {
-            case .success(let tccProfile):
-                #expect(!tccProfile.content.isEmpty)
-                #expect(!tccProfile.content[0].services.isEmpty)
-            case .failure(let tccProfileError):
-                Issue.record("Unable to read tccProfile \(tccProfileError.localizedDescription)")
-            }
-        }
+        let tccProfile = try tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL)
+        #expect(!tccProfile.content.isEmpty)
+        #expect(!tccProfile.content[0].services.isEmpty)
     }
 
     @Test
@@ -107,13 +91,11 @@ struct TCCProfileImporterTests {
         let resourceURL = try getResourceProfile(fileName: "TestTCCUnsignedProfile-Broken")
         let expectedTCCProfileError = TCCProfileImportError.invalidProfileFile(description: "The given data was not a valid property list.")
 
-        tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL) { tccProfileResult in
-            switch tccProfileResult {
-            case .success:
-                Issue.record("Broken Unsigned Profile, it shouldn't be success")
-            case .failure(let tccProfileError):
-                #expect(tccProfileError.localizedDescription == expectedTCCProfileError.localizedDescription)
-            }
+        do {
+            _ = try tccProfileImporter.decodeTCCProfile(fileUrl: resourceURL)
+            Issue.record("Broken Unsigned Profile, it shouldn't be success")
+        } catch {
+            #expect(error.localizedDescription == expectedTCCProfileError.localizedDescription)
         }
     }