Swift 6 / Concurrency fixes (#578)

* Enable language mode * WIP * WIP * Fix concurrency issues in SmartCardStore * Switch to SMAppService * Bump runners * Base * Finish Testing migration * Tweak async for updater * More * Backport mutex * Revert "Backport mutex" This reverts commit 9b02afb20c. * WIP * Reenable * Fix preview. * Update package. * Bump to latest public macOS and Xcode * Bump back down to 6.1 * Update to Xcode 26. * Fixed tests. * More cleanup * Env fixes * var->let * Cleanup * Persist auth async * Whitespace. * Whitespace. * Cleanup. * Cleanup * Redoing locks in actors bc of observable * Actors. * . * Specify b5 * Update package to 6.2 * Fix disabled updater * Remove preconcurrency warning * Move updater init
2026-03-06 01:37:22 +01:00 · 2025-08-17 12:38:18 -05:00
parent 5cc62b628a
commit 0e6b218f1f
59 changed files with 834 additions and 857 deletions
--- a/Sources/Packages/Tests/BriefTests/ReleaseParsingTests.swift
+++ b/Sources/Packages/Tests/BriefTests/ReleaseParsingTests.swift
@@ -1,54 +1,65 @@
-import XCTest
+import Testing
+import Foundation
@testable import Brief

-class ReleaseParsingTests: XCTestCase {
+@Suite struct ReleaseParsingTests {

-    func testNonCritical() {
+    @Test
+    func nonCritical() {
        let release = Release(name: "1.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Initial release")
-        XCTAssert(release.critical == false)
+        #expect(release.critical == false)
    }

-    func testCritical() {
+    @Test
+    func critical() {
        let release = Release(name: "1.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Critical Security Update")
-        XCTAssert(release.critical == true)
+        #expect(release.critical == true)
    }

-    func testOSMissing() {
+    @Test
+    func osMissing() {
        let release = Release(name: "1.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Critical Security Update")
-        XCTAssert(release.minimumOSVersion == SemVer("11.0.0"))
+        #expect(release.minimumOSVersion == SemVer("11.0.0"))
    }

-    func testOSPresentWithContentBelow() {
+    @Test
+    func osPresentWithContentBelow() {
        let release = Release(name: "1.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Critical Security Update ##Minimum macOS Version\n1.2.3\nBuild info")
-        XCTAssert(release.minimumOSVersion == SemVer("1.2.3"))
+        #expect(release.minimumOSVersion == SemVer("1.2.3"))
    }

-    func testOSPresentAtEnd() {
+    @Test
+    func osPresentAtEnd() {
        let release = Release(name: "1.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Critical Security Update Minimum macOS Version: 1.2.3")
-        XCTAssert(release.minimumOSVersion == SemVer("1.2.3"))
+        #expect(release.minimumOSVersion == SemVer("1.2.3"))
    }

-    func testOSWithMacOSPrefix() {
+    @Test
+    func osWithMacOSPrefix() {
        let release = Release(name: "1.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Critical Security Update Minimum macOS Version: macOS 1.2.3")
-        XCTAssert(release.minimumOSVersion == SemVer("1.2.3"))
+        #expect(release.minimumOSVersion == SemVer("1.2.3"))
    }

-    func testOSGreaterThanMinimum() {
+    @Test
+    func osGreaterThanMinimum() {
        let release = Release(name: "1.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Critical Security Update Minimum macOS Version: 1.2.3")
-        XCTAssert(release.minimumOSVersion < SemVer("11.0.0"))
+        #expect(release.minimumOSVersion < SemVer("11.0.0"))
    }

-    func testOSEqualToMinimum() {
+    @Test
+    func osEqualToMinimum() {
        let release = Release(name: "1.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Critical Security Update Minimum macOS Version: 11.2.3")
-        XCTAssert(release.minimumOSVersion <= SemVer("11.2.3"))
+        #expect(release.minimumOSVersion <= SemVer("11.2.3"))
    }

-    func testOSLessThanMinimum() {
+    @Test
+    func osLessThanMinimum() {
        let release = Release(name: "1.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Critical Security Update Minimum macOS Version: 1.2.3")
-        XCTAssert(release.minimumOSVersion > SemVer("1.0.0"))
+        #expect(release.minimumOSVersion > SemVer("1.0.0"))
    }

-    func testGreatestSelectedIfOldPatchIsPublishedLater() {
+    @Test
+    @MainActor func greatestSelectedIfOldPatchIsPublishedLater() async throws {
        // If 2.x.x series has been published, and a patch for 1.x.x is issued
        // 2.x.x should still be selected if user can run it.
        let updater = Updater(checkOnLaunch: false, osVersion: SemVer("2.2.3"), currentVersion: SemVer("1.0.0"))
@@ -60,16 +71,13 @@ class ReleaseParsingTests: XCTestCase {
            Release(name: "1.0.2", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Emergency patch! Minimum macOS Version: 1.2.3"),
        ]

-        let expectation = XCTestExpectation()
-        updater.evaluate(releases: releases)
-        DispatchQueue.main.async {
-            XCTAssert(updater.update == two)
-            expectation.fulfill()
-        }
-        wait(for: [expectation], timeout: 1)
+        await updater.evaluate(releases: releases)
+        try await Task.sleep(nanoseconds: 1)
+        #expect(updater.update == two)
    }

-    func testLatestVersionIsRunnable() {
+    @Test
+    @MainActor func latestVersionIsRunnable() async throws {
        // If the 2.x.x series has been published but the user can't run it
        // the last version the user can run should be selected.
        let updater = Updater(checkOnLaunch: false, osVersion: SemVer("1.2.3"), currentVersion: SemVer("1.0.0"))
@@ -80,16 +88,13 @@ class ReleaseParsingTests: XCTestCase {
            Release(name: "2.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "2.0 available! Minimum macOS Version: 2.2.3"),
            Release(name: "1.0.2", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Emergency patch! Minimum macOS Version: 1.2.3"),
        ]
-        let expectation = XCTestExpectation()
-        updater.evaluate(releases: releases)
-        DispatchQueue.main.async {
-            XCTAssert(updater.update == oneOhTwo)
-            expectation.fulfill()
-        }
-        wait(for: [expectation], timeout: 1)
+        await updater.evaluate(releases: releases)
+        try await Task.sleep(nanoseconds: 1)
+        #expect(updater.update == oneOhTwo)
    }

-    func testSorting() {
+    @Test
+    func sorting() {
        let two = Release(name: "2.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "2.0 available!")
        let releases = [
            Release(name: "1.0.0", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Initial release"),
@@ -98,7 +103,7 @@ class ReleaseParsingTests: XCTestCase {
            Release(name: "1.0.2", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Emergency patch!"),
        ]
        let sorted = releases.sorted().reversed().first
-        XCTAssert(sorted == two)
+        #expect(sorted == two)
    }

 }
--- a/Sources/Packages/Tests/BriefTests/SemVerTests.swift
+++ b/Sources/Packages/Tests/BriefTests/SemVerTests.swift
@@ -1,51 +1,52 @@
-import XCTest
+import Testing
+import Foundation
@testable import Brief

-class SemVerTests: XCTestCase {
+@Suite struct SemVerTests {

-    func testEqual() {
+    @Test func equal() {
        let current = SemVer("1.0.2")
        let old = SemVer("1.0.2")
-        XCTAssert(!(current > old))
+        #expect(!(current > old))
    }

-    func testPatchGreaterButMinorLess() {
+    @Test func patchGreaterButMinorLess() {
        let current = SemVer("1.1.0")
        let old = SemVer("1.0.2")
-        XCTAssert(current > old)
+        #expect(current > old)
    }

-    func testMajorSameMinorGreater() {
+    @Test func majorSameMinorGreater() {
        let current = SemVer("1.0.2")
        let new = SemVer("1.0.3")
-        XCTAssert(current < new)
+        #expect(current < new)
    }

-    func testMajorGreaterMinorLesser() {
+    @Test func majorGreaterMinorLesser() {
        let current = SemVer("1.0.2")
        let new = SemVer("2.0.0")
-        XCTAssert(current < new)
+        #expect(current < new)
    }

-    func testRegularParsing() {
+    @Test func regularParsing() {
        let current = SemVer("1.0.2")
-        XCTAssert(current.versionNumbers == [1, 0, 2])
+        #expect(current.versionNumbers == [1, 0, 2])
    }

-    func testNoPatch() {
+    @Test func noPatch() {
        let current = SemVer("1.1")
-        XCTAssert(current.versionNumbers == [1, 1, 0])
+        #expect(current.versionNumbers == [1, 1, 0])
    }

-    func testGarbage() {
+    @Test func garbage() {
        let current = SemVer("Test")
-        XCTAssert(current.versionNumbers == [0, 0, 0])
+        #expect(current.versionNumbers == [0, 0, 0])
    }

-    func testBeta() {
+    @Test func beta() {
        let current = SemVer("1.0.2")
        let new = SemVer("1.1.0_beta1")
-        XCTAssert(current < new)
+        #expect(current < new)
    }

 }
--- a/Sources/Packages/Tests/SecretAgentKitTests/AgentTests.swift
+++ b/Sources/Packages/Tests/SecretAgentKitTests/AgentTests.swift
@@ -1,46 +1,46 @@
 import Foundation
-import XCTest
+import Testing
 import CryptoKit
@testable import SecretKit
@testable import SecretAgentKit

-class AgentTests: XCTestCase {
+@Suite struct AgentTests {

    let stubWriter = StubFileHandleWriter()

    // MARK: Identity Listing

-    func testEmptyStores() async {
+    @Test func emptyStores() async {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestIdentities)
        let agent = Agent(storeList: SecretStoreList())
        await agent.handle(reader: stubReader, writer: stubWriter)
-        XCTAssertEqual(stubWriter.data, Constants.Responses.requestIdentitiesEmpty)
+        #expect(stubWriter.data == Constants.Responses.requestIdentitiesEmpty)
    }

-    func testIdentitiesList() async {
+    @Test func identitiesList() async {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestIdentities)
-        let list = storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
+        let list = await storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
        let agent = Agent(storeList: list)
        await agent.handle(reader: stubReader, writer: stubWriter)
-        XCTAssertEqual(stubWriter.data, Constants.Responses.requestIdentitiesMultiple)
+        #expect(stubWriter.data == Constants.Responses.requestIdentitiesMultiple)
    }

    // MARK: Signatures

-    func testNoMatchingIdentities() async {
+    @Test func noMatchingIdentities() async {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignatureWithNoneMatching)
-        let list = storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
+        let list = await storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
        let agent = Agent(storeList: list)
        await agent.handle(reader: stubReader, writer: stubWriter)
-//        XCTAssertEqual(stubWriter.data, Constants.Responses.requestFailure)
+        #expect(stubWriter.data == Constants.Responses.requestFailure)
    }

-    func testSignature() async {
+    @Test func signature() async throws {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
        let requestReader = OpenSSHReader(data: Constants.Requests.requestSignature[5...])
        _ = requestReader.readNextChunk()
        let dataToSign = requestReader.readNextChunk()
-        let list = storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
+        let list = await storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
        let agent = Agent(storeList: list)
        await agent.handle(reader: stubReader, writer: stubWriter)
        let outer = OpenSSHReader(data: stubWriter.data[5...])
@@ -62,35 +62,35 @@ class AgentTests: XCTestCase {
        rs.append(s)
        let signature = try! P256.Signing.ECDSASignature(rawRepresentation: rs)
        let referenceValid = try! P256.Signing.PublicKey(x963Representation: Constants.Secrets.ecdsa256Secret.publicKey).isValidSignature(signature, for: dataToSign)
-        let store = list.stores.first!
-        let derVerifies = try! store.verify(signature: signature.derRepresentation, for: dataToSign, with: AnySecret(Constants.Secrets.ecdsa256Secret))
-        let invalidRandomSignature = try? store.verify(signature: "invalid".data(using: .utf8)!, for: dataToSign, with: AnySecret(Constants.Secrets.ecdsa256Secret))
-        let invalidRandomData = try? store.verify(signature: signature.derRepresentation, for: "invalid".data(using: .utf8)!, with: AnySecret(Constants.Secrets.ecdsa256Secret))
-        let invalidWrongKey = try? store.verify(signature: signature.derRepresentation, for: dataToSign, with: AnySecret(Constants.Secrets.ecdsa384Secret))
-        XCTAssertTrue(referenceValid)
-        XCTAssertTrue(derVerifies)
-        XCTAssert(invalidRandomSignature == false)
-        XCTAssert(invalidRandomData == false)
-        XCTAssert(invalidWrongKey == false)
+        let store = await list.stores.first!
+        let derVerifies = try await store.verify(signature: signature.derRepresentation, for: dataToSign, with: AnySecret(Constants.Secrets.ecdsa256Secret))
+        let invalidRandomSignature = try await store.verify(signature: "invalid".data(using: .utf8)!, for: dataToSign, with: AnySecret(Constants.Secrets.ecdsa256Secret))
+        let invalidRandomData = try await store.verify(signature: signature.derRepresentation, for: "invalid".data(using: .utf8)!, with: AnySecret(Constants.Secrets.ecdsa256Secret))
+        let invalidWrongKey = try await store.verify(signature: signature.derRepresentation, for: dataToSign, with: AnySecret(Constants.Secrets.ecdsa384Secret))
+        #expect(referenceValid)
+        #expect(derVerifies)
+        #expect(invalidRandomSignature == false)
+        #expect(invalidRandomData == false)
+        #expect(invalidWrongKey == false)
    }

    // MARK: Witness protocol

-    func testWitnessObjectionStopsRequest() async {
+    @Test func witnessObjectionStopsRequest() async {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
-        let list = storeList(with: [Constants.Secrets.ecdsa256Secret])
+        let list = await storeList(with: [Constants.Secrets.ecdsa256Secret])
        let witness = StubWitness(speakNow: { _,_  in
            return true
        }, witness: { _, _ in })
        let agent = Agent(storeList: list, witness: witness)
        await agent.handle(reader: stubReader, writer: stubWriter)
-        XCTAssertEqual(stubWriter.data, Constants.Responses.requestFailure)
+        #expect(stubWriter.data == Constants.Responses.requestFailure)
    }

-    func testWitnessSignature() async {
+    @Test func witnessSignature() async {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
-        let list = storeList(with: [Constants.Secrets.ecdsa256Secret])
-        var witnessed = false
+        let list = await storeList(with: [Constants.Secrets.ecdsa256Secret])
+        nonisolated(unsafe) var witnessed = false
        let witness = StubWitness(speakNow: { _, trace  in
            return false
        }, witness: { _, trace in
@@ -98,14 +98,14 @@ class AgentTests: XCTestCase {
        })
        let agent = Agent(storeList: list, witness: witness)
        await agent.handle(reader: stubReader, writer: stubWriter)
-        XCTAssertTrue(witnessed)
+        #expect(witnessed)
    }

-    func testRequestTracing() async {
+    @Test func requestTracing() async {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
-        let list = storeList(with: [Constants.Secrets.ecdsa256Secret])
-        var speakNowTrace: SigningRequestProvenance! = nil
-        var witnessTrace: SigningRequestProvenance! = nil
+        let list = await storeList(with: [Constants.Secrets.ecdsa256Secret])
+        nonisolated(unsafe) var speakNowTrace: SigningRequestProvenance?
+        nonisolated(unsafe) var witnessTrace: SigningRequestProvenance?
        let witness = StubWitness(speakNow: { _, trace  in
            speakNowTrace = trace
            return false
@@ -114,38 +114,38 @@ class AgentTests: XCTestCase {
        })
        let agent = Agent(storeList: list, witness: witness)
        await agent.handle(reader: stubReader, writer: stubWriter)
-        XCTAssertEqual(witnessTrace, speakNowTrace)
-        XCTAssertEqual(witnessTrace.origin.displayName, "Finder")
-        XCTAssertEqual(witnessTrace.origin.validSignature, true)
-        XCTAssertEqual(witnessTrace.origin.parentPID, 1)
+        #expect(witnessTrace == speakNowTrace)
+        #expect(witnessTrace?.origin.displayName == "Finder")
+        #expect(witnessTrace?.origin.validSignature == true)
+        #expect(witnessTrace?.origin.parentPID == 1)
    }

    // MARK: Exception Handling

-    func testSignatureException() async {
+    @Test func signatureException() async {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
-        let list = storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
-        let store = list.stores.first?.base as! Stub.Store
+        let list = await storeList(with: [Constants.Secrets.ecdsa256Secret, Constants.Secrets.ecdsa384Secret])
+        let store = await list.stores.first?.base as! Stub.Store
        store.shouldThrow = true
        let agent = Agent(storeList: list)
        await agent.handle(reader: stubReader, writer: stubWriter)
-        XCTAssertEqual(stubWriter.data, Constants.Responses.requestFailure)
+        #expect(stubWriter.data == Constants.Responses.requestFailure)
    }

    // MARK: Unsupported

-    func testUnhandledAdd() async {
+    @Test func unhandledAdd() async {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.addIdentity)
        let agent = Agent(storeList: SecretStoreList())
        await agent.handle(reader: stubReader, writer: stubWriter)
-        XCTAssertEqual(stubWriter.data, Constants.Responses.requestFailure)
+        #expect(stubWriter.data == Constants.Responses.requestFailure)
    }

 }

 extension AgentTests {

-    func storeList(with secrets: [Stub.Secret]) -> SecretStoreList {
+    @MainActor func storeList(with secrets: [Stub.Secret]) async -> SecretStoreList {
        let store = Stub.Store()
        store.secrets.append(contentsOf: secrets)
        let storeList = SecretStoreList()
--- a/Sources/Packages/Tests/SecretAgentKitTests/StubFileHandleWriter.swift
+++ b/Sources/Packages/Tests/SecretAgentKitTests/StubFileHandleWriter.swift
@@ -1,7 +1,7 @@
 import Foundation
 import SecretAgentKit

-class StubFileHandleWriter: FileHandleWriter {
+class StubFileHandleWriter: FileHandleWriter, @unchecked Sendable {

    var data = Data()

--- a/Sources/Packages/Tests/SecretAgentKitTests/StubStore.swift
+++ b/Sources/Packages/Tests/SecretAgentKitTests/StubStore.swift
@@ -6,7 +6,7 @@ struct Stub {}

 extension Stub {

-    public final class Store: SecretStore {
+    public final class Store: SecretStore, @unchecked Sendable {

        public let isAvailable = true
        public let id = UUID()
--- a/Sources/Packages/Tests/SecretAgentKitTests/StubWitness.swift
+++ b/Sources/Packages/Tests/SecretAgentKitTests/StubWitness.swift
@@ -3,8 +3,8 @@ import SecretAgentKit

 struct StubWitness {

-    let speakNow: (AnySecret, SigningRequestProvenance) -> Bool
-    let witness: (AnySecret, SigningRequestProvenance) -> ()
+    let speakNow: @Sendable (AnySecret, SigningRequestProvenance) -> Bool
+    let witness: @Sendable (AnySecret, SigningRequestProvenance) -> ()

 }

--- a/Sources/Packages/Tests/SecretKitTests/AnySecretTests.swift
+++ b/Sources/Packages/Tests/SecretKitTests/AnySecretTests.swift
@@ -1,19 +1,19 @@
 import Foundation
-import XCTest
+import Testing
@testable import SecretKit
@testable import SecureEnclaveSecretKit
@testable import SmartCardSecretKit

-class AnySecretTests: XCTestCase {
+@Suite struct AnySecretTests {

-    func testEraser() {
+    @Test func eraser() {
        let secret = SmartCard.Secret(id: UUID().uuidString.data(using: .utf8)!, name: "Name", algorithm: .ellipticCurve, keySize: 256, publicKey: UUID().uuidString.data(using: .utf8)!)
        let erased = AnySecret(secret)
-        XCTAssert(erased.id == secret.id as AnyHashable)
-        XCTAssert(erased.name == secret.name)
-        XCTAssert(erased.algorithm == secret.algorithm)
-        XCTAssert(erased.keySize == secret.keySize)
-        XCTAssert(erased.publicKey == secret.publicKey)
+        #expect(erased.id == secret.id as AnyHashable)
+        #expect(erased.name == secret.name)
+        #expect(erased.algorithm == secret.algorithm)
+        #expect(erased.keySize == secret.keySize)
+        #expect(erased.publicKey == secret.publicKey)
    }

 }
--- a/Sources/Packages/Tests/SecretKitTests/OpenSSHReaderTests.swift
+++ b/Sources/Packages/Tests/SecretKitTests/OpenSSHReaderTests.swift
@@ -1,19 +1,19 @@
 import Foundation
-import XCTest
+import Testing
@testable import SecretKit
@testable import SecureEnclaveSecretKit
@testable import SmartCardSecretKit

-class OpenSSHReaderTests: XCTestCase {
+@Suite struct OpenSSHReaderTests {

-    func testSignatureRequest() {
+    @Test func signatureRequest() {
        let reader = OpenSSHReader(data: Constants.signatureRequest)
        let hash = reader.readNextChunk()
-        XCTAssert(hash == Data(base64Encoded: "AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBEqCbkJbOHy5S1wVCaJoKPmpS0egM4frMqllgnlRRQ/Uvnn6EVS8oV03cPA2Bz0EdESyRKA/sbmn0aBtgjIwGELxu45UXEW1TEz6TxyS0u3vuIqR3Wo1CrQWRDnkrG/pBQ=="))
+        #expect(hash == Data(base64Encoded: "AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBEqCbkJbOHy5S1wVCaJoKPmpS0egM4frMqllgnlRRQ/Uvnn6EVS8oV03cPA2Bz0EdESyRKA/sbmn0aBtgjIwGELxu45UXEW1TEz6TxyS0u3vuIqR3Wo1CrQWRDnkrG/pBQ=="))
        let dataToSign = reader.readNextChunk()
-        XCTAssert(dataToSign == Data(base64Encoded: "AAAAICi5xf1ixOestUlxdjvt/BDcM+rzhwy7Vo8cW5YcxA8+MgAAAANnaXQAAAAOc3NoLWNvbm5lY3Rpb24AAAAJcHVibGlja2V5AQAAABNlY2RzYS1zaGEyLW5pc3RwMzg0AAAAiAAAABNlY2RzYS1zaGEyLW5pc3RwMzg0AAAACG5pc3RwMzg0AAAAYQRKgm5CWzh8uUtcFQmiaCj5qUtHoDOH6zKpZYJ5UUUP1L55+hFUvKFdN3DwNgc9BHREskSgP7G5p9GgbYIyMBhC8buOVFxFtUxM+k8cktLt77iKkd1qNQq0FkQ55Kxv6QU="))
+        #expect(dataToSign == Data(base64Encoded: "AAAAICi5xf1ixOestUlxdjvt/BDcM+rzhwy7Vo8cW5YcxA8+MgAAAANnaXQAAAAOc3NoLWNvbm5lY3Rpb24AAAAJcHVibGlja2V5AQAAABNlY2RzYS1zaGEyLW5pc3RwMzg0AAAAiAAAABNlY2RzYS1zaGEyLW5pc3RwMzg0AAAACG5pc3RwMzg0AAAAYQRKgm5CWzh8uUtcFQmiaCj5qUtHoDOH6zKpZYJ5UUUP1L55+hFUvKFdN3DwNgc9BHREskSgP7G5p9GgbYIyMBhC8buOVFxFtUxM+k8cktLt77iKkd1qNQq0FkQ55Kxv6QU="))
        let empty = reader.readNextChunk()
-        XCTAssert(empty.isEmpty)
+        #expect(empty.isEmpty)
    }

 }
--- a/Sources/Packages/Tests/SecretKitTests/OpenSSHWriterTests.swift
+++ b/Sources/Packages/Tests/SecretKitTests/OpenSSHWriterTests.swift
@@ -1,45 +1,45 @@
 import Foundation
-import XCTest
+import Testing
@testable import SecretKit
@testable import SecureEnclaveSecretKit
@testable import SmartCardSecretKit

-class OpenSSHWriterTests: XCTestCase {
+@Suite struct OpenSSHWriterTests {

    let writer = OpenSSHKeyWriter()

-    func testECDSA256MD5Fingerprint() {
-        XCTAssertEqual(writer.openSSHMD5Fingerprint(secret:  Constants.ecdsa256Secret), "dc:60:4d:ff:c2:d9:18:8b:2f:24:40:b5:7f:43:47:e5")
+    @Test func ecdsa256MD5Fingerprint() {
+        #expect(writer.openSSHMD5Fingerprint(secret:  Constants.ecdsa256Secret) == "dc:60:4d:ff:c2:d9:18:8b:2f:24:40:b5:7f:43:47:e5")
    }

-    func testECDSA256SHA256Fingerprint() {
-        XCTAssertEqual(writer.openSSHSHA256Fingerprint(secret:  Constants.ecdsa256Secret), "SHA256:/VQFeGyM8qKA8rB6WGMuZZxZLJln2UgXLk3F0uTF650")
+    @Test func ecdsa256SHA256Fingerprint() {
+        #expect(writer.openSSHSHA256Fingerprint(secret:  Constants.ecdsa256Secret) == "SHA256:/VQFeGyM8qKA8rB6WGMuZZxZLJln2UgXLk3F0uTF650")
    }

-    func testECDSA256PublicKey() {
-        XCTAssertEqual(writer.openSSHString(secret:  Constants.ecdsa256Secret),
+    @Test func ecdsa256PublicKey() {
+        #expect(writer.openSSHString(secret:  Constants.ecdsa256Secret) ==
        "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOVEjgAA5PHqRgwykjN5qM21uWCHFSY/Sqo5gkHAkn+e1MMQKHOLga7ucB9b3mif33MBid59GRK9GEPVlMiSQwo=")
    }

-    func testECDSA256Hash() {
-    XCTAssertEqual(writer.data(secret: Constants.ecdsa256Secret), Data(base64Encoded: "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOVEjgAA5PHqRgwykjN5qM21uWCHFSY/Sqo5gkHAkn+e1MMQKHOLga7ucB9b3mif33MBid59GRK9GEPVlMiSQwo="))
+    @Test func ecdsa256Hash() {
+    #expect(writer.data(secret: Constants.ecdsa256Secret) == Data(base64Encoded: "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOVEjgAA5PHqRgwykjN5qM21uWCHFSY/Sqo5gkHAkn+e1MMQKHOLga7ucB9b3mif33MBid59GRK9GEPVlMiSQwo="))
    }

-    func testECDSA384MD5Fingerprint() {
-        XCTAssertEqual(writer.openSSHMD5Fingerprint(secret:  Constants.ecdsa384Secret), "66:e0:66:d7:41:ed:19:8e:e2:20:df:ce:ac:7e:2b:6e")
+    @Test func ecdsa384MD5Fingerprint() {
+        #expect(writer.openSSHMD5Fingerprint(secret:  Constants.ecdsa384Secret) == "66:e0:66:d7:41:ed:19:8e:e2:20:df:ce:ac:7e:2b:6e")
    }

-    func testECDSA384SHA256Fingerprint() {
-        XCTAssertEqual(writer.openSSHSHA256Fingerprint(secret:  Constants.ecdsa384Secret), "SHA256:GJUEymQNL9ymaMRRJCMGY4rWIJHu/Lm8Yhao/PAiz1I")
+    @Test func ecdsa384SHA256Fingerprint() {
+        #expect(writer.openSSHSHA256Fingerprint(secret:  Constants.ecdsa384Secret) == "SHA256:GJUEymQNL9ymaMRRJCMGY4rWIJHu/Lm8Yhao/PAiz1I")
    }

-    func testECDSA384PublicKey() {
-        XCTAssertEqual(writer.openSSHString(secret:  Constants.ecdsa384Secret),
+    @Test func ecdsa384PublicKey() {
+        #expect(writer.openSSHString(secret:  Constants.ecdsa384Secret) ==
                       "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBG2MNc/C5OTHFE2tBvbZCVcpOGa8vBMquiTLkH4lwkeqOPxhi+PyYUfQZMTRJNPiTyWPoMBqNiCIFRVv60yPN/AHufHaOgbdTP42EgMlMMImkAjYUEv9DESHTVIs2PW1yQ==")
    }

-    func testECDSA384Hash() {
-        XCTAssertEqual(writer.data(secret: Constants.ecdsa384Secret), Data(base64Encoded: "AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBG2MNc/C5OTHFE2tBvbZCVcpOGa8vBMquiTLkH4lwkeqOPxhi+PyYUfQZMTRJNPiTyWPoMBqNiCIFRVv60yPN/AHufHaOgbdTP42EgMlMMImkAjYUEv9DESHTVIs2PW1yQ=="))
+    @Test func ecdsa384Hash() {
+        #expect(writer.data(secret: Constants.ecdsa384Secret) == Data(base64Encoded: "AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBG2MNc/C5OTHFE2tBvbZCVcpOGa8vBMquiTLkH4lwkeqOPxhi+PyYUfQZMTRJNPiTyWPoMBqNiCIFRVv60yPN/AHufHaOgbdTP42EgMlMMImkAjYUEv9DESHTVIs2PW1yQ=="))
    }

 }