fix: clear lint blockers

apps/android/app/build.gradle.kts

@@ -119,7 +119,7 @@ dependencies {
   testImplementation("io.kotest:kotest-runner-junit5-jvm:6.0.7")
   testImplementation("io.kotest:kotest-assertions-core-jvm:6.0.7")
   testImplementation("org.robolectric:robolectric:4.16")
-  testRuntimeOnly("org.junit.vintage:junit-vintage-engine:6.0.1")
+  testRuntimeOnly("org.junit.vintage:junit-vintage-engine:6.0.2")
 }
 
 tasks.withType<Test>().configureEach {

apps/android/app/src/main/java/com/clawdbot/android/bridge/BridgeTls.kt

@@ -1,5 +1,6 @@
 package com.clawdbot.android.bridge
 
+import android.annotation.SuppressLint
 import java.net.Socket
 import java.security.MessageDigest
 import java.security.SecureRandom
@@ -21,6 +22,7 @@ fun createBridgeSocket(params: BridgeTlsParams?, onStore: ((String) -> Unit)? =
   if (params == null) return Socket()
   val expected = params.expectedFingerprint?.let(::normalizeFingerprint)
   val defaultTrust = defaultTrustManager()
+  @SuppressLint("CustomX509TrustManager")
   val trustManager =
     object : X509TrustManager {
       override fun checkClientTrusted(chain: Array<X509Certificate>, authType: String) {

apps/macos/Sources/Clawdbot/NodeMode/MacNodeModeCoordinator.swift

@@ -463,7 +463,7 @@ final class MacNodeModeCoordinator {
         }
     }
 
-    nonisolated private static func targetFromResult(_ result: NWBrowser.Result) -> BridgeTarget? {
+    private nonisolated static func targetFromResult(_ result: NWBrowser.Result) -> BridgeTarget? {
         let endpoint = result.endpoint
         guard case .service = endpoint else { return nil }
         let stableID = BridgeEndpointID.stableID(endpoint)
@@ -477,7 +477,7 @@ final class MacNodeModeCoordinator {
         return BridgeTarget(endpoint: endpoint, stableID: stableID, tls: tlsParams)
     }
 
-    nonisolated private static func resolveDiscoveredTLSParams(
+    private nonisolated static func resolveDiscoveredTLSParams(
         stableID: String,
         tlsEnabled: Bool,
         tlsFingerprintSha256: String?) -> MacNodeBridgeTLSParams?
@@ -503,7 +503,7 @@ final class MacNodeModeCoordinator {
         return nil
     }
 
-    nonisolated private static func resolveManualTLSParams(stableID: String) -> MacNodeBridgeTLSParams? {
+    private nonisolated static func resolveManualTLSParams(stableID: String) -> MacNodeBridgeTLSParams? {
         if let stored = MacNodeBridgeTLSStore.loadFingerprint(stableID: stableID) {
             return MacNodeBridgeTLSParams(
                 required: true,
@@ -519,12 +519,12 @@ final class MacNodeModeCoordinator {
             storeKey: stableID)
     }
 
-    nonisolated private static func txtValue(_ dict: [String: String], key: String) -> String? {
+    private nonisolated static func txtValue(_ dict: [String: String], key: String) -> String? {
         let raw = dict[key]?.trimmingCharacters(in: .whitespacesAndNewlines) ?? ""
         return raw.isEmpty ? nil : raw
     }
 
-    nonisolated private static func txtBoolValue(_ dict: [String: String], key: String) -> Bool {
+    private nonisolated static func txtBoolValue(_ dict: [String: String], key: String) -> Bool {
         guard let raw = self.txtValue(dict, key: key)?.lowercased() else { return false }
         return raw == "1" || raw == "true" || raw == "yes"
     }