cocoapods-entitlements-statistics 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: b18c67b431404139e32390800cee36de2c9443a053716f29832d32d22424954a
+  data.tar.gz: be771fb8171db38589b66f32155b946958d5d34b79b4ace92f8e8e6ea146bbd5
+SHA512:
+  metadata.gz: e3596496a3b67f9ae0cb268fe08118f415ca5e9073cea82017bb8176cef932158b44768cfbcebb9b7185b74ff293420895f2221c8aa02d069ebae6dc04305c70
+  data.tar.gz: 9c740e1c280ab955be62a9f51a7678bc07a50c5a28d16049cedf1964283f17ec0c12d87a6cab6710c0540821f6da7a888130264b3e7ca0d72b63a2288951f1a1

data/.gitignore

@@ -0,0 +1,3 @@
+.DS_Store
+pkg
+.idea/

data/Gemfile

@@ -0,0 +1,18 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in cocoapods-entitlements-statistics.gemspec
+gemspec
+gem 'crimp'
+gem 'zip'
+
+group :development do
+  gem 'cocoapods'
+
+  gem 'mocha'
+  gem 'bacon'
+  gem 'mocha-on-bacon'
+  gem 'prettybacon'
+  gem 'crimp'
+  gem 'zip'
+
+end

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2023 bin <tang.bin@olaola.chat>
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,134 @@
+# cocoapods-entitlements-statistics
+
+iOS app 权限统计, 使用cocoapods plugin 触发
+
+
+## 安装
+
+```shell
+# 下载Releases v0.0.1 gem文件，然后进入下载目录执行下面命令
+sudo gem install cocoapods-entitlements-statistics-0.0.1.gem
+```
+
+## 使用
+
+在 Podfile 文件添加插件引用
+
+```ruby
+#引入插件, 可以自定义 report_path, 默认在(iOS)项目根目录
+plugin 'cocoapods-entitlements-statistics', :report_path => '/Users/rd01/Desktop'
+#plugin 'cocoapods-entitlements-statistics'
+
+target 'xxx' do
+....
+
+```
+
+执行 pod install 会输出统计报告路径
+
+```shell
+$ pod install
+.....
+[!] Entitlements Statistics Report : path/to/entitlements_statistics/analyze_report
+Pod installation complete! There are 75 dependencies from the Podfile and 116 total pods installed.
+
+```
+
+## 说明
+
+##### 版本权限统计
+
+默认会在 ~/appInfo-#{app_bundle_id}/ 下为每个版本建立权限统计文件
+
+```yaml
+
+├── appInfo-com.ola.chat
+│   ├── entitlements_5.2.0.yml
+│   ├── entitlements_5.3.0.yml
+│   └── entitlements_versions.yml
+```
+
+##### 报告内容如下: 
+
+* 权限变化对比分析(增、删、改)
+* (对比的各)版本权限列表详情
+
+```yaml
+
+compared 5.3.0  5.2.0
+
+modify capabilitys :
+5.3.0
+- items ..
+5.2.0
+- items ..
+------------------------------
+add capabilitys :
+- items ..
+------------------------------
+remove capabilitys :
+- items ..
+------------------------------
+
+5.3.0 entitlements list:
+...
+
+5.2.0 entitlements list:
+...
+
+```
+
+## iOS 项目权限
+
+#### 大致分类 Capabilitys、info.plist(Cocoa Keys)
+
+*  Capabilitys
+
+    > Xcode->Target->Signing&Capabilitys->Capabilitys 下添加和删除 Capabilitys , 这里不是随便添加的,需要首先在苹果开发者后台注册或者声明对应Capabilitys. 更新的Provisioning Profile文件,其中包含Entitlements 字段包含(几乎所有的)已注册Capabilitys, Xcode中添加Capabilitys后会同Profile文件校验。不匹配则无法通过编译签名。
+
+    Supported capabilities (iOS): 
+    https://developer.apple.com/help/account/reference/supported-capabilities-ios
+
+*  info.plist (Cocoa Key-Values)
+   *  NS{Permissions}UsageDescription
+      > info.plist 中声明使用相机、麦克风、摄像头..等权限的说明
+
+   *  其它权限声明Keys 
+      > info.plist 中也会包含一些权限的详细设置、声明，比如屏幕高刷、代理、后台模式...
+    
+    info.plist 涉及的所有 Cocoa Keys 
+    https://developer.apple.com/library/archive/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW1
+
+#### 涉及的文件 
+
+* info.plist 
+* Runner.entitlements  Capabilitys被添加后的，Xcode自动创建plist格式文件，里面包含相关Capability的声明、设置
+* {embedded/xxx-xx-xx}.mobileprovision
+包括里面的Entitlements字段, 保存一些 Capabilitys被添加后的 声明、设置
+* Runner.xcodeproj 
+工程文件SystemCapabilities字段包含了一些Capabilitys声明
+
+相关文档：
+
+xx.mobileprovision
+https://developer.apple.com/forums/thread/685723
+
+Runner.entitlements 
+https://developer.apple.com/library/archive/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/AboutEntitlements.html#//apple_ref/doc/uid/TP40011195-CH1-SW1
+
+#### 问题
+
+* IPA包中找不到 In-App Purchase 功能标记
+
+    > 一般Capabilitys添加后会在Runner.entitlements、xx.mobileprovision找到对应key:value声明、设置 
+
+   添加 In-App Purchase后, 仅在Runner.xcodeproj中有  "com.apple.InAppPurchase"=>{"enabled"=>"1"} 声明 
+
+*  Background Modes 属于 Capabilitys 中的异类
+    
+    > 一般Capabilitys添加后会在Runner.entitlements、xx.mobileprovision找到对应key:value声明、设置， 而Background Modes在这里没有任何记录
+    
+    Background Modes的声明位置: 
+    * Runner.xcodeproj : "com.apple.BackgroundModes"=>{"enabled"=>"1"}
+    * info.plist : "UIBackgroundModes"=>{"audio"、"remote-notification" ...}
+

data/Rakefile

@@ -0,0 +1,13 @@
+require 'bundler/gem_tasks'
+
+def specs(dir)
+  FileList["spec/#{dir}/*_spec.rb"].shuffle.join(' ')
+end
+
+desc 'Runs all the specs'
+task :specs do
+  sh "bundle exec bacon #{specs('**')}"
+end
+
+task :default => :specs
+

data/cocoapods-entitlements-statistics.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'cocoapods-entitlements-statistics/gem_version.rb'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'cocoapods-entitlements-statistics'
+  spec.version       = CocoapodsEntitlementsStatistics::VERSION
+  spec.authors       = ['bin']
+  spec.email         = ['tang.bin@olaola.chat']
+  spec.description   = %q{A short description of cocoapods-entitlements-statistics.}
+  spec.summary       = %q{A longer description of cocoapods-entitlements-statistics.}
+  spec.homepage      = 'https://github.com/EXAMPLE/cocoapods-entitlements-statistics'
+  spec.license       = 'MIT'
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_runtime_dependency "yaml"
+  spec.add_runtime_dependency "crimp"
+  spec.add_dependency 'CFPropertyList', '< 3.1.0', '>= 2.3.4'
+  spec.add_development_dependency 'bundler', '>= 1.12'
+  spec.add_dependency 'rubyzip', '>= 1.2', '< 3.0'
+  spec.add_development_dependency 'rake'
+end

data/lib/cocoapods-entitlements-statistics/app_entitlements_statistics/analyze.rb

@@ -0,0 +1,218 @@
+# frozen_string_literal: true
+
+require_relative "helper"
+require 'fileutils'
+require 'yaml'
+
+module AppEntitlementsStatistics
+
+    class Analyzer
+        include Helper::Utils
+    
+        attr_reader :store_path
+        attr_reader :report_path
+        attr_reader :identifier
+
+        def initialize(identifier,report_path: nil, store_path: nil)
+            @identifier = identifier
+            @report_path = report_path 
+            @store_path = store_path
+        end
+
+        def analyze
+            load_version
+            return singleGenerate unless @versions.length > 1
+            pre_version = @versions[1]
+            cur_version = @versions[0]
+            pre_entitlements = load_entitlements_yaml(pre_version)
+            cur_entitlements = load_entitlements_yaml(cur_version)
+            return "" unless pre_entitlements.any?
+            return "" unless cur_entitlements.any?
+
+            capabilities_diff = analyze_capabilities_diff(pre_entitlements,cur_entitlements)
+            usage_descs_diff = analyze_usage_descs_diff(pre_entitlements,cur_entitlements);
+            report_path = generate(capabilities_diff,usage_descs_diff)
+            report_path
+        end
+
+        def singleGenerate
+            return "" unless @versions.length > 0
+            output = "no more versions to compare !! "
+            output += "\n\n\n#{@versions.first} entitlements list: "
+            output += "\n" + read_each_line(@versions.first)
+            output += "\n" + "----------------------------------------"
+            report_path = report_file_name(path: @report_path)
+            File.open(report_path, 'w') { |file|
+                file.write(output)
+            }
+            report_path
+        end
+
+        def generate(capabilities_diff,usage_descs_diff)
+            return unless @versions.length > 1
+            cur_version = @versions[0]
+            pre_version = @versions[1]
+
+            output =  "\n" + "compared #{cur_version}  #{pre_version}"
+            output += "\n" + capabilities_diff unless capabilities_diff.empty?
+            output += "\n" + usage_descs_diff unless usage_descs_diff.empty?
+            output += "\n\nThere is no difference between the two versions \n\n" unless (!capabilities_diff.empty? && !usage_descs_diff.empty?)
+            # puts output
+
+            output += "\n\n\n#{cur_version} entitlements list: "
+            output += "\n" + read_each_line(cur_version)
+            output += "\n" + "----------------------------------------"
+            output += "\n\n#{pre_version} entitlements list: "
+            output += "\n" + read_each_line(pre_version)
+            output += "\n" + "----------------------------------------"
+
+            report_path = report_file_name(path: @report_path)
+            File.open(report_path, 'w') { |file|
+                file.write(output)
+            }
+            report_path
+        end
+
+        def read_each_line(version)
+            file_name = entitlements_yaml_name(version,@identifier, path: @store_path)
+            file_content = ""
+            File.open(file_name,"r").each_line do |line|
+                file_content += "\n" + line
+            end
+            file_content
+        end
+
+        def load_version
+            yaml_name = versions_yaml_name(@identifier, path: @store_path)
+            if File.exist?(yaml_name) 
+                @versions = YAML.load_file(yaml_name)
+            end
+        end      
+
+        def load_entitlements_yaml(version)
+            yaml_name = entitlements_yaml_name(version,@identifier, path: @store_path)
+            yaml_content = [ ]
+            if File.exist?(yaml_name)
+                yaml_content = YAML.load_file(yaml_name)
+            end
+            puts "#{yaml_name} not found!!!" unless !yaml_content.empty?
+            yaml_content
+        end
+
+        def analyze_capabilities_diff(pre,cur)
+            output = ""
+            cur_capabilities_summary =  cur['Capabilities_Summary']
+            pre_capabilities_summary = pre['Capabilities_Summary']
+            cur_capabilities = cur['Capabilities']
+            pre_capabilities = pre['Capabilities']
+            output = ""
+            # 修改
+            comm_capabilities = cur_capabilities_summary.keys & pre_capabilities_summary.keys
+            modifys = modifys_cur = modifys_pre = ""
+            comm_capabilities.each do |key|
+                if cur_capabilities_summary[key] != pre_capabilities_summary[key]
+                    modifys_cur +=  "\n" + '- ' + key + ': ' + cur_capabilities[key].to_s
+                    modifys_pre +=  "\n" + '- ' + key + ': ' + pre_capabilities[key].to_s
+                end
+            end
+
+            modifys +=  "\n" + @versions[0] unless modifys_cur.empty?
+            modifys +=  modifys_cur unless modifys_cur.empty?
+            modifys +=  "\n" + @versions[1] unless modifys_pre.empty?
+            modifys +=  modifys_pre unless modifys_pre.empty?
+
+            #新增
+            add_capabilities = cur_capabilities_summary.keys - pre_capabilities_summary.keys
+            adds = ""
+            add_capabilities.each do |key|
+                adds +=  "\n" + '- ' + key + ': ' + cur_capabilities[key].to_s
+            end
+
+            #移除
+            remove_capabilities = pre_capabilities_summary.keys - cur_capabilities_summary.keys
+            removes = ""
+            remove_capabilities.each do |key|
+                removes +=  "\n" + '- ' + key + ': ' + pre_capabilities[key].to_s
+            end
+            
+            if !modifys.empty?
+                output +=  "\n" + "modify capabilitys : " 
+                output +=  modifys 
+                output +=  "\n------------------------------"     
+            end
+
+            if !adds.empty?
+                output +=  "\n" + "add capabilitys : " 
+                output +=  adds 
+                output +=  "\n------------------------------"     
+            end
+
+            if !removes.empty?
+                output +=  "\n" + "remove capabilitys : " 
+                output +=  removes 
+                output +=  "\n------------------------------" 
+            end
+
+            output
+        end 
+
+        def analyze_usage_descs_diff(pre,cur)
+            output = ""
+            cur_usage_descs_summary =  cur['PermissionsUsageDescription_Summary']
+            pre_usage_descs_summary = pre['PermissionsUsageDescription_Summary']
+    
+            cur_usage_descs = cur['PermissionsUsageDescription']
+            pre_usage_descs = pre['PermissionsUsageDescription']
+    
+            # 修改
+            comm_usage_descs = cur_usage_descs_summary.keys & pre_usage_descs_summary.keys
+            modifys = modifys_cur = modifys_pre = ""
+            comm_usage_descs.each do |key|
+                if cur_usage_descs_summary[key] != pre_usage_descs_summary[key]
+                    modifys_cur += "\n" + '- ' + key + ': ' + cur_usage_descs[key].to_s
+                    modifys_pre += "\n" +  '- ' + key + ': ' + pre_usage_descs[key].to_s
+                end
+            end
+
+            modifys +=  "\n" + @versions[0] unless modifys_cur.empty?
+            modifys +=  modifys_cur unless modifys_cur.empty?
+            modifys +=  "\n" + @versions[1] unless modifys_pre.empty?
+            modifys +=  modifys_pre unless modifys_pre.empty?
+
+            #新增
+            add_usage_descs = cur_usage_descs_summary.keys - pre_usage_descs_summary.keys
+            adds = ""
+            add_usage_descs.each do |key|
+                adds += "\n" +  '- ' + key + ': ' + cur_usage_descs[key].to_s
+            end
+
+            #移除
+            remove_usage_descs = pre_usage_descs_summary.keys - cur_usage_descs_summary.keys
+            removes = ""
+            remove_usage_descs.each do |key|
+                removes += "\n" +  '- ' + key + ': ' + pre_usage_descs[key].to_s
+            end
+
+            if !modifys.empty?
+                output += "\n" + "modify permissions usage description : " 
+                output +=  modifys 
+                output +=  "\n------------------------------"     
+            end
+
+            if !adds.empty?
+                output += "\n" + "add permissions usage description : " 
+                output +=  adds 
+                output +=  "\n------------------------------"     
+            end
+
+            if !removes.empty?
+                output += "\n" + "remove permissions usage description : " 
+                output +=  removes 
+                output +=  "\n------------------------------" 
+            end
+
+            output
+        end
+    end
+
+end

data/lib/cocoapods-entitlements-statistics/app_entitlements_statistics/core_ext/inflector.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module AppEntitlementsStatistics
+  module Inflector
+    def ai_snakecase
+      gsub(/([A-Z]+)([A-Z][a-z])/, '\1_\2')
+        .gsub(/([a-z\d])([A-Z])/, '\1_\2')
+        .tr('-', '_')
+        .gsub(/\s/, '_')
+        .gsub(/__+/, '_')
+        .downcase
+    end
+
+    def ai_camelcase(first_letter: :upper, separators: ['-', '_', '\s'])
+      str = dup
+
+      separators.each do |s|
+        str = str.gsub(/(?:#{s}+)([a-z])/) { $1.upcase }
+      end
+
+      case first_letter
+      when :upper, true
+        str = str.gsub(/(\A|\s)([a-z])/) { $1 + $2.upcase }
+      when :lower, false
+        str = str.gsub(/(\A|\s)([A-Z])/) { $1 + $2.downcase }
+      end
+
+      str
+    end
+  end
+end
+
+class String
+  include AppEntitlementsStatistics::Inflector
+end

data/lib/cocoapods-entitlements-statistics/app_entitlements_statistics/core_ext/try.rb

@@ -0,0 +1,112 @@
+# frozen_string_literal: true
+
+# Copyrights rails
+# Copy from https://github.com/rails/rails/blob/master/activesupport/lib/active_support/core_ext/object/try.rb
+
+module AppEntitlementsStatistics
+  module Tryable # :nodoc:
+    ##
+    # :method: try
+    #
+    # :call-seq:
+    #   try(*a, &b)
+    #
+    # Invokes the public method whose name goes as first argument just like
+    # +public_send+ does, except that if the receiver does not respond to it the
+    # call returns +nil+ rather than raising an exception.
+    #
+    # This method is defined to be able to write
+    #
+    #   @person.try(:name)
+    #
+    # instead of
+    #
+    #   @person.name if @person
+    #
+    # +try+ calls can be chained:
+    #
+    #   @person.try(:spouse).try(:name)
+    #
+    # instead of
+    #
+    #   @person.spouse.name if @person && @person.spouse
+    #
+    # +try+ will also return +nil+ if the receiver does not respond to the method:
+    #
+    #   @person.try(:non_existing_method) # => nil
+    #
+    # instead of
+    #
+    #   @person.non_existing_method if @person.respond_to?(:non_existing_method) # => nil
+    #
+    # +try+ returns +nil+ when called on +nil+ regardless of whether it responds
+    # to the method:
+    #
+    #   nil.try(:to_i) # => nil, rather than 0
+    #
+    # Arguments and blocks are forwarded to the method if invoked:
+    #
+    #   @posts.try(:each_slice, 2) do |a, b|
+    #     ...
+    #   end
+    #
+    # The number of arguments in the signature must match. If the object responds
+    # to the method the call is attempted and +ArgumentError+ is still raised
+    # in case of argument mismatch.
+    #
+    # If +try+ is called without arguments it yields the receiver to a given
+    # block unless it is +nil+:
+    #
+    #   @person.try do |p|
+    #     ...
+    #   end
+    #
+    # You can also call try with a block without accepting an argument, and the block
+    # will be instance_eval'ed instead:
+    #
+    #   @person.try { upcase.truncate(50) }
+    #
+    # Please also note that +try+ is defined on +Object+. Therefore, it won't work
+    # with instances of classes that do not have +Object+ among their ancestors,
+    # like direct subclasses of +BasicObject+.
+    def try(method_name = nil, *args, &block)
+      if method_name.nil? && block_given?
+        if block.arity.zero?
+          instance_eval(&b)
+        else
+          yield self
+        end
+      elsif respond_to?(method_name)
+        public_send(method_name, *args, &block)
+      end
+    end
+
+    ##
+    # :method: try!
+    #
+    # :call-seq:
+    #   try!(*a, &b)
+    #
+    # Same as #try, but raises a +NoMethodError+ exception if the receiver is
+    # not +nil+ and does not implement the tried method.
+    #
+    #   "a".try!(:upcase) # => "A"
+    #   nil.try!(:upcase) # => nil
+    #   123.try!(:upcase) # => NoMethodError: undefined method `upcase' for 123:Integer
+    def try!(method_name = nil, *args, &block)
+      if method_name.nil? && block_given?
+        if block.arity.zero?
+          instance_eval(&block)
+        else
+          yield self
+        end
+      else
+        public_send(method_name, *args, &block)
+      end
+    end
+  end
+end
+
+class Object
+  include AppEntitlementsStatistics::Tryable
+end