fastlane 2.105.2 → 2.106.0

data/fastlane_core/lib/fastlane_core/itunes_search_api.rb

@@ -1,50 +0,0 @@
-require 'open-uri'
-
-require_relative 'ui/ui'
-
-module FastlaneCore
-  # A wrapper around the Apple iTunes Search API to access app information like
-  # the app identifier of an app.
-  class ItunesSearchApi
-    # Fetch all information you can get from a specific AppleID of an app
-    # @param id (int) The AppleID of the given app. This usually consists of 9 digits.
-    # @param country (string) The optional ISO-2A country code
-    # @return (Hash) the response of the first result from Apple (https://itunes.apple.com/lookup?id=284882215[&country=FR])
-    # @example Response of Facebook App: https://itunes.apple.com/lookup?id=284882215[&country=FR]
-    #  {
-    #   ...
-    #   artistName: "Facebook, Inc.",
-    #   price: 0,
-    #   version: "14.9",
-    #   ...
-    #  }
-    def self.fetch(id, country = nil)
-      # Example: https://itunes.apple.com/lookup?id=284882215[&country=FR]
-      suffix = country.nil? ? nil : "&country=#{country}"
-      fetch_url("https://itunes.apple.com/lookup?id=#{id}#{suffix}")
-    end
-
-    def self.fetch_by_identifier(app_identifier, country = nil)
-      # Example: http://itunes.apple.com/lookup?bundleId=net.sunapps.1[&country=FR]
-      suffix = country.nil? ? nil : "&country=#{country}"
-      fetch_url("https://itunes.apple.com/lookup?bundleId=#{app_identifier}#{suffix}")
-    end
-
-    # This method only fetches the bundle identifier of a given app
-    # @param id (int) The AppleID of the given app. This usually consists of 9 digits.
-    # @return (String) the Bundle identifier of the app
-    def self.fetch_bundle_identifier(id)
-      self.fetch(id)['bundleId']
-    end
-
-    def self.fetch_url(url)
-      response = JSON.parse(open(url).read)
-      return nil if response['resultCount'] == 0
-
-      return response['results'].first
-    rescue
-      UI.error("Could not find object '#{url}' using the iTunes API")
-      nil
-    end
-  end
-end

data/match/lib/match/encrypt.rb

@@ -1,133 +0,0 @@
-require_relative 'module'
-require_relative 'change_password'
-
-module Match
-  class Encrypt
-    require 'base64'
-    require 'openssl'
-    require 'securerandom'
-    require 'security'
-    require 'shellwords'
-
-    def server_name(git_url)
-      ["match", git_url].join("_")
-    end
-
-    def password(git_url)
-      password = ENV["MATCH_PASSWORD"]
-      unless password
-        item = Security::InternetPassword.find(server: server_name(git_url))
-        password = item.password if item
-      end
-
-      unless password
-        if !UI.interactive?
-          UI.error("Neither the MATCH_PASSWORD environment variable nor the local keychain contained a password.")
-          UI.error("Bailing out instead of asking for a password, since this is non-interactive mode.")
-          UI.user_error!("Try setting the MATCH_PASSWORD environment variable, or temporarily enable interactive mode to store a password.")
-        else
-          UI.important("Enter the passphrase that should be used to encrypt/decrypt your certificates")
-          UI.important("This passphrase is specific per repository and will be stored in your local keychain")
-          UI.important("Make sure to remember the password, as you'll need it when you run match on a different machine")
-          password = ChangePassword.ask_password(confirm: true)
-          store_password(git_url, password)
-        end
-      end
-
-      return password
-    end
-
-    def store_password(git_url, password)
-      Security::InternetPassword.add(server_name(git_url), "", password)
-    end
-
-    # removes the password from the keychain again
-    def clear_password(git_url)
-      Security::InternetPassword.delete(server: server_name(git_url))
-    end
-
-    def encrypt_repo(path: nil, git_url: nil)
-      iterate(path) do |current|
-        encrypt(path: current,
-          password: password(git_url))
-        UI.success("🔒  Encrypted '#{File.basename(current)}'") if FastlaneCore::Globals.verbose?
-      end
-      UI.success("🔒  Successfully encrypted certificates repo")
-    end
-
-    def decrypt_repo(path: nil, git_url: nil, manual_password: nil)
-      iterate(path) do |current|
-        begin
-          decrypt(path: current,
-            password: manual_password || password(git_url))
-        rescue
-          UI.error("Couldn't decrypt the repo, please make sure you enter the right password!")
-          UI.user_error!("Invalid password passed via 'MATCH_PASSWORD'") if ENV["MATCH_PASSWORD"]
-          clear_password(git_url)
-          decrypt_repo(path: path, git_url: git_url)
-          return
-        end
-        UI.success("🔓  Decrypted '#{File.basename(current)}'") if FastlaneCore::Globals.verbose?
-      end
-      UI.success("🔓  Successfully decrypted certificates repo")
-    end
-
-    private
-
-    def iterate(source_path)
-      Dir[File.join(source_path, "**", "*.{cer,p12,mobileprovision}")].each do |path|
-        next if File.directory?(path)
-        yield(path)
-      end
-    end
-
-    # We encrypt with MD5 because that was the most common default value in older fastlane versions which used the local OpenSSL installation
-    # A more secure key and IV generation is needed in the future
-    # IV should be randomly generated and provided unencrypted
-    # salt should be randomly generated and provided unencrypted (like in the current implementation)
-    # key should be generated with OpenSSL::KDF::pbkdf2_hmac with properly chosen parameters
-    # Short explanation about salt and IV: https://stackoverflow.com/a/1950674/6324550
-    def encrypt(path: nil, password: nil)
-      UI.user_error!("No password supplied") if password.to_s.strip.length == 0
-
-      data_to_encrypt = File.read(path)
-      salt = SecureRandom.random_bytes(8)
-
-      cipher = OpenSSL::Cipher.new('AES-256-CBC')
-      cipher.encrypt
-      cipher.pkcs5_keyivgen(password, salt, 1, "MD5")
-      encrypted_data = "Salted__" + salt + cipher.update(data_to_encrypt) + cipher.final
-
-      File.write(path, Base64.encode64(encrypted_data))
-    rescue FastlaneCore::Interface::FastlaneError
-      raise
-    rescue => error
-      UI.error(error.to_s)
-      UI.crash!("Error encrypting '#{path}'")
-    end
-
-    # The encryption parameters in this implementations reflect the old behaviour which depended on the users' local OpenSSL version
-    # 1.0.x OpenSSL and earlier versions use MD5, 1.1.0c and newer uses SHA256, we try both before giving an error
-    def decrypt(path: nil, password: nil, hash_algorithm: "MD5")
-      stored_data = Base64.decode64(File.read(path))
-      salt = stored_data[8..15]
-      data_to_decrypt = stored_data[16..-1]
-
-      decipher = OpenSSL::Cipher.new('AES-256-CBC')
-      decipher.decrypt
-      decipher.pkcs5_keyivgen(password, salt, 1, hash_algorithm)
-
-      decrypted_data = decipher.update(data_to_decrypt) + decipher.final
-
-      File.binwrite(path, decrypted_data)
-    rescue => error
-      fallback_hash_algorithm = "SHA256"
-      if hash_algorithm != fallback_hash_algorithm
-        decrypt(path, password, fallback_hash_algorithm)
-      else
-        UI.error(error.to_s)
-        UI.crash!("Error decrypting '#{path}'")
-      end
-    end
-  end
-end

data/match/lib/match/git_helper.rb

@@ -1,209 +0,0 @@
-require 'fastlane_core/command_executor'
-require_relative 'module'
-require_relative 'change_password'
-require_relative 'encrypt'
-
-module Match
-  class GitHelper
-    MATCH_VERSION_FILE_NAME = "match_version.txt"
-
-    def self.clone(git_url,
-                   shallow_clone,
-                   manual_password: nil,
-                   skip_docs: false,
-                   branch: "master",
-                   git_full_name: nil,
-                   git_user_email: nil,
-                   clone_branch_directly: false)
-      # Note: if you modify the parameters above, don't forget to also update the method call in
-      # - runner.rb
-      # - nuke.rb
-      # - change_password.rb
-      # - commands_generator.rb
-      #
-      return @dir if @dir
-
-      @dir = Dir.mktmpdir
-
-      command = "git clone '#{git_url}' '#{@dir}'"
-      if shallow_clone
-        command << " --depth 1 --no-single-branch"
-      elsif clone_branch_directly
-        command += " -b #{branch.shellescape} --single-branch"
-      end
-
-      UI.message("Cloning remote git repo...")
-
-      if branch && !clone_branch_directly
-        UI.message("If cloning the repo takes too long, you can use the `clone_branch_directly` option in match.")
-      end
-
-      begin
-        # GIT_TERMINAL_PROMPT will fail the `git clone` command if user credentials are missing
-        FastlaneCore::CommandExecutor.execute(command: "GIT_TERMINAL_PROMPT=0 #{command}",
-                                            print_all: FastlaneCore::Globals.verbose?,
-                                        print_command: FastlaneCore::Globals.verbose?)
-      rescue
-        UI.error("Error cloning certificates repo, please make sure you have read access to the repository you want to use")
-        if branch && clone_branch_directly
-          UI.error("You passed '#{branch}' as branch in combination with the `clone_branch_directly` flag. Please remove `clone_branch_directly` flag on the first run for _match_ to create the branch.")
-        end
-        UI.error("Run the following command manually to make sure you're properly authenticated:")
-        UI.command(command)
-        UI.user_error!("Error cloning certificates git repo, please make sure you have access to the repository - see instructions above")
-      end
-
-      add_user_config(git_full_name, git_user_email)
-
-      UI.user_error!("Error cloning repo, make sure you have access to it '#{git_url}'") unless File.directory?(@dir)
-
-      checkout_branch(branch) unless branch == "master"
-
-      if !Helper.test? && GitHelper.match_version(@dir).nil? && manual_password.nil? && File.exist?(File.join(@dir, "README.md"))
-        UI.important("Migrating to new match...")
-        ChangePassword.update(params: { git_url: git_url,
-                                    git_branch: branch,
-                                 shallow_clone: shallow_clone },
-                                          from: "",
-                                            to: Encrypt.new.password(git_url))
-        return self.clone(git_url, shallow_clone)
-      end
-
-      Encrypt.new.decrypt_repo(path: @dir, git_url: git_url, manual_password: manual_password)
-
-      return @dir
-    end
-
-    def self.generate_commit_message(params)
-      # 'Automatic commit via fastlane'
-      [
-        "[fastlane]",
-        "Updated",
-        params[:type].to_s,
-        "and platform",
-        params[:platform]
-      ].join(" ")
-    end
-
-    def self.match_version(workspace)
-      path = File.join(workspace, MATCH_VERSION_FILE_NAME)
-      if File.exist?(path)
-        Gem::Version.new(File.read(path))
-      end
-    end
-
-    def self.commit_changes(path, message, git_url, branch = "master", files_to_commmit = nil)
-      files_to_commmit ||= []
-      Dir.chdir(path) do
-        return if `git status`.include?("nothing to commit")
-
-        Encrypt.new.encrypt_repo(path: path, git_url: git_url)
-        commands = []
-
-        if files_to_commmit.count > 0 # e.g. for nuke this is treated differently
-          if !File.exist?(MATCH_VERSION_FILE_NAME) || File.read(MATCH_VERSION_FILE_NAME) != Fastlane::VERSION.to_s
-            files_to_commmit << MATCH_VERSION_FILE_NAME
-            File.write(MATCH_VERSION_FILE_NAME, Fastlane::VERSION) # stored unencrypted
-          end
-
-          template = File.read("#{Match::ROOT}/lib/assets/READMETemplate.md")
-          readme_path = "README.md"
-          if !File.exist?(readme_path) || File.read(readme_path) != template
-            files_to_commmit << readme_path
-            File.write(readme_path, template)
-          end
-
-          # `git add` each file we want to commit
-          #   - Fixes https://github.com/fastlane/fastlane/issues/8917
-          #   - Fixes https://github.com/fastlane/fastlane/issues/8793
-          #   - Replaces, closes and fixes https://github.com/fastlane/fastlane/pull/8919
-          commands += files_to_commmit.map do |current_file|
-            "git add #{current_file.shellescape}"
-          end
-        else
-          # No specific list given, e.g. this happens on `fastlane match nuke`
-          # We just want to run `git add -A` to commit everything
-          commands << "git add -A"
-        end
-        commands << "git commit -m #{message.shellescape}"
-        commands << "GIT_TERMINAL_PROMPT=0 git push origin #{branch.shellescape}"
-
-        UI.message("Pushing changes to remote git repo...")
-
-        commands.each do |command|
-          FastlaneCore::CommandExecutor.execute(command: command,
-                                              print_all: FastlaneCore::Globals.verbose?,
-                                          print_command: FastlaneCore::Globals.verbose?)
-        end
-      end
-      FileUtils.rm_rf(path)
-      @dir = nil
-    rescue => ex
-      UI.error("Couldn't commit or push changes back to git...")
-      UI.error(ex)
-    end
-
-    def self.clear_changes
-      return unless @dir
-
-      FileUtils.rm_rf(@dir)
-      @dir = nil
-    end
-
-    # Create and checkout an specific branch in the git repo
-    def self.checkout_branch(branch)
-      return unless @dir
-
-      commands = []
-      if branch_exists?(branch)
-        # Checkout the branch if it already exists
-        commands << "git checkout #{branch.shellescape}"
-      else
-        # If a new branch is being created, we create it as an 'orphan' to not inherit changes from the master branch.
-        commands << "git checkout --orphan #{branch.shellescape}"
-        # We also need to reset the working directory to not transfer any uncommitted changes to the new branch.
-        commands << "git reset --hard"
-      end
-
-      UI.message("Checking out branch #{branch}...")
-
-      Dir.chdir(@dir) do
-        commands.each do |command|
-          FastlaneCore::CommandExecutor.execute(command: command,
-                                                print_all: FastlaneCore::Globals.verbose?,
-                                                print_command: FastlaneCore::Globals.verbose?)
-        end
-      end
-    end
-
-    # Checks if a specific branch exists in the git repo
-    def self.branch_exists?(branch)
-      return unless @dir
-
-      result = Dir.chdir(@dir) do
-        FastlaneCore::CommandExecutor.execute(command: "git --no-pager branch --list origin/#{branch.shellescape} --no-color -r",
-                                              print_all: FastlaneCore::Globals.verbose?,
-                                              print_command: FastlaneCore::Globals.verbose?)
-      end
-      return !result.empty?
-    end
-
-    def self.add_user_config(user_name, user_email)
-      # Add git config if needed
-      commands = []
-      commands << "git config user.name \"#{user_name}\"" unless user_name.nil?
-      commands << "git config user.email \"#{user_email}\"" unless user_email.nil?
-
-      return if commands.empty?
-
-      UI.message("Add git user config to local git repo...")
-      Dir.chdir(@dir) do
-        commands.each do |command|
-          FastlaneCore::CommandExecutor.execute(command: command,
-                                                print_all: FastlaneCore::Globals.verbose?,
-                                                print_command: FastlaneCore::Globals.verbose?)
-        end
-      end
-    end
-  end
-end