fastlane 2.194.0 → 2.198.0

data/fastlane/swift/ScreengrabfileProtocol.swift

@@ -47,7 +47,7 @@ public protocol ScreengrabfileProtocol: class {
     /// The path to the APK for the app under test
     var appApkPath: String? { get }
 
-    /// The path to the APK for the the tests bundle
+    /// The path to the APK for the tests bundle
     var testsApkPath: String? { get }
 
     /// Use the device or emulator with the given serial number or qualifier
@@ -56,7 +56,7 @@ public protocol ScreengrabfileProtocol: class {
     /// Type of device used for screenshots. Matches Google Play Types (phone, sevenInch, tenInch, tv, wear)
     var deviceType: String { get }
 
-    /// Whether or not to exit Screengrab on test failure. Exiting on failure will not copy sceenshots to local machine nor open sceenshots summary
+    /// Whether or not to exit Screengrab on test failure. Exiting on failure will not copy screenshots to local machine nor open screenshots summary
     var exitOnTestFailure: Bool { get }
 
     /// Enabling this option will automatically uninstall the application before running it
@@ -96,4 +96,4 @@ public extension ScreengrabfileProtocol {
 
 // Please don't remove the lines below
 // They are used to detect outdated files
-// FastlaneRunnerAPIVersion [0.9.81]
+// FastlaneRunnerAPIVersion [0.9.85]

data/fastlane/swift/Snapshotfile.swift

@@ -17,4 +17,4 @@ public class Snapshotfile: SnapshotfileProtocol {
     // during the `init` process, and you won't see this message
 }
 
-// Generated with fastlane 2.194.0
+// Generated with fastlane 2.198.0

data/fastlane/swift/SnapshotfileProtocol.swift

@@ -50,7 +50,7 @@ public protocol SnapshotfileProtocol: class {
     /// Enabling this option will prevent displaying the simulator window
     var headless: Bool { get }
 
-    /// Enabling this option will automatically override the status bar to show 9:41 AM, full battery, and full reception
+    /// Enabling this option will automatically override the status bar to show 9:41 AM, full battery, and full reception (Adjust 'SNAPSHOT_SIMULATOR_WAIT_FOR_BOOT_TIMEOUT' environment variable if override status bar is not working. Might be because simulator is not fully booted. Defaults to 10 seconds)
     var overrideStatusBar: Bool { get }
 
     /// Fully customize the status bar by setting each option here. See `xcrun simctl status_bar --help`
@@ -200,4 +200,4 @@ public extension SnapshotfileProtocol {
 
 // Please don't remove the lines below
 // They are used to detect outdated files
-// FastlaneRunnerAPIVersion [0.9.75]
+// FastlaneRunnerAPIVersion [0.9.79]

data/fastlane/swift/formatting/Brewfile.lock.json

@@ -2,30 +2,35 @@
   "entries": {
     "brew": {
       "swiftformat": {
-        "version": "0.48.11",
+        "version": "0.48.18",
         "bottle": {
           "rebuild": 0,
           "root_url": "https://ghcr.io/v2/homebrew/core",
           "files": {
+            "arm64_monterey": {
+              "cellar": ":any_skip_relocation",
+              "url": "https://ghcr.io/v2/homebrew/core/swiftformat/blobs/sha256:adbb11cdda0596a1f40e920f826a2e1ffe6aeb1643c43ddb108f25f30755be39",
+              "sha256": "adbb11cdda0596a1f40e920f826a2e1ffe6aeb1643c43ddb108f25f30755be39"
+            },
             "arm64_big_sur": {
               "cellar": ":any_skip_relocation",
-              "url": "https://ghcr.io/v2/homebrew/core/swiftformat/blobs/sha256:e0a851cfa2ff5d04f0fc98a9e624d1411f1b5b1e55e3cbc0901f4913c02e716a",
-              "sha256": "e0a851cfa2ff5d04f0fc98a9e624d1411f1b5b1e55e3cbc0901f4913c02e716a"
+              "url": "https://ghcr.io/v2/homebrew/core/swiftformat/blobs/sha256:74691b21c40d34459c5825306828039bdbdfdd02c80d1cea5c449c3f59760ab1",
+              "sha256": "74691b21c40d34459c5825306828039bdbdfdd02c80d1cea5c449c3f59760ab1"
             },
-            "big_sur": {
+            "monterey": {
               "cellar": ":any_skip_relocation",
-              "url": "https://ghcr.io/v2/homebrew/core/swiftformat/blobs/sha256:a5327283fe32b2ef2c6f264e14c966a9a60cb291415d3d05ed659c92a93c4987",
-              "sha256": "a5327283fe32b2ef2c6f264e14c966a9a60cb291415d3d05ed659c92a93c4987"
+              "url": "https://ghcr.io/v2/homebrew/core/swiftformat/blobs/sha256:14e4b90f29b55b06c92f90b6e81e8dd55c54ff258ee8b0bab2bb479ce0cc8daf",
+              "sha256": "14e4b90f29b55b06c92f90b6e81e8dd55c54ff258ee8b0bab2bb479ce0cc8daf"
             },
-            "catalina": {
+            "big_sur": {
               "cellar": ":any_skip_relocation",
-              "url": "https://ghcr.io/v2/homebrew/core/swiftformat/blobs/sha256:ba95e49ecc71bb19734698dee565e3b0ced6470729206cb434675cfa051f2755",
-              "sha256": "ba95e49ecc71bb19734698dee565e3b0ced6470729206cb434675cfa051f2755"
+              "url": "https://ghcr.io/v2/homebrew/core/swiftformat/blobs/sha256:73f0497b504f87159bc2d133371014e0372799d89f62bc78068b3b5427ae614f",
+              "sha256": "73f0497b504f87159bc2d133371014e0372799d89f62bc78068b3b5427ae614f"
             },
-            "mojave": {
+            "catalina": {
               "cellar": ":any_skip_relocation",
-              "url": "https://ghcr.io/v2/homebrew/core/swiftformat/blobs/sha256:c7e00eae9d46dddf040999f0f2832d08110f093c7a403aaaaaa18d8830213967",
-              "sha256": "c7e00eae9d46dddf040999f0f2832d08110f093c7a403aaaaaa18d8830213967"
+              "url": "https://ghcr.io/v2/homebrew/core/swiftformat/blobs/sha256:11543d157b589acdf9de93133a68fa32aa00372b574a64c40292aead20f6f6cb",
+              "sha256": "11543d157b589acdf9de93133a68fa32aa00372b574a64c40292aead20f6f6cb"
             }
           }
         }
@@ -43,20 +48,20 @@
         "macOS": "10.15.7"
       },
       "big_sur": {
-        "HOMEBREW_VERSION": "3.2.10-50-ge3f851d",
+        "HOMEBREW_VERSION": "3.2.17",
         "HOMEBREW_PREFIX": "/opt/homebrew",
-        "Homebrew/homebrew-core": "73588fb5f5edccfe62f1b290a3298b402fbd71d5",
-        "CLT": "12.5.1.0.1.1623191612",
+        "Homebrew/homebrew-core": "d975bb4c6f50e8cafd6df9fc7f2ebf04d22ffa41",
+        "CLT": "13.0.0.0.1.1630607135",
         "Xcode": "13.0",
-        "macOS": "11.5.2"
+        "macOS": "11.6"
       },
       "monterey": {
-        "HOMEBREW_VERSION": "3.2.12-9-gb19fcef",
-        "HOMEBREW_PREFIX": "/usr/local",
-        "Homebrew/homebrew-core": "e79d8126370187be3bd7be6bdbffacf803732113",
-        "CLT": "13.0.0.0.1.1628499445",
-        "Xcode": "12.5.1",
-        "macOS": "12.0"
+        "HOMEBREW_VERSION": "3.3.4",
+        "HOMEBREW_PREFIX": "/opt/homebrew",
+        "Homebrew/homebrew-core": "446005a8fbbc1a51d0bd8efd8e03bf82f1f78fab",
+        "CLT": "13.1.0.0.1.1633545042",
+        "Xcode": "13.1",
+        "macOS": "12.0.1"
       }
     }
   }

data/fastlane_core/lib/fastlane_core/itunes_transporter.rb

@@ -1,4 +1,5 @@
 require 'shellwords'
+require 'tmpdir'
 require 'fileutils'
 require 'credentials_manager/account_manager'
 
@@ -148,6 +149,14 @@ module FastlaneCore
       end
     end
 
+    def file_upload_option(source)
+      if File.extname(source) == ".itmsp"
+        return "-f #{source.shellescape}"
+      else
+        return "-assetFile #{source.shellescape}"
+      end
+    end
+
     def additional_upload_parameters
       # As Apple recommends in Transporter User Guide we shouldn't specify the -t transport parameter
       # and instead allow Transporter to use automatic transport discovery
@@ -177,7 +186,7 @@ module FastlaneCore
         ("-u #{username.shellescape}" unless use_jwt),
         ("-p #{shell_escaped_password(password)}" unless use_jwt),
         ("-jwt #{jwt}" if use_jwt),
-        "-f \"#{source}\"",
+        file_upload_option(source),
         additional_upload_parameters, # that's here, because the user might overwrite the -t option
         "-k 100000",
         ("-WONoPause true" if Helper.windows?), # Windows only: process instantly returns instead of waiting for key press
@@ -261,7 +270,7 @@ module FastlaneCore
           ("-u #{username.shellescape}" unless use_jwt),
           ("-p @env:ITMS_TRANSPORTER_PASSWORD" unless use_jwt),
           ("-jwt #{jwt}" if use_jwt),
-          "-f #{source.shellescape}",
+          file_upload_option(source),
           additional_upload_parameters, # that's here, because the user might overwrite the -t option
           '-k 100000',
           ("-itc_provider #{provider_short_name}" if jwt.nil? && !provider_short_name.to_s.empty?),
@@ -282,7 +291,7 @@ module FastlaneCore
           ("-u #{username.shellescape}" unless use_jwt),
           ("-p #{password.shellescape}" unless use_jwt),
           ("-jwt #{jwt}" if use_jwt),
-          "-f #{source.shellescape}",
+          file_upload_option(source),
           additional_upload_parameters, # that's here, because the user might overwrite the -t option
           '-k 100000',
           ("-itc_provider #{provider_short_name}" if jwt.nil? && !provider_short_name.to_s.empty?),
@@ -472,12 +481,27 @@ module FastlaneCore
     # @param app_id [Integer] The unique App ID
     # @param dir [String] the path in which the package file is located
     # @param package_path [String] the path to the package file (used instead of app_id and dir)
+    # @param asset_path [String] the path to the ipa/dmg/pkg file (used instead of package_path if running on macOS)
     # @return (Bool) True if everything worked fine
     # @raise [Deliver::TransporterTransferError] when something went wrong
     #   when transferring
-    def upload(app_id = nil, dir = nil, package_path: nil)
-      raise "app_id and dir are required or package_path is required" if (app_id.nil? || dir.nil?) && package_path.nil?
-      actual_dir = package_path || File.join(dir, "#{app_id}.itmsp")
+    def upload(app_id = nil, dir = nil, package_path: nil, asset_path: nil)
+      raise "app_id and dir are required or package_path or asset_path is required" if (app_id.nil? || dir.nil?) && package_path.nil? && asset_path.nil?
+
+      # Transport can upload .ipa, .dmg, and .pkg files directly with -assetFile
+      # However, -assetFile requires -assetDescription if Linux or Windows
+      # This will give the asset directly if macOS and asset_path exists
+      # otherwise it will use the .itmsp package
+      actual_dir = if Helper.is_mac? && asset_path
+                     # The asset gets deleted upon completion so copying to a temp directory
+                     tmp_asset_path = File.join(Dir.tmpdir, File.basename(asset_path))
+                     FileUtils.cp(asset_path, tmp_asset_path)
+                     tmp_asset_path
+                   elsif package_path
+                     package_path
+                   else
+                     File.join(dir, "#{app_id}.itmsp")
+                   end
 
       UI.message("Going to upload updated app to App Store Connect")
       UI.success("This might take a few minutes. Please don't interrupt the script.")
@@ -492,7 +516,7 @@ module FastlaneCore
         result = @transporter_executor.execute(command, ItunesTransporter.hide_transporter_output?)
       rescue TransporterRequiresApplicationSpecificPasswordError => ex
         handle_two_step_failure(ex)
-        return upload(app_id, dir, package_path: package_path)
+        return upload(app_id, dir, package_path: package_path, asset_path: asset_path)
       end
 
       if result

data/frameit/lib/frameit/editor.rb

@@ -467,26 +467,24 @@ module Frameit
         # Get matching trim box:
         trim_box = trim_boxes[key]
 
-        # For side-by-side text images (e.g. stack_title is false) adjust the trim box based on top_vertical_trim_offset and bottom_vertical_trim_offset to maintain the text baseline:
-        unless stack_title
-          # Determine the trim area by maintaining the same vertical top offset based on the smallest value from all trim boxes (top_vertical_trim_offset).
-          # When the vertical top offset is larger than the smallest vertical top offset, the trim box needs to be adjusted:
-          if trim_box.offset_y > top_vertical_trim_offset
-            # Increase the height of the trim box with the difference in vertical top offset:
-            trim_box.height += trim_box.offset_y - top_vertical_trim_offset
-            # Change the vertical top offset to match that of the others:
-            trim_box.offset_y = top_vertical_trim_offset
-
-            UI.verbose("Trim box for key \"#{key}\" is adjusted to align top: #{trim_box}\n")
-          end
+        # Adjust the trim box based on top_vertical_trim_offset and bottom_vertical_trim_offset to maintain the text baseline:
+        # Determine the trim area by maintaining the same vertical top offset based on the smallest value from all trim boxes (top_vertical_trim_offset).
+        # When the vertical top offset is larger than the smallest vertical top offset, the trim box needs to be adjusted:
+        if trim_box.offset_y > top_vertical_trim_offset
+          # Increase the height of the trim box with the difference in vertical top offset:
+          trim_box.height += trim_box.offset_y - top_vertical_trim_offset
+          # Change the vertical top offset to match that of the others:
+          trim_box.offset_y = top_vertical_trim_offset
+
+          UI.verbose("Trim box for key \"#{key}\" is adjusted to align top: #{trim_box.json_string_format}")
+        end
 
-          # Check if the height needs to be adjusted to reach the bottom offset:
-          if (trim_box.offset_y + trim_box.height) < bottom_vertical_trim_offset
-            # Set the height of the trim box to the difference between vertical bottom and top offset:
-            trim_box.height = bottom_vertical_trim_offset - trim_box.offset_y
+        # Check if the height needs to be adjusted to reach the bottom offset:
+        if (trim_box.offset_y + trim_box.height) < bottom_vertical_trim_offset
+          # Set the height of the trim box to the difference between vertical bottom and top offset:
+          trim_box.height = bottom_vertical_trim_offset - trim_box.offset_y
 
-            UI.verbose("Trim box for key \"#{key}\" is adjusted to align bottom: #{trim_box}\n")
-          end
+          UI.verbose("Trim box for key \"#{key}\" is adjusted to align bottom: #{trim_box.json_string_format}")
         end
 
         # Crop image with (adjusted) trim box parameters in MiniMagick string format:

data/frameit/lib/frameit/trim_box.rb

@@ -31,5 +31,11 @@ module Frameit
       # Convert trim box parameters to string with syntax: "<width>x<height>+<offset_x>+<offset_y>":
       return "#{@width}x#{@height}+#{@offset_x}+#{@offset_y}"
     end
+
+    # Get the trimbox parameters in a human readable JSON string format
+    def json_string_format
+      # Create a JSON string from the trim box parameters:
+      return "{\"width\" : #{@width}, \"height\" : #{@height} , \"offset_x\" : #{@offset_x}, \"offset_y\" : #{@offset_y}}"
+    end
   end
 end

data/match/lib/match/generator.rb

@@ -88,7 +88,8 @@ module Match
         team_id: params[:team_id],
         team_name: params[:team_name],
         template_name: params[:template_name],
-        fail_on_name_taken: params[:fail_on_name_taken]
+        fail_on_name_taken: params[:fail_on_name_taken],
+        include_all_certificates: params[:include_all_certificates],
       }
 
       values[:platform] = params[:platform]

data/match/lib/match/nuke.rb

@@ -9,7 +9,11 @@ require_relative 'module'
 require_relative 'storage'
 require_relative 'encryption'
 
+require 'tempfile'
+require 'base64'
+
 module Match
+  # rubocop:disable Metrics/ClassLength
   class Nuke
     attr_accessor :params
     attr_accessor :type
@@ -67,6 +71,7 @@ module Match
                                              title: "Summary for match nuke #{Fastlane::VERSION}")
 
       prepare_list
+      filter_by_cert
       print_tables
 
       if params[:readonly]
@@ -139,7 +144,7 @@ module Match
         types = profile_types(prov_type)
         # Filtering on 'profileType' seems to be undocumented as of 2020-07-30
         # but works on both web session and official API
-        self.profiles += Spaceship::ConnectAPI::Profile.all(filter: { profileType: types.join(",") })
+        self.profiles += Spaceship::ConnectAPI::Profile.all(filter: { profileType: types.join(",") }, includes: "certificates")
       end
 
       # Gets the main and additional cert types
@@ -173,6 +178,78 @@ module Match
       self.files = certs + keys + profiles
     end
 
+    def filter_by_cert
+      # Force will continue to revoke and delete all certificates and profiles
+      return if self.params[:force] || !UI.interactive?
+      return if self.certs.count < 2
+
+      # Print table showing certificates that can be revoked
+      puts("")
+      rows = self.certs.each_with_index.collect do |cert, i|
+        cert_expiration = cert.expiration_date.nil? ? "Unknown" : Time.parse(cert.expiration_date).strftime("%Y-%m-%d")
+        [i + 1, cert.name, cert.id, cert.class.to_s.split("::").last, cert_expiration]
+      end
+      puts(Terminal::Table.new({
+        title: "Certificates that can be revoked".green,
+        headings: ["Option", "Name", "ID", "Type", "Expires"],
+        rows: FastlaneCore::PrintTable.transform_output(rows)
+      }))
+      puts("")
+
+      UI.important("By default, all listed certificates and profiles will be nuked")
+      if UI.confirm("Do you want to only nuke specific certificates and their associated profiles?")
+        input_indexes = UI.input("Enter the \"Option\" number(s) from the table above? (comma-separated)").split(',')
+
+        # Get certificates from option indexes
+        self.certs = input_indexes.map do |index|
+          self.certs[index.to_i - 1]
+        end.compact
+
+        if self.certs.empty?
+          UI.user_error!("No certificates were selected based on option number(s) entered")
+        end
+
+        # Do profile selection logic
+        cert_ids = self.certs.map(&:id)
+        self.profiles = self.profiles.select do |profile|
+          profile_cert_ids = profile.certificates.map(&:id)
+          (cert_ids & profile_cert_ids).any?
+        end
+
+        # Do file selection logic
+        self.files = self.files.select do |f|
+          found = false
+
+          ext = File.extname(f)
+          filename = File.basename(f, ".*")
+
+          # Attempt to find cert based on filename
+          if ext == ".cer" || ext == ".p12"
+            found ||= self.certs.any? do |cert|
+              filename == cert.id.to_s
+            end
+          end
+
+          # Attempt to find profile matched on UUIDs in profile
+          if ext == ".mobileprovision" || ext == ".provisionprofile"
+            storage_uuid = FastlaneCore::ProvisioningProfile.uuid(f)
+
+            found ||= self.profiles.any? do |profile|
+              tmp_file = Tempfile.new
+              tmp_file.write(Base64.decode64(profile.profile_content))
+              tmp_file.close
+
+              # Compare profile uuid in storage to profile uuid on developer portal
+              portal_uuid = FastlaneCore::ProvisioningProfile.uuid(tmp_file.path)
+              storage_uuid == portal_uuid
+            end
+          end
+
+          found
+        end
+      end
+    end
+
     # Print tables to ask the user
     def print_tables
       puts("")
@@ -351,4 +428,5 @@ module Match
       end
     end
   end
+  # rubocop:disable Metrics/ClassLength
 end

data/match/lib/match/options.rb

@@ -242,6 +242,16 @@ module Match
                                      description: "Renew the provisioning profiles if the device count on the developer portal has changed. Ignored for profile types 'appstore' and 'developer_id'",
                                      type: Boolean,
                                      default_value: false),
+        FastlaneCore::ConfigItem.new(key: :include_all_certificates,
+                                     env_name: "MATCH_INCLUDE_ALL_CERTIFICATES",
+                                     description: "Include all matching certificates in the provisioning profile. Works only for the 'development' provisioning profile type",
+                                     type: Boolean,
+                                     default_value: false),
+        FastlaneCore::ConfigItem.new(key: :force_for_new_certificates,
+                                     env_name:  "MATCH_FORCE_FOR_NEW_CERTIFICATES",
+                                     description: "Renew the provisioning profiles if the device count on the developer portal has changed. Works only for the 'development' provisioning profile type. Requires 'include_all_certificates' option to be 'true'",
+                                     type: Boolean,
+                                     default_value: false),
         FastlaneCore::ConfigItem.new(key: :skip_confirmation,
                                      env_name: "MATCH_SKIP_CONFIRMATION",
                                      description: "Disables confirmation prompts during nuke, answering them with yes",

data/match/lib/match/runner.rb

@@ -12,6 +12,7 @@ require_relative 'storage'
 require_relative 'encryption'
 
 module Match
+  # rubocop:disable Metrics/ClassLength
   class Runner
     attr_accessor :files_to_commit
     attr_accessor :spaceship
@@ -242,16 +243,14 @@ module Match
       profile = profiles.last
       force = params[:force]
 
-      if params[:force_for_new_devices] && !params[:readonly]
-        prov_types_without_devices = [:appstore, :developer_id]
-        if !prov_types_without_devices.include?(prov_type) && !params[:force]
-          force = device_count_different?(profile: profile, keychain_path: keychain_path, platform: params[:platform].to_sym)
-        else
-          # App Store provisioning profiles don't contain device identifiers and
-          # thus shouldn't be renewed if the device count has changed.
-          UI.important("Warning: `force_for_new_devices` is set but is ignored for App Store & Developer ID provisioning profiles.")
-          UI.important("You can safely stop specifying `force_for_new_devices` when running Match for type 'appstore' or 'developer_id'.")
-        end
+      if params[:force_for_new_devices]
+        force = should_force_include_all_devices(params: params, prov_type: prov_type, profile: profile, keychain_path: keychain_path) unless force
+      end
+
+      if params[:include_all_certificates]
+        # Clearing specified certificate id which will prevent a profile being created with only one certificate
+        certificate_id = nil
+        force = should_force_include_all_certificates(params: params, prov_type: prov_type, profile: profile, keychain_path: keychain_path) unless force
       end
 
       if profile.nil? || force
@@ -319,6 +318,24 @@ module Match
     end
     # rubocop:enable Metrics/PerceivedComplexity
 
+    def should_force_include_all_devices(params: nil, prov_type: nil, profile: nil, keychain_path: nil)
+      return false unless params[:force_for_new_devices] && !params[:readonly]
+
+      force = false
+
+      prov_types_without_devices = [:appstore, :developer_id]
+      if !prov_types_without_devices.include?(prov_type) && !params[:force]
+        force = device_count_different?(profile: profile, keychain_path: keychain_path, platform: params[:platform].to_sym)
+      else
+        # App Store provisioning profiles don't contain device identifiers and
+        # thus shouldn't be renewed if the device count has changed.
+        UI.important("Warning: `force_for_new_devices` is set but is ignored for App Store & Developer ID provisioning profiles.")
+        UI.important("You can safely stop specifying `force_for_new_devices` when running Match for type 'appstore' or 'developer_id'.")
+      end
+
+      return force
+    end
+
     def device_count_different?(profile: nil, keychain_path: nil, platform: nil)
       return false unless profile
 
@@ -365,5 +382,72 @@ module Match
       end
       return false
     end
+
+    def should_force_include_all_certificates(params: nil, prov_type: nil, profile: nil, keychain_path: nil)
+      unless params[:include_all_certificates]
+        if params[:force_for_new_certificates]
+          UI.important("You specified 'force_for_new_certificates: true', but new certificates will not be added, cause 'include_all_certificates' is 'false'")
+        end
+        return false
+      end
+
+      force = false
+
+      if params[:force_for_new_certificates] && !params[:readonly]
+        if prov_type == :development && !params[:force]
+          force = certificate_count_different?(profile: profile, keychain_path: keychain_path, platform: params[:platform].to_sym)
+        else
+          # All other (not development) provisioning profiles don't contain
+          # multiple certificates, thus shouldn't be renewed
+          # if the certificates  count has changed.
+          UI.important("Warning: `force_for_new_certificates` is set but is ignored for non-'development' provisioning profiles.")
+          UI.important("You can safely stop specifying `force_for_new_certificates` when running Match for '#{prov_type}' provisioning profiles.")
+        end
+      end
+
+      return force
+    end
+
+    def certificate_count_different?(profile: nil, keychain_path: nil, platform: nil)
+      return false unless profile
+
+      parsed = FastlaneCore::ProvisioningProfile.parse(profile, keychain_path)
+      uuid = parsed["UUID"]
+
+      all_profiles = Spaceship::ConnectAPI::Profile.all(includes: "certificates")
+      portal_profile = all_profiles.detect { |i| i.uuid == uuid }
+
+      return false unless portal_profile
+
+      profile_certs_count = portal_profile.fetch_all_certificates.count
+
+      certificate_types =
+        case platform
+        when :ios, :tvos
+          [
+            Spaceship::ConnectAPI::Certificate::CertificateType::DEVELOPMENT,
+            Spaceship::ConnectAPI::Certificate::CertificateType::IOS_DEVELOPMENT
+          ]
+        when :macos, :catalyst
+          [
+            Spaceship::ConnectAPI::Certificate::CertificateType::DEVELOPMENT,
+            Spaceship::ConnectAPI::Certificate::CertificateType::MAC_APP_DEVELOPMENT
+          ]
+        else
+          []
+        end
+
+      certificates = Spaceship::ConnectAPI::Certificate.all
+      unless certificate_types.empty?
+        certificates = certificates.select do |certificate|
+          certificate_types.include?(certificate.certificateType) && certificate.valid?
+        end
+      end
+
+      portal_certs_count = certificates.size
+
+      return portal_certs_count != profile_certs_count
+    end
   end
+  # rubocop:enable Metrics/ClassLength
 end

data/match/lib/match/spaceship_ensure.rb

@@ -70,6 +70,7 @@ module Match
       UI.error("for the user #{username}")
       UI.error("Make sure to use the same user and team every time you run 'match' for this")
       UI.error("Git repository. This might be caused by revoking the certificate on the Dev Portal")
+      UI.error("If missing certificate is a Developer ID Installer, you may need to auth with Apple ID instead of App Store API Key")
       UI.user_error!("To reset the certificates of your Apple account, you can use the `fastlane match nuke` feature, more information on https://docs.fastlane.tools/actions/match/")
     end
 

data/pem/lib/pem/manager.rb

@@ -18,7 +18,13 @@ module PEM
 
         if existing_certificate
           remaining_days = (existing_certificate.expires - Time.now) / 60 / 60 / 24
-          UI.message("Existing push notification profile for '#{existing_certificate.owner_name}' is valid for #{remaining_days.round} more days.")
+
+          display_platform = ''
+          unless PEM.config[:website_push]
+            display_platform = "#{PEM.config[:platform]} "
+          end
+
+          UI.message("Existing #{display_platform}push notification profile for '#{existing_certificate.owner_name}' is valid for #{remaining_days.round} more days.")
           if remaining_days > PEM.config[:active_days_limit]
             if PEM.config[:force]
               UI.success("You already have an existing push certificate, but a new one will be created since the --force option has been set.")
@@ -59,7 +65,7 @@ module PEM
 
         x509_certificate = cert.download
 
-        filename_base = PEM.config[:pem_name] || "#{certificate_type}_#{PEM.config[:app_identifier]}"
+        filename_base = PEM.config[:pem_name] || "#{certificate_type}_#{PEM.config[:app_identifier]}_#{PEM.config[:platform]}"
         filename_base = File.basename(filename_base, ".pem") # strip off the .pem if it was provided.
 
         output_path = File.expand_path(PEM.config[:output_path])
@@ -73,7 +79,8 @@ module PEM
 
         if PEM.config[:generate_p12]
           p12_cert_path = File.join(output_path, "#{filename_base}.p12")
-          p12 = OpenSSL::PKCS12.create(PEM.config[:p12_password], certificate_type, pkey, x509_certificate)
+          p12_password = PEM.config[:p12_password] == "" ? nil : PEM.config[:p12_password]
+          p12 = OpenSSL::PKCS12.create(p12_password, certificate_type, pkey, x509_certificate)
           File.write(p12_cert_path, p12.to_der)
           UI.message("p12 certificate: ".green + Pathname.new(p12_cert_path).realpath.to_s)
         end
@@ -85,12 +92,29 @@ module PEM
       end
 
       def certificate
-        if PEM.config[:development]
-          Spaceship.certificate.development_push
-        elsif PEM.config[:website_push]
+        if PEM.config[:website_push]
           Spaceship.certificate.website_push
         else
-          Spaceship.certificate.production_push
+          platform = PEM.config[:platform]
+          UI.user_error!('platform parameter is unspecified.') unless platform
+
+          case platform
+          when 'ios'
+            if PEM.config[:development]
+              Spaceship.certificate.development_push
+            else
+              Spaceship.certificate.production_push
+            end
+          when 'macos'
+            if PEM.config[:development]
+              Spaceship.certificate.mac_development_push
+            else
+              Spaceship.certificate.mac_production_push
+            end
+          else
+            UI.user_error!("Unsupported platform '#{platform}'. Supported platforms for development and production certificates are 'ios' & 'macos'")
+          end
+
         end
       end
 

data/pem/lib/pem/options.rb

@@ -1,5 +1,6 @@
 require 'fastlane_core/configuration/config_item'
 require 'credentials_manager/appfile_config'
+require 'fastlane/helper/lane_helper'
 
 require_relative 'module'
 
@@ -10,6 +11,14 @@ module PEM
       user ||= CredentialsManager::AppfileConfig.try_fetch_value(:apple_id)
 
       [
+        FastlaneCore::ConfigItem.new(key: :platform,
+                                     description: "Set certificate's platform. Used for creation of production & development certificates. Supported platforms: ios, macos",
+                                     short_option: "-m",
+                                     env_name: "PEM_PLATFORM",
+                                     default_value: "ios",
+                                     verify_block: proc do |value|
+                                       UI.user_error!("The platform can only be ios or macos") unless ['ios', 'macos'].include?(value)
+                                     end),
         FastlaneCore::ConfigItem.new(key: :development,
                                      env_name: "PEM_DEVELOPMENT",
                                      description: "Renew the development push certificate instead of the production one",
@@ -86,7 +95,7 @@ module PEM
                                      env_name: "PEM_P12_PASSWORD",
                                      sensitive: true,
                                      description: "The password that is used for your p12 file",
-                                     default_value: ""),
+                                     optional: true),
         FastlaneCore::ConfigItem.new(key: :pem_name,
                                      short_option: "-o",
                                      env_name: "PEM_FILE_NAME",