headdesk 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e1ddf0a2e8ea38b67658e264f0b0106aa7ae9bac
+  data.tar.gz: 7f05d112b8e454d3849e9a68a58be3c7dc5a9d2e
+SHA512:
+  metadata.gz: 39ed6671b0c6f2482cbac6448cf5e7e50900a97ceeaa6fee3958431c333f764c68a894356cb6168a7e03a64fddb6f2d86901a1820a40f70a46b427127b736e99
+  data.tar.gz: e92144937a1ab2ec13911fdeee5e95e3c0bedfb4893c85f1ae9db60a7d4cfe299a787cc29c4e2e62e06297b6f75463469f0117a9c3e3d7f0d79cc816ce45ceac

data/.gitignore

@@ -0,0 +1,10 @@
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+.DS_Store

data/.reek.yml

@@ -0,0 +1,10 @@
+detectors:
+  DuplicateMethodCall:
+    max_calls: 3
+    allow_calls:
+    - 'apk.resources'
+    - 'Thor::Base.shell'
+    - 'CLI.command_help'
+  TooManyStatements:
+    exclude:
+    - 'Headdesk::Checks'

data/.ruby-gemset

@@ -0,0 +1 @@
+headdesk

data/.ruby-version

@@ -0,0 +1 @@
+ruby-2.4

data/Gemfile

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+source 'https://rubygems.org'
+
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
+
+gem 'rubocop'
+
+# Specify your gem's dependencies in headdesk.gemspec
+gemspec

data/Gemfile.lock

@@ -0,0 +1,86 @@
+PATH
+  remote: .
+  specs:
+    headdesk (0.1.0)
+      awesome_print
+      nokogiri
+      thor
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    ast (2.4.0)
+    awesome_print (1.8.0)
+    axiom-types (0.1.1)
+      descendants_tracker (~> 0.0.4)
+      ice_nine (~> 0.11.0)
+      thread_safe (~> 0.3, >= 0.3.1)
+    codeclimate-engine-rb (0.4.1)
+      virtus (~> 1.0)
+    coercible (1.0.0)
+      descendants_tracker (~> 0.0.1)
+    descendants_tracker (0.0.4)
+      thread_safe (~> 0.3, >= 0.3.1)
+    diff-lcs (1.3)
+    equalizer (0.0.11)
+    ice_nine (0.11.2)
+    jaro_winkler (1.5.1)
+    kwalify (0.7.2)
+    mini_portile2 (2.3.0)
+    nokogiri (1.8.5)
+      mini_portile2 (~> 2.3.0)
+    parallel (1.12.1)
+    parser (2.5.3.0)
+      ast (~> 2.4.0)
+    powerpack (0.1.2)
+    rainbow (3.0.0)
+    rake (10.5.0)
+    reek (5.2.0)
+      codeclimate-engine-rb (~> 0.4.0)
+      kwalify (~> 0.7.0)
+      parser (>= 2.5.0.0, < 2.6, != 2.5.1.1)
+      rainbow (>= 2.0, < 4.0)
+    rspec (3.8.0)
+      rspec-core (~> 3.8.0)
+      rspec-expectations (~> 3.8.0)
+      rspec-mocks (~> 3.8.0)
+    rspec-core (3.8.0)
+      rspec-support (~> 3.8.0)
+    rspec-expectations (3.8.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-mocks (3.8.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.8.0)
+    rspec-support (3.8.0)
+    rubocop (0.60.0)
+      jaro_winkler (~> 1.5.1)
+      parallel (~> 1.10)
+      parser (>= 2.5, != 2.5.1.1)
+      powerpack (~> 0.1)
+      rainbow (>= 2.2.2, < 4.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (~> 1.4.0)
+    ruby-progressbar (1.10.0)
+    thor (0.20.3)
+    thread_safe (0.3.6)
+    unicode-display_width (1.4.0)
+    virtus (1.0.5)
+      axiom-types (~> 0.1)
+      coercible (~> 1.0)
+      descendants_tracker (~> 0.0, >= 0.0.3)
+      equalizer (~> 0.0, >= 0.0.9)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.16)
+  headdesk!
+  rake (~> 10.0)
+  reek
+  rspec
+  rubocop
+
+BUNDLED WITH
+   1.17.1

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 Pat Wilson
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,74 @@
+# Headdesk
+
+Because we've all been there with Android.
+
+`headdesk` automatically detects common issues with Android APKs. These are errors that we (at Teak) commonly see in customer support. It's like unit testing for your build system.
+
+This is output from the check that ensures that the version of the Facebook SDK (if present) has not been deprecated:
+
+      ✔ Facebook SDK version
+          ↳ ✔ APK contains class com.facebook.FacebookSdk
+          ↳ ✔ com.facebook.FacebookSdk contains getSdkVersion method
+          ↳ ✔ Found Facebook SDK version 4.33.0
+          ↳ ✔ Facebook SDK was released in the last 2 years (using 4.33.0, released 2018-05-01)
+          💾 {"facebook_sdk":{"major":4,"minor":33,"patch":0,"version":"4.33.0","date":"2018-05-01"}}
+
+`headdesk` can also output to JSON.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'headdesk'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install headdesk
+
+## Usage
+
+Command line usage instruction:
+
+    $ bundle exec exe/headdesk
+
+    $ bundle exec exe/headdesk help [COMMAND]
+
+Analize an APK
+
+    $ bundle exec exe/headdesk analize [APK]
+
+This will unpack the APK to a temporary path, analize and print to STDOUT the results in plaintext. For JSON output pass `--json`.
+
+    $ bundle exec exe/headdesk analize --path [path to unpacked APK]
+
+This will analize an already unpacked APK.
+
+Unpack an APK
+
+    $ bundle exec exe/headdesk unpack APK [DESTINATION]
+
+This will unpack an APK to the specified DESTINATION, or to the current working directory.
+
+    $ bundle exec exe/headdesk unpack APK [DESTINATION] --analize
+
+This will unpack an APK to the specified DESTINATION, or to the current working directory, and then perform analysis.
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/gocarrot/headdesk.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require 'bundler/gem_tasks'
+task default: :spec

data/bin/console

@@ -0,0 +1,15 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'bundler/setup'
+require 'headdesk'
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require 'irb'
+IRB.start(__FILE__)

data/bin/facebook_sdk_versions

@@ -0,0 +1,24 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'headdesk'
+require 'nokogiri'
+require 'open-uri'
+require 'yaml'
+
+html_doc = Nokogiri::HTML(open('https://developers.facebook.com/docs/android/change-log-4x'))
+
+facebook_sdk_versions = html_doc.xpath('//h2')
+                                .select { |h2| h2.attributes['id'].value =~ /^\d+_\d+_\d+$/ }
+                                .collect do |h2|
+  major, minor, patch, date = h2.text.match(/^(\d+)\.(\d+)\.?(\d+)? \- (.*)$/).captures
+  {
+    major: major.to_i || 0,
+    minor: minor.to_i || 0,
+    patch: patch.to_i || 0,
+    version: "#{major.to_i || 0}.#{minor.to_i || 0}.#{patch.to_i || 0}",
+    date: Date.parse(date)
+  }
+end
+
+File.write(Headdesk::FACEBOOK_SDK_VERSIONS_YAML, facebook_sdk_versions.to_yaml)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/exe/headdesk

@@ -0,0 +1,5 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'headdesk/cli'
+Headdesk::CLI.start

data/headdesk.gemspec

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'headdesk/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'headdesk'
+  spec.version       = Headdesk::VERSION
+  spec.authors       = ['Pat Wilson']
+  spec.email         = ['pat@teak.io']
+
+  spec.summary       = 'headdesk helps identify and solve common issues in mobile development by analizing APKs and IPAs.'
+  spec.description   = ''
+  spec.homepage      = 'https://github.com/GoCarrot/headdesk'
+  spec.license       = 'MIT'
+
+  # Prevent pushing this gem to RubyGems.org. To allow pushes either set the 'allowed_push_host'
+  # to allow pushing to a single host or delete this section to allow pushing to any host.
+  # if spec.respond_to?(:metadata)
+  #   spec.metadata['allowed_push_host'] = "TODO: Set to 'http://mygemserver.com'"
+  # else
+  #   raise 'RubyGems 2.0 or newer is required to protect against ' \
+  #     'public gem pushes.'
+  # end
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+  spec.bindir        = 'exe'
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'bundler', '~> 1.16'
+  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'reek', '~> 0'
+  spec.add_development_dependency 'rspec', '~> 0'
+
+  spec.add_dependency 'awesome_print', '~> 0'
+  spec.add_dependency 'nokogiri', '~> 0'
+  spec.add_dependency 'thor', '~> 0'
+end

data/lib/headdesk.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+require 'headdesk/apktool'
+require 'headdesk/version'
+require 'headdesk/analize'
+require 'headdesk/apk'
+
+#
+# headdesk - Because we've all been there with Android.
+#
+module Headdesk
+  FACEBOOK_SDK_VERSIONS_YAML = File.expand_path(File.join(
+                                                  File.dirname(__FILE__),
+                                                  'headdesk',
+                                                  'data',
+                                                  'facebook_sdk_versions.yaml'
+                                                ))
+
+  #
+  # Error in CLI input
+  #
+  class CliError < StandardError
+  end
+end

data/lib/headdesk/analize.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+require 'headdesk/apk'
+
+module Headdesk
+  #
+  # Analize an APK/IPA
+  #
+  class Analize
+    def self.at(path)
+      Headdesk::Apk.new(path).analize
+    end
+  end
+end

data/lib/headdesk/apk.rb

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+
+require 'nokogiri'
+require 'yaml'
+
+require 'headdesk/apk/class'
+require 'headdesk/apk/resources'
+require 'headdesk/check'
+require 'headdesk/report'
+
+module Headdesk
+  #
+  # Representation of an APK file unpacked by apktool
+  #
+  # :reek:TooManyInstanceVariables
+  class Apk
+    attr_reader :yaml, :sdk_info, :android_manifest, :resources
+
+    # :reek:TooManyStatements
+    def initialize(path)
+      @path = path
+
+      android_manifest_xml = File.join(@path, 'AndroidManifest.xml').freeze
+      apktool_yml = File.join(@path, 'apktool.yml').freeze
+
+      unless File.exist?(android_manifest_xml) && File.exist?(apktool_yml)
+        throw CliError.new('Path did not contain AndroidManifest.xml and/or apktool.yml')
+      end
+
+      @yaml = YAML.load_file(apktool_yml)
+      @sdk_info = @yaml['sdkInfo']
+      @resources = Resources.new(@path)
+
+      @android_manifest = File.open(android_manifest_xml) do |file|
+        Nokogiri::XML(file)
+      end
+    end
+
+    def analize
+      report = Headdesk::APKReport.new(self)
+
+      Headdesk::Check.for_apk.each do |check_type|
+        check = check_type.new(self)
+        report << check.process
+      end
+
+      # TODO: Associated domains
+      report
+    end
+
+    def target_sdk_version
+      sdk_info['targetSdkVersion'].to_i
+    end
+
+    def min_sdk_version
+      sdk_info['minSdkVersion'].to_i
+    end
+
+    def targets_sdk(gt_eq)
+      target_sdk_version >= gt_eq
+    end
+
+    def min_sdk(gt_eq)
+      min_sdk_version >= gt_eq
+    end
+
+    def class?(decl)
+      find_class(decl) != false
+    end
+
+    def find_class(decl)
+      file_name = File.join(@path, 'smali', "#{Class.path_for(decl)}.smali")
+      return nil unless File.exist? file_name
+
+      Class.new(file_name)
+    end
+  end
+end