headdesk 0.1.0

data/lib/headdesk/checks/facebook.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+module Headdesk
+  module Checks
+    #
+    # Check the version of the Facebook SDK
+    #
+    # Facebook deprecates SDKs 2 years after they are released.
+    #
+    class FacebookSDK
+      include Check::APK
+
+      describe 'Facebook SDK version'
+      def call
+        skip_check unless: -> { apk.class?('com/facebook/FacebookSdk') }
+        facebook_sdk = apk.find_class('com/facebook/FacebookSdk')
+
+        # TODO: Parse https://developers.facebook.com/docs/android/change-log-4x
+        #       and fail if > 2 years old, warn if < 3 months remaining
+        get_sdk_version = facebook_sdk.method('getSdkVersion').code
+        describe 'com.facebook.FacebookSdk contains getSdkVersion method'
+        fail_check if: -> { !get_sdk_version }
+
+        facebook_sdks = YAML.load_file(Headdesk::FACEBOOK_SDK_VERSIONS_YAML)
+        major, minor, patch = get_sdk_version.match(/const-string v0, "(\d+)\.(\d+)\.(\d+)"/).captures.map(&:to_i)
+
+        sdk_in_use = (facebook_sdks.select do |sdk|
+          sdk[:major] == major && sdk[:minor] == minor && sdk[:patch] == patch
+        end).first
+
+        describe "Found Facebook SDK version #{sdk_in_use[:version]}"
+        fail_check if: -> { !sdk_in_use }
+
+        export facebook_sdk: sdk_in_use
+
+        describe "Facebook SDK was released in the last 2 years (using #{sdk_in_use[:version]}, released #{sdk_in_use[:date]})"
+        fail_check if: -> { sdk_in_use[:date] < (Date.today - (365 * 2)) }
+      end
+    end
+  end
+end

data/lib/headdesk/checks/receiver.rb

@@ -0,0 +1,31 @@
+# frozen_string_literal: true
+
+module Headdesk
+  module Checks
+    #
+    # Make sure all <reciever> blocks in AndroidManifest.xml point to a Java class
+    # that exists in the APK.
+    #
+    class Receiver
+      include Check::APK
+
+      describe 'All <receiver> blocks in AndroidManifest.xml point to valid Java classes'
+      def call
+        receivers = []
+        apk.android_manifest.xpath('//receiver').each do |receiver|
+          receiver_name = receiver.attributes['name'].to_s
+          fail_check unless: -> { apk.class?(receiver_name) }
+          klass = apk.find_class(receiver_name)
+
+          describe "#{receiver_name} has onReceive method"
+          fail_check unless: -> { klass.method?('onReceive') }
+
+          receivers << {
+            name: receiver_name
+          }
+        end
+        export receivers: receivers
+      end
+    end
+  end
+end

data/lib/headdesk/checks/teak.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Headdesk
+  module Checks
+    #
+    # Module for Teak checks
+    #
+    module Teak
+      #
+      # Module for Teak APK checks
+      #
+      module APK
+        def self.included(klass)
+          klass.include(Check::APK)
+          klass.extend(Preconditions)
+          klass.include(Utility)
+        end
+
+        #
+        # Precondition tests for presence of Teak class SDK in APK
+        #
+        module Preconditions
+          def preconditions?
+            false unless apk.class?('io.teak.sdk.Teak')
+          end
+        end
+
+        #
+        # Utility methods for Teak based checks
+        #
+        module Utility
+          def teak_sdk
+            return @teak_sdk if @teak_sdk
+
+            major, minor, revision = apk.find_class('io.teak.sdk.Teak')
+                                        .field('SDKVersion')
+                                        .value
+                                        .to_version
+            @teak_sdk = OpenStruct.new(
+              version: "#{major}.#{minor}.#{revision}",
+              major: major, minor: minor, revision: revision
+            )
+
+            @teak_sdk
+          end
+        end
+      end
+    end
+  end
+end
+
+Dir[File.dirname(__FILE__) + '/teak/*.rb'].each { |file| require file }

data/lib/headdesk/checks/teak/api21_icon.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Headdesk
+  module Checks
+    module Teak
+      #
+      # Check to make sure that an APK, which uses Teak, has an API 21+ icon.
+      #
+      class Api21Icon
+        include Checks::Teak::APK
+
+        describe 'Check for API 21+ Teak icons'
+        # :reek:UncommunicativeVariableName { accept: ['icon_v21'] }
+        def call
+          skip_check if: -> { apk.min_sdk 21 }
+
+          icon = apk.resources
+                    .values(v: 20)
+                    .drawable.io_teak_small_notification_icon
+          icon_v21 = apk.resources
+                        .values(v: 21)
+                        .drawable.io_teak_small_notification_icon
+          export icon: icon, icon_v21: icon_v21
+
+          describe "APK contains a drawable for 'io_teak_small_notification_icon'"
+          fail_check unless: -> { icon && icon_v21 }
+
+          describe "'io_teak_small_notification_icon' for v21 is different from < v21"
+          fail_check unless: -> { icon != icon_v21 }
+        end
+      end
+    end
+  end
+end

data/lib/headdesk/checks/teak/caching.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Headdesk
+  module Checks
+    module Teak
+      #
+      # Check to make sure that an APK, which uses Teak, has caching enabled.
+      #
+      class Caching
+        include Checks::Teak::APK
+
+        describe 'Check for io_teak_enable_caching'
+        def call
+          describe 'Teak SDK version is lower than 2.0.0'
+          major, = apk.find_class('io.teak.sdk.Teak')
+                      .field('SDKVersion')
+                      .value
+                      .to_version
+          skip_check if: major.to_i >= 2
+
+          describe "APK enables caching of Teak notification content (via 'io_teak_enable_caching')"
+          fail_check unless: apk.resources
+                                .values(v: 21)
+                                .bool
+                                .io_teak_enable_caching
+        end
+      end
+    end
+  end
+end

data/lib/headdesk/checks/teak/teak.rb

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+module Headdesk
+  module Checks
+    module Teak
+      #
+      # Check to make sure that an APK, which uses Teak, has caching enabled.
+      #
+      class Configuration
+        include Checks::Teak::APK
+
+        describe 'Check Teak configuration'
+        # :reek:UncommunicativeVariableName { accept: ['gcm_defaultSenderId'] }
+        def call
+          # App Id
+          teak_app_id = apk.resources
+                           .values
+                           .string
+                           .io_teak_app_id
+          # TODO: Manifest meta-data
+          describe 'Teak App Id configured'
+          fail_check if: !teak_app_id
+          export teak_app_id: teak_app_id
+
+          # Api Key
+          teak_api_key = apk.resources
+                            .values
+                            .string
+                            .io_teak_api_key
+          # TODO: Manifest meta-data
+          describe 'Teak API Key configured'
+          fail_check if: !teak_api_key
+          export teak_api_key: teak_api_key
+
+          # GCM Sender Id
+          io_teak_gcm_sender_id = apk.resources
+                                     .values
+                                     .string
+                                     .io_teak_gcm_sender_id
+          # TODO: Manifest meta-data
+          gcm_defaultSenderId ||= apk.resources
+                                     .values
+                                     .string
+                                     .gcm_defaultSenderId
+          describe "'gcm_defaultSenderId' is specified, and different from 'io_teak_gcm_sender_id'"
+          fail_check if: gcm_defaultSenderId != io_teak_gcm_sender_id if gcm_defaultSenderId
+
+          gcm_sender_id = io_teak_gcm_sender_id || gcm_defaultSenderId
+          describe "Either 'io_teak_gcm_sender_id' or 'gcm_defaultSenderId' configured"
+          fail_check if: !gcm_sender_id
+          export gcm_sender_id: gcm_sender_id
+
+          # Firebase App Id
+          io_teak_firebase_app_id = apk.resources
+                                       .values
+                                       .string
+                                       .io_teak_firebase_app_id
+          # TODO: Manifest meta-data
+          google_app_id = apk.resources
+                             .values
+                             .string
+                             .google_app_id
+          describe "'google_app_id' is specified, and different from 'io_teak_firebase_app_id'"
+          fail_check if: google_app_id != io_teak_firebase_app_id if google_app_id
+
+          firebase_app_id = google_app_id || io_teak_firebase_app_id
+          describe "Either 'io_teak_firebase_app_id' or 'google_app_id' configured"
+          fail_check if: !firebase_app_id, skip_if: teak_sdk.major < 2
+          export gcm_sender_id: gcm_sender_id
+        end
+      end
+    end
+  end
+end

data/lib/headdesk/cli.rb

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+
+require 'tmpdir'
+require 'thor'
+require 'headdesk'
+require 'awesome_print'
+
+module Headdesk
+  #
+  # headdesk CLI
+  #
+  # :reek:TooManyStatements
+  class CLI < Thor
+    desc 'unpack FILE [DESTINATION]', 'Unpack an APK or IPA to [DESTINATION] or to the current directory'
+    method_option :analize, type: :boolean, aliases: '-a'
+    def unpack(file, destination = nil)
+      # Make sure the input file exists
+      unless File.exist?(file)
+        STDERR.puts "Could not find: #{file}"
+        CLI.command_help(Thor::Base.shell.new, 'unpack')
+        return 1
+      end
+
+      # Make sure destination exists, if specified
+      unless !destination || Dir.exist?(destination)
+        STDERR.puts "Could not find destination path: #{destination}"
+        CLI.command_help(Thor::Base.shell.new, 'unpack')
+        return 1
+      end
+
+      begin
+        stdout = nil
+        output_path = destination
+
+        if !destination
+          # Output to tempdir, then copy to cwd if no destination specified
+          Dir.mktmpdir do |tmp_dir|
+            output_path = tmp_dir
+            stdout = Headdesk::ApkTool.unpack_to(file, tmp_dir)
+            FileUtils.cp_r("#{tmp_dir}/.", Dir.pwd)
+          end
+        else
+          stdout = Headdesk::ApkTool.unpack_to(file, destination)
+        end
+
+        # Analize if requested
+        Headdesk::Analize.at(output_path) if options[:analize]
+      rescue CliError => cli_err
+        STDERR.puts cli_err.message
+        CLI.command_help(Thor::Base.shell.new, 'unpack')
+        return 1
+      rescue StandardError => rb_err
+        STDERR.puts err.message.red
+        STDERR.puts err.backtrace.ai
+        return 1
+      end
+    end
+
+    desc 'analize [FILE]', 'Analize an APK or IPA'
+    method_option :path, type: :string
+    method_option :json, type: :boolean
+    def analize(file = nil)
+      # Make sure input file exsts, if specified
+      unless !file || File.exist?(file)
+        STDERR.puts "Could not find input file: #{file}"
+        CLI.command_help(Thor::Base.shell.new, 'analize')
+        return 1
+      end
+
+      # Unpack APK if needed
+      path = options[:path]
+      tmp_dir = nil
+      if file
+        path = tmp_dir = Dir.mktmpdir
+        Headdesk::ApkTool.unpack_to(file, tmp_dir)
+      end
+
+      # Make sure path exists
+      unless Dir.exist?(path)
+        STDERR.puts "Could not find path: #{path}"
+        CLI.command_help(Thor::Base.shell.new, 'analize')
+        return 1
+      end
+
+      # Analize
+      begin
+        report = Headdesk::Analize.at(path)
+
+        if options[:json]
+          STDOUT.puts report.to_json
+        else
+          STDOUT.puts report.to_s
+        end
+      rescue CliError => cli_err
+        STDERR.puts cli_err.message
+        CLI.command_help(Thor::Base.shell.new, 'analize')
+        return 1
+      rescue StandardError => err
+        STDERR.puts err.message.red
+        STDERR.puts err.backtrace.ai
+        return 1
+      end
+    ensure
+      FileUtils.remove_entry(tmp_dir) if tmp_dir
+    end
+  end
+end

data/lib/headdesk/data/facebook_sdk_versions.yaml

@@ -0,0 +1,281 @@
+---
+- :major: 4
+  :minor: 38
+  :patch: 1
+  :version: 4.38.1
+  :date: 2018-11-01
+- :major: 4
+  :minor: 38
+  :patch: 0
+  :version: 4.38.0
+  :date: 2018-10-23
+- :major: 4
+  :minor: 37
+  :patch: 0
+  :version: 4.37.0
+  :date: 2018-09-27
+- :major: 4
+  :minor: 36
+  :patch: 1
+  :version: 4.36.1
+  :date: 2018-09-17
+- :major: 4
+  :minor: 36
+  :patch: 0
+  :version: 4.36.0
+  :date: 2018-08-29
+- :major: 4
+  :minor: 35
+  :patch: 0
+  :version: 4.35.0
+  :date: 2018-07-26
+- :major: 4
+  :minor: 34
+  :patch: 0
+  :version: 4.34.0
+  :date: 2018-06-18
+- :major: 4
+  :minor: 33
+  :patch: 0
+  :version: 4.33.0
+  :date: 2018-05-01
+- :major: 4
+  :minor: 32
+  :patch: 0
+  :version: 4.32.0
+  :date: 2018-04-11
+- :major: 4
+  :minor: 31
+  :patch: 0
+  :version: 4.31.0
+  :date: 2018-02-28
+- :major: 4
+  :minor: 30
+  :patch: 0
+  :version: 4.30.0
+  :date: 2018-01-24
+- :major: 4
+  :minor: 29
+  :patch: 0
+  :version: 4.29.0
+  :date: 2017-12-05
+- :major: 4
+  :minor: 28
+  :patch: 0
+  :version: 4.28.0
+  :date: 2017-11-07
+- :major: 4
+  :minor: 27
+  :patch: 0
+  :version: 4.27.0
+  :date: 2017-09-26
+- :major: 4
+  :minor: 26
+  :patch: 0
+  :version: 4.26.0
+  :date: 2017-08-24
+- :major: 4
+  :minor: 25
+  :patch: 0
+  :version: 4.25.0
+  :date: 2017-07-26
+- :major: 4
+  :minor: 24
+  :patch: 0
+  :version: 4.24.0
+  :date: 2017-06-26
+- :major: 4
+  :minor: 23
+  :patch: 0
+  :version: 4.23.0
+  :date: 2017-05-25
+- :major: 4
+  :minor: 22
+  :patch: 1
+  :version: 4.22.1
+  :date: 2017-05-11
+- :major: 4
+  :minor: 22
+  :patch: 0
+  :version: 4.22.0
+  :date: 2017-04-18
+- :major: 4
+  :minor: 21
+  :patch: 1
+  :version: 4.21.1
+  :date: 2017-04-06
+- :major: 4
+  :minor: 21
+  :patch: 0
+  :version: 4.21.0
+  :date: 2017-04-04
+- :major: 4
+  :minor: 20
+  :patch: 0
+  :version: 4.20.0
+  :date: 2017-03-01
+- :major: 4
+  :minor: 19
+  :patch: 0
+  :version: 4.19.0
+  :date: 2017-01-25
+- :major: 4
+  :minor: 18
+  :patch: 0
+  :version: 4.18.0
+  :date: 2016-11-30
+- :major: 4
+  :minor: 17
+  :patch: 0
+  :version: 4.17.0
+  :date: 2016-10-26
+- :major: 4
+  :minor: 16
+  :patch: 1
+  :version: 4.16.1
+  :date: 2016-10-07
+- :major: 4
+  :minor: 16
+  :patch: 0
+  :version: 4.16.0
+  :date: 2016-09-27
+- :major: 4
+  :minor: 15
+  :patch: 0
+  :version: 4.15.0
+  :date: 2016-08-23
+- :major: 4
+  :minor: 14
+  :patch: 1
+  :version: 4.14.1
+  :date: 2016-08-04
+- :major: 4
+  :minor: 14
+  :patch: 0
+  :version: 4.14.0
+  :date: 2016-07-13
+- :major: 4
+  :minor: 13
+  :patch: 2
+  :version: 4.13.2
+  :date: 2016-07-01
+- :major: 4
+  :minor: 13
+  :patch: 1
+  :version: 4.13.1
+  :date: 2016-06-17
+- :major: 4
+  :minor: 13
+  :patch: 0
+  :version: 4.13.0
+  :date: 2016-06-15
+- :major: 4
+  :minor: 12
+  :patch: 1
+  :version: 4.12.1
+  :date: 2016-05-26
+- :major: 4
+  :minor: 12
+  :patch: 0
+  :version: 4.12.0
+  :date: 2016-05-20
+- :major: 4
+  :minor: 11
+  :patch: 0
+  :version: 4.11.0
+  :date: 2016-04-12
+- :major: 4
+  :minor: 10
+  :patch: 1
+  :version: 4.10.1
+  :date: 2016-03-18
+- :major: 4
+  :minor: 10
+  :patch: 0
+  :version: 4.10.0
+  :date: 2016-02-10
+- :major: 4
+  :minor: 9
+  :patch: 0
+  :version: 4.9.0
+  :date: 2016-01-13
+- :major: 4
+  :minor: 8
+  :patch: 2
+  :version: 4.8.2
+  :date: 2015-11-23
+- :major: 4
+  :minor: 8
+  :patch: 1
+  :version: 4.8.1
+  :date: 2015-11-11
+- :major: 4
+  :minor: 8
+  :patch: 0
+  :version: 4.8.0
+  :date: 2015-11-11
+- :major: 4
+  :minor: 7
+  :patch: 0
+  :version: 4.7.0
+  :date: 2015-10-07
+- :major: 4
+  :minor: 6
+  :patch: 0
+  :version: 4.6.0
+  :date: 2015-09-10
+- :major: 4
+  :minor: 5
+  :patch: 1
+  :version: 4.5.1
+  :date: 2015-08-13
+- :major: 4
+  :minor: 5
+  :patch: 0
+  :version: 4.5.0
+  :date: 2015-08-10
+- :major: 4
+  :minor: 4
+  :patch: 1
+  :version: 4.4.1
+  :date: 2015-07-13
+- :major: 4
+  :minor: 4
+  :patch: 0
+  :version: 4.4.0
+  :date: 2015-07-08
+- :major: 4
+  :minor: 3
+  :patch: 0
+  :version: 4.3.0
+  :date: 2015-06-25
+- :major: 4
+  :minor: 2
+  :patch: 0
+  :version: 4.2.0
+  :date: 2015-05-28
+- :major: 4
+  :minor: 1
+  :patch: 2
+  :version: 4.1.2
+  :date: 2015-05-14
+- :major: 4
+  :minor: 1
+  :patch: 1
+  :version: 4.1.1
+  :date: 2015-05-06
+- :major: 4
+  :minor: 1
+  :patch: 0
+  :version: 4.1.0
+  :date: 2015-04-30
+- :major: 4
+  :minor: 0
+  :patch: 1
+  :version: 4.0.1
+  :date: 2015-04-02
+- :major: 4
+  :minor: 0
+  :patch: 0
+  :version: 4.0.0
+  :date: 2015-03-25