@better-update/cli 0.17.0 → 0.18.0

package/dist/index.mjs

@@ -31,7 +31,7 @@ var __require = /* @__PURE__ */ createRequire(import.meta.url);
 
 //#endregion
 //#region package.json
-var version = "0.17.0";
+var version = "0.18.0";
 
 //#endregion
 //#region src/lib/interactive-mode.ts
@@ -200,11 +200,11 @@ var NotAcceptable = class extends Schema.TaggedError()("NotAcceptable", { messag
 //#endregion
 //#region ../../packages/api/src/groups/android-application-identifiers.ts
 const idParam$16 = HttpApiSchema.param("id", Schema.String);
-const projectIdParam$3 = HttpApiSchema.param("projectId", Schema.String);
-var AndroidApplicationIdentifiersGroup = class extends HttpApiGroup.make("androidApplicationIdentifiers").add(HttpApiEndpoint.get("list")`/api/projects/${projectIdParam$3}/android-application-identifiers`.addSuccess(Schema.Struct({ items: Schema.Array(AndroidApplicationIdentifier) })).annotateContext(OpenApi.annotations({
+const projectIdParam$4 = HttpApiSchema.param("projectId", Schema.String);
+var AndroidApplicationIdentifiersGroup = class extends HttpApiGroup.make("androidApplicationIdentifiers").add(HttpApiEndpoint.get("list")`/api/projects/${projectIdParam$4}/android-application-identifiers`.addSuccess(Schema.Struct({ items: Schema.Array(AndroidApplicationIdentifier) })).annotateContext(OpenApi.annotations({
 	title: "List Android application identifiers",
 	description: "List all Android package identifiers for a project"
-}))).add(HttpApiEndpoint.post("create")`/api/projects/${projectIdParam$3}/android-application-identifiers`.setPayload(CreateAndroidApplicationIdentifierBody).addSuccess(AndroidApplicationIdentifier, { status: 201 }).annotateContext(OpenApi.annotations({
+}))).add(HttpApiEndpoint.post("create")`/api/projects/${projectIdParam$4}/android-application-identifiers`.setPayload(CreateAndroidApplicationIdentifierBody).addSuccess(AndroidApplicationIdentifier, { status: 201 }).annotateContext(OpenApi.annotations({
 	title: "Create Android application identifier",
 	description: "Register an Android package name for a project"
 }))).add(HttpApiEndpoint.del("delete")`/api/android-application-identifiers/${idParam$16}`.addSuccess(DeleteAndroidApplicationIdentifierResult).annotateContext(OpenApi.annotations({
@@ -612,11 +612,11 @@ const AssetUploadResult = Schema.Struct({
 
 //#endregion
 //#region ../../packages/api/src/groups/assets.ts
-const hashParam = HttpApiSchema.param("hash", Schema.String);
+const hashParam$1 = HttpApiSchema.param("hash", Schema.String);
 var AssetsGroup = class extends HttpApiGroup.make("assets").add(HttpApiEndpoint.post("upload", "/api/assets/upload").setPayload(AssetUploadBody).addSuccess(AssetUploadResult, { status: 201 }).annotateContext(OpenApi.annotations({
 	title: "Upload assets",
 	description: "Upload asset files to R2 storage (deduplicated by content hash)"
-}))).add(HttpApiEndpoint.post("finalize")`/api/assets/${hashParam}/finalize`.addSuccess(Asset).annotateContext(OpenApi.annotations({
+}))).add(HttpApiEndpoint.post("finalize")`/api/assets/${hashParam$1}/finalize`.addSuccess(Asset).annotateContext(OpenApi.annotations({
 	title: "Finalize asset upload",
 	description: "Verify a directly uploaded asset in R2 and mark it available for updates"
 }))).addError(BadRequest).addError(NotFound).addError(Forbidden).annotateContext(OpenApi.annotations({
@@ -721,7 +721,8 @@ const ResolveBuildCredentialsIosBody = Schema.Struct({
 });
 const ResolveBuildCredentialsAndroidBody = Schema.Struct({
 	platform: Schema.Literal("android"),
-	applicationIdentifier: AndroidPackageName
+	applicationIdentifier: AndroidPackageName,
+	buildProfile: Schema.optional(Schema.String.pipe(Schema.minLength(1), Schema.maxLength(120)))
 });
 const ResolveBuildCredentialsBody = Schema.Union(ResolveBuildCredentialsIosBody, ResolveBuildCredentialsAndroidBody);
 const IosBuildDistributionCertificate = Schema.Struct({
@@ -777,8 +778,8 @@ const ResolveBuildCredentialsResult = Schema.Union(ResolveBuildCredentialsIosRes
 
 //#endregion
 //#region ../../packages/api/src/groups/build-credentials.ts
-const projectIdParam$2 = HttpApiSchema.param("projectId", Schema.String);
-var BuildCredentialsGroup = class extends HttpApiGroup.make("buildCredentials").add(HttpApiEndpoint.post("resolve")`/api/projects/${projectIdParam$2}/build-credentials/resolve`.setPayload(ResolveBuildCredentialsBody).addSuccess(ResolveBuildCredentialsResult).annotateContext(OpenApi.annotations({
+const projectIdParam$3 = HttpApiSchema.param("projectId", Schema.String);
+var BuildCredentialsGroup = class extends HttpApiGroup.make("buildCredentials").add(HttpApiEndpoint.post("resolve")`/api/projects/${projectIdParam$3}/build-credentials/resolve`.setPayload(ResolveBuildCredentialsBody).addSuccess(ResolveBuildCredentialsResult).annotateContext(OpenApi.annotations({
 	title: "Resolve build credentials",
 	description: "Return decrypted signing assets for a project build. Regenerates the iOS provisioning profile via Apple ASC when the registered device roster has changed since the profile was last generated."
 }))).addError(NotFound).addError(BadRequest).addError(Forbidden).annotateContext(OpenApi.annotations({
@@ -789,6 +790,7 @@ var BuildCredentialsGroup = class extends HttpApiGroup.make("buildCredentials").
 //#endregion
 //#region ../../packages/api/src/domain/build.ts
 const Distribution = Schema.Literal("app-store", "ad-hoc", "development", "enterprise", "simulator", "play-store", "direct");
+const BuildAudience = Schema.Literal("internal", "store");
 const ArtifactFormat = Schema.Literal("ipa", "apk", "aab", "tar.gz");
 const Sha256Hex = Schema.String.pipe(Schema.pattern(/^[a-fA-F0-9]{64}$/u), Schema.maxLength(64));
 const CreateBuildCommonFields = {
@@ -805,6 +807,7 @@ const CreateBuildCommonFields = {
 		key: Schema.String,
 		value: Schema.Unknown
 	})),
+	fingerprintHash: Schema.optional(Schema.String.pipe(Schema.minLength(1))),
 	sha256: Sha256Hex,
 	byteSize: Schema.Number.pipe(Schema.nonNegative())
 };
@@ -822,6 +825,7 @@ var Build = class extends Schema.Class("Build")({
 	gitCommit: Schema.NullOr(Schema.String),
 	message: Schema.NullOr(Schema.String),
 	metadataJson: Schema.String,
+	fingerprintHash: Schema.NullOr(Schema.String),
 	createdAt: DateTimeString
 }) {};
 var BuildArtifact = class extends Schema.Class("BuildArtifact")({
@@ -873,6 +877,7 @@ const ListBuildsParams = Schema.Struct({
 	profile: Schema.optional(Schema.String),
 	runtimeVersion: Schema.optional(Schema.String),
 	distribution: Schema.optional(Distribution),
+	audience: Schema.optional(BuildAudience),
 	...PaginationParams.fields,
 	sort: Schema.optional(BuildSort)
 });
@@ -1245,6 +1250,108 @@ var EnvVarsGroup = class extends HttpApiGroup.make("env-vars").add(HttpApiEndpoi
 	description: "Manage environment variables for project builds and deployments"
 })) {};
 
+//#endregion
+//#region ../../packages/api/src/domain/update.ts
+var Update = class extends Schema.Class("Update")({
+	id: Id,
+	branchId: Id,
+	runtimeVersion: Schema.String,
+	platform: Platform,
+	message: Schema.String,
+	metadataJson: Schema.String,
+	extraJson: Schema.NullOr(Schema.String),
+	groupId: Schema.String,
+	rolloutPercentage: Schema.Number,
+	isRollback: Schema.Boolean,
+	signature: Schema.NullOr(Schema.String),
+	certificateChain: Schema.NullOr(Schema.String),
+	manifestBody: Schema.NullOr(Schema.String),
+	directiveBody: Schema.NullOr(Schema.String),
+	fingerprintHash: Schema.NullOr(Schema.String),
+	totalAssetSize: Schema.Number,
+	createdAt: DateTimeString
+}) {};
+const UpdateSortColumn = Schema.Literal("createdAt", "runtimeVersion", "platform", "rolloutPercentage");
+/**
+* Sort param: column name optionally prefixed with `-` for descending.
+* Example: `runtimeVersion` (asc), `-createdAt` (desc).
+*/
+const UpdateSort = Schema.Union(UpdateSortColumn, Schema.TemplateLiteral("-", UpdateSortColumn));
+const ListUpdatesParams = Schema.Struct({
+	projectId: Id,
+	branchId: Schema.optional(Id),
+	platform: Schema.optional(Platform),
+	runtimeVersion: Schema.optional(Schema.String),
+	...PaginationParams.fields,
+	sort: Schema.optional(UpdateSort)
+});
+const AssetRef = Schema.Struct({
+	hash: Schema.String,
+	key: Schema.String,
+	isLaunch: Schema.Boolean,
+	contentChecksum: Schema.optional(Schema.String)
+});
+const UpdateAssetEntry = Schema.Struct({
+	hash: Schema.String,
+	key: Schema.String,
+	isLaunch: Schema.Boolean,
+	contentChecksum: Schema.NullOr(Schema.String)
+});
+const CreateUpdateBody = Schema.Struct({
+	branch: Schema.String.pipe(Schema.minLength(1)),
+	slug: Schema.String.pipe(Schema.minLength(1)),
+	runtimeVersion: Schema.String.pipe(Schema.minLength(1)),
+	platform: Platform,
+	message: Schema.String,
+	groupId: Schema.String.pipe(Schema.minLength(1)),
+	metadata: Schema.Record({
+		key: Schema.String,
+		value: Schema.Unknown
+	}),
+	extra: Schema.optional(Schema.Record({
+		key: Schema.String,
+		value: Schema.Unknown
+	})),
+	assets: Schema.Array(AssetRef),
+	manifestBody: Schema.optional(Schema.String),
+	directiveBody: Schema.optional(Schema.String),
+	isRollback: Schema.optional(Schema.Boolean),
+	signature: Schema.optional(Schema.String),
+	certificateChain: Schema.optional(Schema.String),
+	rolloutPercentage: Schema.optional(Schema.Number.pipe(Schema.int(), Schema.between(1, 100))),
+	fingerprintHash: Schema.optional(Schema.String.pipe(Schema.minLength(1)))
+});
+const RepublishBody = Schema.Struct({
+	sourceUpdateId: Schema.optional(Id),
+	sourceGroupId: Schema.optional(Schema.String.pipe(Schema.minLength(1))),
+	destinationBranchId: Schema.optional(Id),
+	destinationChannel: Schema.optional(Schema.String.pipe(Schema.minLength(1))),
+	message: Schema.optional(Schema.String),
+	signedUpdates: Schema.optional(Schema.Array(Schema.Struct({
+		sourceUpdateId: Id,
+		manifestBody: Schema.String.pipe(Schema.minLength(1)),
+		signature: Schema.String.pipe(Schema.minLength(1)),
+		certificateChain: Schema.String.pipe(Schema.minLength(1))
+	})))
+});
+const RepublishResult = Schema.Struct({ updates: Schema.Array(Update) });
+const DeleteUpdateResult = Schema.Struct({ deleted: Schema.Number });
+
+//#endregion
+//#region ../../packages/api/src/groups/fingerprints.ts
+const projectIdParam$2 = HttpApiSchema.param("projectId", Id);
+const hashParam = HttpApiSchema.param("hash", Schema.String.pipe(Schema.minLength(1)));
+const FingerprintDetail = Schema.Struct({
+	hash: Schema.String,
+	projectId: Id,
+	builds: Schema.Array(BuildWithArtifact),
+	updates: Schema.Array(Update)
+});
+var FingerprintsGroup = class extends HttpApiGroup.make("fingerprints").add(HttpApiEndpoint.get("get")`/api/projects/${projectIdParam$2}/fingerprints/${hashParam}`.addSuccess(FingerprintDetail).annotateContext(OpenApi.annotations({
+	title: "Get fingerprint",
+	description: "Fetch builds and updates compatible with a given fingerprint hash within a project."
+}))).addError(Forbidden, { status: 403 }).addError(NotFound, { status: 404 }).addError(BadRequest, { status: 400 }) {};
+
 //#endregion
 //#region ../../packages/api/src/domain/google-service-account-key.ts
 var GoogleServiceAccountKey = class extends Schema.Class("GoogleServiceAccountKey")({
@@ -1433,83 +1540,6 @@ var ProjectsGroup = class extends HttpApiGroup.make("projects").add(HttpApiEndpo
 	description: "Project management endpoints"
 })) {};
 
-//#endregion
-//#region ../../packages/api/src/domain/update.ts
-var Update = class extends Schema.Class("Update")({
-	id: Id,
-	branchId: Id,
-	runtimeVersion: Schema.String,
-	platform: Platform,
-	message: Schema.String,
-	metadataJson: Schema.String,
-	extraJson: Schema.NullOr(Schema.String),
-	groupId: Schema.String,
-	rolloutPercentage: Schema.Number,
-	isRollback: Schema.Boolean,
-	signature: Schema.NullOr(Schema.String),
-	certificateChain: Schema.NullOr(Schema.String),
-	manifestBody: Schema.NullOr(Schema.String),
-	directiveBody: Schema.NullOr(Schema.String),
-	createdAt: DateTimeString
-}) {};
-const UpdateSortColumn = Schema.Literal("createdAt", "runtimeVersion", "platform", "rolloutPercentage");
-/**
-* Sort param: column name optionally prefixed with `-` for descending.
-* Example: `runtimeVersion` (asc), `-createdAt` (desc).
-*/
-const UpdateSort = Schema.Union(UpdateSortColumn, Schema.TemplateLiteral("-", UpdateSortColumn));
-const ListUpdatesParams = Schema.Struct({
-	projectId: Id,
-	branchId: Schema.optional(Id),
-	platform: Schema.optional(Platform),
-	...PaginationParams.fields,
-	sort: Schema.optional(UpdateSort)
-});
-const AssetRef = Schema.Struct({
-	hash: Schema.String,
-	key: Schema.String,
-	isLaunch: Schema.Boolean,
-	contentChecksum: Schema.optional(Schema.String)
-});
-const CreateUpdateBody = Schema.Struct({
-	branch: Schema.String.pipe(Schema.minLength(1)),
-	slug: Schema.String.pipe(Schema.minLength(1)),
-	runtimeVersion: Schema.String.pipe(Schema.minLength(1)),
-	platform: Platform,
-	message: Schema.String,
-	groupId: Schema.String.pipe(Schema.minLength(1)),
-	metadata: Schema.Record({
-		key: Schema.String,
-		value: Schema.Unknown
-	}),
-	extra: Schema.optional(Schema.Record({
-		key: Schema.String,
-		value: Schema.Unknown
-	})),
-	assets: Schema.Array(AssetRef),
-	manifestBody: Schema.optional(Schema.String),
-	directiveBody: Schema.optional(Schema.String),
-	isRollback: Schema.optional(Schema.Boolean),
-	signature: Schema.optional(Schema.String),
-	certificateChain: Schema.optional(Schema.String),
-	rolloutPercentage: Schema.optional(Schema.Number.pipe(Schema.int(), Schema.between(1, 100)))
-});
-const RepublishBody = Schema.Struct({
-	sourceUpdateId: Schema.optional(Id),
-	sourceGroupId: Schema.optional(Schema.String.pipe(Schema.minLength(1))),
-	destinationBranchId: Schema.optional(Id),
-	destinationChannel: Schema.optional(Schema.String.pipe(Schema.minLength(1))),
-	message: Schema.optional(Schema.String),
-	signedUpdates: Schema.optional(Schema.Array(Schema.Struct({
-		sourceUpdateId: Id,
-		manifestBody: Schema.String.pipe(Schema.minLength(1)),
-		signature: Schema.String.pipe(Schema.minLength(1)),
-		certificateChain: Schema.String.pipe(Schema.minLength(1))
-	})))
-});
-const RepublishResult = Schema.Struct({ updates: Schema.Array(Update) });
-const DeleteUpdateResult = Schema.Struct({ deleted: Schema.Number });
-
 //#endregion
 //#region ../../packages/api/src/groups/updates.ts
 const idParam$1 = HttpApiSchema.param("id", Schema.String);
@@ -1528,6 +1558,12 @@ var UpdatesGroup = class extends HttpApiGroup.make("updates").add(HttpApiEndpoin
 }))).add(HttpApiEndpoint.get("get")`/api/updates/${idParam$1}`.addSuccess(Update).annotateContext(OpenApi.annotations({
 	title: "Get update",
 	description: "Fetch a single update by ID"
+}))).add(HttpApiEndpoint.get("getGroup")`/api/update-groups/${groupIdParam}`.addSuccess(Schema.Struct({ items: Schema.Array(Update) })).annotateContext(OpenApi.annotations({
+	title: "Get update group",
+	description: "Fetch all updates in a group (paired iOS + Android variants)"
+}))).add(HttpApiEndpoint.get("listAssets")`/api/updates/${idParam$1}/assets`.addSuccess(Schema.Array(UpdateAssetEntry)).annotateContext(OpenApi.annotations({
+	title: "List update assets",
+	description: "Fetch the asset references (key + hash + launch flag) for an update"
 }))).add(HttpApiEndpoint.del("deleteGroup")`/api/updates/${groupIdParam}`.addSuccess(DeleteUpdateResult).annotateContext(OpenApi.annotations({
 	title: "Delete update group",
 	description: "Delete all updates in a group (paired iOS + Android updates)"
@@ -1605,7 +1641,7 @@ var WebhooksGroup = class extends HttpApiGroup.make("webhooks").add(HttpApiEndpo
 
 //#endregion
 //#region ../../packages/api/src/api.ts
-var ManagementApi = class extends HttpApi.make("management-api").add(ProjectsGroup).add(BranchesGroup).add(ChannelsGroup).add(UpdatesGroup).add(AssetsGroup).add(AnalyticsGroup).add(BuildsGroup).add(EnvVarsGroup).add(AuditLogsGroup).add(DevicesGroup).add(AppleTeamsGroup).add(AppleDistributionCertificatesGroup).add(ApplePushKeysGroup).add(AscApiKeysGroup).add(AppleProvisioningProfilesGroup).add(GoogleServiceAccountKeysGroup).add(IosBundleConfigurationsGroup).add(AndroidApplicationIdentifiersGroup).add(AndroidUploadKeystoresGroup).add(AndroidBuildCredentialsGroup).add(BuildCredentialsGroup).add(MeGroup).add(WebhooksGroup).middleware(Authentication).annotateContext(OpenApi.annotations({
+var ManagementApi = class extends HttpApi.make("management-api").add(ProjectsGroup).add(BranchesGroup).add(ChannelsGroup).add(UpdatesGroup).add(AssetsGroup).add(AnalyticsGroup).add(BuildsGroup).add(EnvVarsGroup).add(FingerprintsGroup).add(AuditLogsGroup).add(DevicesGroup).add(AppleTeamsGroup).add(AppleDistributionCertificatesGroup).add(ApplePushKeysGroup).add(AscApiKeysGroup).add(AppleProvisioningProfilesGroup).add(GoogleServiceAccountKeysGroup).add(IosBundleConfigurationsGroup).add(AndroidApplicationIdentifiersGroup).add(AndroidUploadKeystoresGroup).add(AndroidBuildCredentialsGroup).add(BuildCredentialsGroup).add(MeGroup).add(WebhooksGroup).middleware(Authentication).annotateContext(OpenApi.annotations({
 	title: "Better Update Management API",
 	version: "1.0.0",
 	description: "Management API for OTA update publishing, deployment, and analytics"
@@ -4150,7 +4186,8 @@ const downloadAndroidCredentials = (api, options) => Effect.gen(function* () {
 		path: { projectId: options.projectId },
 		payload: {
 			platform: "android",
-			applicationIdentifier: options.applicationIdentifier
+			applicationIdentifier: options.applicationIdentifier,
+			...options.buildProfile === void 0 ? {} : { buildProfile: options.buildProfile }
 		}
 	}).pipe(Effect.mapError((cause) => resolveErrorToMissingCredentials(cause, "android")));
 	if (resolved.platform !== "android") return yield* Effect.fail(new MissingCredentialsError({
@@ -4594,7 +4631,8 @@ const runAndroidBuild = (input) => Effect.gen(function* () {
 	const credentials = input.credentialsSource === "local" ? yield* loadLocalAndroidCredentials({ projectRoot }) : yield* downloadAndroidCredentials(api, {
 		projectId,
 		applicationIdentifier,
-		tempDir
+		tempDir,
+		buildProfile: input.profileName
 	});
 	yield* runStep({
 		command: "bunx",
@@ -5913,7 +5951,8 @@ const buildReserveCommon = (input) => ({
 	...input.buildNumber === void 0 ? {} : { buildNumber: input.buildNumber },
 	...input.gitContext.ref === void 0 ? {} : { gitRef: input.gitContext.ref },
 	...input.gitContext.commit === void 0 ? {} : { gitCommit: input.gitContext.commit },
-	...input.message === void 0 ? {} : { message: input.message }
+	...input.message === void 0 ? {} : { message: input.message },
+	...input.fingerprintHash === void 0 ? {} : { fingerprintHash: input.fingerprintHash }
 });
 const callReserve = (api, input) => {
 	const common = buildReserveCommon(input);
@@ -6407,6 +6446,26 @@ const pullEnvVars = (api, { projectId, environment }) => {
 	} }).pipe(Effect.map((result) => Object.fromEntries(result.items.map((item) => [item.key, item.value]))), Effect.mapError((cause) => new EnvExportError({ message: `Failed to export environment variables for "${environment}": ${String(cause)}` })));
 };
 
+//#endregion
+//#region src/lib/fingerprint.ts
+var FingerprintError = class extends Data.TaggedError("FingerprintError") {};
+const runFingerprintFull = (projectRoot) => Effect.gen(function* () {
+	const cmd = Command.make("bunx", "@expo/fingerprint", projectRoot).pipe(Command.workingDirectory(projectRoot));
+	const stdout = yield* Command.string(cmd).pipe(Effect.mapError((cause) => new FingerprintError({ message: `Failed to run "@expo/fingerprint": ${cause.message}` })));
+	const parsed = yield* Effect.try({
+		try: () => JSON.parse(stdout),
+		catch: () => new FingerprintError({ message: "Failed to parse @expo/fingerprint output as JSON." })
+	});
+	if (!isRecord(parsed)) return yield* new FingerprintError({ message: "@expo/fingerprint output was not a JSON object." });
+	const { hash } = parsed;
+	if (typeof hash !== "string" || hash.length === 0) return yield* new FingerprintError({ message: "@expo/fingerprint output did not contain a \"hash\" string field." });
+	const sourcesRaw = parsed["sources"];
+	return {
+		hash,
+		sources: Array.isArray(sourcesRaw) ? sourcesRaw : []
+	};
+});
+
 //#endregion
 //#region src/lib/git-context.ts
 const runString = (cmd, cwd) => Command.string(Command.workingDirectory(cmd, cwd));
@@ -6670,26 +6729,6 @@ const ensureRepoClean = ({ projectRoot, allowDirty, label }) => Effect.gen(funct
 	if (!(yield* promptConfirm(`Continue ${label} with uncommitted changes?`, { initialValue: false }))) yield* new DirtyRepoError({ message: `${label} cancelled by user.` });
 });
 
-//#endregion
-//#region src/lib/fingerprint.ts
-var FingerprintError = class extends Data.TaggedError("FingerprintError") {};
-const runFingerprintFull = (projectRoot) => Effect.gen(function* () {
-	const cmd = Command.make("bunx", "@expo/fingerprint", projectRoot).pipe(Command.workingDirectory(projectRoot));
-	const stdout = yield* Command.string(cmd).pipe(Effect.mapError((cause) => new FingerprintError({ message: `Failed to run "@expo/fingerprint": ${cause.message}` })));
-	const parsed = yield* Effect.try({
-		try: () => JSON.parse(stdout),
-		catch: () => new FingerprintError({ message: "Failed to parse @expo/fingerprint output as JSON." })
-	});
-	if (!isRecord(parsed)) return yield* new FingerprintError({ message: "@expo/fingerprint output was not a JSON object." });
-	const { hash } = parsed;
-	if (typeof hash !== "string" || hash.length === 0) return yield* new FingerprintError({ message: "@expo/fingerprint output did not contain a \"hash\" string field." });
-	const sourcesRaw = parsed["sources"];
-	return {
-		hash,
-		sources: Array.isArray(sourcesRaw) ? sourcesRaw : []
-	};
-});
-
 //#endregion
 //#region src/lib/runtime-version.ts
 const resolveRuntimeVersion = ({ raw, appVersion, projectRoot }) => Effect.gen(function* () {
@@ -6768,7 +6807,8 @@ const runAndroidPlatformBuild = (input) => Effect.gen(function* () {
 			applicationIdentifier,
 			envVars,
 			projectId,
-			credentialsSource
+			credentialsSource,
+			profileName: profile.name
 		}),
 		target: androidProfile.format === "aab" ? {
 			platform: "android",
@@ -6869,6 +6909,7 @@ const runBuildWorkflow = (options) => Effect.scoped(Effect.gen(function* () {
 		...rawGitContext.commit === void 0 ? {} : { commit: rawGitContext.commit },
 		dirty: rawGitContext.dirty
 	};
+	const fingerprintHash = yield* runFingerprintFull(userCwd).pipe(Effect.map((entry) => entry.hash), Effect.catchAll(() => Effect.succeed(void 0)));
 	const result = yield* reserveAndUpload(api, {
 		target,
 		projectId,
@@ -6879,6 +6920,7 @@ const runBuildWorkflow = (options) => Effect.scoped(Effect.gen(function* () {
 		bundleId,
 		gitContext,
 		...options.message === void 0 ? {} : { message: options.message },
+		...fingerprintHash === void 0 ? {} : { fingerprintHash },
 		artifactPath: build.artifactPath,
 		sha256: build.sha256,
 		byteSize: build.byteSize
@@ -7766,6 +7808,7 @@ const runUploadWorkflow = (options) => Effect.gen(function* () {
 		...rawGitContext.commit === void 0 ? {} : { commit: rawGitContext.commit },
 		dirty: rawGitContext.dirty
 	};
+	const fingerprintHash = yield* runFingerprintFull(projectRoot).pipe(Effect.map((entry) => entry.hash), Effect.catchAll(() => Effect.succeed(void 0)));
 	const result = yield* reserveAndUpload(api, {
 		target,
 		projectId,
@@ -7776,6 +7819,7 @@ const runUploadWorkflow = (options) => Effect.gen(function* () {
 		bundleId,
 		gitContext,
 		...options.message === void 0 ? {} : { message: options.message },
+		...fingerprintHash === void 0 ? {} : { fingerprintHash },
 		artifactPath: options.artifactPath,
 		sha256,
 		byteSize
@@ -13615,7 +13659,8 @@ const publishPlatform = (params) => Effect.gen(function* () {
 			signature: params.signedPayload.signature,
 			certificateChain: params.signedPayload.certificateChain
 		} : {},
-		...params.rolloutPercentage === void 0 ? {} : { rolloutPercentage: params.rolloutPercentage }
+		...params.rolloutPercentage === void 0 ? {} : { rolloutPercentage: params.rolloutPercentage },
+		...params.fingerprintHash === void 0 ? {} : { fingerprintHash: params.fingerprintHash }
 	} }).pipe(Effect.mapError((cause) => new UpdatePublishError({ message: `Failed to publish ${params.platform} update: ${formatCause(cause)}` })));
 	return {
 		platform: params.platform,
@@ -13664,6 +13709,7 @@ const runUpdatePublish = (options) => Effect.scoped(Effect.gen(function* () {
 	const sharedExportDir = options.inputDir === void 0 ? void 0 : path.resolve(projectRoot, options.inputDir);
 	const groupId = randomUUID();
 	const message = resolvedMessage ?? "Publish via better-update CLI";
+	const fingerprintHash = yield* runFingerprintFull(projectRoot).pipe(Effect.map((result) => result.hash), Effect.catchAll(() => Effect.succeed(void 0)));
 	if ((yield* InteractiveMode).allow && !options.auto) {
 		if (!(yield* confirmPublishPreview({
 			branch,
@@ -13709,6 +13755,7 @@ const runUpdatePublish = (options) => Effect.scoped(Effect.gen(function* () {
 		platform,
 		signedPayload: signedPayloads[platform] ?? null,
 		rolloutPercentage: options.rolloutPercentage,
+		fingerprintHash,
 		skipBundler: options.skipBundler,
 		noBytecode: options.noBytecode,
 		sourceMaps: options.sourceMaps