npm - @better-update/cli - Versions diffs - 0.17.0 → 0.18.1 - Mend

@better-update/cli 0.17.0 → 0.18.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.mjs CHANGED Viewed

@@ -14,7 +14,7 @@ import { createServer } from "node:http";
 import { maxBy, uniqBy } from "es-toolkit";
 import { createHash, randomBytes, randomUUID } from "node:crypto";
 import forge from "node-forge";
-import { createReadStream, existsSync, promises, readFileSync, writeFileSync } from "node:fs";
+import { accessSync, chmodSync, constants, createReadStream, existsSync, promises, readFileSync, writeFileSync } from "node:fs";
 import { spawn as spawn$1 } from "node-pty";
 import chalk from "chalk";
 import os from "node:os";
@@ -31,7 +31,7 @@ var __require = /* @__PURE__ */ createRequire(import.meta.url);
 //#endregion
 //#region package.json
-var version = "0.17.0";
+var version = "0.18.1";
 //#endregion
 //#region src/lib/interactive-mode.ts
@@ -200,11 +200,11 @@ var NotAcceptable = class extends Schema.TaggedError()("NotAcceptable", { messag
 //#endregion
 //#region ../../packages/api/src/groups/android-application-identifiers.ts
 const idParam$16 = HttpApiSchema.param("id", Schema.String);
-const projectIdParam$3 = HttpApiSchema.param("projectId", Schema.String);
-var AndroidApplicationIdentifiersGroup = class extends HttpApiGroup.make("androidApplicationIdentifiers").add(HttpApiEndpoint.get("list")`/api/projects/${projectIdParam$3}/android-application-identifiers`.addSuccess(Schema.Struct({ items: Schema.Array(AndroidApplicationIdentifier) })).annotateContext(OpenApi.annotations({
+const projectIdParam$4 = HttpApiSchema.param("projectId", Schema.String);
+var AndroidApplicationIdentifiersGroup = class extends HttpApiGroup.make("androidApplicationIdentifiers").add(HttpApiEndpoint.get("list")`/api/projects/${projectIdParam$4}/android-application-identifiers`.addSuccess(Schema.Struct({ items: Schema.Array(AndroidApplicationIdentifier) })).annotateContext(OpenApi.annotations({
 	title: "List Android application identifiers",
 	description: "List all Android package identifiers for a project"
-}))).add(HttpApiEndpoint.post("create")`/api/projects/${projectIdParam$3}/android-application-identifiers`.setPayload(CreateAndroidApplicationIdentifierBody).addSuccess(AndroidApplicationIdentifier, { status: 201 }).annotateContext(OpenApi.annotations({
+}))).add(HttpApiEndpoint.post("create")`/api/projects/${projectIdParam$4}/android-application-identifiers`.setPayload(CreateAndroidApplicationIdentifierBody).addSuccess(AndroidApplicationIdentifier, { status: 201 }).annotateContext(OpenApi.annotations({
 	title: "Create Android application identifier",
 	description: "Register an Android package name for a project"
 }))).add(HttpApiEndpoint.del("delete")`/api/android-application-identifiers/${idParam$16}`.addSuccess(DeleteAndroidApplicationIdentifierResult).annotateContext(OpenApi.annotations({
@@ -612,11 +612,11 @@ const AssetUploadResult = Schema.Struct({
 //#endregion
 //#region ../../packages/api/src/groups/assets.ts
-const hashParam = HttpApiSchema.param("hash", Schema.String);
+const hashParam$1 = HttpApiSchema.param("hash", Schema.String);
 var AssetsGroup = class extends HttpApiGroup.make("assets").add(HttpApiEndpoint.post("upload", "/api/assets/upload").setPayload(AssetUploadBody).addSuccess(AssetUploadResult, { status: 201 }).annotateContext(OpenApi.annotations({
 	title: "Upload assets",
 	description: "Upload asset files to R2 storage (deduplicated by content hash)"
-}))).add(HttpApiEndpoint.post("finalize")`/api/assets/${hashParam}/finalize`.addSuccess(Asset).annotateContext(OpenApi.annotations({
+}))).add(HttpApiEndpoint.post("finalize")`/api/assets/${hashParam$1}/finalize`.addSuccess(Asset).annotateContext(OpenApi.annotations({
 	title: "Finalize asset upload",
 	description: "Verify a directly uploaded asset in R2 and mark it available for updates"
 }))).addError(BadRequest).addError(NotFound).addError(Forbidden).annotateContext(OpenApi.annotations({
@@ -721,7 +721,8 @@ const ResolveBuildCredentialsIosBody = Schema.Struct({
 });
 const ResolveBuildCredentialsAndroidBody = Schema.Struct({
 	platform: Schema.Literal("android"),
-	applicationIdentifier: AndroidPackageName
+	applicationIdentifier: AndroidPackageName,
+	buildProfile: Schema.optional(Schema.String.pipe(Schema.minLength(1), Schema.maxLength(120)))
 });
 const ResolveBuildCredentialsBody = Schema.Union(ResolveBuildCredentialsIosBody, ResolveBuildCredentialsAndroidBody);
 const IosBuildDistributionCertificate = Schema.Struct({
@@ -777,8 +778,8 @@ const ResolveBuildCredentialsResult = Schema.Union(ResolveBuildCredentialsIosRes
 //#endregion
 //#region ../../packages/api/src/groups/build-credentials.ts
-const projectIdParam$2 = HttpApiSchema.param("projectId", Schema.String);
-var BuildCredentialsGroup = class extends HttpApiGroup.make("buildCredentials").add(HttpApiEndpoint.post("resolve")`/api/projects/${projectIdParam$2}/build-credentials/resolve`.setPayload(ResolveBuildCredentialsBody).addSuccess(ResolveBuildCredentialsResult).annotateContext(OpenApi.annotations({
+const projectIdParam$3 = HttpApiSchema.param("projectId", Schema.String);
+var BuildCredentialsGroup = class extends HttpApiGroup.make("buildCredentials").add(HttpApiEndpoint.post("resolve")`/api/projects/${projectIdParam$3}/build-credentials/resolve`.setPayload(ResolveBuildCredentialsBody).addSuccess(ResolveBuildCredentialsResult).annotateContext(OpenApi.annotations({
 	title: "Resolve build credentials",
 	description: "Return decrypted signing assets for a project build. Regenerates the iOS provisioning profile via Apple ASC when the registered device roster has changed since the profile was last generated."
 }))).addError(NotFound).addError(BadRequest).addError(Forbidden).annotateContext(OpenApi.annotations({
@@ -789,6 +790,7 @@ var BuildCredentialsGroup = class extends HttpApiGroup.make("buildCredentials").
 //#endregion
 //#region ../../packages/api/src/domain/build.ts
 const Distribution = Schema.Literal("app-store", "ad-hoc", "development", "enterprise", "simulator", "play-store", "direct");
+const BuildAudience = Schema.Literal("internal", "store");
 const ArtifactFormat = Schema.Literal("ipa", "apk", "aab", "tar.gz");
 const Sha256Hex = Schema.String.pipe(Schema.pattern(/^[a-fA-F0-9]{64}$/u), Schema.maxLength(64));
 const CreateBuildCommonFields = {
@@ -805,6 +807,7 @@ const CreateBuildCommonFields = {
 		key: Schema.String,
 		value: Schema.Unknown
 	})),
+	fingerprintHash: Schema.optional(Schema.String.pipe(Schema.minLength(1))),
 	sha256: Sha256Hex,
 	byteSize: Schema.Number.pipe(Schema.nonNegative())
 };
@@ -822,6 +825,7 @@ var Build = class extends Schema.Class("Build")({
 	gitCommit: Schema.NullOr(Schema.String),
 	message: Schema.NullOr(Schema.String),
 	metadataJson: Schema.String,
+	fingerprintHash: Schema.NullOr(Schema.String),
 	createdAt: DateTimeString
 }) {};
 var BuildArtifact = class extends Schema.Class("BuildArtifact")({
@@ -873,6 +877,7 @@ const ListBuildsParams = Schema.Struct({
 	profile: Schema.optional(Schema.String),
 	runtimeVersion: Schema.optional(Schema.String),
 	distribution: Schema.optional(Distribution),
+	audience: Schema.optional(BuildAudience),
 	...PaginationParams.fields,
 	sort: Schema.optional(BuildSort)
 });
@@ -1245,6 +1250,108 @@ var EnvVarsGroup = class extends HttpApiGroup.make("env-vars").add(HttpApiEndpoi
 	description: "Manage environment variables for project builds and deployments"
 })) {};
+//#endregion
+//#region ../../packages/api/src/domain/update.ts
+var Update = class extends Schema.Class("Update")({
+	id: Id,
+	branchId: Id,
+	runtimeVersion: Schema.String,
+	platform: Platform,
+	message: Schema.String,
+	metadataJson: Schema.String,
+	extraJson: Schema.NullOr(Schema.String),
+	groupId: Schema.String,
+	rolloutPercentage: Schema.Number,
+	isRollback: Schema.Boolean,
+	signature: Schema.NullOr(Schema.String),
+	certificateChain: Schema.NullOr(Schema.String),
+	manifestBody: Schema.NullOr(Schema.String),
+	directiveBody: Schema.NullOr(Schema.String),
+	fingerprintHash: Schema.NullOr(Schema.String),
+	totalAssetSize: Schema.Number,
+	createdAt: DateTimeString
+}) {};
+const UpdateSortColumn = Schema.Literal("createdAt", "runtimeVersion", "platform", "rolloutPercentage");
+/**
+* Sort param: column name optionally prefixed with `-` for descending.
+* Example: `runtimeVersion` (asc), `-createdAt` (desc).
+*/
+const UpdateSort = Schema.Union(UpdateSortColumn, Schema.TemplateLiteral("-", UpdateSortColumn));
+const ListUpdatesParams = Schema.Struct({
+	projectId: Id,
+	branchId: Schema.optional(Id),
+	platform: Schema.optional(Platform),
+	runtimeVersion: Schema.optional(Schema.String),
+	...PaginationParams.fields,
+	sort: Schema.optional(UpdateSort)
+});
+const AssetRef = Schema.Struct({
+	hash: Schema.String,
+	key: Schema.String,
+	isLaunch: Schema.Boolean,
+	contentChecksum: Schema.optional(Schema.String)
+});
+const UpdateAssetEntry = Schema.Struct({
+	hash: Schema.String,
+	key: Schema.String,
+	isLaunch: Schema.Boolean,
+	contentChecksum: Schema.NullOr(Schema.String)
+});
+const CreateUpdateBody = Schema.Struct({
+	branch: Schema.String.pipe(Schema.minLength(1)),
+	slug: Schema.String.pipe(Schema.minLength(1)),
+	runtimeVersion: Schema.String.pipe(Schema.minLength(1)),
+	platform: Platform,
+	message: Schema.String,
+	groupId: Schema.String.pipe(Schema.minLength(1)),
+	metadata: Schema.Record({
+		key: Schema.String,
+		value: Schema.Unknown
+	}),
+	extra: Schema.optional(Schema.Record({
+		key: Schema.String,
+		value: Schema.Unknown
+	})),
+	assets: Schema.Array(AssetRef),
+	manifestBody: Schema.optional(Schema.String),
+	directiveBody: Schema.optional(Schema.String),
+	isRollback: Schema.optional(Schema.Boolean),
+	signature: Schema.optional(Schema.String),
+	certificateChain: Schema.optional(Schema.String),
+	rolloutPercentage: Schema.optional(Schema.Number.pipe(Schema.int(), Schema.between(1, 100))),
+	fingerprintHash: Schema.optional(Schema.String.pipe(Schema.minLength(1)))
+});
+const RepublishBody = Schema.Struct({
+	sourceUpdateId: Schema.optional(Id),
+	sourceGroupId: Schema.optional(Schema.String.pipe(Schema.minLength(1))),
+	destinationBranchId: Schema.optional(Id),
+	destinationChannel: Schema.optional(Schema.String.pipe(Schema.minLength(1))),
+	message: Schema.optional(Schema.String),
+	signedUpdates: Schema.optional(Schema.Array(Schema.Struct({
+		sourceUpdateId: Id,
+		manifestBody: Schema.String.pipe(Schema.minLength(1)),
+		signature: Schema.String.pipe(Schema.minLength(1)),
+		certificateChain: Schema.String.pipe(Schema.minLength(1))
+	})))
+});
+const RepublishResult = Schema.Struct({ updates: Schema.Array(Update) });
+const DeleteUpdateResult = Schema.Struct({ deleted: Schema.Number });
+//#endregion
+//#region ../../packages/api/src/groups/fingerprints.ts
+const projectIdParam$2 = HttpApiSchema.param("projectId", Id);
+const hashParam = HttpApiSchema.param("hash", Schema.String.pipe(Schema.minLength(1)));
+const FingerprintDetail = Schema.Struct({
+	hash: Schema.String,
+	projectId: Id,
+	builds: Schema.Array(BuildWithArtifact),
+	updates: Schema.Array(Update)
+});
+var FingerprintsGroup = class extends HttpApiGroup.make("fingerprints").add(HttpApiEndpoint.get("get")`/api/projects/${projectIdParam$2}/fingerprints/${hashParam}`.addSuccess(FingerprintDetail).annotateContext(OpenApi.annotations({
+	title: "Get fingerprint",
+	description: "Fetch builds and updates compatible with a given fingerprint hash within a project."
+}))).addError(Forbidden, { status: 403 }).addError(NotFound, { status: 404 }).addError(BadRequest, { status: 400 }) {};
 //#endregion
 //#region ../../packages/api/src/domain/google-service-account-key.ts
 var GoogleServiceAccountKey = class extends Schema.Class("GoogleServiceAccountKey")({
@@ -1433,83 +1540,6 @@ var ProjectsGroup = class extends HttpApiGroup.make("projects").add(HttpApiEndpo
 	description: "Project management endpoints"
 })) {};
-//#endregion
-//#region ../../packages/api/src/domain/update.ts
-var Update = class extends Schema.Class("Update")({
-	id: Id,
-	branchId: Id,
-	runtimeVersion: Schema.String,
-	platform: Platform,
-	message: Schema.String,
-	metadataJson: Schema.String,
-	extraJson: Schema.NullOr(Schema.String),
-	groupId: Schema.String,
-	rolloutPercentage: Schema.Number,
-	isRollback: Schema.Boolean,
-	signature: Schema.NullOr(Schema.String),
-	certificateChain: Schema.NullOr(Schema.String),
-	manifestBody: Schema.NullOr(Schema.String),
-	directiveBody: Schema.NullOr(Schema.String),
-	createdAt: DateTimeString
-}) {};
-const UpdateSortColumn = Schema.Literal("createdAt", "runtimeVersion", "platform", "rolloutPercentage");
-/**
-* Sort param: column name optionally prefixed with `-` for descending.
-* Example: `runtimeVersion` (asc), `-createdAt` (desc).
-*/
-const UpdateSort = Schema.Union(UpdateSortColumn, Schema.TemplateLiteral("-", UpdateSortColumn));
-const ListUpdatesParams = Schema.Struct({
-	projectId: Id,
-	branchId: Schema.optional(Id),
-	platform: Schema.optional(Platform),
-	...PaginationParams.fields,
-	sort: Schema.optional(UpdateSort)
-});
-const AssetRef = Schema.Struct({
-	hash: Schema.String,
-	key: Schema.String,
-	isLaunch: Schema.Boolean,
-	contentChecksum: Schema.optional(Schema.String)
-});
-const CreateUpdateBody = Schema.Struct({
-	branch: Schema.String.pipe(Schema.minLength(1)),
-	slug: Schema.String.pipe(Schema.minLength(1)),
-	runtimeVersion: Schema.String.pipe(Schema.minLength(1)),
-	platform: Platform,
-	message: Schema.String,
-	groupId: Schema.String.pipe(Schema.minLength(1)),
-	metadata: Schema.Record({
-		key: Schema.String,
-		value: Schema.Unknown
-	}),
-	extra: Schema.optional(Schema.Record({
-		key: Schema.String,
-		value: Schema.Unknown
-	})),
-	assets: Schema.Array(AssetRef),
-	manifestBody: Schema.optional(Schema.String),
-	directiveBody: Schema.optional(Schema.String),
-	isRollback: Schema.optional(Schema.Boolean),
-	signature: Schema.optional(Schema.String),
-	certificateChain: Schema.optional(Schema.String),
-	rolloutPercentage: Schema.optional(Schema.Number.pipe(Schema.int(), Schema.between(1, 100)))
-});
-const RepublishBody = Schema.Struct({
-	sourceUpdateId: Schema.optional(Id),
-	sourceGroupId: Schema.optional(Schema.String.pipe(Schema.minLength(1))),
-	destinationBranchId: Schema.optional(Id),
-	destinationChannel: Schema.optional(Schema.String.pipe(Schema.minLength(1))),
-	message: Schema.optional(Schema.String),
-	signedUpdates: Schema.optional(Schema.Array(Schema.Struct({
-		sourceUpdateId: Id,
-		manifestBody: Schema.String.pipe(Schema.minLength(1)),
-		signature: Schema.String.pipe(Schema.minLength(1)),
-		certificateChain: Schema.String.pipe(Schema.minLength(1))
-	})))
-});
-const RepublishResult = Schema.Struct({ updates: Schema.Array(Update) });
-const DeleteUpdateResult = Schema.Struct({ deleted: Schema.Number });
 //#endregion
 //#region ../../packages/api/src/groups/updates.ts
 const idParam$1 = HttpApiSchema.param("id", Schema.String);
@@ -1528,6 +1558,12 @@ var UpdatesGroup = class extends HttpApiGroup.make("updates").add(HttpApiEndpoin
 }))).add(HttpApiEndpoint.get("get")`/api/updates/${idParam$1}`.addSuccess(Update).annotateContext(OpenApi.annotations({
 	title: "Get update",
 	description: "Fetch a single update by ID"
+}))).add(HttpApiEndpoint.get("getGroup")`/api/update-groups/${groupIdParam}`.addSuccess(Schema.Struct({ items: Schema.Array(Update) })).annotateContext(OpenApi.annotations({
+	title: "Get update group",
+	description: "Fetch all updates in a group (paired iOS + Android variants)"
+}))).add(HttpApiEndpoint.get("listAssets")`/api/updates/${idParam$1}/assets`.addSuccess(Schema.Array(UpdateAssetEntry)).annotateContext(OpenApi.annotations({
+	title: "List update assets",
+	description: "Fetch the asset references (key + hash + launch flag) for an update"
 }))).add(HttpApiEndpoint.del("deleteGroup")`/api/updates/${groupIdParam}`.addSuccess(DeleteUpdateResult).annotateContext(OpenApi.annotations({
 	title: "Delete update group",
 	description: "Delete all updates in a group (paired iOS + Android updates)"
@@ -1605,7 +1641,7 @@ var WebhooksGroup = class extends HttpApiGroup.make("webhooks").add(HttpApiEndpo
 //#endregion
 //#region ../../packages/api/src/api.ts
-var ManagementApi = class extends HttpApi.make("management-api").add(ProjectsGroup).add(BranchesGroup).add(ChannelsGroup).add(UpdatesGroup).add(AssetsGroup).add(AnalyticsGroup).add(BuildsGroup).add(EnvVarsGroup).add(AuditLogsGroup).add(DevicesGroup).add(AppleTeamsGroup).add(AppleDistributionCertificatesGroup).add(ApplePushKeysGroup).add(AscApiKeysGroup).add(AppleProvisioningProfilesGroup).add(GoogleServiceAccountKeysGroup).add(IosBundleConfigurationsGroup).add(AndroidApplicationIdentifiersGroup).add(AndroidUploadKeystoresGroup).add(AndroidBuildCredentialsGroup).add(BuildCredentialsGroup).add(MeGroup).add(WebhooksGroup).middleware(Authentication).annotateContext(OpenApi.annotations({
+var ManagementApi = class extends HttpApi.make("management-api").add(ProjectsGroup).add(BranchesGroup).add(ChannelsGroup).add(UpdatesGroup).add(AssetsGroup).add(AnalyticsGroup).add(BuildsGroup).add(EnvVarsGroup).add(FingerprintsGroup).add(AuditLogsGroup).add(DevicesGroup).add(AppleTeamsGroup).add(AppleDistributionCertificatesGroup).add(ApplePushKeysGroup).add(AscApiKeysGroup).add(AppleProvisioningProfilesGroup).add(GoogleServiceAccountKeysGroup).add(IosBundleConfigurationsGroup).add(AndroidApplicationIdentifiersGroup).add(AndroidUploadKeystoresGroup).add(AndroidBuildCredentialsGroup).add(BuildCredentialsGroup).add(MeGroup).add(WebhooksGroup).middleware(Authentication).annotateContext(OpenApi.annotations({
 	title: "Better Update Management API",
 	version: "1.0.0",
 	description: "Management API for OTA update publishing, deployment, and analytics"
@@ -4150,7 +4186,8 @@ const downloadAndroidCredentials = (api, options) => Effect.gen(function* () {
 		path: { projectId: options.projectId },
 		payload: {
 			platform: "android",
-			applicationIdentifier: options.applicationIdentifier
+			applicationIdentifier: options.applicationIdentifier,
+			...options.buildProfile === void 0 ? {} : { buildProfile: options.buildProfile }
 		}
 	}).pipe(Effect.mapError((cause) => resolveErrorToMissingCredentials(cause, "android")));
 	if (resolved.platform !== "android") return yield* Effect.fail(new MissingCredentialsError({
@@ -4407,7 +4444,23 @@ const mergeEnv$1 = (overrides) => {
 	for (const [key, value] of Object.entries(overrides)) merged[key] = value;
 	return merged;
 };
+let spawnHelperChecked = false;
+const ensureSpawnHelperExecutable = () => {
+	if (spawnHelperChecked) return;
+	spawnHelperChecked = true;
+	if (process$1.platform === "win32") return;
+	try {
+		const nodeRequire = createRequire(import.meta.url);
+		const helperPath = path.join(path.dirname(nodeRequire.resolve("node-pty/package.json")), "prebuilds", `${process$1.platform}-${process$1.arch}`, "spawn-helper");
+		try {
+			accessSync(helperPath, constants.X_OK);
+		} catch {
+			chmodSync(helperPath, 493);
+		}
+	} catch {}
+};
 const trySpawn = (input) => {
+	ensureSpawnHelperExecutable();
 	const { cols, rows } = ptyDimensions();
 	try {
 		return spawn$1(input.command, [...input.args], {
@@ -4594,7 +4647,8 @@ const runAndroidBuild = (input) => Effect.gen(function* () {
 	const credentials = input.credentialsSource === "local" ? yield* loadLocalAndroidCredentials({ projectRoot }) : yield* downloadAndroidCredentials(api, {
 		projectId,
 		applicationIdentifier,
-		tempDir
+		tempDir,
+		buildProfile: input.profileName
 	});
 	yield* runStep({
 		command: "bunx",
@@ -5913,7 +5967,8 @@ const buildReserveCommon = (input) => ({
 	...input.buildNumber === void 0 ? {} : { buildNumber: input.buildNumber },
 	...input.gitContext.ref === void 0 ? {} : { gitRef: input.gitContext.ref },
 	...input.gitContext.commit === void 0 ? {} : { gitCommit: input.gitContext.commit },
-	...input.message === void 0 ? {} : { message: input.message }
+	...input.message === void 0 ? {} : { message: input.message },
+	...input.fingerprintHash === void 0 ? {} : { fingerprintHash: input.fingerprintHash }
 });
 const callReserve = (api, input) => {
 	const common = buildReserveCommon(input);
@@ -6407,6 +6462,26 @@ const pullEnvVars = (api, { projectId, environment }) => {
 	} }).pipe(Effect.map((result) => Object.fromEntries(result.items.map((item) => [item.key, item.value]))), Effect.mapError((cause) => new EnvExportError({ message: `Failed to export environment variables for "${environment}": ${String(cause)}` })));
 };
+//#endregion
+//#region src/lib/fingerprint.ts
+var FingerprintError = class extends Data.TaggedError("FingerprintError") {};
+const runFingerprintFull = (projectRoot) => Effect.gen(function* () {
+	const cmd = Command.make("bunx", "@expo/fingerprint", projectRoot).pipe(Command.workingDirectory(projectRoot));
+	const stdout = yield* Command.string(cmd).pipe(Effect.mapError((cause) => new FingerprintError({ message: `Failed to run "@expo/fingerprint": ${cause.message}` })));
+	const parsed = yield* Effect.try({
+		try: () => JSON.parse(stdout),
+		catch: () => new FingerprintError({ message: "Failed to parse @expo/fingerprint output as JSON." })
+	});
+	if (!isRecord(parsed)) return yield* new FingerprintError({ message: "@expo/fingerprint output was not a JSON object." });
+	const { hash } = parsed;
+	if (typeof hash !== "string" || hash.length === 0) return yield* new FingerprintError({ message: "@expo/fingerprint output did not contain a \"hash\" string field." });
+	const sourcesRaw = parsed["sources"];
+	return {
+		hash,
+		sources: Array.isArray(sourcesRaw) ? sourcesRaw : []
+	};
+});
 //#endregion
 //#region src/lib/git-context.ts
 const runString = (cmd, cwd) => Command.string(Command.workingDirectory(cmd, cwd));
@@ -6670,26 +6745,6 @@ const ensureRepoClean = ({ projectRoot, allowDirty, label }) => Effect.gen(funct
 	if (!(yield* promptConfirm(`Continue ${label} with uncommitted changes?`, { initialValue: false }))) yield* new DirtyRepoError({ message: `${label} cancelled by user.` });
 });
-//#endregion
-//#region src/lib/fingerprint.ts
-var FingerprintError = class extends Data.TaggedError("FingerprintError") {};
-const runFingerprintFull = (projectRoot) => Effect.gen(function* () {
-	const cmd = Command.make("bunx", "@expo/fingerprint", projectRoot).pipe(Command.workingDirectory(projectRoot));
-	const stdout = yield* Command.string(cmd).pipe(Effect.mapError((cause) => new FingerprintError({ message: `Failed to run "@expo/fingerprint": ${cause.message}` })));
-	const parsed = yield* Effect.try({
-		try: () => JSON.parse(stdout),
-		catch: () => new FingerprintError({ message: "Failed to parse @expo/fingerprint output as JSON." })
-	});
-	if (!isRecord(parsed)) return yield* new FingerprintError({ message: "@expo/fingerprint output was not a JSON object." });
-	const { hash } = parsed;
-	if (typeof hash !== "string" || hash.length === 0) return yield* new FingerprintError({ message: "@expo/fingerprint output did not contain a \"hash\" string field." });
-	const sourcesRaw = parsed["sources"];
-	return {
-		hash,
-		sources: Array.isArray(sourcesRaw) ? sourcesRaw : []
-	};
-});
 //#endregion
 //#region src/lib/runtime-version.ts
 const resolveRuntimeVersion = ({ raw, appVersion, projectRoot }) => Effect.gen(function* () {
@@ -6768,7 +6823,8 @@ const runAndroidPlatformBuild = (input) => Effect.gen(function* () {
 			applicationIdentifier,
 			envVars,
 			projectId,
-			credentialsSource
+			credentialsSource,
+			profileName: profile.name
 		}),
 		target: androidProfile.format === "aab" ? {
 			platform: "android",
@@ -6869,6 +6925,7 @@ const runBuildWorkflow = (options) => Effect.scoped(Effect.gen(function* () {
 		...rawGitContext.commit === void 0 ? {} : { commit: rawGitContext.commit },
 		dirty: rawGitContext.dirty
 	};
+	const fingerprintHash = yield* runFingerprintFull(userCwd).pipe(Effect.map((entry) => entry.hash), Effect.catchAll(() => Effect.succeed(void 0)));
 	const result = yield* reserveAndUpload(api, {
 		target,
 		projectId,
@@ -6879,6 +6936,7 @@ const runBuildWorkflow = (options) => Effect.scoped(Effect.gen(function* () {
 		bundleId,
 		gitContext,
 		...options.message === void 0 ? {} : { message: options.message },
+		...fingerprintHash === void 0 ? {} : { fingerprintHash },
 		artifactPath: build.artifactPath,
 		sha256: build.sha256,
 		byteSize: build.byteSize
@@ -7766,6 +7824,7 @@ const runUploadWorkflow = (options) => Effect.gen(function* () {
 		...rawGitContext.commit === void 0 ? {} : { commit: rawGitContext.commit },
 		dirty: rawGitContext.dirty
 	};
+	const fingerprintHash = yield* runFingerprintFull(projectRoot).pipe(Effect.map((entry) => entry.hash), Effect.catchAll(() => Effect.succeed(void 0)));
 	const result = yield* reserveAndUpload(api, {
 		target,
 		projectId,
@@ -7776,6 +7835,7 @@ const runUploadWorkflow = (options) => Effect.gen(function* () {
 		bundleId,
 		gitContext,
 		...options.message === void 0 ? {} : { message: options.message },
+		...fingerprintHash === void 0 ? {} : { fingerprintHash },
 		artifactPath: options.artifactPath,
 		sha256,
 		byteSize
@@ -13615,7 +13675,8 @@ const publishPlatform = (params) => Effect.gen(function* () {
 			signature: params.signedPayload.signature,
 			certificateChain: params.signedPayload.certificateChain
 		} : {},
-		...params.rolloutPercentage === void 0 ? {} : { rolloutPercentage: params.rolloutPercentage }
+		...params.rolloutPercentage === void 0 ? {} : { rolloutPercentage: params.rolloutPercentage },
+		...params.fingerprintHash === void 0 ? {} : { fingerprintHash: params.fingerprintHash }
 	} }).pipe(Effect.mapError((cause) => new UpdatePublishError({ message: `Failed to publish ${params.platform} update: ${formatCause(cause)}` })));
 	return {
 		platform: params.platform,
@@ -13664,6 +13725,7 @@ const runUpdatePublish = (options) => Effect.scoped(Effect.gen(function* () {
 	const sharedExportDir = options.inputDir === void 0 ? void 0 : path.resolve(projectRoot, options.inputDir);
 	const groupId = randomUUID();
 	const message = resolvedMessage ?? "Publish via better-update CLI";
+	const fingerprintHash = yield* runFingerprintFull(projectRoot).pipe(Effect.map((result) => result.hash), Effect.catchAll(() => Effect.succeed(void 0)));
 	if ((yield* InteractiveMode).allow && !options.auto) {
 		if (!(yield* confirmPublishPreview({
 			branch,
@@ -13709,6 +13771,7 @@ const runUpdatePublish = (options) => Effect.scoped(Effect.gen(function* () {
 		platform,
 		signedPayload: signedPayloads[platform] ?? null,
 		rolloutPercentage: options.rolloutPercentage,
+		fingerprintHash,
 		skipBundler: options.skipBundler,
 		noBytecode: options.noBytecode,
 		sourceMaps: options.sourceMaps