@capgo/cli 4.13.7 → 4.13.9

package/eslint.config.js

@@ -0,0 +1,10 @@
+const antfu = require('@antfu/eslint-config').default
+
+module.exports = antfu({
+  ignores: [
+    'dist',
+    'test',
+    'webpack.config.js',
+    'src/types/types_supabase.ts',
+  ],
+})

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@capgo/cli",
-  "version": "4.13.7",
+  "version": "4.13.9",
   "description": "A CLI to upload to capgo servers",
   "author": "github.com/riderx",
   "license": "Apache 2.0",
@@ -33,57 +33,58 @@
   },
   "scripts": {
     "build": "node build.mjs",
-    "dev": "NODE_ENV=development ncc build",
+    "dev": "NODE_ENV=development node build.mjs",
     "no-debug": "node dist/index.js",
     "test": "npx --yes ts-node -T src/index.ts",
-    "dev-build": "SUPA_DB=development ncc build",
+    "dev-build": "SUPA_DB=development node build.mjs",
     "pack": "pkg",
     "types": "npx --yes supabase gen types typescript --project-id=xvwzpoazmxkqosrdewyv > src/types/supabase.types.ts",
     "test_rls": "ts-node ./test/test_headers_rls.ts",
-    "lint": "eslint \"src/**/*.ts\" --fix",
-    "check-posix-paths": "node test/check-posix-paths.js"
+    "lint": "eslint \"src/**/*.ts\" --fix"
   },
-  "devDependencies": {
-    "@antfu/eslint-config": "^2.23.0",
-    "@bradenmacdonald/s3-lite-client": "npm:@jsr/bradenmacdonald__s3-lite-client",
+  "dependencies": {
+    "@aws-sdk/client-s3": "^3.574.0",
+    "@capacitor/cli": "6.0.0",
     "@capgo/find-package-manager": "^0.0.17",
     "@clack/prompts": "^0.7.0",
     "@manypkg/find-root": "^2.2.1",
-    "@supabase/supabase-js": "^2.44.4",
+    "@supabase/supabase-js": "^2.43.1",
     "@tomasklaen/checksum": "^1.1.0",
+    "@trufflesuite/spinnies": "^0.1.1",
+    "adm-zip": "^0.5.12",
+    "ci-info": "^4.0.0",
+    "commander": "12.0.0",
+    "console-table-printer": "^2.12.0",
+    "get-latest-version": "^5.1.0",
+    "ky": "^1.2.4",
+    "logsnag": "1.0.0",
+    "mime": "^4.0.3",
+    "node-dir": "^0.1.17",
+    "open": "^10.1.0",
+    "prettyjson": "^1.2.5",
+    "prompt-sync": "^4.2.0",
+    "semver": "^7.6.2"
+  },
+  "devDependencies": {
+    "@antfu/eslint-config": "^2.17.0",
     "@types/adm-zip": "0.5.5",
     "@types/mime": "^4.0.0",
-    "@types/node": "^20.14.11",
+    "@types/node": "^20.12.7",
+    "@types/node-dir": "^0.0.37",
     "@types/npmcli__ci-detect": "^2.0.3",
     "@types/prettyjson": "^0.0.33",
     "@types/prompt-sync": "^4.2.3",
     "@types/semver": "^7.5.8",
-    "@types/tmp": "^0.2.6",
-    "@typescript-eslint/eslint-plugin": "^7.16.1",
-    "@typescript-eslint/parser": "^7.16.1",
-    "@vercel/ncc": "^0.38.1",
-    "adm-zip": "^0.5.14",
-    "ci-info": "^4.0.0",
-    "commander": "12.1.0",
-    "console-table-printer": "^2.12.1",
-    "esbuild": "^0.23.0",
-    "eslint": "9.7.0",
-    "get-latest-version": "^5.1.0",
+    "@typescript-eslint/eslint-plugin": "^7.8.0",
+    "@typescript-eslint/parser": "^7.8.0",
+    "esbuild": "^0.21.2",
+    "eslint": "9.1.1",
     "git-format-staged": "3.1.1",
-    "husky": "^9.1.1",
-    "is-wsl": "^3.1.0",
-    "jszip": "^3.10.1",
-    "ky": "^1.4.0",
-    "logsnag": "1.0.0",
-    "mime": "^4.0.4",
-    "open": "^10.1.0",
+    "husky": "^9.0.11",
     "pkg": "5.8.1",
-    "prettyjson": "^1.2.5",
-    "semver": "^7.6.2",
-    "tmp": "^0.2.3",
     "ts-loader": "^9.5.1",
     "ts-node": "^10.9.2",
     "tsconfig-paths": "4.2.0",
-    "typescript": "5.5.3"
+    "typescript": "5.4.5"
   }
 }

package/renovate.json

@@ -0,0 +1,23 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "config:base",
+    "schedule:earlyMondays"
+  ],
+  "lockFileMaintenance": {
+    "enabled": true,
+    "automerge": true,
+    "automergeType": "branch",
+    "platformAutomerge": true
+  },
+  "packageRules": [
+    {
+      "matchUpdateTypes": [
+        "minor",
+        "patch"
+      ],
+      "matchCurrentVersion": "!/^0/",
+      "automerge": true
+    }
+  ]
+}

package/src/api/app.ts

@@ -0,0 +1,55 @@
+import type { SupabaseClient } from '@supabase/supabase-js'
+import * as p from '@clack/prompts'
+import { program } from 'commander'
+import type { Database } from '../types/supabase.types'
+import type { OptionsBase } from '../utils'
+import { OrganizationPerm, getPMAndCommand, isAllowedAppOrg } from '../utils'
+
+export async function checkAppExists(supabase: SupabaseClient<Database>, appid: string) {
+  const { data: app } = await supabase
+    .rpc('exist_app_v2', { appid })
+    .single()
+  return !!app
+}
+
+export async function checkAppExistsAndHasPermissionOrgErr(supabase: SupabaseClient<Database>, apikey: string, appid: string, requiredPermission: OrganizationPerm) {
+  const pm = getPMAndCommand()
+  const permissions = await isAllowedAppOrg(supabase, apikey, appid)
+  if (!permissions.okay) {
+    switch (permissions.error) {
+      case 'INVALID_APIKEY': {
+        p.log.error('Invalid apikey, such apikey does not exists!')
+        program.error('')
+        break
+      }
+      case 'NO_APP': {
+        p.log.error(`App ${appid} does not exist, run first \`${pm.runner} @capgo/cli app add ${appid}\` to create it`)
+        program.error('')
+        break
+      }
+      case 'NO_ORG': {
+        p.log.error('Could not find organization, please contact support to resolve this!')
+        program.error('')
+        break
+      }
+    }
+  }
+
+  const remotePermNumber = permissions.data as number
+  const requiredPermNumber = requiredPermission as number
+
+  if (requiredPermNumber > remotePermNumber) {
+    p.log.error(`Insuficcent permissions for app ${appid}. Current permission: ${OrganizationPerm[permissions.data]}, required for this action: ${OrganizationPerm[requiredPermission]}.`)
+    program.error('')
+  }
+
+  return permissions.data
+}
+
+export interface Options extends OptionsBase {
+  name?: string
+  icon?: string
+  retention?: number
+}
+
+export const newIconPath = 'assets/icon.png'

package/src/api/channels.ts

@@ -0,0 +1,140 @@
+import process from 'node:process'
+import type { SupabaseClient } from '@supabase/supabase-js'
+import { program } from 'commander'
+import { Table } from 'console-table-printer'
+import * as p from '@clack/prompts'
+import type { Database } from '../types/supabase.types'
+import { formatError } from '../utils'
+
+export async function checkVersionNotUsedInChannel(supabase: SupabaseClient<Database>, appid: string, versionData: Database['public']['Tables']['app_versions']['Row']) {
+  const { data: channelFound, error: errorChannel } = await supabase
+    .from('channels')
+    .select()
+    .eq('app_id', appid)
+    .eq('version', versionData.id)
+  if (errorChannel) {
+    p.log.error(`Cannot check Version ${appid}@${versionData.name}`)
+    program.error('')
+  }
+  if (channelFound && channelFound.length > 0) {
+    p.intro(`❌ Version ${appid}@${versionData.name} is used in ${channelFound.length} channel`)
+    if (await p.confirm({ message: 'unlink it?' })) {
+      // loop on all channels and set version to unknown
+      for (const channel of channelFound) {
+        const s = p.spinner()
+        s.start(`Unlinking channel ${channel.name}`)
+        const { error: errorChannelUpdate } = await supabase
+          .from('channels')
+          .update({
+            version: (await findUnknownVersion(supabase, appid))?.id,
+          })
+          .eq('id', channel.id)
+        if (errorChannelUpdate) {
+          s.stop(`Cannot update channel ${channel.name} ${formatError(errorChannelUpdate)}`)
+          process.exit(1)
+        }
+        s.stop(`✅ Channel ${channel.name} unlinked`)
+      }
+    }
+    else {
+      p.log.error(`Unlink it first`)
+      program.error('')
+    }
+    p.outro(`Version unlinked from ${channelFound.length} channel`)
+  }
+}
+
+export function findUnknownVersion(supabase: SupabaseClient<Database>, appId: string) {
+  return supabase
+    .from('app_versions')
+    .select('id')
+    .eq('app_id', appId)
+    .eq('name', 'unknown')
+    .throwOnError()
+    .single().then(({ data }) => data)
+}
+
+export function createChannel(supabase: SupabaseClient<Database>, update: Database['public']['Tables']['channels']['Insert']) {
+  return supabase
+    .from('channels')
+    .insert(update)
+    .select()
+    .single()
+}
+
+export function delChannel(supabase: SupabaseClient<Database>, name: string, appId: string, _userId: string) {
+  return supabase
+    .from('channels')
+    .delete()
+    .eq('name', name)
+    .eq('app_id', appId)
+    .single()
+}
+interface version {
+  id: string
+  name: string
+}
+export function displayChannels(data: (Database['public']['Tables']['channels']['Row'] & { version?: version, secondVersion?: version })[]) {
+  const t = new Table({
+    title: 'Channels',
+    charLength: { '❌': 2, '✅': 2 },
+  })
+
+  // add rows with color
+  data.reverse().forEach((row) => {
+    t.addRow({
+      'Name': row.name,
+      ...(row.version ? { Version: row.version.name } : undefined),
+      'Public': row.public ? '✅' : '❌',
+      'iOS': row.ios ? '❌' : '✅',
+      'Android': row.android ? '❌' : '✅',
+      '⬆️ limit': row.disableAutoUpdate,
+      '⬇️ under native': row.disableAutoUpdateUnderNative ? '❌' : '✅',
+      'Self assign': row.allow_device_self_set ? '✅' : '❌',
+      'Progressive': row.enable_progressive_deploy ? '✅' : '❌',
+      ...(row.enable_progressive_deploy && row.secondVersion ? { 'Next version': row.secondVersion.name } : undefined),
+      ...(row.enable_progressive_deploy && row.secondVersion ? { 'Next %': row.secondaryVersionPercentage } : undefined),
+      'AB Testing': row.enableAbTesting ? '✅' : '❌',
+      ...(row.enableAbTesting && row.secondVersion ? { 'Version B': row.secondVersion } : undefined),
+      ...(row.enableAbTesting && row.secondVersion ? { 'A/B %': row.secondaryVersionPercentage } : undefined),
+      'Emulator': row.allow_emulator ? '✅' : '❌',
+      'Dev 📱': row.allow_dev ? '✅' : '❌',
+    })
+  })
+
+  p.log.success(t.render())
+}
+
+export async function getActiveChannels(supabase: SupabaseClient<Database>, appid: string) {
+  const { data, error: vError } = await supabase
+    .from('channels')
+    .select(`
+      id,
+      name,
+      public,
+      allow_emulator,
+      allow_dev,
+      ios,
+      android,
+      allow_device_self_set,
+      disableAutoUpdateUnderNative,
+      disableAutoUpdate,
+      enable_progressive_deploy,
+      enableAbTesting,
+      secondaryVersionPercentage,
+      secondVersion (id, name),
+      created_at,
+      created_by,
+      app_id,
+      version (id, name)
+    `)
+    .eq('app_id', appid)
+    // .eq('created_by', userId)
+    .order('created_at', { ascending: false })
+
+  if (vError) {
+    p.log.error(`App ${appid} not found in database`)
+    program.error('')
+  }
+  return data
+}

package/src/api/crypto.ts

@@ -0,0 +1,116 @@
+import {
+  constants,
+  createCipheriv,
+  createDecipheriv,
+  generateKeyPairSync,
+  privateDecrypt,
+  publicEncrypt,
+  randomBytes,
+} from 'node:crypto'
+import { Buffer } from 'node:buffer'
+
+const algorithm = 'aes-128-cbc'
+const oaepHash = 'sha256'
+const formatB64 = 'base64'
+const padding = constants.RSA_PKCS1_OAEP_PADDING
+
+export function decryptSource(source: Buffer, ivSessionKey: string, privateKey: string): Buffer {
+  // console.log('\nivSessionKey', ivSessionKey)
+  const [ivB64, sessionb64Encrypted] = ivSessionKey.split(':')
+  // console.log('\nsessionb64Encrypted', sessionb64Encrypted)
+  // console.log('\nivB64', ivB64)
+  const sessionKey = privateDecrypt(
+    {
+      key: privateKey,
+      padding,
+      oaepHash,
+    },
+    Buffer.from(sessionb64Encrypted, formatB64),
+  )
+  // ivB64 to uft-8
+  const initVector = Buffer.from(ivB64, formatB64)
+  // console.log('\nSessionB64', sessionB64)
+
+  const decipher = createDecipheriv(algorithm, sessionKey, initVector)
+  decipher.setAutoPadding(true)
+  const decryptedData = Buffer.concat([decipher.update(source), decipher.final()])
+
+  return decryptedData
+}
+export interface Encoded {
+  ivSessionKey: string
+  encryptedData: Buffer
+}
+export function encryptSource(source: Buffer, publicKey: string): Encoded {
+  // encrypt zip with key
+  const initVector = randomBytes(16)
+  const sessionKey = randomBytes(16)
+  // encrypt session key with public key
+  // console.log('\nencrypted.key', encrypted.key.toString(CryptoJS.enc.Base64))
+  const cipher = createCipheriv(algorithm, sessionKey, initVector)
+  cipher.setAutoPadding(true)
+  // console.log('\nsessionKey', sessionKey.toString())
+  // const sessionB64 = sessionKey.toString(formatB64)
+  // console.log('\nsessionB64', sessionB64)
+  const ivB64 = initVector.toString(formatB64)
+  // console.log('\nivB64', ivB64)
+  const sessionb64Encrypted = publicEncrypt(
+    {
+      key: publicKey,
+      padding,
+      oaepHash,
+    },
+    sessionKey,
+  ).toString(formatB64)
+  // console.log('\nsessionb64Encrypted', sessionb64Encrypted)
+  const ivSessionKey = `${ivB64}:${sessionb64Encrypted}`
+  // console.log('\nivSessionKey', sessionKey)
+  // encrypted to buffer
+
+  const encryptedData = Buffer.concat([cipher.update(source), cipher.final()])
+
+  return {
+    encryptedData,
+    ivSessionKey,
+  }
+}
+export interface RSAKeys {
+  publicKey: string
+  privateKey: string
+}
+export function createRSA(): RSAKeys {
+  const { publicKey, privateKey } = generateKeyPairSync('rsa', {
+    // The standard secure default length for RSA keys is 2048 bits
+    modulusLength: 2048,
+  })
+
+  // Generate RSA key pair
+  return {
+    publicKey: publicKey.export({
+      type: 'pkcs1',
+      format: 'pem',
+    }) as string,
+    privateKey: privateKey.export({
+      type: 'pkcs1',
+      format: 'pem',
+    }) as string,
+  }
+}
+//  test AES
+
+// const source = 'Hello world'
+// console.log('\nsource', source)
+// const { publicKey, privateKey } = createRSA()
+
+// console.log('\nencryptSource ================================================================')
+// //  convert source to base64
+// const sourceBuff = Buffer.from(source)
+// const res = encryptSource(sourceBuff, publicKey)
+// console.log('\nencryptedData', res.encryptedData.toString('base64'))
+// // console.log('\nres', res)
+// console.log('\ndecryptSource ================================================================')
+// const decodedSource = decryptSource(res.encryptedData, res.ivSessionKey, privateKey)
+// // convert decodedSource from base64 to utf-8
+// const decodedSourceString = decodedSource.toString('utf-8')
+// console.log('\ndecodedSourceString', decodedSourceString)
+// console.log('\n Is match', decodedSourceString === source)

package/src/api/devices_override.ts

@@ -0,0 +1,41 @@
+import process from 'node:process'
+import type { SupabaseClient } from '@supabase/supabase-js'
+import { program } from 'commander'
+import * as p from '@clack/prompts'
+import type { Database } from '../types/supabase.types'
+import { formatError } from '../utils'
+
+export async function checkVersionNotUsedInDeviceOverride(supabase: SupabaseClient<Database>, appid: string, versionData: Database['public']['Tables']['app_versions']['Row']) {
+  const { data: deviceFound, error: errorDevice } = await supabase
+    .from('devices_override')
+    .select()
+    .eq('app_id', appid)
+    .eq('version', versionData.id)
+  if (errorDevice) {
+    p.log.error(`Cannot check Device override ${appid}@${versionData.name}`)
+    program.error('')
+  }
+  if (deviceFound && deviceFound.length > 0) {
+    p.intro(`❌ Version ${appid}@${versionData.name} is used in ${deviceFound.length} device override`)
+    if (await p.confirm({ message: 'unlink it?' })) {
+      // loop on all devices and set version to unknown
+      for (const device of deviceFound) {
+        const s = p.spinner()
+        s.start(`Unlinking device ${device.device_id}`)
+        const { error: errorDeviceDel } = await supabase
+          .from('devices_override')
+          .delete()
+          .eq('device_id', device.device_id)
+        if (errorDeviceDel) {
+          s.stop(`Cannot unlink device ${device.device_id} ${formatError(errorDeviceDel)}`)
+          process.exit(1)
+        }
+        s.stop(`✅ Device ${device.device_id} unlinked`)
+      }
+    }
+    else {
+      p.log.error(`Unlink it first`)
+      program.error('')
+    }
+  }
+}

package/src/api/update.ts

@@ -0,0 +1,13 @@
+import getLatest from 'get-latest-version'
+import * as p from '@clack/prompts'
+import pack from '../../package.json'
+
+export async function checkLatest() {
+  const latest = await getLatest('@capgo/cli')
+  const major = latest?.split('.')[0]
+  if (latest !== pack.version) {
+    p.log.warning(`🚨 You are using @capgo/cli@${pack.version} it's not the latest version.
+Please use @capgo/cli@${latest}" or @capgo/cli@${major} to keep up to date with the latest features and bug fixes.`,
+    )
+  }
+}

package/src/api/versions.ts

@@ -0,0 +1,101 @@
+import type { SupabaseClient } from '@supabase/supabase-js'
+import { program } from 'commander'
+import { Table } from 'console-table-printer'
+import * as p from '@clack/prompts'
+import type { Database } from '../types/supabase.types'
+
+// import { definitions } from '../types/types_supabase';
+import { getHumanDate } from '../utils'
+import { checkVersionNotUsedInChannel } from './channels'
+import { checkVersionNotUsedInDeviceOverride } from './devices_override'
+
+export async function deleteAppVersion(supabase: SupabaseClient<Database>, appid: string, bundle: string) {
+  const { error: delAppSpecVersionError } = await supabase
+    .from('app_versions')
+    .update({
+      deleted: true,
+    })
+    .eq('app_id', appid)
+    .eq('deleted', false)
+    .eq('name', bundle)
+  if (delAppSpecVersionError) {
+    p.log.error(`App Version ${appid}@${bundle} not found in database`)
+    program.error('')
+  }
+}
+
+export async function deleteSpecificVersion(supabase: SupabaseClient<Database>, appid: string, _userId: string, bundle: string) {
+  const versionData = await getVersionData(supabase, appid, bundle)
+  await checkVersionNotUsedInChannel(supabase, appid, versionData)
+  await checkVersionNotUsedInDeviceOverride(supabase, appid, versionData)
+  // Delete only a specific version in storage
+  await deleteAppVersion(supabase, appid, bundle)
+}
+
+export function displayBundles(data: (Database['public']['Tables']['app_versions']['Row'] & { keep?: string })[]) {
+  if (!data.length) {
+    p.log.error('No bundle found')
+    // eslint-disable-next-line node/prefer-global/process
+    process.exit(1)
+  }
+  const t = new Table({
+    title: 'Bundles',
+    charLength: { '❌': 2, '✅': 2 },
+  })
+
+  // add rows with color
+  data.reverse().forEach((row) => {
+    t.addRow({
+      Version: row.name,
+      Created: getHumanDate(row.created_at),
+      ...(row.keep != null ? { Keep: row.keep } : {}),
+    })
+  })
+
+  p.log.success(t.render())
+}
+
+export async function getActiveAppVersions(supabase: SupabaseClient<Database>, appid: string, _userId: string) {
+  const { data, error: vError } = await supabase
+    .from('app_versions')
+    .select()
+    .eq('app_id', appid)
+    // .eq('user_id', userId)
+    .eq('deleted', false)
+    .order('created_at', { ascending: false })
+
+  if (vError) {
+    p.log.error(`App ${appid} not found in database`)
+    program.error('')
+  }
+  return data
+}
+
+export async function getChannelsVersion(supabase: SupabaseClient<Database>, appid: string) {
+  // get all channels versionID
+  const { data: channels, error: channelsError } = await supabase
+    .from('channels')
+    .select('version')
+    .eq('app_id', appid)
+
+  if (channelsError) {
+    p.log.error(`App ${appid} not found in database`)
+    program.error('')
+  }
+  return channels.map(c => c.version)
+}
+
+export async function getVersionData(supabase: SupabaseClient<Database>, appid: string, bundle: string) {
+  const { data: versionData, error: versionIdError } = await supabase
+    .from('app_versions')
+    .select()
+    .eq('app_id', appid)
+    .eq('name', bundle)
+    .eq('deleted', false)
+    .single()
+  if (!versionData || versionIdError) {
+    p.log.error(`App Version ${appid}@${bundle} doesn't exist`)
+    program.error('')
+  }
+  return versionData
+}