@expo-up/cli 0.1.0

package/package.json

@@ -0,0 +1,35 @@
+{
+  "name": "@expo-up/cli",
+  "version": "0.1.0",
+  "type": "module",
+  "bin": {
+    "expo-up": "./dist/index.js"
+  },
+  "scripts": {
+    "build": "bun build ./src/index.tsx --outdir ./dist --target node --external react --external ink --external ink-spinner --external figlet",
+    "dev": "bun build ./src/index.tsx --outdir ./dist --target node --watch --external figlet",
+    "check-types": "tsc --noEmit",
+    "lint": "prettier --check \"src/**/*.{ts,tsx}\"",
+    "test": "bun test",
+    "quality": "bun run lint && bun run check-types && bun run test"
+  },
+  "dependencies": {
+    "@expo-up/core": "workspace:*",
+    "@expo/config": "^55.0.8",
+    "@octokit/core": "^7.0.6",
+    "@octokit/rest": "^22.0.1",
+    "commander": "^13.1.0",
+    "figlet": "^1.10.0",
+    "ink": "^5.1.0",
+    "ink-spinner": "^5.0.0",
+    "open": "^11.0.0",
+    "picocolors": "^1.1.1",
+    "react": "^18.3.1",
+    "zod": "^4.3.6"
+  },
+  "devDependencies": {
+    "@types/react": "^18.3.12",
+    "@types/node": "^22.0.0",
+    "typescript": "5.9.2"
+  }
+}

package/src/auth.ts

@@ -0,0 +1,135 @@
+import fs from "fs";
+import path from "path";
+import open from "open";
+import pc from "picocolors";
+import http from "http";
+import { getConfig } from "@expo/config";
+import { z } from "zod";
+import { DEFAULT_CHANNEL, parseExpoUpUpdatesUrl } from "../../core/src/index";
+
+const EXPO_UP_CONFIG_RELATIVE_PATH = path.join(".expo", "expo-up.json");
+
+const StoredConfigSchema = z.object({
+  github_token: z.string().min(1).optional(),
+  channel: z.string().min(1).optional(),
+});
+
+type StoredConfig = z.infer<typeof StoredConfigSchema>;
+
+interface AutoConfig {
+  serverUrl: string;
+  projectId: string;
+  runtimeVersion: string;
+}
+
+function getConfigPath() {
+  const dotExpoDir = path.join(process.cwd(), ".expo");
+  if (!fs.existsSync(dotExpoDir)) fs.mkdirSync(dotExpoDir, { recursive: true });
+  return path.join(dotExpoDir, "expo-up.json");
+}
+
+function readConfig(): StoredConfig {
+  const configPath = getConfigPath();
+  if (!fs.existsSync(configPath)) return {};
+  try {
+    const raw = JSON.parse(fs.readFileSync(configPath, "utf-8"));
+    const parsed = StoredConfigSchema.safeParse(raw);
+    return parsed.success ? parsed.data : {};
+  } catch {
+    return {};
+  }
+}
+
+function ensureConfigIgnored(configPathRelativeToCwd: string): void {
+  const gitignorePath = path.join(process.cwd(), ".gitignore");
+  if (!fs.existsSync(gitignorePath)) return;
+
+  const content = fs.readFileSync(gitignorePath, "utf-8");
+  if (content.includes(configPathRelativeToCwd)) return;
+
+  const needsTrailingNewline = content.length > 0 && !content.endsWith("\n");
+  const prefix = needsTrailingNewline ? "\n" : "";
+  const block = `${prefix}# expo-up secrets\n${configPathRelativeToCwd}\n`;
+  fs.appendFileSync(gitignorePath, block);
+}
+
+/**
+ * Get values automatically using @expo/config
+ */
+export function getAutoConfig(): AutoConfig {
+  try {
+    const { exp } = getConfig(process.cwd());
+    const { serverUrl, projectId } = parseExpoUpUpdatesUrl(
+      exp.updates?.url ?? "",
+    );
+
+    return {
+      serverUrl,
+      projectId,
+      runtimeVersion: exp.version ?? "",
+    };
+  } catch {
+    return { serverUrl: "", projectId: "", runtimeVersion: "" };
+  }
+}
+
+export function writeConfig(data: Partial<StoredConfig>): void {
+  const configPath = getConfigPath();
+  const current = readConfig();
+  const merged = { ...current, ...data };
+  fs.writeFileSync(configPath, JSON.stringify(merged, null, 2));
+  ensureConfigIgnored(EXPO_UP_CONFIG_RELATIVE_PATH);
+}
+
+export async function login() {
+  const { serverUrl } = getAutoConfig();
+  if (!serverUrl) throw new Error(`Server URL not found in expo config.`);
+
+  return new Promise((resolve, reject) => {
+    const localServer = http.createServer((req, res) => {
+      const url = new URL(req.url ?? "/", `http://${req.headers.host}`);
+      const token = url.searchParams.get("token");
+      if (token) {
+        writeConfig({ github_token: token });
+        res.writeHead(200, { "Content-Type": "text/html" });
+        res.end(
+          `<!DOCTYPE html><html><head><meta charset="UTF-8"></head><body style="font-family: sans-serif; display: flex; flex-direction: column; align-items: center; justify-content: center; height: 100vh; background: #0f172a; color: white;"><h1 style="color: #22d3ee;">🚀 expo-up</h1><p>Login successful! You can close this tab and return to your terminal.</p></body></html>`,
+        );
+        console.log(
+          `\n${pc.green("✔")} Successfully authenticated! Token saved.`,
+        );
+        localServer.close();
+        resolve(token);
+      } else {
+        res.writeHead(400);
+        res.end("Token missing");
+      }
+    });
+
+    localServer.listen(4321, async () => {
+      const callbackUrl = encodeURIComponent("http://localhost:4321");
+      const authUrl = `${serverUrl}/auth/github?callback=${callbackUrl}`;
+      console.log(
+        `\n${pc.cyan("🚀")} Opening browser for GitHub Authentication...`,
+      );
+      await open(authUrl);
+    });
+    localServer.on("error", (err) =>
+      reject(new Error(`Local server failed: ${err.message}`)),
+    );
+  });
+}
+
+export function getStoredToken() {
+  return readConfig().github_token;
+}
+export function getStoredChannel() {
+  return readConfig().channel || DEFAULT_CHANNEL;
+}
+
+export function logout() {
+  const config = readConfig();
+  delete config.github_token;
+  fs.writeFileSync(getConfigPath(), JSON.stringify(config, null, 2));
+  console.log(`${pc.green("✔")} Logged out.`);
+}

package/src/channels.tsx

@@ -0,0 +1,123 @@
+import * as React from "react";
+import { Text, Box } from "ink";
+import Spinner from "ink-spinner";
+import { Octokit } from "@octokit/rest";
+import { getStoredToken, getAutoConfig, getStoredChannel } from "./auth";
+import { INIT_CHANNEL, parseProjectDescriptor } from "../../core/src/index";
+import { Badge, BrandHeader, CliCard, KV } from "./ui";
+
+interface ListChannelsProps {
+  debug?: boolean;
+}
+
+export const ListChannels: React.FC<ListChannelsProps> = ({
+  debug = false,
+}) => {
+  const [channels, setChannels] = React.useState<string[]>([]);
+  const [loading, setLoading] = React.useState(true);
+  const [error, setError] = React.useState<string | null>(null);
+  const [debugLogs, setDebugLogs] = React.useState<string[]>([]);
+
+  React.useEffect(() => {
+    const run = async () => {
+      try {
+        const appendDebug = (message: string): void =>
+          setDebugLogs((prev) => [...prev, message]);
+        const token = getStoredToken();
+        const { serverUrl, projectId } = getAutoConfig();
+
+        if (!token || !serverUrl || !projectId)
+          throw new Error("Missing configuration. Are you logged in?");
+        if (debug)
+          appendDebug(
+            `Resolved config: server=${serverUrl}, project=${projectId}`,
+          );
+
+        const projRes = await fetch(`${serverUrl}/projects/${projectId}`);
+        if (!projRes.ok) throw new Error(`Project "${projectId}" not found.`);
+
+        const { owner, repo } = parseProjectDescriptor(await projRes.json());
+
+        const octokit = new Octokit({ auth: token });
+        const { data: branches } = await octokit.repos.listBranches({
+          owner,
+          repo,
+        });
+
+        const availableChannels = branches
+          .map((branch) => branch.name)
+          .filter((name) => name !== INIT_CHANNEL);
+        setChannels(availableChannels);
+        if (debug)
+          appendDebug(
+            `Fetched channels: ${availableChannels.join(", ") || "(none)"}`,
+          );
+        setLoading(false);
+      } catch (e: any) {
+        setError(e.message);
+        if (debug) setDebugLogs((prev) => [...prev, `Failure: ${e.message}`]);
+        setLoading(false);
+      }
+    };
+    run();
+  }, [debug]);
+
+  const currentChannel = getStoredChannel();
+
+  return (
+    <Box flexDirection="column" padding={1}>
+      <BrandHeader subtitle="Over-the-air updates" />
+      <CliCard
+        title="expo-up channels"
+        subtitle="Available release channels from GitHub"
+      >
+        <KV keyName="Active" value={currentChannel} valueColor="green" />
+      </CliCard>
+
+      <CliCard title="Channels">
+        {loading && (
+          <Box>
+            <Badge label="LOADING" tone="yellow" />
+            <Text>
+              <Spinner /> Fetching channels...
+            </Text>
+          </Box>
+        )}
+        {!loading &&
+          !error &&
+          channels.map((name) => (
+            <Box key={name}>
+              <Text color={name === currentChannel ? "green" : "white"}>
+                {name === currentChannel ? "●" : "○"} {name}
+              </Text>
+              {name === currentChannel && (
+                <Text color="green" dimColor>
+                  {" "}
+                  (active)
+                </Text>
+              )}
+            </Box>
+          ))}
+        {error && (
+          <Box>
+            <Badge label="FAILED" tone="red" />
+            <Text color="red">{error}</Text>
+          </Box>
+        )}
+      </CliCard>
+
+      {debug && (
+        <CliCard title="Debug Logs" subtitle="Verbose diagnostics">
+          {debugLogs.length === 0 ? (
+            <Text color="gray">No debug logs yet.</Text>
+          ) : null}
+          {debugLogs.map((line, i) => (
+            <Text key={i} color="gray">
+              {line}
+            </Text>
+          ))}
+        </CliCard>
+      )}
+    </Box>
+  );
+};

package/src/cli-utils.test.ts

@@ -0,0 +1,25 @@
+/// <reference path="../../typescript-config/bun-test-shim.d.ts" />
+import { describe, expect, it } from "bun:test";
+import { maskToken, parsePlatform } from "./cli-utils";
+
+describe("parsePlatform", () => {
+  it("accepts supported platforms", () => {
+    expect(parsePlatform("ios")).toBe("ios");
+    expect(parsePlatform("android")).toBe("android");
+    expect(parsePlatform("all")).toBe("all");
+  });
+
+  it("throws on unsupported values", () => {
+    expect(() => parsePlatform("web")).toThrow('Invalid platform "web"');
+  });
+});
+
+describe("maskToken", () => {
+  it("masks long tokens", () => {
+    expect(maskToken("abcd1234wxyz7890")).toBe("abcd...7890");
+  });
+
+  it("keeps short tokens unchanged", () => {
+    expect(maskToken("short")).toBe("short");
+  });
+});

package/src/cli-utils.ts

@@ -0,0 +1,19 @@
+export type PlatformOption = "ios" | "android" | "all";
+
+export function parsePlatform(platform: string): PlatformOption {
+  if (platform === "ios" || platform === "android" || platform === "all") {
+    return platform;
+  }
+
+  throw new Error(
+    `Invalid platform "${platform}". Use "ios", "android", or "all".`,
+  );
+}
+
+export function maskToken(token: string): string {
+  if (token.length <= 8) {
+    return token;
+  }
+
+  return `${token.slice(0, 4)}...${token.slice(-4)}`;
+}

package/src/codesigning.test.ts

@@ -0,0 +1,165 @@
+/// <reference path="../../typescript-config/bun-test-shim.d.ts" />
+import { afterEach, describe, expect, it } from "bun:test";
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+import {
+  configureCodesigning,
+  generateCodesigning,
+  resolveProjectRoot,
+} from "./codesigning";
+
+const tempDirs: string[] = [];
+
+function makeTempDir(): string {
+  const dir = fs.mkdtempSync(path.join(os.tmpdir(), "expo-up-codesigning-"));
+  tempDirs.push(dir);
+  return dir;
+}
+
+function writeJson(filePath: string, value: unknown): void {
+  fs.mkdirSync(path.dirname(filePath), { recursive: true });
+  fs.writeFileSync(filePath, JSON.stringify(value, null, 2));
+}
+
+function writeExpoProject(projectRoot: string): void {
+  writeJson(path.join(projectRoot, "app.json"), { expo: { name: "app" } });
+  writeJson(path.join(projectRoot, "package.json"), {
+    name: "test-app",
+    private: true,
+  });
+}
+
+afterEach(() => {
+  for (const dir of tempDirs.splice(0)) {
+    fs.rmSync(dir, { recursive: true, force: true });
+  }
+});
+
+describe("resolveProjectRoot", () => {
+  it("returns cwd when app.json exists in cwd", () => {
+    const root = makeTempDir();
+    writeExpoProject(root);
+
+    expect(resolveProjectRoot(root)).toBe(root);
+  });
+
+  it("throws when app.json does not exist in cwd", () => {
+    const root = makeTempDir();
+
+    expect(() => resolveProjectRoot(root)).toThrow(
+      "Could not find Expo app config (app.json/app.config.*). Run this command inside your Expo app or pass --project-root.",
+    );
+  });
+
+  it("accepts app.config.ts as project config", () => {
+    const root = makeTempDir();
+    fs.writeFileSync(
+      path.join(root, "app.config.ts"),
+      "export default { expo: { name: 'app' } };\n",
+    );
+
+    expect(resolveProjectRoot(root)).toBe(root);
+  });
+});
+
+describe("generateCodesigning", () => {
+  it("generates keys/cert into separate dirs and updates gitignore", () => {
+    const projectRoot = makeTempDir();
+    writeExpoProject(projectRoot);
+
+    const result = generateCodesigning({
+      projectRoot,
+      organization: "Acme Inc",
+      validityYears: 10,
+      expoUpdatesRunner: () => {
+        fs.mkdirSync(path.join(projectRoot, "codesigning-keys"), {
+          recursive: true,
+        });
+        fs.mkdirSync(path.join(projectRoot, "certs"), { recursive: true });
+        fs.writeFileSync(
+          path.join(projectRoot, "codesigning-keys/private-key.pem"),
+          "private",
+        );
+        fs.writeFileSync(
+          path.join(projectRoot, "codesigning-keys/public-key.pem"),
+          "public",
+        );
+        fs.writeFileSync(
+          path.join(projectRoot, "certs/certificate.pem"),
+          "cert",
+        );
+      },
+    });
+
+    expect(result.projectRoot).toBe(projectRoot);
+    expect(fs.existsSync(result.privateKeyPath)).toBe(true);
+    expect(fs.existsSync(result.publicKeyPath)).toBe(true);
+    expect(fs.existsSync(result.certificatePath)).toBe(true);
+
+    const gitignore = fs.readFileSync(
+      path.join(projectRoot, ".gitignore"),
+      "utf-8",
+    );
+    expect(gitignore).toContain("codesigning-keys/");
+  });
+
+  it("throws when directories exist and force is not enabled", () => {
+    const projectRoot = makeTempDir();
+    writeExpoProject(projectRoot);
+    fs.mkdirSync(path.join(projectRoot, "codesigning-keys"), {
+      recursive: true,
+    });
+
+    expect(() =>
+      generateCodesigning({
+        projectRoot,
+        organization: "Acme Inc",
+        validityYears: 10,
+      }),
+    ).toThrow("already exists");
+  });
+});
+
+describe("configureCodesigning", () => {
+  it("writes codeSigningCertificate and codeSigningMetadata", () => {
+    const projectRoot = makeTempDir();
+    writeExpoProject(projectRoot);
+
+    const certDir = path.join(projectRoot, "certs");
+    const keyDir = path.join(projectRoot, "codesigning-keys");
+    fs.mkdirSync(certDir, { recursive: true });
+    fs.mkdirSync(keyDir, { recursive: true });
+    fs.writeFileSync(path.join(certDir, "certificate.pem"), "cert");
+    fs.writeFileSync(path.join(keyDir, "private-key.pem"), "priv");
+    fs.writeFileSync(path.join(keyDir, "public-key.pem"), "pub");
+
+    const result = configureCodesigning({
+      projectRoot,
+      certificateInputDirectory: "certs",
+      keyInputDirectory: "codesigning-keys",
+      keyId: "main",
+    });
+
+    expect(result.keyId).toBe("main");
+
+    const appJson = JSON.parse(
+      fs.readFileSync(path.join(projectRoot, "app.json"), "utf-8"),
+    ) as {
+      expo: {
+        updates: {
+          codeSigningCertificate: string;
+          codeSigningMetadata: { keyid: string; alg: string };
+        };
+      };
+    };
+
+    expect(appJson.expo.updates.codeSigningCertificate).toBe(
+      "./certs/certificate.pem",
+    );
+    expect(appJson.expo.updates.codeSigningMetadata).toEqual({
+      keyid: "main",
+      alg: "rsa-v1_5-sha256",
+    });
+  });
+});