@solana-mobile/dapp-store-cli 0.16.0 → 1.0.0

package/src/commands/create/CreateCliRelease.ts

@@ -1,149 +0,0 @@
-import type {
-  App,
-  Publisher,
-  Release,
-} from "@solana-mobile/dapp-store-publishing-tools";
-import { createRelease } from "@solana-mobile/dapp-store-publishing-tools";
-import {
-  Connection,
-  Keypair,
-  PublicKey,
-} from "@solana/web3.js";
-import fs from "fs";
-import { createHash } from "crypto";
-import {
-  Constants,
-  getMetaplexInstance,
-} from "../../CliUtils.js";
-import { PublishDetails, loadPublishDetailsWithChecks, writeToPublishDetails } from "../../config/PublishDetails.js";
-import { sendAndConfirmTransaction } from "../utils.js";
-
-type CreateReleaseCommandInput = {
-  appMintAddress: string;
-  buildToolsPath: string;
-  signer: Keypair;
-  url: string;
-  dryRun?: boolean;
-  storageParams: string;
-  priorityFeeLamports: number;
-};
-
-const createReleaseNft = async ({
-  appMintAddress,
-  releaseDetails,
-  appDetails,
-  publisherDetails,
-  connection,
-  publisher,
-  storageParams,
-  priorityFeeLamports,
-}: {
-  appMintAddress: string;
-  releaseDetails: Release;
-  appDetails: App;
-  publisherDetails: Publisher;
-  connection: Connection;
-  publisher: Keypair;
-  storageParams: string;
-  priorityFeeLamports: number;
-}) => {
-  console.info(`Creating Release NFT`);
-
-  const releaseMintAddress = Keypair.generate();
-
-  const metaplex = getMetaplexInstance(connection, publisher, storageParams);
-
-  const { txBuilder } = await createRelease(
-    {
-      appMintAddress: new PublicKey(appMintAddress),
-      releaseMintAddress,
-      releaseDetails,
-      appDetails,
-      publisherDetails,
-      priorityFeeLamports
-    },
-    { metaplex, publisher }
-  );
-
-  console.info(`Release NFT data upload complete\nSigning transaction now`);
-
-  const { response } = await sendAndConfirmTransaction(metaplex, txBuilder);
-
-  return {
-    releaseAddress: releaseMintAddress.publicKey.toBase58(),
-    transactionSignature: response.signature,
-  };
-};
-
-export const createReleaseCommand = async ({
-  appMintAddress,
-  buildToolsPath,
-  signer,
-  url,
-  dryRun = false,
-  storageParams,
-  priorityFeeLamports = Constants.DEFAULT_PRIORITY_FEE,
-}: CreateReleaseCommandInput) => {
-  const connection = new Connection(
-    url,
-    {
-      commitment: "confirmed",
-    }
-  );
-
-  const config = await loadPublishDetailsWithChecks(buildToolsPath);
-
-  const apkEntry = config.release.files.find(
-    (asset: PublishDetails["release"]["files"][0]) => asset.purpose === "install"
-  )!;
-  const mediaBuffer = await fs.promises.readFile(apkEntry.uri);
-  const hash = createHash("sha256").update(mediaBuffer).digest("base64");
-
-  if (config.lastSubmittedVersionOnChain != null && hash === config.lastSubmittedVersionOnChain.apk_hash) {
-    throw new Error(`The last created release used the same apk file.`);
-  }
-
-  if (config.lastSubmittedVersionOnChain != null && config.release.android_details.version_code <= config.lastSubmittedVersionOnChain.version_code) {
-    throw new Error(`Each release NFT should have higher version code than previous minted release NFT.\nLast released version code is ${config.lastSubmittedVersionOnChain.version_code}.\nCurrent version code from apk file is ${config.release.android_details.version_code}`);
-  }
-
-  if (config.app.android_package != config.release.android_details.android_package) {
-    throw new Error("App package name and release package name do not match.\nApp release specifies " + config.app.android_package + " while release specifies " + config.release.android_details.android_package)
-  }
-
-  if (!dryRun) {
-    const { releaseAddress, transactionSignature } = await createReleaseNft({
-      appMintAddress: config.app.address ?? appMintAddress,
-      connection,
-      publisher: signer,
-      releaseDetails: {
-        ...config.release,
-      },
-      appDetails: config.app,
-      publisherDetails: config.publisher,
-      storageParams: storageParams,
-      priorityFeeLamports: priorityFeeLamports,
-    });
-
-    await writeToPublishDetails(
-      {
-        release: { 
-          address: releaseAddress,
-          android_details: {
-            cert_fingerprint: config.release.android_details.cert_fingerprint,
-            min_sdk: config.release.android_details.min_sdk,
-            version: config.release.android_details.version,
-            version_code: config.release.android_details.version_code,
-            locales: config.release.android_details.locales
-          }
-        },
-        lastSubmittedVersionOnChain: {
-          address: releaseAddress,
-          version_code: config.release.android_details.version_code,
-          apk_hash: hash,
-        }
-      });
-
-    return { releaseAddress, transactionSignature };
-  }
-};

package/src/commands/create/index.ts

@@ -1,47 +0,0 @@
-export * from "./CreateCliApp.js";
-export * from "./CreateCliRelease.js";
-
-/*
- * Module responsible for creating publishers, apps, and releases (in that order)
- * Anything that is out-of-order will be prompted back into order
- * And steps that happen more than once will do their best to remember as much information as possible.
- * We will ask questions and do our best to answer anything that's already been configured, and prompt for anything that's not
- */
-
-// We'll never ask for private keys or seed phrases
-// You can use a burner signer to publish; all NFTs require verification from the publisher signer
-// You can use a multisig or Ledger for that purpose
-
-// Publisher
-// Public key attached to a publisher must also verify applications and releases
-// Most information here can be be edited after the fact
-// Only required fields are name, address, publisher website, and contact email
-// Optional fields are: description, image_url (need dimensions!)
-
-// App
-// Publisher creator key required
-// Most information can be edited after the fact
-// Required: name, description, `android_package`
-// Optional: Any additional creator keys
-// TODO(jon): Probably okay to capture more information here like:
-// - `license_url`
-// - `copyright_url`
-// - `privacy_policy_url`
-// Release
-// Publisher creator key required
-// Immutable; information cannot be edited after publishing.
-// Change based on the review process must result in a new release
-// Required:
-// - version (automatically prompt with semver + 1)
-// - release notes (description)
-// - publisher creator key
-// - path to the APK
-// Optional:
-// - Media related to the release
-// - New permissions (prompted)
-// - New languages (prompted)
-// Handles uploads of all files, sha'ing them
-// Handles i18n (later)
-
-// We'll attempt to read as much as possible from a provided `.yml` file
-// If there are provided folders that are well-structured, we'll opt to use that too.

package/src/commands/index.ts

@@ -1,3 +0,0 @@
-export * from "./create/index.js";
-export * from "./publish/index.js";
-export * from "./ValidateCommand.js";

package/src/commands/publish/PublishCliRemove.ts

@@ -1,66 +0,0 @@
-import { Connection, Keypair } from "@solana/web3.js";
-import type { SignWithPublisherKeypair } from "@solana-mobile/dapp-store-publishing-tools";
-import { publishRemove } from "@solana-mobile/dapp-store-publishing-tools";
-import { checkMintedStatus } from "../../CliUtils.js";
-import nacl from "tweetnacl";
-import { loadPublishDetailsWithChecks } from "../../config/PublishDetails.js";
-
-type PublishRemoveCommandInput = {
-  appMintAddress: string;
-  releaseMintAddress: string;
-  signer: Keypair;
-  url: string;
-  dryRun: boolean;
-  requestorIsAuthorized: boolean;
-  critical: boolean;
-};
-
-export const publishRemoveCommand = async ({
-  appMintAddress,
-  releaseMintAddress,
-  signer,
-  url,
-  dryRun = false,
-  requestorIsAuthorized = false,
-  critical = false,
-}: PublishRemoveCommandInput) => {
-  if (!requestorIsAuthorized) {
-    console.error(
-      "ERROR: Cannot submit a request for which the requestor does not attest they are authorized to do so"
-    );
-    return;
-  }
-
-  const connection = new Connection(
-    url,
-    {
-      commitment: "confirmed",
-    }
-  );
-
-  const {
-    publisher: publisherDetails,
-    app: appDetails,
-    release: releaseDetails,
-  } = await loadPublishDetailsWithChecks();
-
-  const sign = ((buf: Buffer) =>
-    nacl.sign(buf, signer.secretKey)) as SignWithPublisherKeypair;
-
-  const appAddr = appMintAddress ?? appDetails.address;
-  const releaseAddr = releaseMintAddress ?? releaseDetails.address;
-
-  await checkMintedStatus(connection, appAddr, releaseAddr);
-
-  await publishRemove(
-    { connection, sign },
-    {
-      appMintAddress: appMintAddress ?? appDetails.address,
-      releaseMintAddress: releaseMintAddress ?? releaseDetails.address,
-      publisherDetails,
-      requestorIsAuthorized,
-      criticalUpdate: critical,
-    },
-    dryRun
-  );
-};

package/src/commands/publish/PublishCliSubmit.ts

@@ -1,93 +0,0 @@
-import { AccountInfo, Connection, Keypair, PublicKey } from "@solana/web3.js";
-import type { SignWithPublisherKeypair } from "@solana-mobile/dapp-store-publishing-tools";
-import { publishSubmit } from "@solana-mobile/dapp-store-publishing-tools";
-import nacl from "tweetnacl";
-import { checkMintedStatus, showMessage } from "../../CliUtils.js";
-import { Buffer } from "buffer";
-import { loadPublishDetailsWithChecks, writeToPublishDetails } from "../../config/PublishDetails.js";
-
-type PublishSubmitCommandInput = {
-  appMintAddress: string;
-  releaseMintAddress: string;
-  signer: Keypair;
-  url: string;
-  dryRun: boolean;
-  compliesWithSolanaDappStorePolicies: boolean;
-  requestorIsAuthorized: boolean;
-  alphaTest?: boolean;
-};
-
-export const publishSubmitCommand = async ({
-  appMintAddress,
-  releaseMintAddress,
-  signer,
-  url,
-  dryRun = false,
-  compliesWithSolanaDappStorePolicies = false,
-  requestorIsAuthorized = false,
-  alphaTest
-}: PublishSubmitCommandInput) => {
-  showMessage(
-    `Publishing Estimates`,
-    "New app submissions take around 3-4 business days for review.",
-    "warning"
-  );
-
-  if (!compliesWithSolanaDappStorePolicies) {
-    console.error(
-      "ERROR: Cannot submit a request for which the requestor does not attest that it complies with Solana dApp Store policies"
-    );
-    return;
-  } else if (!requestorIsAuthorized) {
-    console.error(
-      "ERROR: Cannot submit a request for which the requestor does not attest they are authorized to do so"
-    );
-    return;
-  }
-
-  const connection = new Connection(url);
-  const {
-    publisher: publisherDetails,
-    app: appDetails,
-    release: releaseDetails,
-    solana_mobile_dapp_publisher_portal: solanaMobileDappPublisherPortalDetails,
-    lastUpdatedVersionOnStore: lastUpdatedVersionOnStore,
-  } = await loadPublishDetailsWithChecks();
-
-  if (alphaTest && solanaMobileDappPublisherPortalDetails.alpha_testers == undefined) {
-    throw new Error(`Alpha test submission without specifying any testers.\nAdd field alpha_testers in your 'config.yaml' file.`)
-  }
-
-  const sign = ((buf: Buffer) =>
-    nacl.sign(buf, signer.secretKey)) as SignWithPublisherKeypair;
-
-  const appAddr = appMintAddress ?? appDetails.address;
-  const releaseAddr = releaseMintAddress ?? releaseDetails.address;
-
-  if (lastUpdatedVersionOnStore != null && releaseAddr === lastUpdatedVersionOnStore.address) {
-    throw new Error(`You've already submitted this version for review.`);
-  }
-
-  await checkMintedStatus(connection, appAddr, releaseAddr);
-
-  await publishSubmit(
-    { connection, sign },
-    {
-      appMintAddress: appAddr,
-      releaseMintAddress: releaseAddr,
-      publisherDetails,
-      solanaMobileDappPublisherPortalDetails,
-      compliesWithSolanaDappStorePolicies,
-      requestorIsAuthorized,
-      alphaTest,
-    },
-    dryRun
-  );
-
-  if (!alphaTest) {
-    await writeToPublishDetails(
-      {
-        lastUpdatedVersionOnStore: { address: releaseAddr }
-      });
-  }
-};

package/src/commands/publish/PublishCliSupport.ts

@@ -1,66 +0,0 @@
-import { Connection, Keypair } from "@solana/web3.js";
-import type { SignWithPublisherKeypair } from "@solana-mobile/dapp-store-publishing-tools";
-import { publishSupport } from "@solana-mobile/dapp-store-publishing-tools";
-import { checkMintedStatus } from "../../CliUtils.js";
-import nacl from "tweetnacl";
-import { loadPublishDetailsWithChecks } from "../../config/PublishDetails.js";
-
-type PublishSupportCommandInput = {
-  appMintAddress: string;
-  releaseMintAddress: string;
-  signer: Keypair;
-  url: string;
-  dryRun: boolean;
-  requestorIsAuthorized: boolean;
-  requestDetails: string;
-};
-
-export const publishSupportCommand = async ({
-  appMintAddress,
-  releaseMintAddress,
-  signer,
-  url,
-  dryRun = false,
-  requestorIsAuthorized = false,
-  requestDetails,
-}: PublishSupportCommandInput) => {
-  if (!requestorIsAuthorized) {
-    console.error(
-      "ERROR: Cannot submit a request for which the requestor does not attest they are authorized to do so"
-    );
-    return;
-  }
-
-  const connection = new Connection(
-    url,
-    {
-      commitment: "confirmed",
-    }
-  );
-
-  const {
-    publisher: publisherDetails,
-    app: appDetails,
-    release: releaseDetails,
-  } = await loadPublishDetailsWithChecks();
-
-  const sign = ((buf: Buffer) =>
-    nacl.sign(buf, signer.secretKey)) as SignWithPublisherKeypair;
-
-  const appAddr = appMintAddress ?? appDetails.address;
-  const releaseAddr = releaseMintAddress ?? releaseDetails.address;
-
-  await checkMintedStatus(connection, appAddr, releaseAddr);
-
-  await publishSupport(
-    { connection, sign },
-    {
-      appMintAddress: appMintAddress ?? appDetails.address,
-      releaseMintAddress: releaseMintAddress ?? releaseDetails.address,
-      publisherDetails,
-      requestorIsAuthorized,
-      requestDetails,
-    },
-    dryRun
-  );
-};

package/src/commands/publish/PublishCliUpdate.ts

@@ -1,101 +0,0 @@
-import { Connection, Keypair } from "@solana/web3.js";
-import type { SignWithPublisherKeypair } from "@solana-mobile/dapp-store-publishing-tools";
-import { publishUpdate } from "@solana-mobile/dapp-store-publishing-tools";
-import { checkMintedStatus, showMessage } from "../../CliUtils.js";
-import nacl from "tweetnacl";
-import { loadPublishDetailsWithChecks, writeToPublishDetails } from "../../config/PublishDetails.js";
-
-type PublishUpdateCommandInput = {
-  appMintAddress: string;
-  releaseMintAddress: string;
-  signer: Keypair;
-  url: string;
-  dryRun: boolean;
-  compliesWithSolanaDappStorePolicies: boolean;
-  requestorIsAuthorized: boolean;
-  critical: boolean;
-  alphaTest?: boolean;
-};
-
-export const publishUpdateCommand = async ({
-  appMintAddress,
-  releaseMintAddress,
-  signer,
-  url,
-  dryRun = false,
-  compliesWithSolanaDappStorePolicies = false,
-  requestorIsAuthorized = false,
-  critical = false,
-  alphaTest,
-}: PublishUpdateCommandInput) => {
-
-  showMessage(
-    `Publishing Estimates`,
-    "App update approvals take around 1-2 business days for review.",
-    "warning"
-  );
-
-  if (!compliesWithSolanaDappStorePolicies) {
-    console.error(
-      "ERROR: Cannot submit a request for which the requestor does not attest that it complies with Solana dApp Store policies"
-    );
-    return;
-  } else if (!requestorIsAuthorized) {
-    console.error(
-      "ERROR: Cannot submit a request for which the requestor does not attest they are authorized to do so"
-    );
-    return;
-  }
-
-  const connection = new Connection(
-    url,
-    {
-      commitment: "confirmed",
-    }
-  );
-
-  const {
-    publisher: publisherDetails,
-    app: appDetails,
-    release: releaseDetails,
-    solana_mobile_dapp_publisher_portal: solanaMobileDappPublisherPortalDetails,
-    lastUpdatedVersionOnStore: lastUpdatedVersionOnStore
-  } = await loadPublishDetailsWithChecks();
-
-  if (alphaTest && solanaMobileDappPublisherPortalDetails.alpha_testers == undefined) {
-    throw new Error(`Alpha test submission without specifying any testers.\nAdd field alpha_testers in your 'config.yaml' file.`)
-  }
-
-  const sign = ((buf: Buffer) =>
-    nacl.sign(buf, signer.secretKey)) as SignWithPublisherKeypair;
-
-  const appAddr = appMintAddress ?? appDetails.address;
-  const releaseAddr = releaseMintAddress ?? releaseDetails.address;
-
-  if (lastUpdatedVersionOnStore != null && releaseAddr === lastUpdatedVersionOnStore.address) {
-    throw new Error(`You've already submitted this version for review.`);
-  }
-
-  await checkMintedStatus(connection, appAddr, releaseAddr);
-
-  await publishUpdate(
-    { connection, sign },
-    {
-      appMintAddress: appMintAddress ?? appDetails.address,
-      releaseMintAddress: releaseMintAddress ?? releaseDetails.address,
-      publisherDetails,
-      solanaMobileDappPublisherPortalDetails,
-      compliesWithSolanaDappStorePolicies,
-      requestorIsAuthorized,
-      criticalUpdate: critical,
-      alphaTest,
-    },
-    dryRun
-  );
-  if (!alphaTest) {
-    await writeToPublishDetails(
-      {
-        lastUpdatedVersionOnStore: { address: releaseAddr }
-      });
-  }
-};

package/src/commands/publish/index.ts

@@ -1,29 +0,0 @@
-export * from "./PublishCliRemove.js";
-export * from "./PublishCliSubmit.js";
-export * from "./PublishCliSupport.js";
-export * from "./PublishCliUpdate.js";
-
-/*
- * Module responsible for submitting requests to the Solana dApp Store publisher portal
- * Anything that is out-of-order will be prompted back into order
- * And steps that happen more than once will do their best to remember as much information as possible.
- * We will ask questions and do our best to answer anything that's already been configured, and prompt for anything that's not
- */
-
-// We'll never ask for private keys or seed phrases
-// You must use the same signer(s) when submitting requests to the publisher portal as was used to publish
-// your app on-chain.
-
-// The Solana Mobile dApp publisher portal supports 4 different requests: `submit`, `update`, `remove`, and `support`.
-// Each request includes:
-// - a 32-digit randomly generated unique identifier
-// - an attestation payload, signed with the private key of the dApp collection update authority
-// - the dApp release NFT address
-// - contact and company information for the requestor
-// - a self-attestation that the requestor is authorized to make this request
-// - additional fields, specific to the request type in question
-
-// We'll attempt to read as much as possible from a provided `.yml` file
-// If there are provided folders that are well-structured, we'll opt to use that too.
-
-// Requests and responses are logged to the console, to facilitate use in an automated CI/CD environment.

package/src/commands/scaffolding/ScaffoldInit.ts

@@ -1,20 +0,0 @@
-import yaml, { dump } from "js-yaml";
-
-import { readFile } from 'fs/promises';
-const releaseSchema = JSON.parse((await readFile(new URL("../../generated/config_obj.json", import.meta.url))).toString());
-import fs from "fs";
-import path from "path";
-import { Constants } from "../../CliUtils.js";
-
-export const initScaffold = (): string => {
-  const outputYaml = Constants.CONFIG_FILE_NAME;
-  const outFile = path.join(process.cwd(), outputYaml);
-
-  if (fs.existsSync(outFile)) {
-    throw Error("Configuration file already present; please use to intialize a new config file.");
-  }
-
-  fs.writeFileSync(outFile, dump(releaseSchema));
-
-  return `Your configuration file was created: ${outputYaml}`;
-};

package/src/commands/scaffolding/index.ts

@@ -1 +0,0 @@
-export * from "./ScaffoldInit.js";

package/src/commands/utils.ts

@@ -1,33 +0,0 @@
-import {
-  type Metaplex,
-  type TransactionBuilder,
-  FailedToConfirmTransactionError,
-} from "@metaplex-foundation/js";
-import { TransactionExpiredBlockheightExceededError } from "@solana/web3.js";
-
-export async function sendAndConfirmTransaction(
-  metaplex: Metaplex,
-  builder: TransactionBuilder
-): ReturnType<TransactionBuilder["sendAndConfirm"]> {
-  for (let i = 0; i < 10; i++) {
-    try {
-      return await builder.sendAndConfirm(metaplex);
-    } catch (e: unknown) {
-      if (isTransientError(e)) {
-        continue;
-      }
-
-      throw e;
-    }
-  }
-
-  throw new Error("Unable to send transaction. Please try later.");
-}
-
-function isTransientError(e: unknown): boolean {
-  return (
-    e instanceof FailedToConfirmTransactionError &&
-    (e.cause instanceof TransactionExpiredBlockheightExceededError ||
-      /blockhash not found/i.test(e.cause?.message ?? ""))
-  );
-}

package/src/config/EnvVariables.ts

@@ -1,39 +0,0 @@
-import * as dotenv from "dotenv";
-
-export type S3Config = {
-  accessKey: string;
-  secretKey: string;
-  bucketName: string;
-  regionName: string;
-}
-export class EnvVariables {
-
-  public get hasAndroidTools(): boolean {
-    return process.env.ANDROID_TOOLS_DIR !== undefined;
-  }
-
-  public get androidToolsDir(): string {
-    return process.env.ANDROID_TOOLS_DIR as string;
-  }
-
-  public get hasS3EnvArgs(): boolean {
-    return process.env.STORAGE_TYPE == "s3" &&
-      process.env.S3_ACCESS_KEY != undefined &&
-      process.env.S3_SECRET_KEY != undefined &&
-      process.env.S3_BUCKET != undefined &&
-      process.env.S3_REGION != undefined;
-  }
-
-  public get s3Config(): S3Config {
-    return {
-      accessKey: process.env.S3_ACCESS_KEY as string,
-      secretKey: process.env.S3_SECRET_KEY as string,
-      bucketName: process.env.S3_BUCKET as string,
-      regionName: process.env.S3_REGION as string
-    };
-  }
-
-  constructor() {
-    dotenv.config();
-  }
-}