@solana-mobile/dapp-store-cli 0.8.1 → 0.9.0

package/src/commands/ValidateCommand.ts

@@ -11,7 +11,6 @@ import { debug, showMessage } from "../CliUtils.js";
 
 import type { Keypair } from "@solana/web3.js";
 import type { MetaplexFile } from "@metaplex-foundation/js";
-import { isMetaplexFile } from "@metaplex-foundation/js";
 import { loadPublishDetailsWithChecks } from "../config/PublishDetails.js";
 
 export const validateCommand = async ({
@@ -37,7 +36,6 @@ export const validateCommand = async ({
 
   try {
     validatePublisher(publisherJson);
-    console.info(`Publisher JSON valid!`);
   } catch (e) {
     const errorMsg = (e as Error | null)?.message ?? "";
     showMessage(
@@ -56,7 +54,6 @@ export const validateCommand = async ({
 
   try {
     validateApp(appJson);
-    console.info(`App JSON valid!`);
   } catch (e) {
     const errorMsg = (e as Error | null)?.message ?? "";
     showMessage(
@@ -87,7 +84,6 @@ export const validateCommand = async ({
 
   try {
     validateRelease(JSON.parse(objStringified));
-    console.info(`Release JSON valid!`);
   } catch (e) {
     const errorMsg = (e as Error | null)?.message ?? "";
     showMessage(

package/src/commands/create/CreateCliApp.ts

@@ -71,6 +71,7 @@ const createAppNft = async (
       }
     }
   }
+  throw new Error("Unable to mint app NFT");
 };
 
 type CreateAppCommandInput = {

package/src/commands/create/CreateCliPublisher.ts

@@ -62,6 +62,7 @@ const createPublisherNft = async (
       }
     }
   }
+  throw new Error("Unable to mint publisher NFT");
 };
 
 export const createPublisherCommand = async ({
@@ -96,4 +97,6 @@ export const createPublisherCommand = async ({
 
     return { publisherAddress, transactionSignature };
   }
+
+  return { publisherAddress: "", transactionSignature: "" };
 };

package/src/commands/create/CreateCliRelease.ts

@@ -10,12 +10,14 @@ import {
   PublicKey,
   sendAndConfirmTransaction,
 } from "@solana/web3.js";
+import fs from "fs";
+import { createHash } from "crypto";
 import {
   Constants,
   getMetaplexInstance,
   showMessage
 } from "../../CliUtils.js";
-import { loadPublishDetailsWithChecks, writeToPublishDetails } from "../../config/PublishDetails.js";
+import { PublishDetails, loadPublishDetailsWithChecks, writeToPublishDetails } from "../../config/PublishDetails.js";
 
 type CreateReleaseCommandInput = {
   appMintAddress: string;
@@ -89,6 +91,7 @@ const createReleaseNft = async ({
       }
     }
   }
+  throw new Error("Unable to mint release NFT");
 };
 
 export const createReleaseCommand = async ({
@@ -102,28 +105,49 @@ export const createReleaseCommand = async ({
 }: CreateReleaseCommandInput) => {
   const connection = new Connection(url);
 
-  const { release, app, publisher } = await loadPublishDetailsWithChecks(buildToolsPath);
+  const config = await loadPublishDetailsWithChecks(buildToolsPath);
 
+  const apkEntry = config.release.files.find(
+    (asset: PublishDetails["release"]["files"][0]) => asset.purpose === "install"
+  )!;
+  const mediaBuffer = await fs.promises.readFile(apkEntry.uri);
+  const hash = createHash("sha256").update(mediaBuffer).digest("base64");
 
-  if (app.android_package != release.android_details.android_package) {
-    throw new Error("App package name and release package name do not match.\nApp release specifies " + app.android_package + " while release specifies " + release.android_details.android_package)
+  if (config.lastSubmittedVersionOnChain != null && hash === config.lastSubmittedVersionOnChain.apk_hash) {
+    throw new Error(`The last created release used the same apk file.`);
+  }
+
+  if (config.lastSubmittedVersionOnChain != null && config.release.android_details.version_code <= config.lastSubmittedVersionOnChain.version_code) {
+    throw new Error(`Each release NFT should have higher version code than previous minted release NFT.\nLast released version code is ${config.lastSubmittedVersionOnChain.version_code}.\nCurrent version code from apk file is ${config.release.android_details.version_code}`);
+  }
+
+  if (config.app.android_package != config.release.android_details.android_package) {
+    throw new Error("App package name and release package name do not match.\nApp release specifies " + config.app.android_package + " while release specifies " + config.release.android_details.android_package)
   }
 
   if (!dryRun) {
     const { releaseAddress, transactionSignature } = await createReleaseNft({
-      appMintAddress: app.address ?? appMintAddress,
+      appMintAddress: config.app.address ?? appMintAddress,
       connection,
       publisher: signer,
       releaseDetails: {
-        ...release,
+        ...config.release,
       },
-      appDetails: app,
-      publisherDetails: publisher,
+      appDetails: config.app,
+      publisherDetails: config.publisher,
       storageParams: storageParams,
       priorityFeeLamports: priorityFeeLamports,
     });
 
-    await writeToPublishDetails({ release: { address: releaseAddress }, });
+    await writeToPublishDetails(
+      {
+        release: { address: releaseAddress },
+        lastSubmittedVersionOnChain: {
+          address: releaseAddress,
+          version_code: config.release.android_details.version_code,
+          apk_hash: hash,
+        }
+      });
 
     return { releaseAddress, transactionSignature };
   }

package/src/commands/publish/PublishCliSubmit.ts

@@ -4,7 +4,7 @@ import { publishSubmit } from "@solana-mobile/dapp-store-publishing-tools";
 import nacl from "tweetnacl";
 import { checkMintedStatus, showMessage } from "../../CliUtils.js";
 import { Buffer } from "buffer";
-import { loadPublishDetailsWithChecks } from "../../config/PublishDetails.js";
+import { loadPublishDetailsWithChecks, writeToPublishDetails } from "../../config/PublishDetails.js";
 
 type PublishSubmitCommandInput = {
   appMintAddress: string;
@@ -49,6 +49,7 @@ export const publishSubmitCommand = async ({
     app: appDetails,
     release: releaseDetails,
     solana_mobile_dapp_publisher_portal: solanaMobileDappPublisherPortalDetails,
+    lastUpdatedVersionOnStore: lastUpdatedVersionOnStore,
   } = await loadPublishDetailsWithChecks();
 
   const sign = ((buf: Buffer) =>
@@ -58,6 +59,10 @@ export const publishSubmitCommand = async ({
   const appAddr = appMintAddress ?? appDetails.address;
   const releaseAddr = releaseMintAddress ?? releaseDetails.address;
 
+  if (lastUpdatedVersionOnStore != null && releaseAddr === lastUpdatedVersionOnStore.address) {
+    throw new Error(`You've already submitted this version for review.`);
+  }
+
   await checkMintedStatus(connection, pubAddr, appAddr, releaseAddr);
 
   await publishSubmit(
@@ -72,4 +77,9 @@ export const publishSubmitCommand = async ({
     },
     dryRun
   );
+
+  await writeToPublishDetails(
+    {
+      lastUpdatedVersionOnStore: { address: releaseAddr }
+    });
 };

package/src/commands/publish/PublishCliUpdate.ts

@@ -3,7 +3,7 @@ import type { SignWithPublisherKeypair } from "@solana-mobile/dapp-store-publish
 import { publishUpdate } from "@solana-mobile/dapp-store-publishing-tools";
 import { checkMintedStatus, showMessage } from "../../CliUtils.js";
 import nacl from "tweetnacl";
-import { loadPublishDetailsWithChecks } from "../../config/PublishDetails.js";
+import { loadPublishDetailsWithChecks, writeToPublishDetails } from "../../config/PublishDetails.js";
 
 type PublishUpdateCommandInput = {
   appMintAddress: string;
@@ -51,6 +51,7 @@ export const publishUpdateCommand = async ({
     app: appDetails,
     release: releaseDetails,
     solana_mobile_dapp_publisher_portal: solanaMobileDappPublisherPortalDetails,
+    lastUpdatedVersionOnStore: lastUpdatedVersionOnStore
   } = await loadPublishDetailsWithChecks();
 
   const sign = ((buf: Buffer) =>
@@ -60,6 +61,10 @@ export const publishUpdateCommand = async ({
   const appAddr = appMintAddress ?? appDetails.address;
   const releaseAddr = releaseMintAddress ?? releaseDetails.address;
 
+  if (lastUpdatedVersionOnStore != null && releaseAddr === lastUpdatedVersionOnStore.address) {
+    throw new Error(`You've already submitted this version for review.`);
+  }
+
   await checkMintedStatus(connection, pubAddr, appAddr, releaseAddr);
 
   await publishUpdate(
@@ -75,4 +80,8 @@ export const publishUpdateCommand = async ({
     },
     dryRun
   );
+  await writeToPublishDetails(
+    {
+      lastUpdatedVersionOnStore: { address: releaseAddr }
+    });
 };

package/src/config/PublishDetails.ts

@@ -1,6 +1,8 @@
 import type {
   AndroidDetails,
   App,
+  LastSubmittedVersionOnChain,
+  LastUpdatedVersionOnStore,
   Publisher,
   Release,
   SolanaMobileDappPublisherPortal
@@ -16,6 +18,7 @@ import { Constants, showMessage } from "../CliUtils.js";
 import util from "util";
 import { imageSize } from "image-size";
 import { exec } from "child_process";
+import getVideoDimensions from "get-video-dimensions";
 
 const runImgSize = util.promisify(imageSize);
 const runExec = util.promisify(exec);
@@ -25,6 +28,8 @@ export interface PublishDetails {
   app: App;
   release: Release;
   solana_mobile_dapp_publisher_portal: SolanaMobileDappPublisherPortal;
+  lastSubmittedVersionOnChain: LastSubmittedVersionOnChain
+  lastUpdatedVersionOnStore: LastUpdatedVersionOnStore,
 }
 
 const AaptPrefixes = {
@@ -42,6 +47,8 @@ type SaveToConfigArgs = {
   publisher?: Pick<Publisher, "address">;
   app?: Pick<App, "address">;
   release?: Pick<Release, "address">;
+  lastSubmittedVersionOnChain?: LastSubmittedVersionOnChain;
+  lastUpdatedVersionOnStore?: LastUpdatedVersionOnStore;
 };
 
 const ajv = new Ajv({ strictTuples: false });
@@ -119,9 +126,17 @@ export const loadPublishDetailsWithChecks = async (
   }
 
   config.release.media.forEach((item: PublishDetails["release"]["media"][0]) => {
-    const imagePath = path.join(process.cwd(), item.uri);
-    if (!fs.existsSync(imagePath) || !checkImageExtension(imagePath)) {
-      throw new Error(`Invalid media path or file type: ${item.uri}. Please ensure the file is a jpeg, png, or webp file.`);
+    const mediaPath = path.join(process.cwd(), item.uri);
+    if (!fs.existsSync(mediaPath)) {
+      throw new Error(`File doesnt exist: ${item.uri}.`)
+    }
+
+    if (item.purpose == "screenshot" && !checkImageExtension(mediaPath)) {
+      throw new Error(`Please ensure the file ${item.uri} is a jpeg, png, or webp file.`)
+    }
+
+    if (item.purpose == "video" && !checkVideoExtension(mediaPath)) {
+      throw new Error(`Please ensure the file ${item.uri} is a mp4.`)
     }
   }
   );
@@ -130,12 +145,26 @@ export const loadPublishDetailsWithChecks = async (
     (asset: any) => asset.purpose === "screenshot"
   )
 
-  if (screenshots.length < 4) {
-    showMessage(
-      "Screenshots requirements changing in version 0.9.0",
-      `At least 4 screenshots are required for publishing a new release. Found only ${screenshots.length}`,
-      "warning"
-    )
+  for (const item of screenshots) {
+    const mediaPath = path.join(process.cwd(), item.uri);
+    if (await checkScreenshotSize(mediaPath)) {
+      throw new Error(`Screenshot ${mediaPath} must be at least 1080px in width and height.`);
+    }
+  }
+
+  const videos = config.release.media?.filter(
+    (asset: any) => asset.purpose === "video"
+  )
+
+  for (const video of videos) {
+    const mediaPath = path.join(process.cwd(), video.uri);
+    if (await checkVideoSize(mediaPath)) {
+      throw new Error(`Video ${mediaPath} must be at least 720px in width and height.`);
+    }
+  }
+
+  if (screenshots.length + videos.length < 4) {
+    throw new Error(`At least 4 screenshots or videos are required for publishing a new release. Found only ${screenshots.length + videos.length}`)
   }
 
   validateLocalizableResources(config);
@@ -172,6 +201,13 @@ const checkImageExtension = (uri: string): boolean => {
   );
 };
 
+const checkVideoExtension = (uri: string): boolean => {
+  const fileExt = path.extname(uri).toLowerCase();
+  return (
+    fileExt == ".mp4"
+  );
+};
+
 /**
  * We need to pre-check some things in the localized resources before we move forward
  */
@@ -204,6 +240,19 @@ const checkIconDimensions = async (iconPath: string): Promise<boolean> => {
   return size?.width != size?.height || (size?.width ?? 0) != 512;
 };
 
+const checkScreenshotSize = async (imagePath: string): Promise<boolean> => {
+  const size = await runImgSize(imagePath);
+
+  return (size?.width ?? 0) < 1080 || (size?.height ?? 0) < 1080;
+}
+
+const checkVideoSize = async (imagePath: string): Promise<boolean> => {
+  const size = await getVideoDimensions(imagePath);
+
+  return (size?.width ?? 0) < 720 || (size?.height ?? 0) < 720;
+}
+
+
 const getAndroidDetails = async (
   aaptDir: string,
   apkPath: string
@@ -223,7 +272,7 @@ const getAndroidDetails = async (
     const minSdk = new RegExp(
       AaptPrefixes.sdkPrefix + AaptPrefixes.quoteRegex
     ).exec(stdout);
-    const permissions = [...stdout.matchAll(/uses-permission: name='(.*)'/g)];
+    const permissions = [...stdout.matchAll(/uses-permission: name='(.*)'/g)].flatMap(permission => permission[1]);
     const locales = new RegExp(
       AaptPrefixes.localePrefix + AaptPrefixes.quoteNonLazyRegex
     ).exec(stdout);
@@ -241,6 +290,30 @@ const getAndroidDetails = async (
       localeArray = ["en-US"].concat(localesSrc.split("' '").slice(1));
     }
 
+    if (permissions.includes("android.permission.INSTALL_PACKAGES") || permissions.includes("android.permission.DELETE_PACKAGES")) {
+      showMessage(
+        "App requests system app install/delete permission",
+        "Your app requests system install/delete permission which is managed by Solana dApp Store.\nThis app will be not approved for listing on Solana dApp Store.",
+        "error"
+      );
+    }
+
+    if (permissions.includes("android.permission.REQUEST_INSTALL_PACKAGES") || permissions.includes("android.permission.REQUEST_DELETE_PACKAGES")) {
+      showMessage(
+        "App requests install or delete permission",
+        "App will be subject to additional security reviews for listing on Solana dApp Store and processing time may be beyond regular review time",
+        "warning"
+      );
+    }
+
+    if (permissions.includes("com.solanamobile.seedvault.ACCESS_SEED_VAULT")) {
+      showMessage(
+        "App requests Seed Vault permission",
+        "If this is not a wallet application, your app maybe rejected from listing on Solana dApp Store.",
+        "warning"
+      );
+    }
+
     if (localeArray.length >= 60) {
       showMessage(
         "The bundle apk claims supports for following locales",
@@ -252,13 +325,15 @@ const getAndroidDetails = async (
       );
     }
 
+    checkAbis(apkPath);
+
     return {
       android_package: appPackage?.[1] ?? "",
       min_sdk: parseInt(minSdk?.[1] ?? "0", 10),
       version_code: parseInt(versionCode?.[1] ?? "0", 10),
       version: versionName?.[1] ?? "0",
       cert_fingerprint: await extractCertFingerprint(aaptDir, apkPath),
-      permissions: permissions.flatMap(permission => permission[1]),
+      permissions: permissions,
       locales: localeArray
     };
   } catch (e) {
@@ -270,6 +345,35 @@ const getAndroidDetails = async (
   }
 };
 
+const checkAbis = async (apkPath: string) => {
+  try {
+    const { stdout } = await runExec(`zipinfo -s ${apkPath} | grep \.so$`);
+    const amV7libs = [...stdout.matchAll(/lib\/armeabi-v7a\/(.*)/g)].flatMap(permission => permission[1]);
+    const x86libs = [...stdout.matchAll(/lib\/x86\/(.*)/g)].flatMap(permission => permission[1]);
+    const x8664libs = [...stdout.matchAll(/lib\/x86_64\/(.*)/g)].flatMap(permission => permission[1]);
+    if (amV7libs.length > 0 || x86libs.length > 0 || x8664libs.length > 0) {
+
+      const messages = [
+        `Solana dApp Store only supports arm64-v8a abi.`,
+        `Your apk file contains following unsupported abis`,
+        ... amV7libs.length > 0 ? [`\narmeabi-v7a:\n` + amV7libs] : [],
+        ... x86libs.length > 0 ? [`\nx86:\n` + x86libs] : [],
+        ... x8664libs.length > 0 ? [`\nx86_64:\n` + x8664libs] : [],
+        `\n\nAlthough your app works fine on Saga, these library files are unused and increase the size of apk file making the download and update time longer for your app.`,
+        `\n\nSee https://developer.android.com/games/optimize/64-bit#build-with-64-bit for how to optimize your app.`,
+      ].join('\n')
+    
+      showMessage(
+        `Unsupported files found in apk`,
+        messages,
+        `warning`
+      )
+    }
+  } catch (e) {
+    // Ignore this error.
+  }
+}
+
 export const extractCertFingerprint = async (aaptDir: string, apkPath: string): Promise<string> => {
   const { stdout } = await runExec(`${aaptDir}/apksigner verify --print-certs -v "${apkPath}"`);
 
@@ -283,7 +387,7 @@ export const extractCertFingerprint = async (aaptDir: string, apkPath: string):
   }
 }
 
-export const writeToPublishDetails = async ({ publisher, app, release }: SaveToConfigArgs) => {
+export const writeToPublishDetails = async ({ publisher, app, release, lastSubmittedVersionOnChain, lastUpdatedVersionOnStore }: SaveToConfigArgs) => {
   const currentConfig = await loadPublishDetailsWithChecks();
 
   delete currentConfig.publisher.icon;
@@ -302,7 +406,9 @@ export const writeToPublishDetails = async ({ publisher, app, release }: SaveToC
       ...currentConfig.release,
       address: release?.address ?? currentConfig.release.address
     },
-    solana_mobile_dapp_publisher_portal: currentConfig.solana_mobile_dapp_publisher_portal
+    solana_mobile_dapp_publisher_portal: currentConfig.solana_mobile_dapp_publisher_portal,
+    lastSubmittedVersionOnChain: lastSubmittedVersionOnChain ?? currentConfig.lastSubmittedVersionOnChain,
+    lastUpdatedVersionOnStore: lastUpdatedVersionOnStore ?? currentConfig.lastUpdatedVersionOnStore
   };
 
   fs.writeFileSync(Constants.getConfigFilePath(), dump(newConfig, {

package/src/prebuild_schema/publishing_source.yaml

@@ -24,7 +24,15 @@ release:
     - purpose: icon
       uri: <<RELATIVE_PATH_TO_RELEASE_ICON>>
     - purpose: screenshot
-      uri: <<RELATIVE_PATH_TO_SCREENSHOT>>
+      uri: <<RELATIVE_PATH_TO_SCREENSHOT1>>
+    - purpose: screenshot
+      uri: <<RELATIVE_PATH_TO_SCREENSHOT2>>
+    - purpose: screenshot
+      uri: <<RELATIVE_PATH_TO_SCREENSHOT3>>
+    - purpose: screenshot
+      uri: <<RELATIVE_PATH_TO_SCREENSHOT4>>
+    - purpose: video
+      uri: <<RELATIVE_PATH_TO_VIDEO1>>
   files:
     - purpose: install
       uri: <<RELATIVE_PATH_TO_APK>>