expo-updates 0.27.0 → 0.27.2

package/CHANGELOG.md

@@ -10,7 +10,13 @@
 
 ### 💡 Others
 
-## 0.27.0 — 2025-02-06
+## 0.27.2 — 2025-02-26
+
+### 💡 Others
+
+- Add update id headers to asset requests ([#34453](https://github.com/expo/expo/pull/34453) by [@gabrieldonadel](https://github.com/gabrieldonadel))
+
+## 0.27.1 — 2025-02-21
 
 ### 🎉 New features
 
@@ -21,6 +27,18 @@
 - Fixed build error on iOS Expo Go. ([#34485](https://github.com/expo/expo/pull/34485) by [@kudo](https://github.com/kudo))
 - Fixed Android unit test errors in BuilDataTest. ([#34510](https://github.com/expo/expo/pull/34510) by [@kudo](https://github.com/kudo))
 
+## 0.26.19 — 2025-02-19
+
+### 💡 Others
+
+- Fixed incorrect error log on Android. ([#34785](https://github.com/expo/expo/pull/34785) by [@kudo](https://github.com/kudo))
+
+## 0.26.18 — 2025-02-12
+
+### 🐛 Bug fixes
+
+- [Android] Fix `bytesToHex` `ArrayIndexOutOfBoundsException` during conversion. ([#34855](https://github.com/expo/expo/pull/34855) by [@gabrieldonadel](https://github.com/gabrieldonadel))
+
 ## 0.26.17 — 2025-02-06
 
 _This version does not introduce any user-facing changes._

package/android/build.gradle

@@ -16,7 +16,7 @@ apply plugin: 'com.android.library'
 apply plugin: 'com.google.devtools.ksp'
 
 group = 'host.exp.exponent'
-version = '0.27.0'
+version = '0.27.2'
 
 def expoModulesCorePlugin = new File(project(":expo-modules-core").projectDir.absolutePath, "ExpoModulesCorePlugin.gradle")
 apply from: expoModulesCorePlugin
@@ -63,7 +63,7 @@ android {
   namespace "expo.modules.updates"
   defaultConfig {
     versionCode 31
-    versionName '0.27.0'
+    versionName '0.27.2'
     consumerProguardFiles("proguard-rules.pro")
     testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
 

package/android/src/main/java/expo/modules/updates/UpdatesUtils.kt

@@ -185,7 +185,7 @@ object UpdatesUtils {
   fun bytesToHex(bytes: ByteArray): String {
     val hexChars = CharArray(bytes.size * 2)
     for (j in bytes.indices) {
-      val v = (bytes[j] and 0xFF.toByte()).toInt()
+      val v = bytes[j].toInt() and 0xFF
       hexChars[j * 2] = HEX_ARRAY[v ushr 4]
       hexChars[j * 2 + 1] = HEX_ARRAY[v and 0x0F]
     }

package/android/src/main/java/expo/modules/updates/launcher/DatabaseLauncher.kt

@@ -15,8 +15,10 @@ import expo.modules.updates.loader.LoaderFiles
 import expo.modules.updates.logging.UpdatesErrorCode
 import expo.modules.updates.logging.UpdatesLogger
 import expo.modules.updates.manifest.EmbeddedManifestUtils
+import expo.modules.updates.manifest.EmbeddedUpdate
 import expo.modules.updates.manifest.ManifestMetadata
 import expo.modules.updates.selectionpolicy.SelectionPolicy
+import org.json.JSONObject
 import java.io.File
 
 /**
@@ -92,7 +94,10 @@ class DatabaseLauncher(
       this.callback!!.onFailure(Exception("Launch asset relative path should not be null. Debug info: ${launchedUpdate!!.debugInfo()}"))
     }
 
-    val launchAssetFile = ensureAssetExists(launchAsset, database)
+    val embeddedUpdate = EmbeddedManifestUtils.getEmbeddedUpdate(context, configuration)
+    val extraHeaders = FileDownloader.getExtraHeadersForRemoteAssetRequest(launchedUpdate, embeddedUpdate?.updateEntity, launchedUpdate)
+
+    val launchAssetFile = ensureAssetExists(launchAsset, database, embeddedUpdate, extraHeaders)
     if (launchAssetFile != null) {
       this.launchAssetFile = launchAssetFile.toString()
     }
@@ -107,7 +112,7 @@ class DatabaseLauncher(
         }
         val filename = asset.relativePath
         if (filename != null) {
-          val assetFile = ensureAssetExists(asset, database)
+          val assetFile = ensureAssetExists(asset, database, embeddedUpdate, extraHeaders)
           if (assetFile != null) {
             this[asset] = Uri.fromFile(assetFile).toString()
           }
@@ -170,13 +175,12 @@ class DatabaseLauncher(
     }
   }
 
-  fun ensureAssetExists(asset: AssetEntity, database: UpdatesDatabase): File? {
+  fun ensureAssetExists(asset: AssetEntity, database: UpdatesDatabase, embeddedUpdate: EmbeddedUpdate?, extraHeaders: JSONObject): File? {
     val assetFile = File(updatesDirectory, asset.relativePath ?: "")
     var assetFileExists = assetFile.exists()
     if (!assetFileExists) {
       // something has gone wrong, we're missing this asset
       // first we check to see if a copy is embedded in the binary
-      val embeddedUpdate = EmbeddedManifestUtils.getEmbeddedUpdate(context, configuration)
       if (embeddedUpdate != null) {
         val embeddedAssets = embeddedUpdate.assetEntityList
         var matchingEmbeddedAsset: AssetEntity? = null
@@ -204,9 +208,11 @@ class DatabaseLauncher(
     return if (!assetFileExists) {
       // we still don't have the asset locally, so try downloading it remotely
       assetsToDownload++
+
       fileDownloader.downloadAsset(
         asset,
         updatesDirectory,
+        extraHeaders,
         object : AssetDownloadCallback {
           override fun onFailure(e: Exception, assetEntity: AssetEntity) {
             logger.error("Failed to load asset from disk or network", e, UpdatesErrorCode.AssetsFailedToLoad)

package/android/src/main/java/expo/modules/updates/loader/EmbeddedLoader.kt

@@ -7,6 +7,7 @@ import expo.modules.updates.db.UpdatesDatabase
 import expo.modules.updates.loader.FileDownloader.AssetDownloadCallback
 import expo.modules.updates.loader.FileDownloader.RemoteUpdateDownloadCallback
 import expo.modules.updates.UpdatesUtils
+import expo.modules.updates.db.entity.UpdateEntity
 import expo.modules.updates.logging.UpdatesLogger
 import java.io.File
 import java.io.FileNotFoundException
@@ -71,6 +72,8 @@ class EmbeddedLoader internal constructor(
     assetEntity: AssetEntity,
     updatesDirectory: File?,
     configuration: UpdatesConfiguration,
+    requestedUpdate: UpdateEntity?,
+    embeddedUpdate: UpdateEntity?,
     callback: AssetDownloadCallback
   ) {
     val filename = UpdatesUtils.createFilenameForAsset(assetEntity)

package/android/src/main/java/expo/modules/updates/loader/FileDownloader.kt

@@ -449,6 +449,7 @@ class FileDownloader(
   fun downloadAsset(
     asset: AssetEntity,
     destinationDirectory: File?,
+    extraHeaders: JSONObject,
     callback: AssetDownloadCallback
   ) {
     if (asset.url == null) {
@@ -466,7 +467,7 @@ class FileDownloader(
     } else {
       try {
         downloadAssetAndVerifyHashAndWriteToPath(
-          createRequestForAsset(asset, configuration, context),
+          createRequestForAsset(asset, extraHeaders, configuration, context),
           asset.expectedHash,
           path,
           object : FileDownloadCallback {
@@ -594,12 +595,14 @@ class FileDownloader(
 
     internal fun createRequestForAsset(
       assetEntity: AssetEntity,
+      extraHeaders: JSONObject,
       configuration: UpdatesConfiguration,
       context: Context
     ): Request {
       return Request.Builder()
         .url(assetEntity.url!!.toString())
         .addHeadersFromJSONObject(assetEntity.extraRequestHeaders)
+        .addHeadersFromJSONObject(extraHeaders)
         .header("Expo-Platform", "android")
         .header("Expo-Protocol-Version", "1")
         .header("Expo-API-Version", "1")
@@ -700,5 +703,25 @@ class FileDownloader(
 
       return extraHeaders
     }
+
+    fun getExtraHeadersForRemoteAssetRequest(
+      launchedUpdate: UpdateEntity?,
+      embeddedUpdate: UpdateEntity?,
+      requestedUpdate: UpdateEntity?
+    ): JSONObject {
+      val extraHeaders = JSONObject()
+
+      launchedUpdate?.let {
+        extraHeaders.put("Expo-Current-Update-ID", it.id.toString().lowercase())
+      }
+      embeddedUpdate?.let {
+        extraHeaders.put("Expo-Embedded-Update-ID", it.id.toString().lowercase())
+      }
+      requestedUpdate?.let {
+        extraHeaders.put("Expo-Requested-Update-ID", it.id.toString().lowercase())
+      }
+
+      return extraHeaders
+    }
   }
 }

package/android/src/main/java/expo/modules/updates/loader/Loader.kt

@@ -86,6 +86,8 @@ abstract class Loader protected constructor(
     assetEntity: AssetEntity,
     updatesDirectory: File?,
     configuration: UpdatesConfiguration,
+    requestedUpdate: UpdateEntity?,
+    embeddedUpdate: UpdateEntity?,
     callback: AssetDownloadCallback
   )
 
@@ -204,7 +206,7 @@ abstract class Loader protected constructor(
         // however, it's not ready, so we should try to download all the assets again.
         updateEntity = existingUpdateEntity
       }
-      downloadAllAssets(update.assetEntityList)
+      downloadAllAssets(update)
     }
   }
 
@@ -214,8 +216,11 @@ abstract class Loader protected constructor(
     ERRORED
   }
 
-  private fun downloadAllAssets(assetList: List<AssetEntity>) {
+  private fun downloadAllAssets(update: Update) {
+    val assetList = update.assetEntityList
     assetTotal = assetList.size
+
+    val embeddedUpdate = loaderFiles.readEmbeddedUpdate(context, configuration)
     for (assetEntityCur in assetList) {
       var assetEntity = assetEntityCur
 
@@ -243,6 +248,8 @@ abstract class Loader protected constructor(
         assetEntity,
         updatesDirectory,
         configuration,
+        requestedUpdate = update.updateEntity,
+        embeddedUpdate = embeddedUpdate?.updateEntity,
         object : AssetDownloadCallback {
           override fun onFailure(e: Exception, assetEntity: AssetEntity) {
             val identifier = if (assetEntity.hash != null) {

package/android/src/main/java/expo/modules/updates/loader/LoaderFiles.kt

@@ -69,7 +69,7 @@ open class LoaderFiles {
       context.resources.openRawResource(id)
         .use { inputStream -> return UpdatesUtils.verifySHA256AndWriteToFile(inputStream, destination, null) }
     } catch (e: Exception) {
-      Log.e(TAG, "Failed to copy asset " + asset.embeddedAssetFilename, e)
+      Log.e(TAG, "Failed to copy resource asset ${asset.resourcesFolder}/${asset.embeddedAssetFilename}", e)
       throw e
     }
   }

package/android/src/main/java/expo/modules/updates/loader/RemoteLoader.kt

@@ -55,9 +55,12 @@ class RemoteLoader internal constructor(
     assetEntity: AssetEntity,
     updatesDirectory: File?,
     configuration: UpdatesConfiguration,
+    requestedUpdate: UpdateEntity?,
+    embeddedUpdate: UpdateEntity?,
     callback: AssetDownloadCallback
   ) {
-    mFileDownloader.downloadAsset(assetEntity, updatesDirectory, callback)
+    val extraHeaders = FileDownloader.getExtraHeadersForRemoteAssetRequest(launchedUpdate, embeddedUpdate, requestedUpdate)
+    mFileDownloader.downloadAsset(assetEntity, updatesDirectory, extraHeaders, callback)
   }
 
   companion object {

package/build-cli/cli.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export type Command = (argv?: string[]) => void;

package/build-cli/cli.js

@@ -0,0 +1,46 @@
+#!/usr/bin/env node
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+const arg_1 = tslib_1.__importDefault(require("arg"));
+const chalk_1 = tslib_1.__importDefault(require("chalk"));
+const Log = tslib_1.__importStar(require("./utils/log"));
+const commands = {
+    // Add a new command here
+    'codesigning:generate': () => import('./generateCodeSigning.js').then((i) => i.generateCodeSigning),
+    'codesigning:configure': () => import('./configureCodeSigning.js').then((i) => i.configureCodeSigning),
+};
+const args = (0, arg_1.default)({
+    // Types
+    '--help': Boolean,
+    // Aliases
+    '-h': '--help',
+}, {
+    permissive: true,
+});
+const command = args._[0];
+const commandArgs = args._.slice(1);
+// Handle `--help` flag
+if ((args['--help'] && !command) || !command) {
+    Log.exit((0, chalk_1.default) `
+{bold Usage}
+  {dim $} npx expo-updates <command>
+
+{bold Commands}
+  ${Object.keys(commands).sort().join(', ')}
+
+{bold Options}
+  --help, -h      Displays this message
+
+For more information run a command with the --help flag
+  {dim $} npx expo-updates codesigning:generate --help
+  `, 0);
+}
+// Push the help flag to the subcommand args.
+if (args['--help']) {
+    commandArgs.push('--help');
+}
+// Install exit hooks
+process.on('SIGINT', () => process.exit(0));
+process.on('SIGTERM', () => process.exit(0));
+commands[command]().then((exec) => exec(commandArgs));

package/build-cli/configureCodeSigning.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+import { Command } from './cli';
+export declare const configureCodeSigning: Command;

package/build-cli/configureCodeSigning.js

@@ -0,0 +1,43 @@
+#!/usr/bin/env node
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.configureCodeSigning = void 0;
+const tslib_1 = require("tslib");
+const chalk_1 = tslib_1.__importDefault(require("chalk"));
+const args_1 = require("./utils/args");
+const Log = tslib_1.__importStar(require("./utils/log"));
+const configureCodeSigning = async (argv) => {
+    const args = (0, args_1.assertArgs)({
+        // Types
+        '--help': Boolean,
+        '--certificate-input-directory': String,
+        '--key-input-directory': String,
+        '--keyid': String,
+        // Aliases
+        '-h': '--help',
+    }, argv !== null && argv !== void 0 ? argv : []);
+    if (args['--help']) {
+        Log.exit((0, chalk_1.default) `
+{bold Description}
+Configure expo-updates code signing for this project and verify setup
+
+{bold Usage}
+  {dim $} npx expo-updates codesigning:configure --certificate-input-directory <dir> --key-input-directory <dir>
+
+  Options
+  --certificate-input-directory <string>     Directory containing code signing certificate
+  --key-input-directory <string>             Directory containing private and public keys
+  -h, --help                                 Output usage information
+    `, 0);
+    }
+    const { configureCodeSigningAsync } = await import('./configureCodeSigningAsync.js');
+    const certificateInput = (0, args_1.requireArg)(args, '--certificate-input-directory');
+    const keyInput = (0, args_1.requireArg)(args, '--key-input-directory');
+    const keyid = args['--keyid'];
+    return await configureCodeSigningAsync((0, args_1.getProjectRoot)(args), {
+        certificateInput,
+        keyInput,
+        keyid,
+    });
+};
+exports.configureCodeSigning = configureCodeSigning;

package/build-cli/configureCodeSigningAsync.d.ts

@@ -0,0 +1,7 @@
+type Options = {
+    certificateInput: string;
+    keyInput: string;
+    keyid: string | undefined;
+};
+export declare function configureCodeSigningAsync(projectRoot: string, { certificateInput, keyInput, keyid }: Options): Promise<void>;
+export {};

package/build-cli/configureCodeSigningAsync.js

@@ -0,0 +1,42 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.configureCodeSigningAsync = void 0;
+const tslib_1 = require("tslib");
+const code_signing_certificates_1 = require("@expo/code-signing-certificates");
+const config_1 = require("@expo/config");
+const fs_1 = require("fs");
+const path_1 = tslib_1.__importDefault(require("path"));
+const log_1 = require("./utils/log");
+const modifyConfigAsync_1 = require("./utils/modifyConfigAsync");
+async function configureCodeSigningAsync(projectRoot, { certificateInput, keyInput, keyid }) {
+    const certificateInputDir = path_1.default.resolve(projectRoot, certificateInput);
+    const keyInputDir = path_1.default.resolve(projectRoot, keyInput);
+    const [certificatePEM, privateKeyPEM, publicKeyPEM] = await Promise.all([
+        fs_1.promises.readFile(path_1.default.join(certificateInputDir, 'certificate.pem'), 'utf8'),
+        fs_1.promises.readFile(path_1.default.join(keyInputDir, 'private-key.pem'), 'utf8'),
+        fs_1.promises.readFile(path_1.default.join(keyInputDir, 'public-key.pem'), 'utf8'),
+    ]);
+    const certificate = (0, code_signing_certificates_1.convertCertificatePEMToCertificate)(certificatePEM);
+    const keyPair = (0, code_signing_certificates_1.convertKeyPairPEMToKeyPair)({ privateKeyPEM, publicKeyPEM });
+    (0, code_signing_certificates_1.validateSelfSignedCertificate)(certificate, keyPair);
+    const { exp } = (0, config_1.getConfig)(projectRoot, { skipSDKVersionRequirement: true });
+    const fields = {
+        codeSigningCertificate: `./${path_1.default.relative(projectRoot, certificateInputDir)}/certificate.pem`,
+        codeSigningMetadata: {
+            keyid: keyid !== null && keyid !== void 0 ? keyid : 'main',
+            alg: 'rsa-v1_5-sha256',
+        },
+    };
+    await (0, modifyConfigAsync_1.attemptModification)(projectRoot, {
+        updates: {
+            ...exp.updates,
+            ...fields,
+        },
+    }, {
+        updates: {
+            ...fields,
+        },
+    });
+    (0, log_1.log)(`Code signing configuration written to app configuration.`);
+}
+exports.configureCodeSigningAsync = configureCodeSigningAsync;

package/build-cli/generateCodeSigning.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+import { Command } from './cli';
+export declare const generateCodeSigning: Command;

package/build-cli/generateCodeSigning.js

@@ -0,0 +1,48 @@
+#!/usr/bin/env node
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateCodeSigning = void 0;
+const tslib_1 = require("tslib");
+const chalk_1 = tslib_1.__importDefault(require("chalk"));
+const args_1 = require("./utils/args");
+const Log = tslib_1.__importStar(require("./utils/log"));
+const generateCodeSigning = async (argv) => {
+    const args = (0, args_1.assertArgs)({
+        // Types
+        '--help': Boolean,
+        '--key-output-directory': String,
+        '--certificate-output-directory': String,
+        '--certificate-validity-duration-years': Number,
+        '--certificate-common-name': String,
+        // Aliases
+        '-h': '--help',
+    }, argv !== null && argv !== void 0 ? argv : []);
+    if (args['--help']) {
+        Log.exit((0, chalk_1.default) `
+{bold Description}
+Generate expo-updates private key, public key, and code signing certificate using that public key (self-signed by the private key)
+
+{bold Usage}
+  {dim $} npx expo-updates codesigning:generate --key-output-directory <dir> --certificate-output-directory <dir> --certificate-validity-duration-years <num years> --certificate-common-name <name>
+
+  Options
+  --key-output-directory <string>                  Directory in which to put the generated private and public keys
+  --certificate-output-directory <string>          Directory in which to put the generated certificate
+  --certificate-validity-duration-years <number>   Certificate validity duration in years (number of years before certificate needs rotation)
+  --certificate-common-name <string>               Common name attribute for certificate (generally the human readable name of the organization owning this application)
+  -h, --help                                       Output usage information
+    `, 0);
+    }
+    const { generateCodeSigningAsync } = await import('./generateCodeSigningAsync.js');
+    const keyOutput = (0, args_1.requireArg)(args, '--key-output-directory');
+    const certificateOutput = (0, args_1.requireArg)(args, '--certificate-output-directory');
+    const certificateValidityDurationYears = (0, args_1.requireArg)(args, '--certificate-validity-duration-years');
+    const certificateCommonName = (0, args_1.requireArg)(args, '--certificate-common-name');
+    return await generateCodeSigningAsync((0, args_1.getProjectRoot)(args), {
+        certificateValidityDurationYears,
+        keyOutput,
+        certificateOutput,
+        certificateCommonName,
+    });
+};
+exports.generateCodeSigning = generateCodeSigning;

package/build-cli/generateCodeSigningAsync.d.ts

@@ -0,0 +1,8 @@
+type Options = {
+    certificateValidityDurationYears: number;
+    keyOutput: string;
+    certificateOutput: string;
+    certificateCommonName: string;
+};
+export declare function generateCodeSigningAsync(projectRoot: string, { certificateValidityDurationYears, keyOutput, certificateOutput, certificateCommonName }: Options): Promise<void>;
+export {};

package/build-cli/generateCodeSigningAsync.js

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateCodeSigningAsync = void 0;
+const tslib_1 = require("tslib");
+const code_signing_certificates_1 = require("@expo/code-signing-certificates");
+const assert_1 = tslib_1.__importDefault(require("assert"));
+const fs_1 = require("fs");
+const path_1 = tslib_1.__importDefault(require("path"));
+const dir_1 = require("./utils/dir");
+const log_1 = require("./utils/log");
+async function generateCodeSigningAsync(projectRoot, { certificateValidityDurationYears, keyOutput, certificateOutput, certificateCommonName }) {
+    const validityDurationYears = Math.floor(certificateValidityDurationYears);
+    const certificateOutputDir = path_1.default.resolve(projectRoot, certificateOutput);
+    const keyOutputDir = path_1.default.resolve(projectRoot, keyOutput);
+    await Promise.all([(0, dir_1.ensureDirAsync)(certificateOutputDir), (0, dir_1.ensureDirAsync)(keyOutputDir)]);
+    const [certificateOutputDirContents, keyOutputDirContents] = await Promise.all([
+        fs_1.promises.readdir(certificateOutputDir),
+        fs_1.promises.readdir(keyOutputDir),
+    ]);
+    (0, assert_1.default)(certificateOutputDirContents.length === 0, 'Certificate output directory must be empty');
+    (0, assert_1.default)(keyOutputDirContents.length === 0, 'Key output directory must be empty');
+    const keyPair = (0, code_signing_certificates_1.generateKeyPair)();
+    const validityNotBefore = new Date();
+    const validityNotAfter = new Date();
+    validityNotAfter.setFullYear(validityNotAfter.getFullYear() + validityDurationYears);
+    const certificate = (0, code_signing_certificates_1.generateSelfSignedCodeSigningCertificate)({
+        keyPair,
+        validityNotBefore,
+        validityNotAfter,
+        commonName: certificateCommonName,
+    });
+    const keyPairPEM = (0, code_signing_certificates_1.convertKeyPairToPEM)(keyPair);
+    const certificatePEM = (0, code_signing_certificates_1.convertCertificateToCertificatePEM)(certificate);
+    await Promise.all([
+        fs_1.promises.writeFile(path_1.default.join(keyOutputDir, 'public-key.pem'), keyPairPEM.publicKeyPEM),
+        fs_1.promises.writeFile(path_1.default.join(keyOutputDir, 'private-key.pem'), keyPairPEM.privateKeyPEM),
+        fs_1.promises.writeFile(path_1.default.join(certificateOutputDir, 'certificate.pem'), certificatePEM),
+    ]);
+    (0, log_1.log)(`Generated public and private keys output in ${keyOutputDir}. Remember to add them to .gitignore or to encrypt them. (e.g. with git-crypt)`);
+    (0, log_1.log)(`Generated code signing certificate output in ${certificateOutputDir}.`);
+    (0, log_1.log)(`To automatically configure this project for code signing, run \`yarn expo-updates codesigning:configure --certificate-input-directory=${certificateOutput} --key-input-directory=${keyOutput}\`.`);
+}
+exports.generateCodeSigningAsync = generateCodeSigningAsync;

package/build-cli/utils/args.d.ts

@@ -0,0 +1,16 @@
+import arg from 'arg';
+/**
+ * Parse the first argument as a project directory.
+ *
+ * @returns valid project directory.
+ */
+export declare function getProjectRoot(args: arg.Result<arg.Spec>): string;
+/**
+ * Parse args and assert unknown options.
+ *
+ * @param schema the `args` schema for parsing the command line arguments.
+ * @param argv extra strings
+ * @returns processed args object.
+ */
+export declare function assertArgs(schema: arg.Spec, argv: string[]): arg.Result<arg.Spec>;
+export declare function requireArg(args: arg.Result<arg.Spec>, name: any): any;

package/build-cli/utils/args.js

@@ -0,0 +1,52 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requireArg = exports.assertArgs = exports.getProjectRoot = void 0;
+const tslib_1 = require("tslib");
+// Common utilities for interacting with `args` library.
+// These functions should be used by every command.
+const arg_1 = tslib_1.__importDefault(require("arg"));
+const fs_1 = require("fs");
+const path_1 = require("path");
+const Log = tslib_1.__importStar(require("./log"));
+/**
+ * Parse the first argument as a project directory.
+ *
+ * @returns valid project directory.
+ */
+function getProjectRoot(args) {
+    const projectRoot = (0, path_1.resolve)(args._[0] || '.');
+    if (!(0, fs_1.existsSync)(projectRoot)) {
+        Log.exit(`Invalid project root: ${projectRoot}`);
+    }
+    return projectRoot;
+}
+exports.getProjectRoot = getProjectRoot;
+/**
+ * Parse args and assert unknown options.
+ *
+ * @param schema the `args` schema for parsing the command line arguments.
+ * @param argv extra strings
+ * @returns processed args object.
+ */
+function assertArgs(schema, argv) {
+    try {
+        return (0, arg_1.default)(schema, { argv });
+    }
+    catch (error) {
+        // Ensure unknown options are handled the same way.
+        if (error.code === 'ARG_UNKNOWN_OPTION') {
+            Log.exit(error.message, 1);
+        }
+        // Otherwise rethrow the error.
+        throw error;
+    }
+}
+exports.assertArgs = assertArgs;
+function requireArg(args, name) {
+    const value = args[name];
+    if (value === undefined || value === null) {
+        Log.exit(`${name} must be provided`, 1);
+    }
+    return value;
+}
+exports.requireArg = requireArg;

package/build-cli/utils/dir.d.ts

@@ -0,0 +1 @@
+export declare function ensureDirAsync(path: string): Promise<string | undefined>;

package/build-cli/utils/dir.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ensureDirAsync = void 0;
+const fs_1 = require("fs");
+function ensureDirAsync(path) {
+    return fs_1.promises.mkdir(path, { recursive: true });
+}
+exports.ensureDirAsync = ensureDirAsync;

package/build-cli/utils/log.d.ts

@@ -0,0 +1,7 @@
+export declare function time(label?: string): void;
+export declare function timeEnd(label?: string): void;
+export declare function error(...message: string[]): void;
+export declare function warn(...message: string[]): void;
+export declare function log(...message: string[]): void;
+/** Log a message and exit the current process. If the `code` is non-zero then `console.error` will be used instead of `console.log`. */
+export declare function exit(message: string, code?: number): never;

package/build-cli/utils/log.js

@@ -0,0 +1,34 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.exit = exports.log = exports.warn = exports.error = exports.timeEnd = exports.time = void 0;
+function time(label) {
+    console.time(label);
+}
+exports.time = time;
+function timeEnd(label) {
+    console.timeEnd(label);
+}
+exports.timeEnd = timeEnd;
+function error(...message) {
+    console.error(...message);
+}
+exports.error = error;
+function warn(...message) {
+    console.warn(...message);
+}
+exports.warn = warn;
+function log(...message) {
+    console.log(...message);
+}
+exports.log = log;
+/** Log a message and exit the current process. If the `code` is non-zero then `console.error` will be used instead of `console.log`. */
+function exit(message, code = 1) {
+    if (code === 0) {
+        log(message);
+    }
+    else {
+        error(message);
+    }
+    process.exit(code);
+}
+exports.exit = exit;

package/build-cli/utils/modifyConfigAsync.d.ts

@@ -0,0 +1,3 @@
+import { ExpoConfig } from '@expo/config';
+/** Wraps `[@expo/config] modifyConfigAsync()` and adds additional logging. */
+export declare function attemptModification(projectRoot: string, edits: Partial<ExpoConfig>, exactEdits: Partial<ExpoConfig>): Promise<void>;

package/build-cli/utils/modifyConfigAsync.js

@@ -0,0 +1,41 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.attemptModification = void 0;
+const tslib_1 = require("tslib");
+const config_1 = require("@expo/config");
+const chalk_1 = tslib_1.__importDefault(require("chalk"));
+const Log = tslib_1.__importStar(require("./log"));
+/** Wraps `[@expo/config] modifyConfigAsync()` and adds additional logging. */
+async function attemptModification(projectRoot, edits, exactEdits) {
+    const modification = await (0, config_1.modifyConfigAsync)(projectRoot, edits, {
+        skipSDKVersionRequirement: true,
+    });
+    if (modification.type === 'success') {
+        Log.log();
+    }
+    else {
+        warnAboutConfigAndThrow(modification.type, modification.message, exactEdits);
+    }
+}
+exports.attemptModification = attemptModification;
+function logNoConfig() {
+    Log.log(chalk_1.default.yellow(`No Expo config was found. Please create an Expo config (${chalk_1.default.bold `app.json`} or ${chalk_1.default.bold `app.config.js`}) in your project root.`));
+}
+function warnAboutConfigAndThrow(type, message, edits) {
+    Log.log();
+    if (type === 'warn') {
+        // The project is using a dynamic config, give the user a helpful log and bail out.
+        Log.log(chalk_1.default.yellow(message));
+    }
+    else {
+        logNoConfig();
+    }
+    notifyAboutManualConfigEdits(edits);
+    throw new Error();
+}
+function notifyAboutManualConfigEdits(edits) {
+    Log.log(chalk_1.default.cyan(`Please add the following to your Expo config`));
+    Log.log();
+    Log.log(JSON.stringify(edits, null, 2));
+    Log.log();
+}

package/e2e/setup/project.ts

@@ -312,10 +312,10 @@ async function preparePackageJson(
 
   const extraDevDependencies = configureE2E
     ? {
-        '@config-plugins/detox': '^5.0.1',
+        '@config-plugins/detox': '^9.0.0',
         '@types/express': '^4.17.17',
         '@types/jest': '^29.4.0',
-        detox: '^20.4.0',
+        detox: '^20.33.0',
         express: '^4.18.2',
         'form-data': '^4.0.0',
         jest: '^29.3.1',
@@ -458,7 +458,15 @@ function transformAppJsonForE2E(
   runtimeVersion: string,
   isTV: boolean
 ) {
-  const plugins: any[] = ['expo-updates', '@config-plugins/detox'];
+  const plugins: any[] = [
+    'expo-updates',
+    [
+      '@config-plugins/detox',
+      {
+        subdomains: Array.from(new Set(['10.0.2.2', 'localhost', process.env.UPDATES_HOST])),
+      },
+    ],
+  ];
   if (isTV) {
     plugins.push([
       '@react-native-tvos/config-tv',
@@ -574,7 +582,15 @@ export function transformAppJsonForUpdatesDisabledE2E(
   projectName: string,
   runtimeVersion: string
 ) {
-  const plugins: any[] = ['expo-updates', '@config-plugins/detox'];
+  const plugins: any[] = [
+    'expo-updates',
+    [
+      '@config-plugins/detox',
+      {
+        subdomains: Array.from(new Set(['10.0.2.2', 'localhost', process.env.UPDATES_HOST])),
+      },
+    ],
+  ];
   return {
     ...appJson,
     expo: {
@@ -768,7 +784,7 @@ export async function initAsync(
   // enable proguard on Android
   await fs.appendFile(
     path.join(projectRoot, 'android', 'gradle.properties'),
-    '\nandroid.enableProguardInReleaseBuilds=true\nandroid.kotlinVersion=1.8.20\nEXPO_UPDATES_NATIVE_DEBUG=true',
+    '\nandroid.enableProguardInReleaseBuilds=true\nEXPO_UPDATES_NATIVE_DEBUG=true',
     'utf-8'
   );
 

package/ios/EXUpdates/AppLoader/AppLoader.swift

@@ -97,7 +97,7 @@ open class AppLoader: NSObject {
     preconditionFailure("Must override in concrete class")
   }
 
-  open func downloadAsset(_ asset: UpdateAsset) {
+  open func downloadAsset(_ asset: UpdateAsset, extraHeaders: [String: Any]) {
     preconditionFailure("Must override in concrete class")
   }
 
@@ -202,6 +202,13 @@ open class AppLoader: NSObject {
       if let assets = updateManifest.assets(),
         !assets.isEmpty {
         self.assetsToLoad = assets
+        let embeddedUpdate = EmbeddedAppLoader.embeddedManifest(withConfig: self.config, database: self.database)
+        let extraHeaders = FileDownloader.extraHeadersForRemoteAssetRequest(
+          launchedUpdate: self.launchedUpdate,
+          embeddedUpdate: embeddedUpdate,
+          requestedUpdate: updateManifest
+        )
+
         for asset in assets {
           // before downloading, check to see if we already have this asset in the database
           let matchingDbEntry = try? self.database.asset(withKey: asset.key)
@@ -226,11 +233,11 @@ open class AppLoader: NSObject {
                   self.handleAssetDownloadAlreadyExists(asset)
                 }
               } else {
-                self.downloadAsset(asset)
+                self.downloadAsset(asset, extraHeaders: extraHeaders)
               }
             }
           } else {
-            self.downloadAsset(asset)
+            self.downloadAsset(asset, extraHeaders: extraHeaders)
           }
         }
       } else {

package/ios/EXUpdates/AppLoader/EmbeddedAppLoader.swift

@@ -119,7 +119,7 @@ public final class EmbeddedAppLoader: AppLoader {
     ))
   }
 
-  override public func downloadAsset(_ asset: UpdateAsset) {
+  override public func downloadAsset(_ asset: UpdateAsset, extraHeaders: [String: Any]) {
     FileDownloader.assetFilesQueue.async {
       self.handleAssetDownloadAlreadyExists(asset)
     }

package/ios/EXUpdates/AppLoader/FileDownloader.swift

@@ -221,6 +221,30 @@ public final class FileDownloader {
     return extraHeaders
   }
 
+   /**
+   * Get extra headers to pass into `downloadAsset:`
+   */
+  static func extraHeadersForRemoteAssetRequest(
+    launchedUpdate: Update?,
+    embeddedUpdate: Update?,
+    requestedUpdate: Update?
+  ) -> [String: Any] {
+    var extraHeaders: [String: Any] = [:]
+    if let launchedUpdate {
+      extraHeaders["Expo-Current-Update-ID"] = launchedUpdate.updateId.uuidString.lowercased()
+    }
+
+    if let embeddedUpdate {
+      extraHeaders["Expo-Embedded-Update-ID"] = embeddedUpdate.updateId.uuidString.lowercased()
+    }
+
+    if let requestedUpdate {
+      extraHeaders["Expo-Requested-Update-ID"] = requestedUpdate.updateId.uuidString.lowercased()
+    }
+
+    return extraHeaders
+  }
+
   private static func setHTTPHeaderFields(_ headers: [String: Any?]?, onRequest request: inout URLRequest) {
     guard let headers = headers else {
       return

package/ios/EXUpdates/AppLoader/RemoteAppLoader.swift

@@ -84,7 +84,7 @@ public final class RemoteAppLoader: AppLoader {
     }
   }
 
-  override public func downloadAsset(_ asset: UpdateAsset) {
+  override public func downloadAsset(_ asset: UpdateAsset, extraHeaders: [String: Any]) {
     let urlOnDisk = self.directory.appendingPathComponent(asset.filename)
 
     FileDownloader.assetFilesQueue.async {
@@ -101,12 +101,11 @@ public final class RemoteAppLoader: AppLoader {
           )
           return
         }
-
         self.downloader.downloadAsset(
           fromURL: assetUrl,
           verifyingHash: asset.expectedHash,
           toPath: urlOnDisk.path,
-          extraHeaders: asset.extraRequestHeaders ?? [:]
+          extraHeaders: extraHeaders.merging(asset.extraRequestHeaders ?? [:]) { current, _ in current }
         ) { data, response, _ in
           DispatchQueue.global().async {
             self.handleAssetDownload(withData: data, response: response, asset: asset)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "expo-updates",
-  "version": "0.27.0",
+  "version": "0.27.2",
   "description": "Fetches and manages remotely-hosted assets and updates to your app's JS bundle.",
   "main": "build/index.js",
   "types": "build/index.d.ts",
@@ -38,13 +38,13 @@
   },
   "dependencies": {
     "@expo/code-signing-certificates": "0.0.5",
-    "@expo/config": "~10.0.8",
-    "@expo/config-plugins": "~9.0.15",
+    "@expo/config": "~10.0.10",
+    "@expo/config-plugins": "~9.0.16",
     "@expo/spawn-async": "^1.7.2",
     "arg": "4.1.0",
     "chalk": "^4.1.2",
-    "expo-eas-client": "~0.13.2",
-    "expo-manifests": "~0.15.5",
+    "expo-eas-client": "~0.13.3",
+    "expo-manifests": "~0.15.7",
     "expo-structured-headers": "~4.0.0",
     "expo-updates-interface": "~1.0.0",
     "fast-glob": "^3.3.2",
@@ -56,7 +56,7 @@
     "@types/jest": "^29.2.1",
     "@types/node": "^18.19.34",
     "@types/node-forge": "^1.0.0",
-    "expo-module-scripts": "^4.0.3",
+    "expo-module-scripts": "^4.0.4",
     "express": "^4.21.1",
     "form-data": "^4.0.0",
     "fs-extra": "~8.1.0",
@@ -67,5 +67,5 @@
     "expo": "*",
     "react": "*"
   },
-  "gitHead": "67ab2bc7efe275088b9213a1a3b27376d56a7778"
+  "gitHead": "4f3b834d475d0de0d26cc6b1d39019c8bf11aca6"
 }