applesign - npm Package Compare versions

Comparing version 2.3.1 to 2.4.0

bin/applesign.js

@@ -9,25 +9,27 @@ #!/usr/bin/env node
   string: [
-    'O', 'osversion',
-    'i', 'identity'
+    'i', 'identity',
+    'O', 'osversion'
   ],
   boolean: [
-    'n', 'noclean',
     '7', 'use-7zip',
-    'r', 'replace',
-    'L', 'identities',
-    'v', 'verify-twice',
+    'a', 'all',
+    'B', 'bundleid-access-group',
+    'c', 'clone-entitlements',
     'E', 'entry-entitlement',
     'f', 'force-family',
-    'z', 'ignore-zip-errors',
+    'f', 'force-family',
+    'H', 'allow-http',
+    'L', 'identities',
+    'M', 'massage-entitlements',
+    'n', 'noclean',
     'p', 'parallel',
-    'w', 'without-watchapp',
+    'r', 'replace',
+    'S', 'self-signed-provision',
+    's', 'single',
     'u', 'unfair',
-    'M', 'massage-entitlements',
-    'f', 'force-family',
-    's', 'single',
-    'S', 'self-signed-provision',
-    'c', 'clone-entitlements',
     'u', 'unsigned-provision',
     'V', 'dont-verify',
-    'B', 'bundleid-access-group'
+    'v', 'verify-twice',
+    'w', 'without-watchapp',
+    'z', 'ignore-zip-errors'
   ]
@@ -37,30 +39,32 @@ });
 const options = {
-  file: conf._[0] || 'undefined',
-  use7zip: conf['7'] || conf['use-7zip'],
-  useOpenSSL: conf['use-openssl'],
-  insertLibrary: conf.I || conf.insert,
-  outfile: conf.output || conf.o,
-  osversion: conf.osversion || conf.O,
+  all: conf.a || conf.all || false,
+  allowHttp: conf['allow-http'] || conf.H,
+  bundleIdKeychainGroup: conf.B || conf['bundleid-access-group'],
+  bundleid: conf.bundleid || conf.b,
+  cloneEntitlements: conf.c || conf['clone-entitlements'],
+  customKeychainGroup: conf.K || conf['add-access-group'],
+  dontVerify: conf['dont-verify'] || conf.V,
   entitlement: conf.entitlement || conf.e,
   entry: conf['entry-entitlement'] || conf.E,
-  bundleid: conf.bundleid || conf.b,
+  file: conf._[0] || 'undefined',
+  forceFamily: conf['force-family'] || conf.f,
   identity: conf.identity || conf.i,
-  noclean: conf.n || conf.noclean,
-  mobileprovision: conf.mobileprovision || conf.m,
-  cloneEntitlements: conf.c || conf['clone-entitlements'],
   ignoreZipErrors: conf.z || conf['ignore-zip-errors'],
-  replaceipa: conf.replace || conf.r,
+  insertLibrary: conf.I || conf.insert,
+  keychain: conf.keychain || conf.k,
   lipoArch: conf.lipo || conf.l,
-  withoutWatchapp: !!conf['without-watchapp'] || !!conf.w,
-  keychain: conf.keychain || conf.k,
+  massageEntitlements: conf['massage-entitlements'] || conf.M,
+  mobileprovision: conf.mobileprovision || conf.m,
+  noclean: conf.n || conf.noclean,
+  osversion: conf.osversion || conf.O,
+  outfile: conf.output || conf.o,
   parallel: conf.parallel || conf.p,
-  massageEntitlements: conf['massage-entitlements'] || conf.M,
+  replaceipa: conf.replace || conf.r,
+  selfSignedProvision: conf.S || conf['self-signed-provision'],
+  single: conf.single || conf.s,
+  unfairPlay: conf.unfair || conf.u,
+  use7zip: conf['7'] || conf['use-7zip'],
+  useOpenSSL: conf['use-openssl'],
   verifyTwice: conf.verifyTwice || !!conf.v,
-  unfairPlay: conf.unfair || conf.u,
-  forceFamily: conf['force-family'] || conf.f,
-  single: conf.single || conf.s,
-  dontVerify: conf['dont-verify'] || conf.V,
-  selfSignedProvision: conf.S || conf['self-signed-provision'],
-  customKeychainGroup: conf.K || conf['add-access-group'],
-  bundleIdKeychainGroup: conf.B || conf['bundleid-access-group']
+  withoutWatchapp: !!conf['without-watchapp'] || !!conf.w,
 };
@@ -70,4 +74,4 @@
   error: 'red',
+  msg: 'yellow',
   warn: 'green',
-  msg: 'yellow'
 });
@@ -118,2 +122,3 @@
       --use-openssl             Use OpenSSL cms instead of Apple's security tool
+  -a, --all                     Resign all binaries, even it unrelated to the app
   -b, --bundleid [BUNDLEID]     Change the bundleid when repackaging
@@ -125,2 +130,4 @@ -B, --bundleid-access-group   Add $(TeamIdentifier).bundleid to keychain-access-groups
   -f, --force-family            Force UIDeviceFamily in Info.plist to be iPhone
+  -h, --help                    Show this help message
+  -H, --allow-http              Add NSAppTransportSecurity.NSAllowsArbitraryLoads in plist
   -i, --identity [1C4D1A..]     Specify hash-id of the identity to use
@@ -127,0 +134,0 @@ -I, --insert [frida.dylib]    Insert a dynamic library to the main executable

index.js

@@ -20,31 +20,33 @@ 'use strict';
     return {
+      all: opt.all || false,
+      allowHttp: opt.allowHttp || false,
+      bundleid: opt.bundleid || undefined,
+      bundleIdKeychainGroup: opt.bundleIdKeychainGroup || false,
+      cloneEntitlements: opt.cloneEntitlements || false,
+      customKeychainGroup: opt.customKeychainGroup || undefined,
+      dontVerify: opt.dontVerify || false,
+      entitlement: opt.entitlement || undefined,
+      entry: opt.entry || undefined,
       file: opt.file ? path.resolve(opt.file) : undefined,
-      use7zip: opt.use7zip === true,
-      useOpenSSL: opt.useOpenSSL === true,
-      outdir: undefined,
-      outfile: opt.outfile,
-      keychain: opt.keychain,
-      cloneEntitlements: opt.cloneEntitlements || false,
+      forceFamily: opt.forceFamily || false,
+      identity: opt.identity || undefined,
+      ignoreCodesignErrors: true,
       ignoreVerificationErrors: true,
-      ignoreCodesignErrors: true,
       ignoreZipErrors: opt.ignoreZipErrors || false,
       insertLibrary: opt.insertLibrary || undefined,
-      entitlement: opt.entitlement || undefined,
-      entry: opt.entry || undefined,
+      keychain: opt.keychain,
       lipoArch: opt.lipoArch || undefined,
-      bundleid: opt.bundleid || undefined,
-      identity: opt.identity || undefined,
-      replaceipa: opt.replaceipa || false,
-      withoutWatchapp: opt.withoutWatchapp || false,
+      massageEntitlements: opt.massageEntitlements || false,
       mobileprovision: opt.mobileprovision || undefined,
-      massageEntitlements: opt.massageEntitlements || false,
-      forceFamily: opt.forceFamily || false,
+      noclean: opt.noclean || false,
+      outdir: undefined,
+      outfile: opt.outfile,
       parallel: opt.parallel || false,
+      replaceipa: opt.replaceipa || false,
+      selfSignedProvision: opt.selfSignedProvision || false,
+      unfairPlay: opt.unfairPlay || false,
+      use7zip: opt.use7zip === true,
+      useOpenSSL: opt.useOpenSSL === true,
       verifyTwice: opt.verifyTwice || false,
-      unfairPlay: opt.unfairPlay || false,
-      selfSignedProvision: opt.selfSignedProvision || false,
-      dontVerify: opt.dontVerify || false,
-      bundleIdKeychainGroup: opt.bundleIdKeychainGroup || false,
-      customKeychainGroup: opt.customKeychainGroup || undefined,
-      noclean: opt.noclean || false
+      withoutWatchapp: opt.withoutWatchapp || false,
     };
@@ -51,0 +53,0 @@ }

package.json

@@ -16,8 +16,8 @@ {
   "devDependencies": {
-    "semistandard": "11.0.0"
+    "semistandard": "^12.0.1"
   },
   "dependencies": {
-    "colors": "1.1.2",
+    "colors": "1.3.2",
     "fatmacho": "0.1.1",
-    "fs-extra": "4.0.0",
+    "fs-extra": "7.0.0",
     "fs-walk": "github:trufae/fs-walk#patch-1",
@@ -31,7 +31,7 @@ "is-array": "1.0.1",
     "plist": "github:trufae/plist.js#fix-null",
-    "rimraf": "2.6.1",
+    "rimraf": "2.6.2",
     "simple-plist": "github:trufae/node-simple-plist#update",
     "uniq": "1.0.1",
-    "uuid": "3.1.0",
-    "which": "1.2.14"
+    "uuid": "3.3.2",
+    "which": "1.3.1"
   },
@@ -72,3 +72,3 @@ "description": "API to resign IPA files",
   "name": "applesign",
-  "version": "2.3.1"
+  "version": "2.4.0"
 }

README.md

@@ -59,3 +59,3 @@ node-applesign
 
-	$ bin/applesign -I
+	$ bin/applesign -L
 
@@ -62,0 +62,0 @@ Resign an IPA with a specific identity:

session.js

@@ -532,2 +532,10 @@ 'use strict';
     const data = plist.readFileSync(file);
+    if (this.config.allowHttp) {
+      this.emit('message', 'Adding NSAllowArbitraryLoads');
+      if (!Object.isObject(data['NSAppTransportSecurity'])) {
+        data['NSAppTransportSecurity'] = {};
+      }
+      data['NSAppTransportSecurity']['NSAllowsArbitraryLoads'] = true;
+      changed = true;
+    }
     if (this.config.forceFamily) {
@@ -635,2 +643,5 @@ const have = {
     return libraries.filter(_ => {
+      if (this.config.all) {
+        return true;
+      }
       // we want to resign all frameworks. even if not referenced :?
@@ -637,0 +648,0 @@ if (_.indexOf('Frameworks/') !== -1) {

tools.js

@@ -15,11 +15,11 @@ 'use strict';
   '7z': '/usr/local/bin/7z',
-  zip: '/usr/bin/zip',
-  unzip: '/usr/bin/unzip',
   codesign: '/usr/bin/codesign',
+  insert_dylib: 'insert_dylib',
+  lipo: '/usr/bin/lipo',
+  /* only when useOpenSSL is true */
+  openssl: '/usr/local/bin/openssl',
   security: '/usr/bin/security',
+  unzip: '/usr/bin/unzip',
   xcodebuild: '/usr/bin/xcodebuild',
-  /* only when useOpenSSL is true */
-  openssl: '/usr/local/bin/openssl',
-  insert_dylib: 'insert_dylib',
-  lipo: '/usr/bin/lipo'
+  zip: '/usr/bin/zip',
 };
@@ -26,0 +26,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

63591

increased by1.25%

Lines of code

1672

increased by1.21%

Dependency changes

• + Addedcolors@1.3.2(transitive)

• + Addedfs-extra@7.0.0(transitive)

• + Addedjsonfile@4.0.0(transitive)

• + Addedrimraf@2.6.2(transitive)

• + Addeduuid@3.3.2(transitive)

• + Addedwhich@1.3.1(transitive)

• - Removedcolors@1.1.2(transitive)

• - Removedfs-extra@4.0.0(transitive)

• - Removedjsonfile@3.0.1(transitive)

• - Removedrimraf@2.6.1(transitive)

• - Removeduuid@3.1.0(transitive)

• - Removedwhich@1.2.14(transitive)

• Updatedcolors@1.3.2

• Updatedfs-extra@7.0.0

• Updatedrimraf@2.6.2

• Updateduuid@3.3.2

• Updatedwhich@1.3.1