From 73bc1578d96a43c848b35c354bd3a6480c623bc2 Mon Sep 17 00:00:00 2001
From: Julian Raufelder <Julian@Raufelder.com>
Date: Tue, 13 Jul 2021 23:49:13 +0200
Subject: [PATCH 1/2] Add F-Droids iod-apk-scanner to Fastlane build process

---
 fastlane/Fastfile    | 40 ++++++++++++++++++++++++++++++++++++++++
 fastlane/result.json |  1 +
 2 files changed, 41 insertions(+)
 create mode 100644 fastlane/result.json

diff --git a/fastlane/Fastfile b/fastlane/Fastfile
index 8237c70c..a757c90c 100644
--- a/fastlane/Fastfile
+++ b/fastlane/Fastfile
@@ -181,6 +181,8 @@ platform :android do |options|
       }
     )
 
+    checkTrackingAddedInDependency(alpha:options[:alpha], beta:options[:beta])
+
 	if options[:alpha] or options[:beta]
 	  puts "Skipping deployment to F-Droid cause there isn't currently a alpha/beta channel"
 	else
@@ -210,6 +212,44 @@ platform :android do |options|
     FileUtils.cp(lane_context[SharedValues::GRADLE_APK_OUTPUT_PATH], "release/Cryptomator-#{version}_fdroid_signed.apk")
   end
 
+  desc "Check if tracking added in some dependency"
+  private lane :checkTrackingAddedInDependency do |options|
+    puts "Check if script file is latest"
+	sh("wget -O current_iod-scan-apk.php https://gitlab.com/fdroid/issuebot/-/raw/master/modules/iod-scan-apk.php")
+
+	same_script =  FileUtils.compare_file("iod-scan-apk.php", "current_iod-scan-apk.php")
+	if same_script
+	  puts "Script file unchanged"
+	  FileUtils.rm("current_iod-scan-apk.php")
+	else
+	  UI.error("Script updated, check diff, download and save to iod-scan-apk.php")
+	  fail
+	end
+
+    FileUtils.mkdir("unsigned")
+
+	FileUtils.cp(lane_context[SharedValues::GRADLE_APK_OUTPUT_PATH], "unsigned/org.cryptomator_#{version}.apk")
+
+    sh("ISSUEBOT_CURRENT_APPLICATION_ID=org.cryptomator ISSUEBOT_CURRENT_REPLY_FILE=current_result.json php iod-scan-apk.php")
+
+	# clean up
+	FileUtils.rm("libinfo.txt")
+	FileUtils.rm("libsmali.txt")
+	FileUtils.rm_r("unsigned")
+	FileUtils.rm_r("org.cryptomator_#{version}")
+
+	puts "Check if something changed in the APK regarding the dependencies"
+    same_files =  FileUtils.compare_file("result.json", "current_result.json")
+
+	if same_files
+      puts "Dependencies unchanged"
+      FileUtils.rm("current_result.json")
+    else
+      UI.error("Dependencies changed, check result of current_result.json, if no problem, move it to result.json, commit and retry")
+      fail
+    end
+  end
+
   desc "Create GitHub draft release"
   lane :createGitHubDraftRelease do |options|
     target_branch = "main"
diff --git a/fastlane/result.json b/fastlane/result.json
new file mode 100644
index 00000000..6666c8bd
--- /dev/null
+++ b/fastlane/result.json
@@ -0,0 +1 @@
+{"applicationId":"org.cryptomator","emoji":[],"labels":[],"report":"<h3>APK library scanner</h3><details>\n<summary>unsigned/org.cryptomator_1.6.1-SNAPSHOT.apk</summary>\nApktool failed (rc: 1), analysis skipped.\n</details>\n","reportData":{"log":["Fetching library definitions from https://gitlab.com/IzzyOnDroid/repo/-/raw/master/lib","Loaded 2500 library definitions","Analyzing 'unsigned/org.cryptomator_1.6.1-SNAPSHOT.apk'...","Apktool returned: 1","Apktool failed, skipping analysis."],"self_url":null}}
\ No newline at end of file

From 68555079013607e501aaf60a557d86c62a865e06 Mon Sep 17 00:00:00 2001
From: Julian Raufelder <Julian@Raufelder.com>
Date: Wed, 14 Jul 2021 12:40:59 +0200
Subject: [PATCH 2/2] Compare only the report as there are version specific
 params in the JSON

---
 fastlane/Fastfile    | 41 ++++++++++++++++++++++-------------------
 fastlane/README.md   |  5 +++++
 fastlane/result.json |  2 +-
 3 files changed, 28 insertions(+), 20 deletions(-)

diff --git a/fastlane/Fastfile b/fastlane/Fastfile
index a757c90c..508e8c76 100644
--- a/fastlane/Fastfile
+++ b/fastlane/Fastfile
@@ -2,6 +2,7 @@ fastlane_require 'dotenv'
 fastlane_require 'jwt'
 fastlane_require 'base64'
 fastlane_require 'net/sftp'
+fastlane_require 'json'
 
 default_platform(:android)
 
@@ -213,35 +214,37 @@ platform :android do |options|
   end
 
   desc "Check if tracking added in some dependency"
-  private lane :checkTrackingAddedInDependency do |options|
+  lane :checkTrackingAddedInDependency do |options|
     puts "Check if script file is latest"
-	sh("wget -O current_iod-scan-apk.php https://gitlab.com/fdroid/issuebot/-/raw/master/modules/iod-scan-apk.php")
+    sh("wget -O current_iod-scan-apk.php https://gitlab.com/fdroid/issuebot/-/raw/master/modules/iod-scan-apk.php")
 
-	same_script =  FileUtils.compare_file("iod-scan-apk.php", "current_iod-scan-apk.php")
-	if same_script
-	  puts "Script file unchanged"
-	  FileUtils.rm("current_iod-scan-apk.php")
-	else
-	  UI.error("Script updated, check diff, download and save to iod-scan-apk.php")
-	  fail
-	end
+    same_script =  FileUtils.compare_file("iod-scan-apk.php", "current_iod-scan-apk.php")
+    if same_script
+      puts "Script file unchanged"
+      FileUtils.rm("current_iod-scan-apk.php")
+    else
+      UI.error("Script updated, check diff, download and save to iod-scan-apk.php")
+      fail
+    end
 
     FileUtils.mkdir("unsigned")
 
-	FileUtils.cp(lane_context[SharedValues::GRADLE_APK_OUTPUT_PATH], "unsigned/org.cryptomator_#{version}.apk")
+    FileUtils.cp(lane_context[SharedValues::GRADLE_APK_OUTPUT_PATH], "unsigned/org.cryptomator_#{version}.apk")
 
     sh("ISSUEBOT_CURRENT_APPLICATION_ID=org.cryptomator ISSUEBOT_CURRENT_REPLY_FILE=current_result.json php iod-scan-apk.php")
 
-	# clean up
-	FileUtils.rm("libinfo.txt")
-	FileUtils.rm("libsmali.txt")
-	FileUtils.rm_r("unsigned")
-	FileUtils.rm_r("org.cryptomator_#{version}")
+    # clean up
+    FileUtils.rm("libinfo.txt")
+    FileUtils.rm("libsmali.txt")
+    FileUtils.rm_r("unsigned")
+    FileUtils.rm_r("org.cryptomator_#{version}")
 
-	puts "Check if something changed in the APK regarding the dependencies"
-    same_files =  FileUtils.compare_file("result.json", "current_result.json")
+    puts "Check if something changed in the APK regarding the dependencies"
 
-	if same_files
+    report = JSON.parse(File.read("result.json"))["report"]
+    current_report = JSON.parse(File.read("current_result.json"))["report"]
+
+    if report.eql?(current_report)
       puts "Dependencies unchanged"
       FileUtils.rm("current_result.json")
     else
diff --git a/fastlane/README.md b/fastlane/README.md
index 76c52803..bca77c73 100644
--- a/fastlane/README.md
+++ b/fastlane/README.md
@@ -41,6 +41,11 @@ Deploy new version to server
 fastlane android deployToFDroid
 ```
 Deploy new version to F-Droid
+### android checkTrackingAddedInDependency
+```
+fastlane android checkTrackingAddedInDependency
+```
+Check if tracking added in some dependency
 ### android createGitHubDraftRelease
 ```
 fastlane android createGitHubDraftRelease
diff --git a/fastlane/result.json b/fastlane/result.json
index 6666c8bd..a29d38fb 100644
--- a/fastlane/result.json
+++ b/fastlane/result.json
@@ -1 +1 @@
-{"applicationId":"org.cryptomator","emoji":[],"labels":[],"report":"<h3>APK library scanner</h3><details>\n<summary>unsigned/org.cryptomator_1.6.1-SNAPSHOT.apk</summary>\nApktool failed (rc: 1), analysis skipped.\n</details>\n","reportData":{"log":["Fetching library definitions from https://gitlab.com/IzzyOnDroid/repo/-/raw/master/lib","Loaded 2500 library definitions","Analyzing 'unsigned/org.cryptomator_1.6.1-SNAPSHOT.apk'...","Apktool returned: 1","Apktool failed, skipping analysis."],"self_url":null}}
\ No newline at end of file
+{"applicationId":"org.cryptomator","emoji":[],"labels":["scanner-warning"],"report":"<h3>APK library scanner</h3><details open>\n<summary>unsigned/org.cryptomator_1.6.1-SNAPSHOT.apk</summary>\n<b>Offending libs:</b><br>\n<ul>\n  <li>Dropbox Core SDK for Java (/com/dropbox/core): <b>NonFreeNet</b></li>\n  <li>MSA Auth for Android (/com/microsoft/services/msa): <b>NonFreeNet</b></li>\n  <li>pCloud Java SDK (/com/pcloud/sdk): <b>NonFreeNet</b></li>\n</ul>\n3 offender(s). Full report <a href='/artifacts/public/issuebot///iod-scan-apk.php.json'>available here</a>.</details>\n","reportData":{"unsigned/org.cryptomator_1.6.1-SNAPSHOT.apk":[{"id":"/android/support/v4","name":"Android Support v4","typ":"Development Framework","anti":""},{"id":"/androidx/arch","name":"Arch","typ":"Utility","anti":""},{"id":"/androidx/appcompat","name":"AppCompat","typ":"Utility","anti":""},{"id":"/androidx/biometric","name":"Biometric","typ":"Utility","anti":""},{"id":"/androidx/constraintlayout","name":"Constraint Layout Library","typ":"Utility","anti":""},{"id":"/androidx/core","name":"Androidx Core","typ":"Utility","anti":""},{"id":"/androidx/documentfile","name":"Documentfile","typ":"UI Component","anti":""},{"id":"/androidx/exifinterface","name":"Exifinterface","typ":"Utility","anti":""},{"id":"/androidx/legacy","name":"androidx.legacy","typ":"Utility","anti":""},{"id":"/androidx/lifecycle","name":"Lifecycle","typ":"Utility","anti":""},{"id":"/androidx/loader","name":"Loader","typ":"Utility","anti":""},{"id":"/androidx/preference","name":"Preference","typ":"Utility","anti":""},{"id":"/androidx/print","name":"Print","typ":"Utility","anti":""},{"id":"/androidx/transition","name":"Transition","typ":"UI Component","anti":""},{"id":"/androidx/vectordrawable","name":"Vectordrawable","typ":"UI Component","anti":""},{"id":"/com/burgstaller/okhttp","name":"okhttp-digest","typ":"Utility","anti":""},{"id":"/com/davemorrissey/labs/subscaleview","name":"Subsampling Scale Image View","typ":"UI Component","anti":""},{"id":"/com/dropbox/core","name":"Dropbox Core SDK for Java","typ":"Utility","anti":"NonFreeNet"},{"id":"/com/fasterxml","name":"Fasterxml","typ":"Utility","anti":""},{"id":"/com/google/android/material","name":"Google Material Design","typ":"Utility","anti":""},{"id":"/com/google/common","name":"Google Core Libraries for Java 6+","typ":"Utility","anti":""},{"id":"/com/google/errorprone","name":"Error Prone","typ":"Utility","anti":""},{"id":"/com/google/gson","name":"Google Gson","typ":"Utility","anti":""},{"id":"/com/google/j2objc","name":"J2ObjC","typ":"Utility","anti":""},{"id":"/com/jakewharton/rxbinding","name":"RxBinding","typ":"Utility","anti":""},{"id":"/com/microsoft/graph","name":"Microsoft Graph-SDK","typ":"Development Framework","anti":""},{"id":"/com/microsoft/services/msa","name":"MSA Auth for Android","typ":"Utility","anti":"NonFreeNet"},{"id":"/com/nulabinc/zxcvbn","name":"zxcvbn4j","typ":"Utility","anti":""},{"id":"/com/pcloud/sdk","name":"pCloud Java SDK","typ":"Utility","anti":"NonFreeNet"},{"id":"/com/simplecityapps/recyclerview_fastscroll","name":"RecyclerView-FastScroll","typ":"UI Component","anti":""},{"id":"/com/squareup/okhttp","name":"OkHttp","typ":"Utility","anti":""},{"id":"/com/tomclaw/cache","name":"Disk LRU Cache","typ":"Utility","anti":""},{"id":"/dagger","name":"Dagger","typ":"Utility","anti":""},{"id":"/io/jsonwebtoken","name":"Java JWT","typ":"Utility","anti":""},{"id":"/io/reactivex","name":"RxJava","typ":"Utility","anti":""},{"id":"/javax/annotation","name":"JavaX Annotation API","typ":"Utility","anti":""},{"id":"/javax/inject","name":"JavaX Dependency Injection","typ":"Utility","anti":""},{"id":"/kotlin","name":"Kotlin","typ":"Utility","anti":""},{"id":"/kotlinx/coroutines","name":"kotlinx.coroutines","typ":"Utility","anti":""},{"id":"/okio","name":"OkHttp okio Framework","typ":"Utility","anti":""},{"id":"/org/apache/commons","name":"Apache Commons","typ":"Development Framework","anti":""},{"id":"/org/apache/http","name":"Apache Http","typ":"Utility","anti":""},{"id":"/org/checkerframework","name":"Checker Framework","typ":"Utility","anti":""},{"id":"/org/greenrobot/greendao","name":"greenDAO","typ":"Utility","anti":""},{"id":"/org/intellij","name":"IntelliJ IDEA","typ":"Utility","anti":""},{"id":"/org/reactivestreams","name":"Reactive Streams","typ":"Utility","anti":""},{"id":"/org/simpleframework","name":"Simple","typ":"Utility","anti":""},{"id":"/org/slf4j","name":"Simple Logging Facade for Java","typ":"Utility","anti":""},{"id":"/timber/log","name":"Timber","typ":"Utility","anti":""}],"log":["Fetching library definitions from https://gitlab.com/IzzyOnDroid/repo/-/raw/master/lib","Loaded 2500 library definitions","Analyzing 'unsigned/org.cryptomator_1.6.1-SNAPSHOT.apk'...","Apktool returned: 0","Read 23715 bytes of smali path names from 'org.cryptomator_1.6.1-SNAPSHOT.dirlist'","Identified 49 libraries, 3 offenders.","Done analyzing 'unsigned/org.cryptomator_1.6.1-SNAPSHOT.apk'"],"self_url":"/artifacts/public/issuebot///iod-scan-apk.php.json"}}
\ No newline at end of file