diff --git a/.env.example b/.env.example
index ea127aaf..9f778853 100644
--- a/.env.example
+++ b/.env.example
@@ -4,3 +4,10 @@ IS_DEV_ENV=0
IS_AUTO_UPDATE_DISABLED=0
EP_GH_IGNORE_TIME=true
GH_TOKEN=
+
+NOTARIZE=0
+APPLE_TEAM_ID=
+APPLE_ID=
+APPLE_APP_SPECIFIC_PASSWORD=
+CSC_LINK=
+CSC_KEY_PASSWORD=
diff --git a/.github/workflows/build-electron-app.yml b/.github/workflows/build-electron-app.yml
index 0f07009b..7e6b09ff 100644
--- a/.github/workflows/build-electron-app.yml
+++ b/.github/workflows/build-electron-app.yml
@@ -19,6 +19,9 @@ on:
isBfxApiStaging:
description: 'Is it necessary to use BFX API Staging? (true / 1)?'
required: false
+ isNotarizeDisabled:
+ description: 'Is notarize disabled (true / 1)?'
+ required: false
env:
DOCKER_BUILDKIT: 1
@@ -96,13 +99,17 @@ jobs:
sudo chown -R $(id -u):$(id -g) ~/.cache/electron-builder
mac-builder:
- timeout-minutes: 90
+ timeout-minutes: 150
runs-on: macos-12
steps:
- name: Checkout
uses: actions/checkout@v4
with:
submodules: recursive
+ - name: Replace macOS’s sed with GNU’s sed
+ run: |
+ brew install gnu-sed
+ echo "$(brew --prefix)/opt/gnu-sed/libexec/gnubin" >> $GITHUB_PATH
- name: Set repo owner
run: |
sed -i -e \
@@ -118,6 +125,10 @@ jobs:
name: Turn off auto-update
run: |
echo "IS_AUTO_UPDATE_DISABLED=1" >> $GITHUB_ENV
+ - if: ${{ !contains(fromJson('["true", "1", true, 1]'), github.event.inputs.isNotarizeDisabled) }}
+ name: Turn on notarize
+ run: |
+ echo "NOTARIZE=1" >> $GITHUB_ENV
- if: contains(fromJson('["true", "1", true, 1]'), github.event.inputs.isBfxApiStaging)
name: Use BFX API Staging for queries
run: |
@@ -132,7 +143,7 @@ jobs:
cache-name: electron-cache-v1
with:
path: |
- ~/Library/Caches/electron
+ ${{ runner.temp }}/.cache/electron
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('package.json') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
@@ -141,14 +152,26 @@ jobs:
uses: nick-fields/retry@v2
continue-on-error: false
env:
+ APPLE_TEAM_ID: ${{ secrets.BFX_APPLE_TEAM_ID }}
+ APPLE_ID: ${{ secrets.BFX_APPLE_ID_USERNAME }}
+ APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.BFX_APPLE_ID_REPORT_PASSWORD }}
+ CSC_LINK: ${{ secrets.BFX_APPLE_BUILD_CERTIFICATE_B64 }}
+ CSC_KEY_PASSWORD: ${{ secrets.BFX_APPLE_BUILD_CERTIFICATE_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- ELECTRON_CACHE: ~/Library/Caches/electron
+ ELECTRON_CACHE: ${{ runner.temp }}/.cache/electron
with:
- timeout_minutes: 20
+ timeout_minutes: 40
retry_wait_seconds: 10
max_attempts: 3
retry_on: any
- command: ./scripts/build-release.sh -mp
+ command: |
+ if [[ -z "${APPLE_TEAM_ID}" ]]; then unset NOTARIZE; fi
+ if [[ -z "${APPLE_TEAM_ID}" ]]; then unset APPLE_TEAM_ID; fi
+ if [[ -z "${APPLE_ID}" ]]; then unset APPLE_ID; fi
+ if [[ -z "${APPLE_APP_SPECIFIC_PASSWORD}" ]]; then unset APPLE_APP_SPECIFIC_PASSWORD; fi
+ if [[ -z "${CSC_LINK}" ]]; then unset CSC_LINK; fi
+ if [[ -z "${CSC_KEY_PASSWORD}" ]]; then unset CSC_KEY_PASSWORD; fi
+ ./scripts/build-release.sh -mp
- name: Zip Mac Unpacked build
run: zip -r dist/mac.zip dist/mac
- name: Upload Mac Unpacked build
diff --git a/CHANGELOG.md b/CHANGELOG.md
index d5e813f9..b48da19b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,29 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased]
+## [4.18.0] - 2024-01-31
+
+### Added
+
+- Added Apple signing and notarization workflow. PR: [bfx-report-electron#299](https://github.com/bitfinexcom/bfx-report-electron/pull/299)
+- Implemented users informing about the [platform maintenance](https://bitfinex.statuspage.io/) mode. PR: [bfx-report-ui#756](https://github.com/bitfinexcom/bfx-report-ui/pull/756)
+- Implemented configurable balances representation `Filter` for the `Summary by Asset` section. PR: [bfx-report-ui#753](https://github.com/bitfinexcom/bfx-report-ui/pull/753)
+- Implemented `Google Tag Manager` support for the `Reports` and events tracking. PR: [bfx-report-ui#762](https://github.com/bitfinexcom/bfx-report-ui/pull/762)
+
+### Changed
+
+- Improved user informing about the initial synchronization. PR: [bfx-report-ui#760](https://github.com/bitfinexcom/bfx-report-ui/pull/760)
+- Improved login to sign in when `otp` length is `6`. PR: [bfx-report-ui#758](https://github.com/bitfinexcom/bfx-report-ui/pull/758)
+
+### Fixed
+
+- Fixed lint error. PR: [bfx-report-ui#763](https://github.com/bitfinexcom/bfx-report-ui/pull/763)
+
+### Security
+
+- Resolved `dependabot` dependency updates, bumped `follow-redirects` from `1.15.3` to `1.15.4`. PR: [bfx-report-ui#755](https://github.com/bitfinexcom/bfx-report-ui/pull/755)
+- Replaced `Lodash` `_isObject` helper usage with the corresponding one from the internal library for security reasons. PR: [bfx-report-ui#761](https://github.com/bitfinexcom/bfx-report-ui/pull/761)
+
## [4.17.0] - 2024-01-10
### Added
diff --git a/bfx-report-ui b/bfx-report-ui
index 471d8d1c..1236f970 160000
--- a/bfx-report-ui
+++ b/bfx-report-ui
@@ -1 +1 @@
-Subproject commit 471d8d1cf15d057d310fae991da335d0d01eaf38
+Subproject commit 1236f970ba0b1c4c9b5274dd1049ade7814febf9
diff --git a/bfx-reports-framework b/bfx-reports-framework
index 1fc8ca69..bd237349 160000
--- a/bfx-reports-framework
+++ b/bfx-reports-framework
@@ -1 +1 @@
-Subproject commit 1fc8ca6911e9382d193fc8b97ad734d7fcb6a42c
+Subproject commit bd2373497d981c13ee59f53242b601cbb14ddfca
diff --git a/build/entitlements.mac.plist b/build/entitlements.mac.plist
index 34d93599..b64de357 100644
--- a/build/entitlements.mac.plist
+++ b/build/entitlements.mac.plist
@@ -2,7 +2,7 @@
- com.apple.security.app-sandbox
+ com.apple.security.inherit
com.apple.security.network.client
@@ -22,5 +22,13 @@
com.apple.security.cs.disable-library-validation
+ com.apple.security.cs.allow-jit
+
+ com.apple.security.cs.allow-dyld-environment-variables
+
+ com.apple.security.cs.debugger
+
+ com.apple.security.automation.apple-events
+
diff --git a/build/entitlements.mas.inherit.plist b/build/entitlements.mas.inherit.plist
index 4b8d65fa..b64de357 100644
--- a/build/entitlements.mas.inherit.plist
+++ b/build/entitlements.mas.inherit.plist
@@ -2,8 +2,6 @@
- com.apple.security.app-sandbox
-
com.apple.security.inherit
com.apple.security.network.client
@@ -24,5 +22,13 @@
com.apple.security.cs.disable-library-validation
+ com.apple.security.cs.allow-jit
+
+ com.apple.security.cs.allow-dyld-environment-variables
+
+ com.apple.security.cs.debugger
+
+ com.apple.security.automation.apple-events
+
diff --git a/electron-builder-config.js b/electron-builder-config.js
index 64d7ae71..0938f268 100644
--- a/electron-builder-config.js
+++ b/electron-builder-config.js
@@ -1,5 +1,6 @@
'use strict'
+require('dotenv').config()
const fs = require('fs')
const path = require('path')
const zlib = require('zlib')
@@ -7,10 +8,32 @@ const { promisify } = require('util')
const archiver = require('archiver')
const exec = promisify(require('child_process').exec)
+const parseEnvValToBool = require(
+ './src/helpers/parse-env-val-to-bool'
+)
+
let version
let zippedAppImageArtifactPath
let zippedMacArtifactPath
const appOutDirs = new Map()
+const isNotarize = parseEnvValToBool(process.env.NOTARIZE)
+const arch = process.env.ARCH ?? 'x64'
+
+// Notarize can be done only on MacOS
+const macNotarize = (
+ process.platform === 'darwin' &&
+ isNotarize
+)
+ ? {
+ notarize: {
+ teamId: process.env.APPLE_TEAM_ID
+ }
+ }
+ : {}
+// DMG can be built only on MacOS
+const macSpecificTargets = process.platform === 'darwin'
+ ? ['dmg', 'zip']
+ : []
/* eslint-disable no-template-curly-in-string */
@@ -60,7 +83,7 @@ module.exports = {
extends: null,
asar: false,
productName: 'Bitfinex Report',
- artifactName: 'BitfinexReport-${version}-x64-${os}.${ext}',
+ artifactName: 'BitfinexReport-${version}-' + arch + '-${os}.${ext}',
appId: 'com.bitfinex.report',
publish: {
provider: 'github',
@@ -92,14 +115,18 @@ module.exports = {
verifyUpdateCodeSignature: false
},
mac: {
- type: 'development',
+ type: 'distribution',
hardenedRuntime: true,
gatekeeperAssess: false,
entitlements: 'build/entitlements.mac.plist',
entitlementsInherit: 'build/entitlements.mas.inherit.plist',
category: 'public.app-category.finance',
+ minimumSystemVersion: '11',
+ darkModeSupport: true,
+ ...macNotarize,
target: [
- 'dir'
+ 'dir',
+ ...macSpecificTargets
]
},
files: [
@@ -213,14 +240,16 @@ module.exports = {
? 'exe'
: targetName
const foundAppFilePath = artifactPaths.find((path) => (
- new RegExp(`${targetPlatform}.*${ext}$`, 'i').test(path)
+ new RegExp(`${arch}.*${targetPlatform}.*${ext}$`, 'i').test(path)
))
const appFilePath = foundAppFilePath ?? path.join(
outDir,
- `BitfinexReport-${version}-x64-${targetPlatform}.${ext}`
+ `BitfinexReport-${version}-${arch}-${targetPlatform}.${ext}`
)
if (
+ // Outside darwin zip release can't be built successfully
+ process.platform !== 'darwin' &&
targetPlatform === 'mac' &&
targetName === 'zip'
) {
@@ -261,7 +290,7 @@ module.exports = {
) {
zippedAppImageArtifactPath = path.join(
outDir,
- `BitfinexReport-${version}-x64-${targetPlatform}.AppImage.zip`
+ `BitfinexReport-${version}-${arch}-${targetPlatform}.AppImage.zip`
)
await new Promise((resolve, reject) => {
try {
diff --git a/package.json b/package.json
index 84509832..8ef86696 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "bfx-report-electron",
- "version": "4.17.0",
+ "version": "4.18.0",
"repository": "https://github.com/bitfinexcom/bfx-report-electron",
"description": "Reporting tool",
"author": "bitfinex.com",
@@ -42,6 +42,7 @@
"@wdio/spec-reporter": "8.21.0",
"app-builder-bin": "4.2.0",
"cross-env": "7.0.3",
+ "dotenv": "16.3.1",
"electron": "27.2.0",
"electron-builder": "24.10.0",
"mocha": "10.2.0",
diff --git a/scripts/build-release.sh b/scripts/build-release.sh
index 601317d5..3862083b 100755
--- a/scripts/build-release.sh
+++ b/scripts/build-release.sh
@@ -17,7 +17,7 @@ COLOR_YELLOW=${COLOR_YELLOW:-"\033[33m"}
COLOR_BLUE=${COLOR_BLUE:-"\033[34m"}
COLOR_NORMAL=${COLOR_NORMAL:-"\033[39m"}
-ARCH="x64"
+export ARCH=${ARCH:-"x64"}
BFX_API_URL="https://api-pub.bitfinex.com"
STAGING_BFX_API_URL="https://api.staging.bitfinex.com"
@@ -230,7 +230,7 @@ fi
rm -rf "$DIST_FOLDER/"*"$targetPlatform"*
node "$ROOT/node_modules/.bin/electron-builder" \
- "build" "--$targetPlatform" \
+ "build" "--$targetPlatform" "--$ARCH" \
"--config" "$ELECTRON_BUILDER_CONFIG_FILE_PATH" \
$publishOption
diff --git a/scripts/node/generate-mac-zipand-blockmap.js b/scripts/node/generate-mac-zipand-blockmap.js
index 6af9fd6c..d1966259 100644
--- a/scripts/node/generate-mac-zipand-blockmap.js
+++ b/scripts/node/generate-mac-zipand-blockmap.js
@@ -2,6 +2,7 @@
'use strict'
+require('dotenv').config()
const path = require('path')
const { chmodSync } = require('fs')
const {
@@ -24,7 +25,7 @@ const {
version: APP_VERSION
} = require(packageJsonPath)
-const ARCH = 'x64'
+const ARCH = process.env.ARCH ?? 'x64'
const APP_NAME = productName.replace(/\s/g, '')
const APP_DIST_PATH = path.join(cwd, 'dist')
const appReleaseFileName = `${APP_NAME}-${APP_VERSION}-${ARCH}-mac.zip`
diff --git a/src/helpers/parse-env-val-to-bool.js b/src/helpers/parse-env-val-to-bool.js
index 2b2f4359..f0d3c663 100644
--- a/src/helpers/parse-env-val-to-bool.js
+++ b/src/helpers/parse-env-val-to-bool.js
@@ -4,6 +4,9 @@ module.exports = (value) => {
if (typeof value === 'boolean') {
return value
}
+ if (!value) {
+ return false
+ }
const normalizedValue = value.toString()
.trim()