* Refactor NFC scanner tests to use a global variable for platform OS, allowing dynamic switching between iOS and Android during tests. This change improves test isolation and avoids hoisting issues with jest.mock.
* feat: add GitHub App token generation action for self repositories
- Introduced a new action to generate GitHub App tokens for accessing repositories within the selfxyz organization.
- Updated multiple workflows to utilize the new action for token generation, ensuring secure access to private repositories during CI processes.
- Modified Podfile and scripts to support authentication using the generated token, enhancing the cloning of private modules in CI environments.
* chore: enhance CI workflows with Git authentication for CocoaPods
- Updated multiple CI workflows to include a step for configuring Git authentication for CocoaPods, ensuring secure access to private repositories without embedding credentials in URLs.
- Added masking for sensitive tokens in logs to enhance security during CI processes.
- Modified the Podfile to avoid printing authentication details in CI logs, improving overall security practices.
* chore: enhance CI workflows with optional Git authentication configuration
- Added new inputs to the GitHub action for generating GitHub tokens, allowing optional configuration of a ~/.netrc entry for Git authentication.
- Updated multiple CI workflows to utilize the new configuration, improving security and simplifying access to private repositories during builds.
- Removed redundant Git authentication steps from workflows, streamlining the CI process while maintaining secure access to necessary resources.
* chore: update Podfile for secure Git authentication in CI
- Modified the Podfile to enhance security by avoiding the embedding of credentials in URLs for accessing the NFCPassportReader repository during CI processes.
- Added comments to guide developers on using workflow-provided authentication methods, improving overall security practices in the project.
* chore: remove android private modules doc
* private repo pull
* skip private modules
* remove unused circuits building
* save wip
* format
* restore tsconfig
* fix package install
* fix internal repo cloning
* unify logic and fix cloning
* git clone internal repos efficiently
* formatting
* run app yarn reinstall from root
* coderabbit feedback
* coderabbit suggestions
* remove skip private modules logic
* fix: ensure PAT is passed through yarn-install action and handle missing PAT gracefully
- Update yarn-install action to pass SELFXYZ_INTERNAL_REPO_PAT to yarn install
- Make setup-private-modules.cjs skip gracefully when PAT is unavailable in CI
- Fixes issue where setup script was throwing error instead of skipping for forks
* prettier
* fix clone ci
* clone ci fixes
* fix import export sorts
* fix instructions
* fix: remove SelfAppBuilder re-export to fix duplicate export error
- Remove SelfAppBuilder import/export from @selfxyz/qrcode
- Update README to import SelfAppBuilder directly from @selfxyz/common
- Fixes CI build failure with duplicate export error
* fix: unify eslint-plugin-sort-exports version across workspaces
- Update mobile-sdk-alpha from 0.8.0 to 0.9.1 to match other workspaces
- Removes yarn.lock version conflict causing CI/local behavior mismatch
- Fixes quality-checks workflow linting failure
* fix: bust qrcode SDK build cache to resolve stale SelfAppBuilder issue
- Increment GH_SDK_CACHE_VERSION from v1 to v2
- Forces CI to rebuild artifacts from scratch instead of using cached version
- Resolves quality-checks linter error showing removed SelfAppBuilder export
* skip job
* test yarn cache
* bump cache version to try and fix the issue
* revert cache version
* refactor: use direct re-exports for cleaner qrcode package structure
- Replace import-then-export pattern with direct re-exports
- Keep SelfAppBuilder export with proper alphabetical sorting (before SelfQRcode)
- Maintain API compatibility as documented in README
- Eliminates linter sorting issues while keeping clean code structure
* fix: separate type and value imports in README examples
- Import SelfApp as type since it's an interface
- Import SelfAppBuilder as value since it's a class
- Follows TypeScript best practices and improves tree shaking
* remove lazy loading
* fix tests
* formatting
* fix imports and web ci
* fix tests
* fix building
* fix
* debug ci
* fix web ci issue
* fix
* fix
* fix ci
* remove web render test
* coderabbit feedback
* fix ci
* use import
* fix lint
* fix compiling
* update lock
* update lock
* fix: update yarn.lock hash for @selfxyz/mobile-sdk-alpha
Resolves CI error where yarn install --immutable failed due to
outdated package hash. The hash changed from b2afc4 to f9ebb9.
* fix: update yarn.lock hash after mobile-sdk-alpha changes
- Hash changed from c0e6b9 to 0d0f72 due to package modifications
- Cleaned caches and regenerated lockfile to ensure consistency
- This resolves CI cache mismatch where old artifacts had stale hash
* fix: update yarn.lock hash after building mobile-sdk-alpha
- Final hash: 89f5a6 (includes built dist artifacts)
- Built mobile-sdk-alpha to ensure package is in stable state
- This should resolve CI immutable install errors
* fix yarn lock and build
* Parallelize mobile SDK CI and add core workflow
* fix tests for now
* test build improvements
* fix: add explicit Corepack setup to fix Yarn version issues in CI
* security: add minimal permissions, pin actions to SHAs, and improve checksum verification
* refactor: remove redundant Corepack setup from npm-publish and core-sdk-ci workflows
* simplify action versions
- Modified package.json to create separate install commands for iOS and Android
- Updated mobile-setup/action.yml to use platform-specific install commands
- Android builds will no longer try to run pod install and increment ios build number
* test: trigger CI/CD pipeline with harmless comment update
Testing the auto-deploy workflow after recent fixes
* fix: remove duplicate checkout in mobile-setup action
The mobile-setup action was doing its own checkout which could cause
inconsistencies between iOS and Android jobs. The main workflow already
handles checkout, so this duplicate checkout was causing Android builds
to fail with Gemfile.lock errors while iOS passed.
* feat: add version management system with build number tracking
- Add version.json to track iOS/Android build numbers separately
- Create version.cjs script for build number management
- Add Fastlane version_manager.rb helper
- Keep npm version for semver, version.json for build tracking
* feat: integrate version.json with Fastlane deployment process
## What Changed
- Updated iOS and Android Fastlane lanes to use version.json for build number management
- Added automatic build number increment on deployment
- Added deployment timestamp tracking
## How It Works
### iOS Deployment
1. Reads current build number from version.json
2. Increments iOS build number (e.g., 148 → 149)
3. Updates Xcode project with new build number via increment_build_number
4. Proceeds with TestFlight deployment
5. Updates lastDeployed timestamp on successful upload
### Android Deployment
1. Reads current build number from version.json
2. Increments Android build number (e.g., 82 → 83)
3. Updates build.gradle with new version code via increment_version_code
4. Proceeds with Play Store deployment
5. Updates lastDeployed timestamp on successful upload
## Why This Change
- Eliminates manual version/build number entry
- Prevents version conflicts between deployments
- Provides single source of truth for build numbers
- Enables automatic deployments without human intervention
- Tracks deployment history with timestamps
## Dependencies
- Requires version.json file (already created in previous commit)
- Uses existing Fastlane plugins:
- increment_build_number (iOS - built-in)
- increment_version_code (Android - from plugin)
- Version numbers still managed by npm version command
* feat: enhance deploy confirmation with version.json info
* fix: use ENV variable directly in increment_build_number to avoid secret masking
* fix: correct xcodeproj path for GitHub Actions workflow
* feat: add test mode to workflow for safe testing
- Skip store uploads when test_mode is true
- Test version bumps and builds without deployment
- Prevent accidental pushes to TestFlight/Play Store
* fix: use gradle_file_path instead of gradle_file for increment_version_code
* fix: use gsub to remove ../ prefix for CI compatibility
* chore: remove accidentally committed files
- Remove .cursor/mcp.json
- Remove .cursorignore
- Remove deployment-automation-summary.md
- Remove deployment-meeting-questions.md
- Remove pipeline.md
* feat: auto-commit version.json after successful deployment
- Commits version.json changes back to repository
- Only runs when test_mode is false
- Uses [skip ci] to prevent infinite loops
- Checks for actual changes before committing
* feat : update package.json in build step using npm version
* feat: add comprehensive caching to mobile deployment workflow
- Add caching for Yarn dependencies, Ruby gems, CocoaPods, Gradle, and Android NDK
- Implement cache versioning strategy for easy cache invalidation
- Fix cache order: caches now restored after checkout but before dependency installation
- Update mobile-setup action to skip installs when dependencies are cached
- Add cache size monitoring to track usage against GitHub's 10GB limit
- Fix Slack notification bug: skip notifications in test_mode
- Add detailed logging for package.json version updates (show from/to versions)
Expected performance improvement: ~50% faster builds (from ~15min to ~7-10min)
* fix: move bundler config after Ruby setup in mobile-setup action
* fix: rename cache env vars to avoid Yarn conflicts
Yarn was interpreting YARN_CACHE_VERSION as its own config setting.
Prefixed all cache version env vars with GH_ to avoid conflicts.
* fix: remove bundler deployment mode to allow Gemfile updates
The deployment mode was causing bundler to fail when Gemfile
changed (nokogiri was removed). CI should be able to update
the lockfile as needed.
* feat: implement strict lock file enforcement (Option 1)
- Re-enable bundler deployment mode for strict Gemfile.lock checking
- Use yarn install --immutable for strict yarn.lock checking
- Add clear error messages when lock files are out of date
- Add pre-checks to verify lock files exist
- This ensures reproducible builds and makes caching maximally effective
When developers change dependencies, they must now:
1. Run yarn install or bundle install locally
2. Commit the updated lock files
3. CI will fail with helpful instructions if they forget
* fix: update Gemfile.lock for CI environment
Remove nokogiri from Gemfile.lock since it's excluded in CI
environments (GITHUB_ACTIONS=true). This allows the strict
lock file checks to pass in CI.
* fix: correct yarn.lock path for monorepo workspace
The project uses Yarn workspaces with yarn.lock at the repository
root, not in the app directory. Updated paths to check for yarn.lock
at workspace root and use it for cache keys.
* fix: handle both boolean and string test_mode parameter
The test_mode parameter was only checking for string 'true' but
could be passed as boolean true from command line. Now handles both
cases to ensure test mode works correctly for iOS and Android.
* fix: address code review feedback for mobile deployment workflow
- Replace jq with Node.js for version extraction (jq not available on macOS runners)
- Fix concurrent commit race condition by creating separate update-version job
- Add platform validation to version_manager.rb and version.cjs scripts
- Use POSIX-compatible single = for shell string comparisons
- Ensure single atomic commit when deploying to both platforms
* fix: formatting and linting issues
- Remove trailing spaces from workflow YAML file
- Fix prettier formatting in JavaScript files
- Add -y flag to yarn version command for non-interactive mode
- Address all lint warnings from CI
---------
Co-authored-by: Jayaditya Gupta <nightmare@Jayadityas-MacBook-Pro.local>
