fix(cli): remove literal quotes from keystore path and passwords when calling apksigner/jarsigner #978
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… calling apksigner/jarsigner
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes an issue causing apksigner/jarsigner to fail when the keystore is created by bubblewrap init. The CLI previously passed passwords and keystore path with literal quotes that became part of the values passed to apksigner and jarsigner. This caused Java KeyStore decryption to fail with BadPaddingException.
This change removes the literal quotes before calling apksigner and jarsigner and adds a unit test to ensure passwords are passed without quotes.
Changes:
packages/cli/src/lib/cmds/build.ts.Buildclass to facilitate unit testing.packages/cli/src/spec/lib/cmds/BuildSpec.tsunit test that mocks AndroidSdkTools/JarSigner and asserts unquoted passwords are passed.How to test manually:
bubblewrap init, choose to create a new keystore and use any password.bubblewrap buildand verify it succeeds and apksigner/jarsigner do not produce BadPaddingException.This PR includes tests; CI should be run to validate behavior.