@@ -327,108 +327,18 @@ jobs:
327327 grep -rl "$CURRENT_VERSION" ./compiled-rn || echo "No files found with $CURRENT_VERSION"
328328 grep -rl "$CURRENT_VERSION" ./compiled-rn | xargs -r sed -i -e "s/$CURRENT_VERSION/$LAST_VERSION/g"
329329 grep -rl "$CURRENT_VERSION" ./compiled-rn || echo "Version reverted"
330- name : Check changes before signing
331- run : |
332- echo "Full git status"
333- git add .
334- git status
335- echo "===================="
336- if git status --porcelain | grep -qv '/REVISION'; then
337- echo "Changes detected"
338- echo "===== Changes ====="
339- git --no-pager diff -U0 --cached | grep '^[+-]' | head -n 50
340- echo "==================="
341- else
342- echo "No Changes detected"
343- fi
344- name : Revert signatures
345- uses : actions/github-script@v6
346- with :
347- script : |
348- // TODO: Move this to a script file.
349- // We currently can't call scripts from the repo because
350- // at this point in the workflow, we're on the compiled
351- // artifact branch (so the scripts don't exist).
352- // We can fix this with a composite action in the main repo.
353- // This script is duplicated below.
354- const fs = require('fs');
355- const crypto = require('crypto');
356- const {execSync} = require('child_process');
357-
358- // TODO: when we move this to a script, we can use this from npm.
359- // Copy of signedsource since we can't install deps on this branch
360- const GENERATED = '@' + 'generated';
361- const NEWTOKEN = '<<SignedSource::*O*zOeWoEQle#+L!plEphiEmie@IsG>>';
362- const PATTERN = new RegExp(`${GENERATED} (?:SignedSource<<([a-f0-9]{32})>>)`);
363-
364- const TokenNotFoundError = new Error(
365- `SignedSource.signFile(...): Cannot sign file without token: ${NEWTOKEN}`
366- );
367-
368- function hash(data, encoding) {
369- const md5sum = crypto.createHash('md5');
370- md5sum.update(data, encoding);
371- return md5sum.digest('hex');
372- }
373-
374- const SignedSource = {
375- getSigningToken() {
376- return `${GENERATED} ${NEWTOKEN}`;
377- },
378- isSigned(data) {
379- return PATTERN.exec(data) != null;
380- },
381- signFile(data) {
382- if (!data.includes(NEWTOKEN)) {
383- if (SignedSource.isSigned(data)) {
384- // Signing a file that was previously signed.
385- data = data.replace(PATTERN, SignedSource.getSigningToken());
386- } else {
387- throw TokenNotFoundError;
388- }
389- }
390- return data.replace(NEWTOKEN, `SignedSource<<${hash(data, 'utf8')}>>`);
391- },
392- };
393-
394- const directory = './compiled-rn';
395- console.log('Signing files in directory:', directory);
396- try {
397- const result = execSync(`git status --porcelain ${directory}`, {encoding: 'utf8'});
398-
399- // Parse the git status output to get file paths
400- const files = result.split('\n').filter(file => file.endsWith('.js'));
401-
402- if (files.length === 0) {
403- throw new Error(
404- 'git status returned no files to sign. this job should not have run.'
405- );
406- } else {
407- files.forEach(line => {
408- const file = line.slice(3).trim();
409- if (file) {
410- console.log(' Signing file:', file);
411- const originalContents = fs.readFileSync(file, 'utf8');
412- const signedContents = SignedSource.signFile(originalContents);
413- fs.writeFileSync(file, signedContents, 'utf8');
414- }
415- });
416- }
417- } catch (e) {
418- process.exitCode = 1;
419- console.error('Error signing files:', e);
420- }
421330name : Check for changes
422331 id : check_should_commit
423332 run : |
424333 echo "Full git status"
425334 git add .
426- git status --porcelain
335+ git --no-pager diff -U0 --cached | grep '^[+-]' | head -n 100
427336 echo "===================="
428- if git status --porcelain | grep -qv '/REVISION'; then
337+ # Ignore REVISION or lines removing @generated headers.
338+ if git diff --cached' :(exclude)*REVISION' | grep -vE "^(@@|diff|index|\-\-\-|\+\+\+|\- \* @generated SignedSource)" | grep "^[+-]" > /dev/null; then
429339 echo "Changes detected"
430340 echo "===== Changes ====="
431- git --no-pager diff -U0 --cached | grep ' ^[+-]' | head -n 50
341+ git --no-pager diff --cached ':(exclude)*REVISION' | grep -vE "^(@@|diff|index|\-\-\-|\+\+\+|\- \* @generated SignedSource)" | grep " ^[+-]" | head -n 50
432342 echo "==================="
433343 echo "should_commit=true" >> "$GITHUB_OUTPUT"
434344 else
@@ -445,7 +355,7 @@ jobs:
445355 grep -rl "$LAST_VERSION" ./compiled-rn || echo "No files found with $LAST_VERSION"
446356 grep -rl "$LAST_VERSION" ./compiled-rn | xargs -r sed -i -e "s/$LAST_VERSION/$CURRENT_VERSION/g"
447357 grep -rl "$LAST_VERSION" ./compiled-rn || echo "Version re-applied"
448- name : Add files
358+ name : Add files for signing
449359 if : steps.check_should_commit.outputs.should_commit == 'true'
450360 run : |
451361 echo ":"
@@ -519,7 +429,12 @@ jobs:
519429 if (file) {
520430 console.log(' Signing file:', file);
521431 const originalContents = fs.readFileSync(file, 'utf8');
522- const signedContents = SignedSource.signFile(originalContents);
432+ const signedContents = SignedSource.signFile(
433+ originalContents
434+ // Need to add the header in, since it's not inserted at build time.
435+ .replace(' */\n', ` * ${SignedSource.getSigningToken()}\n */\n`)
436+ );
437+
523438 fs.writeFileSync(file, signedContents, 'utf8');
524439 }
525440 });
@@ -531,7 +446,8 @@ jobs:
531446name : Will commit these changes
532447 if : steps.check_should_commit.outputs.should_commit == 'true'
533448 run : |
534- git status -u
449+ git add .
450+ git status
535451name : Commit changes to branch
536452 if : steps.check_should_commit.outputs.should_commit == 'true'
537453 uses : stefanzweifel/git-auto-commit-action@v4
0 commit comments