Connor Tumbleson
cc501d05a5
fix: remove enforcement on aligned namespaces ( #3587 )
2024-05-03 06:41:40 -04:00
Connor Tumbleson
53aa743014
build: support kotlin during CodeQL processing
2024-04-29 06:47:11 -04:00
dependabot[bot]
b272705da2
build(deps): bump gradle/actions from 3.3.1 to 3.3.2 ( #3586 )
...
Bumps [gradle/actions](https://github.com/gradle/actions ) from 3.3.1 to 3.3.2.
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](https://github.com/gradle/actions/compare/v3.3.1...v3.3.2 )
---
updated-dependencies:
- dependency-name: gradle/actions
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 06:38:30 -04:00
dependabot[bot]
938d1730f0
build(deps): bump org.xmlunit:xmlunit-legacy from 2.9.1 to 2.10.0 ( #3585 )
...
Bumps [org.xmlunit:xmlunit-legacy](https://github.com/xmlunit/xmlunit ) from 2.9.1 to 2.10.0.
- [Release notes](https://github.com/xmlunit/xmlunit/releases )
- [Changelog](https://github.com/xmlunit/xmlunit/blob/main/RELEASE_NOTES.md )
- [Commits](https://github.com/xmlunit/xmlunit/compare/v2.9.1...v2.10.0 )
---
updated-dependencies:
- dependency-name: org.xmlunit:xmlunit-legacy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 06:29:56 -04:00
Connor Tumbleson
a2df2541e7
fix: properly record compression of non-main classes.dex files ( #3584 )
2024-04-26 07:19:43 -04:00
Pavel
6436e7c090
Correct wording in CLI usage messages ( #3579 )
...
Co-authored-by: ProgerXP <proger.xp@gmail.com>
2024-04-26 05:59:52 -04:00
dependabot[bot]
fbe717f793
build(deps): bump commons-cli:commons-cli from 1.6.0 to 1.7.0 ( #3577 )
...
Bumps commons-cli:commons-cli from 1.6.0 to 1.7.0.
---
updated-dependencies:
- dependency-name: commons-cli:commons-cli
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-22 07:16:12 -04:00
dependabot[bot]
edd3323ac3
build(deps): bump org.apache.commons:commons-text from 1.11.0 to 1.12.0 ( #3576 )
...
Bumps org.apache.commons:commons-text from 1.11.0 to 1.12.0.
---
updated-dependencies:
- dependency-name: org.apache.commons:commons-text
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-22 06:55:25 -04:00
dependabot[bot]
1a9713653c
build(deps): bump gradle/actions from 3.3.0 to 3.3.1 ( #3575 )
...
Bumps [gradle/actions](https://github.com/gradle/actions ) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](https://github.com/gradle/actions/compare/v3.3.0...v3.3.1 )
---
updated-dependencies:
- dependency-name: gradle/actions
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-22 06:54:34 -04:00
dependabot[bot]
a2c2d011ff
build(deps): bump gradle/wrapper-validation-action from 2.1.2 to 3.3.0 ( #3572 )
...
* build(deps): bump gradle/wrapper-validation-action from 2.1.2 to 3.3.0
Bumps [gradle/wrapper-validation-action](https://github.com/gradle/wrapper-validation-action ) from 2.1.2 to 3.3.0.
- [Release notes](https://github.com/gradle/wrapper-validation-action/releases )
- [Commits](https://github.com/gradle/wrapper-validation-action/compare/v2.1.2...v3.3.0 )
---
updated-dependencies:
- dependency-name: gradle/wrapper-validation-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* build: move to 'gradle/actions/wrapper-validation'
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Connor Tumbleson <connor.tumbleson@gmail.com>
2024-04-16 06:35:20 -04:00
dependabot[bot]
f253142828
build(deps): bump gradle/actions from 3.2.0 to 3.3.0 ( #3571 )
...
Bumps [gradle/actions](https://github.com/gradle/actions ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](https://github.com/gradle/actions/compare/v3.2.0...v3.3.0 )
---
updated-dependencies:
- dependency-name: gradle/actions
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 06:16:38 -04:00
dependabot[bot]
89548038b9
build(deps): bump commons-io:commons-io from 2.16.0 to 2.16.1 ( #3570 )
...
Bumps commons-io:commons-io from 2.16.0 to 2.16.1.
---
updated-dependencies:
- dependency-name: commons-io:commons-io
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-16 06:10:16 -04:00
dependabot[bot]
0144f9c83a
build(deps): bump gradle/actions from 3.1.0 to 3.2.0 ( #3566 )
...
Bumps [gradle/actions](https://github.com/gradle/actions ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](https://github.com/gradle/actions/compare/v3.1.0...v3.2.0 )
---
updated-dependencies:
- dependency-name: gradle/actions
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-08 06:38:39 -04:00
Connor Tumbleson
e69ecb578d
Reproducible Builds ( #3559 )
...
* fix: remove ShadowJar plugin
- unable to control file dates of archive entries
* refactor: use native Gradle "fatJar" method
* refactor: drop proguard for r8
* fix: wire up R8
* wip: remove fail-fast
* Revert "wip: remove fail-fast"
This reverts commit 5d005bf82e87c89efa5552ee8f8e9c0a569aea0d.
* fix: suppress unused proguard keep messages
* fix: require java11+ for r8
2024-04-07 11:45:55 -04:00
Connor Tumbleson
25826db417
feat: update internal framework to API 34 (Vanilla Ice Cream Preview) ( #3537 )
2024-04-01 19:51:10 -04:00
dependabot[bot]
1de5c9800a
build(deps): bump commons-io:commons-io from 2.15.1 to 2.16.0 ( #3560 )
...
Bumps commons-io:commons-io from 2.15.1 to 2.16.0.
---
updated-dependencies:
- dependency-name: commons-io:commons-io
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-01 19:46:10 -04:00
dependabot[bot]
36760ac2a9
build(deps): bump gradle/wrapper-validation-action from 2.1.1 to 2.1.2 ( #3550 )
...
Bumps [gradle/wrapper-validation-action](https://github.com/gradle/wrapper-validation-action ) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/gradle/wrapper-validation-action/releases )
- [Commits](https://github.com/gradle/wrapper-validation-action/compare/v2.1.1...v2.1.2 )
---
updated-dependencies:
- dependency-name: gradle/wrapper-validation-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-25 06:34:27 -04:00
Connor Tumbleson
c784f4416e
fix: properly handle stamp-cert-sha256 ( #3538 )
2024-03-13 20:15:59 -04:00
topminipie
5422bd708a
build(deps): bump actions/upload-artifact from 3 to 4 ( #3528 )
2024-02-26 06:56:51 -05:00
Connor Tumbleson
a86e0429bc
build: jump to smali/baksmali 3.0.5 ( #3519 )
2024-02-19 06:45:35 -05:00
dependabot[bot]
cb6bb93218
build(deps): bump gradle/actions from 3.0.0 to 3.1.0 ( #3522 )
...
Bumps [gradle/actions](https://github.com/gradle/actions ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](https://github.com/gradle/actions/compare/v3.0.0...v3.1.0 )
---
updated-dependencies:
- dependency-name: gradle/actions
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-19 06:33:56 -05:00
Connor Tumbleson
d892f3daf9
fix: remove validation on start/end tag matching ( #3513 )
2024-02-13 06:03:31 -05:00
dependabot[bot]
93e100e0fc
build(deps): bump gradle/wrapper-validation-action from 2.0.0 to 2.1.1 ( #3515 )
...
Bumps [gradle/wrapper-validation-action](https://github.com/gradle/wrapper-validation-action ) from 2.0.0 to 2.1.1.
- [Release notes](https://github.com/gradle/wrapper-validation-action/releases )
- [Commits](https://github.com/gradle/wrapper-validation-action/compare/v2.0.0...v2.1.1 )
---
updated-dependencies:
- dependency-name: gradle/wrapper-validation-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-12 06:09:47 -05:00
dependabot[bot]
420eaf719e
build(deps): bump gradle/gradle-build-action from 2.12.0 to 3.0.0 ( #3511 )
...
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action ) from 2.12.0 to 3.0.0.
- [Release notes](https://github.com/gradle/gradle-build-action/releases )
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.12.0...v3.0.0 )
---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-05 19:03:18 -05:00
dependabot[bot]
b5c44028de
build(deps): bump gradle/wrapper-validation-action from 1.1.0 to 2.0.0 ( #3510 )
...
Bumps [gradle/wrapper-validation-action](https://github.com/gradle/wrapper-validation-action ) from 1.1.0 to 2.0.0.
- [Release notes](https://github.com/gradle/wrapper-validation-action/releases )
- [Commits](https://github.com/gradle/wrapper-validation-action/compare/v1.1.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: gradle/wrapper-validation-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-05 06:15:18 -05:00
dependabot[bot]
9dee7cffd2
build(deps): bump com.guardsquare:proguard-gradle from 7.4.1 to 7.4.2 ( #3509 )
...
Bumps [com.guardsquare:proguard-gradle](https://github.com/Guardsquare/proguard ) from 7.4.1 to 7.4.2.
- [Release notes](https://github.com/Guardsquare/proguard/releases )
- [Commits](https://github.com/Guardsquare/proguard/compare/v7.4.1...v7.4.2 )
---
updated-dependencies:
- dependency-name: com.guardsquare:proguard-gradle
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-05 06:09:47 -05:00
Matvei
69e54cc952
chore: minor clarity improvement in README.md ( #3501 )
2024-01-30 11:14:19 -05:00
dependabot[bot]
ecd1b24431
build(deps): bump gradle/gradle-build-action from 2.11.1 to 2.12.0 ( #3500 )
...
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action ) from 2.11.1 to 2.12.0.
- [Release notes](https://github.com/gradle/gradle-build-action/releases )
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.11.1...v2.12.0 )
---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-29 06:42:43 -05:00
Connor Tumbleson
fc8498b1d4
test: run path traversal test on Windows
2024-01-18 21:35:00 -05:00
Connor Tumbleson
ea391dcd79
fix: tighten up detectPossibleDirectoryTraversal for Windows
2024-01-18 21:35:00 -05:00
Connor Tumbleson
0a9ec3427b
chore: correct warnings from Qodana scan ( #3491 )
2024-01-15 07:26:53 -05:00
Connor Tumbleson
69914eb596
refactor: inline runnable on smali disassemble ( #3490 )
2024-01-14 11:10:10 -05:00
Connor Tumbleson
e08ba75776
build: start new dev cycle (2.10.0-SNAPSHOT)
2024-01-05 07:21:23 -05:00
Connor Tumbleson
6ab728d3eb
Merge branch 'release-2.9.2'
2024-01-05 06:37:52 -05:00
Connor Tumbleson
841db5061a
build: version bump (2.9.2)
2024-01-05 06:29:04 -05:00
Connor Tumbleson
f56de45f38
build: start new dev cycle (2.9.2-SNAPSHOT)
2024-01-05 06:28:51 -05:00
Connor Tumbleson
93e7d6bdbf
Prevent arbitrary file writes with malicious resource names. ( #3484 )
...
* refactor: rename sanitize function
* fix: expose getDir
* fix: safe handling of untrusted resource names
- fixes: GHSA-2hqv-2xv4-5h5w
* test: sample file for GHSA-2hqv-2xv4-5h5w
* refactor: avoid detection of absolute files for resource check
* chore: enable info mode on gradle
* test: skip test on windows
* chore: debug windows handling
* fix: normalize entry with file separators
* fix: normalize filepath after cleansing
* chore: Android paths are not OS specific
* refactor: use java.nio for path traversal checking
* chore: align path separator on Windows for Zip files
* chore: rework towards basic directory traversal
* chore: remove '--info' on build.yml
2024-01-05 06:28:07 -05:00
Connor Tumbleson
d348c43b24
Prevent arbitrary file writes with malicious resource names. ( #3484 )
...
* refactor: rename sanitize function
* fix: expose getDir
* fix: safe handling of untrusted resource names
- fixes: GHSA-2hqv-2xv4-5h5w
* test: sample file for GHSA-2hqv-2xv4-5h5w
* refactor: avoid detection of absolute files for resource check
* chore: enable info mode on gradle
* test: skip test on windows
* chore: debug windows handling
* fix: normalize entry with file separators
* fix: normalize filepath after cleansing
* chore: Android paths are not OS specific
* refactor: use java.nio for path traversal checking
* chore: align path separator on Windows for Zip files
* chore: rework towards basic directory traversal
* chore: remove '--info' on build.yml
2024-01-02 06:11:03 -05:00
dependabot[bot]
e5c88ece1b
build(deps): bump gradle/gradle-build-action from 2.11.0 to 2.11.1 ( #3479 )
...
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action ) from 2.11.0 to 2.11.1.
- [Release notes](https://github.com/gradle/gradle-build-action/releases )
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.11.0...v2.11.1 )
---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-26 07:23:15 -05:00
Connor Tumbleson
85f8de87d2
fix: deprecated is lowercase ( #3481 )
2023-12-26 07:22:45 -05:00
Connor Tumbleson
e56cb4f743
Support for configuring job count. ( #3480 )
...
* feat: make jobs configurable
* chore: remove unused method
2023-12-26 07:11:16 -05:00
Cregrant
81aae6936a
Feature: Parallel Building ( #3476 )
...
* perf: process smali code in parallel
Note: backsmali can't be properly multithreaded because of the synchronized methods inside
* perf: start backsmali concurrently with a resources decompiler
* perf: speed up apk building by skipping temp archive creation
Now we're not compressing the same data twice
* refactor: extract duplicated code
* refactor: rename methods and inline some comments
2023-12-26 06:20:26 -05:00
dependabot[bot]
0741664808
build(deps): bump github/codeql-action from 2 to 3 ( #3471 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-18 06:33:04 -05:00
dependabot[bot]
c916f51252
build(deps): bump gradle/gradle-build-action from 2.10.0 to 2.11.0 ( #3470 )
...
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action ) from 2.10.0 to 2.11.0.
- [Release notes](https://github.com/gradle/gradle-build-action/releases )
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.10.0...v2.11.0 )
---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-18 06:14:45 -05:00
Connor Tumbleson
a9eacf657c
test: assert miui aapt1 patch exists ( #3462 )
2023-12-08 07:29:28 -05:00
ArjunaKumarMohanta
69dbb335e3
feat: Upgrade gradle to v8.5 ( #3459 )
2023-12-08 06:05:28 -05:00
Connor Tumbleson
cd9f72938e
docs: update INTERNAL.md with version change guide
2023-12-06 07:05:10 -05:00
Connor Tumbleson
1c3cd41565
build: start new dev cycle (2.9.2-SNAPSHOT)
2023-12-06 06:46:56 -05:00
Connor Tumbleson
077b2009da
build: version bump (2.9.1)
2023-12-05 18:26:28 -05:00
dependabot[bot]
98b34fdd03
build(deps): bump actions/setup-java from 3 to 4 ( #3454 )
...
Bumps [actions/setup-java](https://github.com/actions/setup-java ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-java/releases )
- [Commits](https://github.com/actions/setup-java/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-04 06:08:40 -05:00