From 54321f5199abfa1f1d28aa1d25795da3c52920da Mon Sep 17 00:00:00 2001 From: Dan Federman Date: Sat, 21 Dec 2019 16:03:40 -0800 Subject: [PATCH 1/7] Update cocoapods --- Gemfile | 2 +- Gemfile.lock | 35 +++++++++++++++++++++-------------- 2 files changed, 22 insertions(+), 15 deletions(-) diff --git a/Gemfile b/Gemfile index 53c36c57..09c4d6ef 100644 --- a/Gemfile +++ b/Gemfile @@ -1,3 +1,3 @@ source 'https://rubygems.org' do - gem 'cocoapods', '~> 1.7.0' + gem 'cocoapods', '~> 1.8.0' end diff --git a/Gemfile.lock b/Gemfile.lock index 511f6499..2f8c4e07 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,56 +1,63 @@ GEM remote: https://rubygems.org/ specs: - CFPropertyList (3.0.0) + CFPropertyList (3.0.1) activesupport (4.2.11.1) i18n (~> 0.7) minitest (~> 5.1) thread_safe (~> 0.3, >= 0.3.4) tzinfo (~> 1.1) + algoliasearch (1.27.1) + httpclient (~> 2.8, >= 2.8.3) + json (>= 1.5.1) atomos (0.1.3) - claide (1.0.2) - cocoapods (1.7.0) + claide (1.0.3) + cocoapods (1.8.4) activesupport (>= 4.0.2, < 5) claide (>= 1.0.2, < 2.0) - cocoapods-core (= 1.7.0) + cocoapods-core (= 1.8.4) cocoapods-deintegrate (>= 1.0.3, < 2.0) cocoapods-downloader (>= 1.2.2, < 2.0) cocoapods-plugins (>= 1.0.0, < 2.0) cocoapods-search (>= 1.0.0, < 2.0) cocoapods-stats (>= 1.0.0, < 2.0) - cocoapods-trunk (>= 1.3.1, < 2.0) + cocoapods-trunk (>= 1.4.0, < 2.0) cocoapods-try (>= 1.1.0, < 2.0) colored2 (~> 3.1) escape (~> 0.0.4) - fourflusher (>= 2.2.0, < 3.0) + fourflusher (>= 2.3.0, < 3.0) gh_inspector (~> 1.0) molinillo (~> 0.6.6) nap (~> 1.0) ruby-macho (~> 1.4) - xcodeproj (>= 1.8.2, < 2.0) - cocoapods-core (1.7.0) + xcodeproj (>= 1.11.1, < 2.0) + cocoapods-core (1.8.4) activesupport (>= 4.0.2, < 6) + algoliasearch (~> 1.0) + concurrent-ruby (~> 1.1) fuzzy_match (~> 2.0.4) nap (~> 1.0) cocoapods-deintegrate (1.0.4) - cocoapods-downloader (1.2.2) + cocoapods-downloader (1.3.0) cocoapods-plugins (1.0.0) nap cocoapods-search (1.0.0) cocoapods-stats (1.1.0) - cocoapods-trunk (1.3.1) + cocoapods-trunk (1.4.1) nap (>= 0.8, < 2.0) netrc (~> 0.11) cocoapods-try (1.1.0) colored2 (3.1.2) concurrent-ruby (1.1.5) escape (0.0.4) - fourflusher (2.2.0) + fourflusher (2.3.1) fuzzy_match (2.0.4) gh_inspector (1.1.3) + httpclient (2.8.3) i18n (0.9.5) concurrent-ruby (~> 1.0) - minitest (5.11.3) + json (2.2.0) + minitest (5.13.0) molinillo (0.6.6) nanaimo (0.2.6) nap (1.1.0) @@ -59,7 +66,7 @@ GEM thread_safe (0.3.6) tzinfo (1.2.5) thread_safe (~> 0.1) - xcodeproj (1.9.0) + xcodeproj (1.13.0) CFPropertyList (>= 2.3.3, < 4.0) atomos (~> 0.1.3) claide (>= 1.0.2, < 2.0) @@ -70,7 +77,7 @@ PLATFORMS ruby DEPENDENCIES - cocoapods (~> 1.7.0)! + cocoapods (~> 1.8.0)! BUNDLED WITH 1.17.3 From f292911985446c9c4f9ad1dcfb8b4765c34a67ab Mon Sep 17 00:00:00 2001 From: Dan Federman Date: Sat, 21 Dec 2019 16:07:59 -0800 Subject: [PATCH 2/7] Start validating podspec on Xcode 11 --- .travis.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.travis.yml b/.travis.yml index 54ebdec8..37696601 100644 --- a/.travis.yml +++ b/.travis.yml @@ -10,6 +10,8 @@ matrix: env: ACTION="swift-package";PLATFORMS="iOS_13,tvOS_13,macOS_10_15,watchOS_6"; - osx_image: xcode11 env: ACTION="xcode";PLATFORMS="iOS_13,tvOS_13,macOS_10_15,watchOS_6"; + - osx_image: xcode11 + env: ACTION="pod-lint";SWIFT_VERSION="5.0" - osx_image: xcode11 env: ACTION="carthage" From c6123e1e0dc28db9a1a82158ce880247d8856015 Mon Sep 17 00:00:00 2001 From: Dan Federman Date: Sat, 21 Dec 2019 16:10:12 -0800 Subject: [PATCH 3/7] Drop Xcode 9 and 10 support --- .travis.yml | 18 ++++-------------- README.md | 2 +- 2 files changed, 5 insertions(+), 15 deletions(-) diff --git a/.travis.yml b/.travis.yml index 37696601..cbb54c69 100644 --- a/.travis.yml +++ b/.travis.yml @@ -8,6 +8,10 @@ matrix: include: - osx_image: xcode11 env: ACTION="swift-package";PLATFORMS="iOS_13,tvOS_13,macOS_10_15,watchOS_6"; + - osx_image: xcode11 + env: ACTION="xcode";PLATFORMS="iOS_12,tvOS_12,watchOS_5"; + - osx_image: xcode11 + env: ACTION="xcode";PLATFORMS="iOS_11,tvOS_11,watchOS_4"; - osx_image: xcode11 env: ACTION="xcode";PLATFORMS="iOS_13,tvOS_13,macOS_10_15,watchOS_6"; - osx_image: xcode11 @@ -15,20 +19,6 @@ matrix: - osx_image: xcode11 env: ACTION="carthage" - - osx_image: xcode10.2 - env: ACTION="xcode";PLATFORMS="iOS_12,tvOS_12,macOS_10_14,watchOS_5"; - - osx_image: xcode10.2 - env: ACTION="pod-lint";SWIFT_VERSION="5.0" - - osx_image: xcode10.2 - env: ACTION="carthage" - - - osx_image: xcode9 - env: ACTION="xcode";PLATFORMS="iOS_11,tvOS_11,macOS_10_13,watchOS_4"; - - osx_image: xcode9 - env: ACTION="pod-lint";SWIFT_VERSION="4.0" - - osx_image: xcode9 - env: ACTION="carthage" - branches: only: - master diff --git a/README.md b/README.md index a11bc087..64dc19c9 100644 --- a/README.md +++ b/README.md @@ -184,7 +184,7 @@ Valet guarantees it will never fail to write to or read from the keychain unless ## Requirements -* Xcode 9.0 or later. Earlier versions of Xcode require [Valet version 2.4.2](https://github.com/square/Valet/releases/tag/2.4.2). +* Xcode 11.0 or later. Xcode 10 and Xcode 9 require [Valet version 3.2.6](https://github.com/square/Valet/releases/tag/3.2.6). Earlier versions of Xcode require [Valet version 2.4.2](https://github.com/square/Valet/releases/tag/2.4.2). * iOS 9 or later. * tvOS 9 or later. * watchOS 2 or later. From 6c6c13636a096b466b53781c4a6d2f92c09bb05d Mon Sep 17 00:00:00 2001 From: Dan Federman Date: Sat, 21 Dec 2019 16:16:54 -0800 Subject: [PATCH 4/7] Swift version to 5.0 --- Package.swift | 2 +- Valet.podspec | 2 +- Valet.xcodeproj/project.pbxproj | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Package.swift b/Package.swift index 0c04c516..71269c95 100644 --- a/Package.swift +++ b/Package.swift @@ -21,6 +21,6 @@ let package = Package( name: "Valet", dependencies: []), ], - swiftLanguageVersions: [.v4, .v4_2, .v5] + swiftLanguageVersions: [.v5] ) let version = Version(3, 2, 7) diff --git a/Valet.podspec b/Valet.podspec index 2cd8d12c..789f8ecf 100644 --- a/Valet.podspec +++ b/Valet.podspec @@ -6,7 +6,7 @@ Pod::Spec.new do |s| s.homepage = 'https://github.com/square/Valet' s.authors = 'Square' s.source = { :git => 'https://github.com/square/Valet.git', :tag => s.version } - s.swift_version = '4.0', '4.1', '4.2', '5.0' + s.swift_version = '5.0' s.source_files = 'Sources/Valet/**/*.{swift,h}' s.public_header_files = 'Sources/Valet/*.h' s.frameworks = 'Security' diff --git a/Valet.xcodeproj/project.pbxproj b/Valet.xcodeproj/project.pbxproj index 63058f06..7aa124e4 100644 --- a/Valet.xcodeproj/project.pbxproj +++ b/Valet.xcodeproj/project.pbxproj @@ -2553,7 +2553,7 @@ ONLY_ACTIVE_ARCH = YES; PRODUCT_BUNDLE_IDENTIFIER = com.squareup.Valet; PRODUCT_NAME = Valet; - SWIFT_VERSION = 4.0; + SWIFT_VERSION = 5.0; TVOS_DEPLOYMENT_TARGET = 9.0; WATCHOS_DEPLOYMENT_TARGET = 2.0; }; @@ -2607,7 +2607,7 @@ PRODUCT_BUNDLE_IDENTIFIER = com.squareup.Valet; PRODUCT_NAME = Valet; SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule"; - SWIFT_VERSION = 4.0; + SWIFT_VERSION = 5.0; TVOS_DEPLOYMENT_TARGET = 9.0; VALIDATE_PRODUCT = YES; WATCHOS_DEPLOYMENT_TARGET = 2.0; From 7e59f243d46b33824414d1965187609b18caad03 Mon Sep 17 00:00:00 2001 From: Dan Federman Date: Sat, 21 Dec 2019 17:18:28 -0800 Subject: [PATCH 5/7] Bump minor version of osx_image on .travis.yml in order to access simulators for older OSes --- .travis.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.travis.yml b/.travis.yml index cbb54c69..d62e538d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,17 +6,17 @@ script: - ./Scripts/ci.sh matrix: include: - - osx_image: xcode11 + - osx_image: xcode11.3 env: ACTION="swift-package";PLATFORMS="iOS_13,tvOS_13,macOS_10_15,watchOS_6"; - - osx_image: xcode11 + - osx_image: xcode11.3 env: ACTION="xcode";PLATFORMS="iOS_12,tvOS_12,watchOS_5"; - - osx_image: xcode11 + - osx_image: xcode11.3 env: ACTION="xcode";PLATFORMS="iOS_11,tvOS_11,watchOS_4"; - - osx_image: xcode11 + - osx_image: xcode11.3 env: ACTION="xcode";PLATFORMS="iOS_13,tvOS_13,macOS_10_15,watchOS_6"; - - osx_image: xcode11 + - osx_image: xcode11.3 env: ACTION="pod-lint";SWIFT_VERSION="5.0" - - osx_image: xcode11 + - osx_image: xcode11.3 env: ACTION="carthage" branches: From 9a7804070e53af6f1b684f164fb31c2df8d8d0bc Mon Sep 17 00:00:00 2001 From: Dan Federman Date: Sat, 21 Dec 2019 17:25:52 -0800 Subject: [PATCH 6/7] Bump destination for iOS 11 to get CI working --- Scripts/build.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Scripts/build.swift b/Scripts/build.swift index 8da7f820..00b5a959 100755 --- a/Scripts/build.swift +++ b/Scripts/build.swift @@ -37,7 +37,7 @@ enum Platform: String, CustomStringConvertible { var destination: String { switch self { case .iOS_11: - return "platform=iOS Simulator,OS=11.0,name=iPad Pro (12.9-inch) (2nd generation)" + return "platform=iOS Simulator,OS=11.0.1,name=iPad Pro (12.9-inch) (2nd generation)" case .iOS_12: return "platform=iOS Simulator,OS=12.2,name=iPad Pro (12.9-inch) (3rd generation)" case .iOS_13: From e9848e0d6314acd6045f3c5e300ad45fa529de94 Mon Sep 17 00:00:00 2001 From: Dan Federman Date: Sat, 21 Dec 2019 23:17:44 -0800 Subject: [PATCH 7/7] Update tests to reflext iOS 13 simulator's inability to store items that require a passcode to be set --- .../SecureEnclaveBackwardsCompatibilityTests.swift | 2 +- ...romptSecureEnclaveBackwardsCompatibilityTests.swift | 2 +- .../SecureEnclaveIntegrationTests.swift | 8 ++++---- .../SinglePromptSecureEnclaveIntegrationTests.swift | 10 +++++----- .../ValetIntegrationTests/ValetIntegrationTests.swift | 10 +++++++++- 5 files changed, 20 insertions(+), 12 deletions(-) diff --git a/Tests/ValetIntegrationTests/BackwardsCompatibilityTests/SecureEnclaveBackwardsCompatibilityTests.swift b/Tests/ValetIntegrationTests/BackwardsCompatibilityTests/SecureEnclaveBackwardsCompatibilityTests.swift index 557b03fd..5fc2db5b 100644 --- a/Tests/ValetIntegrationTests/BackwardsCompatibilityTests/SecureEnclaveBackwardsCompatibilityTests.swift +++ b/Tests/ValetIntegrationTests/BackwardsCompatibilityTests/SecureEnclaveBackwardsCompatibilityTests.swift @@ -29,7 +29,7 @@ extension SecureEnclaveIntegrationTests { @available (*, deprecated) func test_backwardsCompatibility_withLegacyValet() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } diff --git a/Tests/ValetIntegrationTests/BackwardsCompatibilityTests/SinglePromptSecureEnclaveBackwardsCompatibilityTests.swift b/Tests/ValetIntegrationTests/BackwardsCompatibilityTests/SinglePromptSecureEnclaveBackwardsCompatibilityTests.swift index bed0b38a..8663ac31 100644 --- a/Tests/ValetIntegrationTests/BackwardsCompatibilityTests/SinglePromptSecureEnclaveBackwardsCompatibilityTests.swift +++ b/Tests/ValetIntegrationTests/BackwardsCompatibilityTests/SinglePromptSecureEnclaveBackwardsCompatibilityTests.swift @@ -30,7 +30,7 @@ extension SinglePromptSecureEnclaveIntegrationTests { @available (*, deprecated) func test_backwardsCompatibility_withLegacyValet() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } diff --git a/Tests/ValetIntegrationTests/SecureEnclaveIntegrationTests.swift b/Tests/ValetIntegrationTests/SecureEnclaveIntegrationTests.swift index d49e06ed..2a90a374 100644 --- a/Tests/ValetIntegrationTests/SecureEnclaveIntegrationTests.swift +++ b/Tests/ValetIntegrationTests/SecureEnclaveIntegrationTests.swift @@ -46,7 +46,7 @@ class SecureEnclaveIntegrationTests: XCTestCase func test_secureEnclaveValetsWithEqualConfiguration_canAccessSameData() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } @@ -58,7 +58,7 @@ class SecureEnclaveIntegrationTests: XCTestCase func test_secureEnclaveValetsWithDifferingAccessControl_canNotAccessSameData() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } @@ -142,7 +142,7 @@ class SecureEnclaveIntegrationTests: XCTestCase func test_migrateObjectsFromValet_migratesSuccessfullyToSecureEnclave() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } @@ -178,7 +178,7 @@ class SecureEnclaveIntegrationTests: XCTestCase } func test_migrateObjectsFromValet_migratesSuccessfullyAfterCanAccessKeychainCalls() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } diff --git a/Tests/ValetIntegrationTests/SinglePromptSecureEnclaveIntegrationTests.swift b/Tests/ValetIntegrationTests/SinglePromptSecureEnclaveIntegrationTests.swift index 12303f11..4d98600f 100644 --- a/Tests/ValetIntegrationTests/SinglePromptSecureEnclaveIntegrationTests.swift +++ b/Tests/ValetIntegrationTests/SinglePromptSecureEnclaveIntegrationTests.swift @@ -46,7 +46,7 @@ class SinglePromptSecureEnclaveIntegrationTests: XCTestCase func test_SinglePromptSecureEnclaveValetsWithEqualConfiguration_canAccessSameData() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } @@ -58,7 +58,7 @@ class SinglePromptSecureEnclaveIntegrationTests: XCTestCase func test_SinglePromptSecureEnclaveValetsWithDifferingAccessControl_canNotAccessSameData() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } @@ -73,7 +73,7 @@ class SinglePromptSecureEnclaveIntegrationTests: XCTestCase func test_allKeys() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } @@ -164,7 +164,7 @@ class SinglePromptSecureEnclaveIntegrationTests: XCTestCase func test_migrateObjectsFromValet_migratesSuccessfullyToSecureEnclave() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } @@ -200,7 +200,7 @@ class SinglePromptSecureEnclaveIntegrationTests: XCTestCase } func test_migrateObjectsFromValet_migratesSuccessfullyAfterCanAccessKeychainCalls() { - guard testEnvironmentIsSigned() else { + guard testEnvironmentIsSigned() && testEnvironmentSupportsWhenPasscodeSet() else { return } diff --git a/Tests/ValetIntegrationTests/ValetIntegrationTests.swift b/Tests/ValetIntegrationTests/ValetIntegrationTests.swift index 09adbdf8..d761a734 100644 --- a/Tests/ValetIntegrationTests/ValetIntegrationTests.swift +++ b/Tests/ValetIntegrationTests/ValetIntegrationTests.swift @@ -37,11 +37,19 @@ func testEnvironmentIsSigned() -> Bool { return false } + return true +} + +func testEnvironmentSupportsWhenPasscodeSet() -> Bool { if let simulatorVersionInfo = ProcessInfo.processInfo.environment["SIMULATOR_VERSION_INFO"], simulatorVersionInfo.contains("iOS 13") || simulatorVersionInfo.contains("tvOS 13") { - // Xcode 11's simulator does not support code-signing. + // iOS and tvOS 13 simulators fail to store items in a Valet that has a + // kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly flag. The documentation for this flag says: + // "No items can be stored in this class on devices without a passcode". I currently do not + // understand why prior simulators work with this flag, given that no simulators have a passcode. return false + } else { return true }