Merge branch 'main' into release

Author: weswalla

.github/pull_request_template.md

@@ -0,0 +1,5 @@
+### Summary
+
+
+### TODO:
+- [ ] CHANGELOG mentions all code changes.

.github/workflows/release.yaml

@@ -43,33 +43,25 @@ jobs:
         run: |
           yarn setup
 
-      - name: Retrieve version
-        run: |
-          echo "Retrieved App version: $(node -p -e "require('./package.json').version")"
-          echo "APP_VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_OUTPUT
-        id: version
+      - name: Read kangaroo config
         shell: bash
-
-      - name: Retrieve appId
+        id: kangarooConfig
         run: |
+          echo "APP_VERSION=$(node -p -e "require('./package.json').version")" >> $GITHUB_OUTPUT
           echo "APP_ID=$(node ./scripts/read-app-id.js)" >> $GITHUB_OUTPUT
-        id: appId
-        shell: bash
-
-      - name: Retrieve whether Windows code signing should be attempted
-        run: |
+          echo "MACOS_CODE_SIGNING=$(node ./scripts/read-macos-code-signing.js)" >> $GITHUB_OUTPUT
           echo "WINDOWS_CODE_SIGNING=$(node ./scripts/read-windows-code-signing.js)" >> $GITHUB_OUTPUT
-        id: shouldWindowsCodeSign
-        shell: bash
 
-      - name: Retrieve whether macOS code signing should be attempted
-        run: |
-          echo "MACOS_CODE_SIGNING=$(node ./scripts/read-macos-code-signing.js)" >> $GITHUB_OUTPUT
-        id: shouldMacOSCodeSign
+      - name: Check that webhapp is available in pouch folder
         shell: bash
+        run: |
+          if ! ls ./pouch/*.webhapp 1>/dev/null 2>&1; then
+            echo "Error: No .webhapp file found in ./pouch folder. Make sure to specify a URL to your webhapp in kangaroo.config.ts or commit the webhapp to git."
+            exit 1
+          fi
 
       - name: Setup for macOS code signing
-        if: (matrix.platform == 'macos-13' || matrix.platform == 'macos-latest') && steps.shouldMacOSCodeSign.outputs.MACOS_CODE_SIGNING == 'true'
+        if: (matrix.platform == 'macos-13' || matrix.platform == 'macos-latest') && steps.kangarooConfig.outputs.MACOS_CODE_SIGNING == 'true'
         uses: matthme/import-codesign-certs@5565bb656f60c98c8fc515f3444dd8db73545dc2
         with:
           p12-file-base64: ${{ secrets.HBE_APPLE_CERTIFICATE_BASE64 }}
@@ -78,7 +70,7 @@ jobs:
       # macOS WITHOUT code signing
       #---------------------------------------------------------------------------------------
       - name: build and upload the app WITHOUT code signing (macOS x86)
-        if: matrix.platform == 'macos-13' && steps.shouldMacOSCodeSign.outputs.MACOS_CODE_SIGNING == 'false'
+        if: matrix.platform == 'macos-13' && steps.kangarooConfig.outputs.MACOS_CODE_SIGNING == 'false'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           CSC_IDENTITY_AUTO_DISCOVERY: false
@@ -87,7 +79,7 @@ jobs:
           ls dist
 
       - name: build and upload the app WITHOUT code signing (macOS arm64)
-        if: matrix.platform == 'macos-latest' && steps.shouldMacOSCodeSign.outputs.MACOS_CODE_SIGNING == 'false'
+        if: matrix.platform == 'macos-latest' && steps.kangarooConfig.outputs.MACOS_CODE_SIGNING == 'false'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           CSC_IDENTITY_AUTO_DISCOVERY: false
@@ -99,7 +91,7 @@ jobs:
       #---------------------------------------------------------------------------------------
       # Note this issue regarding the if condition: https://github.com/actions/runner/issues/1173
       - name: build and upload the app WITH code signing (macOS x86)
-        if: matrix.platform == 'macos-13' && steps.shouldMacOSCodeSign.outputs.MACOS_CODE_SIGNING == 'true'
+        if: matrix.platform == 'macos-13' && steps.kangarooConfig.outputs.MACOS_CODE_SIGNING == 'true'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           APPLE_DEV_IDENTITY: ${{ secrets.APPLE_DEV_IDENTITY }}
@@ -112,7 +104,7 @@ jobs:
           ls dist
 
       - name: build and upload the app WITH code signing (macOS arm64)
-        if: matrix.platform == 'macos-latest' && steps.shouldMacOSCodeSign.outputs.MACOS_CODE_SIGNING == 'true'
+        if: matrix.platform == 'macos-latest' && steps.kangarooConfig.outputs.MACOS_CODE_SIGNING == 'true'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           APPLE_DEV_IDENTITY: ${{ secrets.APPLE_DEV_IDENTITY }}
@@ -136,8 +128,8 @@ jobs:
 
           # Modify the postinst script of the .deb file
           node ./scripts/extend-deb-postinst.mjs
-          gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "latest-linux.yml" --clobber
-          gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "dist/${{ steps.appId.outputs.APP_ID }}_${{ steps.version.outputs.APP_VERSION }}_amd64.deb" --clobber
+          gh release upload "v${{ steps.kangarooConfig.outputs.APP_VERSION }}" "latest-linux.yml" --clobber
+          gh release upload "v${{ steps.kangarooConfig.outputs.APP_VERSION }}" "dist/${{ steps.kangarooConfig.outputs.APP_ID }}_${{ steps.kangarooConfig.outputs.APP_VERSION }}_amd64.deb" --clobber
 
       # Windows
       #---------------------------------------------------------------------------------------
@@ -159,15 +151,15 @@ jobs:
             # Sign the .exe file
             dotnet tool install --global --version 4.0.1 AzureSignTool
             echo "sha512 before code signing"
-            CertUtil -hashfile "dist/${{ steps.appId.outputs.APP_ID }}-${{ steps.version.outputs.APP_VERSION }}-setup.exe" SHA512
-            AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "dist/${{ steps.appId.outputs.APP_ID }}-${{ steps.version.outputs.APP_VERSION }}-setup.exe"
+            CertUtil -hashfile "dist/${{ steps.kangarooConfig.outputs.APP_ID }}-${{ steps.kangarooConfig.outputs.APP_VERSION }}-setup.exe" SHA512
+            AzureSignTool sign -kvu "${{ secrets.AZURE_KEY_VAULT_URI }}" -kvi "${{ secrets.AZURE_CLIENT_ID }}" -kvt "${{ secrets.AZURE_TENANT_ID }}" -kvs "${{ secrets.AZURE_CLIENT_SECRET }}" -kvc ${{ secrets.AZURE_CERT_NAME }} -tr http://timestamp.digicert.com -v "dist/${{ steps.kangarooConfig.outputs.APP_ID }}-${{ steps.kangarooConfig.outputs.APP_VERSION }}-setup.exe"
             echo "sha512 after code signing"
-            CertUtil -hashfile "dist/${{ steps.appId.outputs.APP_ID }}-${{ steps.version.outputs.APP_VERSION }}-setup.exe" SHA512
+            CertUtil -hashfile "dist/${{ steps.kangarooConfig.outputs.APP_ID }}-${{ steps.kangarooConfig.outputs.APP_VERSION }}-setup.exe" SHA512
 
             # Overwrite the latest.yml one with one containing the sha512 of the code signed .exe file
             node ./scripts/latest-yaml.js
-            gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "latest.yml" --clobber
-            gh release upload "v${{ steps.version.outputs.APP_VERSION }}" "dist/${{ steps.appId.outputs.APP_ID }}-${{ steps.version.outputs.APP_VERSION }}-setup.exe" --clobber
+            gh release upload "v${{ steps.kangarooConfig.outputs.APP_VERSION }}" "latest.yml" --clobber
+            gh release upload "v${{ steps.kangarooConfig.outputs.APP_VERSION }}" "dist/${{ steps.kangarooConfig.outputs.APP_ID }}-${{ steps.kangarooConfig.outputs.APP_VERSION }}-setup.exe" --clobber
 
           fi
 

CHANGELOG.md

@@ -0,0 +1,7 @@
+## \[Unreleased\]
+
+### Added
+### Fixed
+### Changed
+- Updated to holochain 0.5.0-rc.1
+### Removed

README.md

@@ -11,7 +11,8 @@ This repository let's you easily convert your Holochain app into a standalone, e
 Depending on which Holochain minor version you want to use you should use the corresponding branch of this repository.
 
 
-- Holochain 0.4.x (stable): [main](https://github.com/holochain/kangaroo-electron/tree/main)
+- Holochain 0.4.x (stable): [main-0.4](https://github.com/holochain/kangaroo-electron/tree/main-0.4)
+- Holochain 0.5.x: [main](https://github.com/holochain/kangaroo-electron/tree/main)
 - Holochain 0.3.x: [main-0.3](https://github.com/holochain/kangaroo-electron/tree/main-0.3)
 
 # Instructions
@@ -21,14 +22,14 @@ Depending on which Holochain minor version you want to use you should use the co
 1. Either use this repository as a template (by clicking on the green "Use this template" button) or fork it.
    Using it as a template allows you to start with a clean git history and the contributors of this repository won't show up as contributors to your new repository. **Forking has the advantage of being able to relatively easily pull in updates from this parent repository at a later point in time.** If you fork it, it may be smart to work off a different branch than the main branch in your forked repository in order to be able to keep the main branch in sync with this parent repository and selectively merge into your working branch as needed.
 
-2. In your local copy of the repository, run
+2. In the `kangaroo.config.ts` file, replace the `appId` and `productName` fields with names appropriate for your own app.
+
+3. In your local copy of the repository, run
 
 ```
 yarn setup
 ```
 
-3. In the `kangaroo.config.ts` file, replace the `appId` and `productName` fields with names appropriate for your own app.
-
 4. Choose a version number in the `version` field of `kangaroo.config.ts`. And **Read** the section [Versioning](#Versioning) below to understand the implications.
 
 5. Paste the `.webhapp` file of your holochain app into the `pouch` folder.
@@ -42,6 +43,18 @@ yarn dev
 
 ## Build the Distributable
 
+> [!WARNING]
+> The default bootstrap, signaling and ICE servers (used for connection establishment among peers)
+> in `kangaroo.config.ts` have no availability guarantees whatsoever and are meant for testing
+> purposes only.
+>
+> If you want to deploy your app to end-users, make sure to run your own
+> instances of these servers or use servers that have guaranteed availability for the lifetime
+> of your app's network(s).
+>
+> **Changing these URLs *after* deployment of your app can result in a network partition**.
+
+
 ### Build locally
 
 To build the app locally for your platform, run the build command for your respecive platform:
@@ -60,9 +73,13 @@ yarn build:windows
 
 The general workflow goes as follows:
 
-1. Create a draft release on github and set its "Tag verion" to the value of the `version` field that you chose in `kangaroo.config.ts` and prefix it with `v`, for example `v0.1.0`.
+1. Make sure that CI has access to your app's .webhapp file by either
+   - specifying the `webhapp` field in `kangaroo.config.ts` pointing to a URL where CI can fetch it and a sha256 to verify its integrity
+   - remove `pouch/*.webhapp` from the `.gitignore` file and commit your .webhapp to git.
+
+2. Create a draft release on github and set its "Tag verion" to the value of the `version` field that you chose in `kangaroo.config.ts` and prefix it with `v`, for example `v0.1.0`.
 
-2. Merge the main branch into the release branch and push it to github to trigger the release workflow.
+3. Merge the main branch into the release branch and push it to github to trigger the release workflow.
 
 If you do this for the first time you will need to create the `release` branch first:
 
@@ -154,7 +171,7 @@ Options:
   --holochain-wasm-log <string>  WASM_LOG value to pass to the holochain binary
   --lair-rust-log <string>       RUST_LOG value to pass to the lair keystore binary
   -b, --bootstrap-url <url>      URL of the bootstrap server to use (not persisted across restarts).
-  -s, --signaling-url <url>      URL of the signaling server to use (not persisted across restarts).
+  -s, --signal-url <url>      URL of the signaling server to use (not persisted across restarts).
   --ice-urls <string>            Comma separated string of ICE server URLs to use. Is ignored if an external holochain binary is being used
                                  (not persisted across restarts).
   --print-holochain-logs         Print holochain logs directly to the terminal (they will be still written to the logfile as well)

kangaroo.config.ts

@@ -9,28 +9,31 @@ export default defineConfig({
   fallbackToIndexHtml: true,
   autoUpdates: true,
   systray: true,
-  passwordMode: 'no-password',
+  passwordMode: 'password-optional',
+  bootstrapUrl: 'https://dev-test-bootstrap2.holochain.org/',
+  signalUrl: 'wss://dev-test-bootstrap2.holochain.org/',
+  iceUrls: ['stun:stun.l.google.com:19302', 'stun:stun.cloudflare.com:3478'],
   bins: {
     holochain: {
-      version: '0.4.1',
+      version: '0.5.2',
       sha256: {
         'x86_64-unknown-linux-gnu':
-          'ee713408a31d2e17826b18e2eaea0b3e200b42aa0cc8e3562c899b0b5ebcaa0c',
+          'bbbdb2e52693522eaaaddafd392c9861db19210e02a48e1ff80d1077a296a08e',
         'x86_64-pc-windows-msvc.exe':
-          '9aa248f6e500915085ebf3fd093541cbbdad59a994e7f904260cb4ad788bd1e3',
-        'x86_64-apple-darwin': '0ce19dfde7db6521cd96e2fef924c62d319d204e7f79bc0379674a7a6122c74f',
-        'aarch64-apple-darwin': '74dc8d8529a50d24e8338ddd2e9913d6fb34414f6588d11243e6ccb29feda029',
+          'e111298fc3af3cc12bfc7adb742d5f29ced7d19f05267969a23d0b8e0d286d5c',
+        'x86_64-apple-darwin': '8bde56c485154b9ac31aa8a5c7232479503b6015fccf66035228b52680e2daf5',
+        'aarch64-apple-darwin': '3b6da6df698d86e5d66691b0c91c5ff0e308b07a400b7ea733f019ea62021cdd',
       },
     },
     lair: {
-      version: '0.5.3',
+      version: '0.6.1',
       sha256: {
         'x86_64-unknown-linux-gnu':
-          '96a28b9b37c73ef46d8b5c56b9d799d558fd2fe77b41c577e2bcb37685a46396',
+          'c5d5d912af41f17def1c9d1027abd8eb6ce6f088871f4347ed38e124a93023cc',
         'x86_64-pc-windows-msvc.exe':
-          '68b6453a19921072aac04dae52a4e94e725e7482005d2f54f907aec680e078de',
-        'x86_64-apple-darwin': 'a53bfb8e501431870b99243cbac24f6103d67f8be094930f174829bb249f34c4',
-        'aarch64-apple-darwin': '6b15d977408847ac977c2e060c7aab84a69e6e90c79390098dd40a6b75256e50',
+          'e11a0658c2d5a3c00409ea447241b3f1f3a215d70fa396b8a3ed633226f0a11f',
+        'x86_64-apple-darwin': 'fed0e9c3fc32589031229fb177ef3b3324e0096e742802898976812174bdd12d',
+        'aarch64-apple-darwin': 'dd36c33e495b8046501f0824fbc08f069973cab5ee210275ab9de3af932d79e8',
       },
     },
   },

package.json

@@ -5,14 +5,15 @@
   "main": "./out/main/index.js",
   "scripts": {
     "dev": "yarn write:configs && yarn pouch:unpack && yarn create:icons && electron-vite dev",
-    "setup": "yarn && yarn fetch:binaries && yarn write:configs",
+    "setup": "yarn && yarn fetch:binaries && yarn fetch:webhapp && yarn write:configs",
     "typecheck:node": "tsc --noEmit -p tsconfig.node.json --composite false",
     "typecheck:web": "tsc --noEmit -p tsconfig.web.json --composite false",
     "typecheck": "yarn typecheck:node && yarn typecheck:web",
     "fetch:binaries": "node ./scripts/fetch-binaries.js",
+    "fetch:webhapp": "node ./scripts/fetch-webhapp.js",
     "pouch:unpack": "node ./scripts/unpack-pouch.js",
     "create:icons": "node ./scripts/create-icons.js",
-    "write:configs": "node ./scripts/write-builder-config.js",
+    "write:configs": "node ./scripts/write-configs.js",
     "build": "yarn write:configs && yarn pouch:unpack && yarn create:icons && yarn typecheck && electron-vite build",
     "build:win": "yarn build && electron-builder --win --config",
     "build:mac-arm64": "yarn build && electron-builder --mac --arm64 --config",
@@ -23,16 +24,17 @@
   "dependencies": {
     "@electron-toolkit/preload": "^3.0.1",
     "@electron-toolkit/utils": "^3.0.0",
-    "@holochain/client": "0.18.0-rc.1",
-    "@holochain/hc-spin-rust-utils": "0.400.0",
-    "@lightningrodlabs/we-rust-utils": "0.400.1",
+    "@holochain/client": "0.19.0-rc.0",
+    "@holochain/hc-spin-rust-utils": "0.500.0-rc.0",
     "@matthme/electron-updater": "6.3.0-alpha.1",
     "@msgpack/msgpack": "^2.8.0",
     "adm-zip": "0.5.14",
     "bufferutil": "4.0.8",
     "commander": "12.1.0",
     "electron-context-menu": "3.6.1",
     "get-port": "7.0.0",
+    "js-sha512": "^0.9.0",
+    "js-yaml": "4.1.0",
     "nanoid": "5.0.4",
     "semver": "^7.6.2",
     "split": "1.0.1",
@@ -51,7 +53,6 @@
     "eslint": "^8.0.1",
     "eslint-plugin-import": "^2.25.0",
     "jimp": "^1.6.0",
-    "js-yaml": "4.1.0",
     "make-dir-cli": "^3.1.0",
     "ncp": "^2.0.0",
     "octokit": "4.0.2",

scripts/download.js

@@ -0,0 +1,34 @@
+/* eslint-disable @typescript-eslint/no-var-requires */
+const childProcess = require('child_process');
+const crypto = require('crypto');
+const fs = require('fs');
+
+
+function downloadFile(url, targetPath, expectedSha256Hex, chmod = false) {
+  console.log('Downloading from ', url);
+  childProcess.exec(`curl -f -L --output ${targetPath} ${url}`, (error, stdout, stderr) => {
+    console.log(stdout);
+    console.log(stderr);
+    if (error !== null) {
+      console.log('exec error: ' + error);
+      throw new Error('Failed to fetch resource.');
+    } else {
+      const fileBytes = fs.readFileSync(targetPath);
+      const hasher = crypto.createHash('sha256');
+      hasher.update(fileBytes);
+      const sha256Hex = hasher.digest('hex');
+      if (sha256Hex !== expectedSha256Hex)
+        throw new Error(
+          `sha256 does not match the expected sha256. Got ${sha256Hex} but expected ${expectedSha256Hex}`
+        );
+
+      console.log('Download successful. sha256 of file (hex): ', sha256Hex);
+      if (chmod) {
+        fs.chmodSync(targetPath, 511);
+        console.log('Gave executable permission to file.');
+      }
+    }
+  });
+}
+
+module.exports = downloadFile;

scripts/fetch-binaries.js

@@ -1,9 +1,8 @@
 /* eslint-disable @typescript-eslint/no-var-requires */
 const fs = require('fs');
 const path = require('path');
-const crypto = require('crypto');
 const tsNode = require('ts-node');
-const childProcess = require('child_process');
+const downloadFile = require('./download');
 
 tsNode.register();
 
@@ -46,33 +45,6 @@ const lairBinaryFilename = `lair-keystore-v${kangarooConfig.bins.lair.version}-$
   process.platform === 'win32' ? '.exe' : ''
 }`;
 
-function downloadFile(url, targetPath, expectedSha256Hex, chmod = false) {
-  console.log('Downloading from ', url);
-  childProcess.exec(`curl -f -L --output ${targetPath} ${url}`, (error, stdout, stderr) => {
-    console.log(stdout);
-    console.log(stderr);
-    if (error !== null) {
-      console.log('exec error: ' + error);
-      throw new Error('Failed to fetch resource.');
-    } else {
-      const fileBytes = fs.readFileSync(targetPath);
-      const hasher = crypto.createHash('sha256');
-      hasher.update(fileBytes);
-      const sha256Hex = hasher.digest('hex');
-      if (sha256Hex !== expectedSha256Hex)
-        throw new Error(
-          `sha256 does not match the expected sha256. Got ${sha256Hex} but expected ${expectedSha256Hex}`
-        );
-
-      console.log('Download successful. sha256 of file (hex): ', sha256Hex);
-      if (chmod) {
-        fs.chmodSync(targetPath, 511);
-        console.log('Gave executable permission to file.');
-      }
-    }
-  });
-}
-
 function downloadHolochainBinary() {
   const holochainBinaryRemoteFilename = `holochain-v${kangarooConfig.bins.holochain.version}-${targetEnding}`;
   const holochainBinaryUrl = `https://github.com/matthme/holochain-binaries/releases/download/holochain-binaries-${kangarooConfig.bins.holochain.version}/${holochainBinaryRemoteFilename}`;