Merge branch 'develop' of https://github.com/rainbow-me/rainbow into …

…@benisgold/user-assets-migration-v2

.detoxrc.js

@@ -9,7 +9,7 @@ module.exports = {
   devices: {
     'ios.simulator': {
       type: 'ios.simulator',
-      device: { type: 'iPhone 15 Pro' },
+      device: { type: 'iPhone 16 Pro' },
     },
     'android.attached': {
       type: 'android.attached',

.github/workflows/comments-watchdog.yml

@@ -0,0 +1,71 @@
+name: Comments watchdog
+
+on:
+  issue_comment:
+    types: [created]
+  pull_request_review_comment:
+    types: [created]
+  discussion_comment:
+    types: [created]
+
+jobs:
+  remove_spam_comments:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up environment
+        run: |
+          # Create an empty file to log deleted comments
+          touch deleted_comments_log.txt
+
+      - name: Get list of organization members
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          # Fetch the list of users in the organization
+          ORG_MEMBERS=$(curl -s -H "Authorization: token $GITHUB_TOKEN" \
+          "https://api.github.com/orgs/${{ github.repository_owner }}/members" | jq -r '.[].login')
+          
+          # Save the allowlisted users in a file
+          echo "$ORG_MEMBERS" > allowlisted_users.txt
+
+      - name: Check comment for spam
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          COMMENT_ID=$(jq -r '.comment.id' < "$GITHUB_EVENT_PATH")
+          COMMENT_BODY=$(jq -r '.comment.body' < "$GITHUB_EVENT_PATH")
+          COMMENT_USER=$(jq -r '.comment.user.login' < "$GITHUB_EVENT_PATH")
+          
+          # Check if the comment user is allowlisted
+          if grep -q "$COMMENT_USER" allowlisted_users.txt; then
+            echo "Comment by $COMMENT_USER is from an allowlisted user. No action taken."
+            exit 0
+          fi
+
+          # Define enhanced spam keywords/phrases regex
+          SPAM_KEYWORDS="(message (support|help)|contact support|contact (agent|live agent)|telegram|live chat|https?://t\.me/|resolve your (issue|request))"
+
+          # Check if the comment contains any spam patterns
+          if echo "$COMMENT_BODY" | grep -iE "$SPAM_KEYWORDS"; then
+            echo "Spam comment detected: $COMMENT_BODY"
+            
+            # Delete the comment using the GitHub API
+            curl -X DELETE \
+              -H "Authorization: token $GITHUB_TOKEN" \
+              -H "Accept: application/vnd.github.v3+json" \
+              "https://api.github.com/repos/${{ github.repository }}/issues/comments/$COMMENT_ID" || \
+              "https://api.github.com/repos/${{ github.repository }}/pulls/comments/$COMMENT_ID" || \
+              "https://api.github.com/repos/${{ github.repository }}/discussions/comments/$COMMENT_ID"
+              
+            echo "Spam comment deleted"
+            # Log the deleted comment
+            echo "Deleted comment from user $COMMENT_USER: $COMMENT_BODY" >> deleted_comments_log.txt
+          else
+            echo "No spam detected"
+          fi
+
+      - name: Upload deleted comments log as artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: deleted-comments-log
+          path: deleted_comments_log.txt

.github/workflows/macstadium-builds.yml

@@ -45,7 +45,8 @@ jobs:
             ${{ steps.yarn-cache-dir-path.outputs.dir }}
             .yarn/cache
             .yarn/install-state.gz
-          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+            !.eslintcache # Exclude eslint cache
+          key: ${{ runner.os }}-yarn-${{ github.sha }}  # Cache per commit
           restore-keys: |
             ${{ runner.os }}-yarn-
 
@@ -58,7 +59,9 @@ jobs:
           npx react-native info
 
       - name: Install pods
-        run: yarn install-bundle && yarn install-pods
+        run: |
+          rm -rf /Users/administrator/.cocoapods/repos/cocoapods/.git/index.lock
+          yarn install-bundle && yarn install-pods
 
       - uses: irgaly/xcode-cache@v1
         with:
@@ -74,6 +77,9 @@ jobs:
           xcodebuild -workspace ios/Rainbow.xcworkspace -scheme Rainbow -configuration Release -sdk iphonesimulator -derivedDataPath ios/build
           APP_DIR=$(find . -name "*.app" | head -n 1)
           cd $APP_DIR && zip -r ../../../../../../App.zip .
+      - name: Set up Appstore Key
+        run: |
+          cp ~/appstore/AuthKey_63N65C2G2S.p8 ios/fastlane/AuthKey_63N65C2G2S.p8
 
         # TOPHAT iOS DEVICE  
       - name: Build the app in release mode for iOS devices
@@ -82,7 +88,7 @@ jobs:
           FASTLANE_PASSWORD: ${{ secrets.FASTLANE_PASSWORD }}
           MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }}
         run: |
-            cd ios && bundle exec fastlane ios build_device
+            cd ios && gem update fastlane && bundle exec fastlane ios build_device
       - name: Upload builds to AWS S3
         env:
           AWS_BUCKET: rainbow-app-team-production

.github/workflows/macstadium-tests.yml

@@ -18,7 +18,7 @@ jobs:
         run: git config core.sshCommand "ssh -i ~/.ssh/id_ed25519 -F /dev/null"
 
       - name: Clean iOS app
-        run: yarn clean:ios > /dev/null 2>&1 || true
+        run: yarn cache clean && yarn clean:ios > /dev/null 2>&1 || true
 
       - name: Set up ENV vars & scripts
         env:
@@ -40,39 +40,69 @@ jobs:
             ${{ steps.yarn-cache-dir-path.outputs.dir }}
             .yarn/cache
             .yarn/install-state.gz
-          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+            !.eslintcache # Exclude eslint cache
+          key: ${{ runner.os }}-yarn-${{ github.sha }}  # Cache per commit
           restore-keys: |
             ${{ runner.os }}-yarn-
 
       - name: Install dependencies
         run: |
           yarn install && yarn setup
 
+      - name: Set sanitized branch name
+        id: sanitize
+        run: echo "SANITIZED_REF_NAME=${GITHUB_REF_NAME//\//-}" >> $GITHUB_ENV
+
       - name: Upload Yarn cache
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
-          name: yarn-cache
+          name: yarn-cache-${{ env.SANITIZED_REF_NAME }}
           path: |
             .yarn/cache
             .yarn/install-state.gz
 
   # Job for linting and unit tests
   linting-and-unit-tests:
     runs-on: ["self-hosted"]
+    permissions:
+      contents: read
     needs: install-deps
     steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+
+      - name: Set up github keys
+        run: git config core.sshCommand "ssh -i ~/.ssh/id_ed25519 -F /dev/null"
+
+      - name: Set sanitized branch name
+        id: sanitize
+        run: echo "SANITIZED_REF_NAME=${GITHUB_REF_NAME//\//-}" >> $GITHUB_ENV
       - name: Download Yarn cache
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
-          name: yarn-cache
+          name: yarn-cache-${{ env.SANITIZED_REF_NAME }}
           path: .yarn
+      - name: Set up ENV vars & scripts
+        env:
+          CI_SCRIPTS: ${{ secrets.CI_SCRIPTS }}
+        run: |
+          source ~/.zshrc
+          git clone [email protected]:rainbow-me/rainbow-env.git
+          mv rainbow-env/dotenv .env && rm -rf rainbow-env
+          eval $CI_SCRIPTS      
+      - name: Install dependencies
+        run: |
+          yarn install && yarn setup
 
       - name: Check for frozen lockfile
         run: ./scripts/check-lockfile.sh
 
       - name: Audit CI
         run: yarn audit-ci --config audit-ci.jsonc
 
+      - name: Remove ESLint cache
+        run: rm -f .eslintcache
+
       - name: Lint
         run: yarn lint:ci
 
@@ -82,14 +112,39 @@ jobs:
   # iOS build and e2e tests
   e2e-ios:
     runs-on: ["self-hosted"]
-    timeout-minutes: 60
+    concurrency: 
+      group: ${{ github.workflow }}-${{ github.ref }}
+      cancel-in-progress: true
+    permissions:
+      contents: read
+    timeout-minutes: 90
     needs: install-deps
     steps:
+      - name: Checkout repo
+        uses: actions/checkout@v4
+
+      - name: Set up github keys
+        run: git config core.sshCommand "ssh -i ~/.ssh/id_ed25519 -F /dev/null"
+
+      - name: Set sanitized branch name
+        id: sanitize
+        run: echo "SANITIZED_REF_NAME=${GITHUB_REF_NAME//\//-}" >> $GITHUB_ENV
       - name: Download Yarn cache
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
-          name: yarn-cache
+          name: yarn-cache-${{ env.SANITIZED_REF_NAME }}
           path: .yarn
+      - name: Set up ENV vars & scripts
+        env:
+          CI_SCRIPTS: ${{ secrets.CI_SCRIPTS }}
+        run: |
+          source ~/.zshrc
+          git clone [email protected]:rainbow-me/rainbow-env.git
+          mv rainbow-env/dotenv .env && rm -rf rainbow-env
+          eval $CI_SCRIPTS
+      - name: Install dependencies
+        run: |
+          yarn install && yarn setup
 
       - name: Rebuild detox cache
         run: ./node_modules/.bin/detox clean-framework-cache && ./node_modules/.bin/detox build-framework-cache
@@ -99,8 +154,10 @@ jobs:
           npx react-native info
 
       - name: Install pods
-        run: yarn install-bundle && yarn install-pods
-
+        run: |
+          rm -rf /Users/administrator/.cocoapods/repos/cocoapods/.git/index.lock
+          yarn install-bundle && yarn install-pods
+
       - uses: irgaly/xcode-cache@v1
         with:
           key: xcode-cache-deriveddata-${{ github.workflow }}-${{ github.sha }}
@@ -113,4 +170,4 @@ jobs:
 
       - name: Detox iOS e2e tests
         run: |
-          ./scripts/run-retry-tests.sh 3
+          ./scripts/run-retry-tests.sh 3

.gitignore

@@ -132,4 +132,8 @@ InjectedJSBundle.js.LICENSE.txt
 !.yarn/sdks
 !.yarn/versions
 
-src/references/networks.json
+src/references/networks.json
+# Expo
+.expo
+dist/
+web-build/