import type { CIRunner, ExtraFileReference, FilePath, IAppBuilderLib, PlatformName, Release, } from './desktopify'; import type { MacTarget, WindowsTarget } from './hsm'; export interface Schemable { schemaVersion?: number; } type CompositeIdFileLocationKey = string; export type StaticAnalysisItem = { hidden: boolean }; export type ProgressTypes = 'done' | 'error' | 'progress' | 'queued'; export interface IChecklistItem { [id: string]: boolean; } export interface IDownloadButtonOptions { bgColor: string; borderRadius: number; btnText: string; buttonSize: 'large' | 'medium' | 'small'; fgColor: string; fontFamily: 'sans-serif' | 'serif'; showAppIcon: { alignment: 'left' | 'right'; enabled: boolean; }; showDownloadIcon: { alignment: 'left' | 'right'; enabled: boolean; }; } export enum WindowsEVOnboardingSteps { 'hasBeenVerified' = 'hasBeenVerified', 'hasChosenProvider' = 'hasChosenProvider', 'hasGeneratedCert' = 'hasGeneratedCert', 'hasOrderedCert' = 'hasOrderedCert', 'hasUploadedCert' = 'hasUploadedCert', } export enum WindowsEVOnboardingProvider { 'globalsign' = 'globalsign', 'other' = 'other', } export interface IAppBuildProgress { isBuilding: boolean; message: string; percent: number; shouldSkip: boolean; type: ProgressTypes; } export interface IAppMeta { appIterations?: number; autoSecurityUpdatesEnabled?: boolean; // Only applicable to ToDesktop Builder ciRunner?: CIRunner; completedChecklistItems?: IChecklistItem; currentBuildProgress?: { channel?: string; id?: string; linux?: IAppBuildProgress; mac?: IAppBuildProgress; projectConfig?: ToDesktopJson; releaseId?: Release['id']; shouldCodeSign?: boolean; shouldRelease?: boolean; shouldSendCompletionEmail?: boolean; source?: 'security-update'; sourceArchiveDetails?: { bucket: string; hash?: string; key: string; url: string; }; windows?: IAppBuildProgress; }; downloadButtons?: { linux: IDownloadButtonOptions; mac: IDownloadButtonOptions; universal: IDownloadButtonOptions; windows: IDownloadButtonOptions; }; firstSuccessfulBuildEndedAt?: string; forceVersionNumber?: string; isAppChanged?: boolean; isFrameBlocked?: boolean; isHttps?: boolean; latestReleaseBuildId?: string; previousInstallLockSha?: string; publishedVersions: { desktopify?: string; electron?: string; version?: string; }; releaseRedirections?: ReleaseRedirectionRule[]; staticAnalysis?: Record; webhookHMACKey?: string; webhooks?: { release?: string; }; windowsEVOnboarding?: { [WindowsEVOnboardingSteps.hasBeenVerified]: boolean; [WindowsEVOnboardingSteps.hasChosenProvider]: boolean; [WindowsEVOnboardingSteps.hasGeneratedCert]: boolean; [WindowsEVOnboardingSteps.hasOrderedCert]: boolean; [WindowsEVOnboardingSteps.hasUploadedCert]: boolean; provider: WindowsEVOnboardingProvider; tempHSMCertName: string; }; } export interface ElectronFuses { /** Controls whether the cookie store on disk is encrypted using OS-level cryptography. Default: false (disabled). */ enableCookieEncryption?: boolean; /** Controls whether Electron validates the integrity of the app.asar file. Default: false (disabled). */ enableEmbeddedAsarIntegrityValidation?: boolean; /** Controls whether command line arguments like --inspect are respected. Default: true (enabled). */ enableNodeCliInspectArguments?: boolean; /** Controls whether the NODE_OPTIONS environment variable is respected. Default: true (enabled). */ enableNodeOptionsEnvironmentVariable?: boolean; /** Controls whether pages loaded via file:// protocol get extra privileges. Requires Electron 29+. Default: true (enabled). */ grantFileProtocolExtraPrivileges?: boolean; /** Controls whether the browser process uses a V8 snapshot file. Default: false (disabled). */ loadBrowserProcessSpecificV8Snapshot?: boolean; /** Controls whether Electron only loads the app from an asar archive. Default: false (disabled). */ onlyLoadAppFromAsar?: boolean; /** Controls whether the ELECTRON_RUN_AS_NODE environment variable is respected. Default: true (enabled). */ runAsNode?: boolean; } export interface ElectronAppMigration { targetAppId: string; targetOrganizationUnitId: string; } export interface MacMigrationBuildConfig { currentOrganizationUnitId: string; targetOrganizationUnitId: string; } export interface ToDesktopJson { appBuilderLibVersion?: string; appFiles?: string[]; appId?: string; appPath?: FilePath; appProtocolScheme?: string | string[]; asar?: boolean; asarUnpack?: boolean | string[]; bucket?: string; buildVersion?: string; bunVersion?: string; bytenode?: { enabled?: boolean; files?: string[]; }; copyright?: string; dmg?: { artifactName?: string; background?: FilePath; backgroundColor?: string; contents?: NonNullable['contents']; iconSize?: number; iconTextSize?: number; title?: string; window?: NonNullable['window']; }; electronMirror?: string; electronVersion?: string; extraContentFiles?: ExtraFileReference[]; extraResources?: ExtraFileReference[]; fileAssociations?: IAppBuilderLib['config']['fileAssociations']; filesForDistribution?: string[]; fuses?: ElectronFuses; icon: FilePath; id: string; includeSubNodeModules?: boolean; linux?: { category?: string; deb?: { additionalDepends?: string[]; depends?: string[]; }; executableArgs?: string[]; icon?: FilePath; imageVersion?: string; noSandbox?: 'probe' | boolean; }; mac?: { additionalBinariesToSign?: FilePath[]; category?: string; dmgBackground?: FilePath; entitlements?: FilePath; entitlementsInherit?: FilePath; extendInfo?: NonNullable['extendInfo']; icon?: FilePath; provisioningProfile?: FilePath; requirements?: FilePath; }; macMigration?: MacMigrationBuildConfig; mas?: { entitlements?: FilePath; entitlementsInherit?: FilePath; minimumSystemVersion?: string; provisioningProfile?: FilePath; type?: 'development' | 'distribution'; // defaults to development x64ArchFiles?: string; }; nodeVersion?: string; npmVersion?: string; packageManager?: 'bun' | 'npm' | 'pnpm' | 'yarn'; pnpmVersion?: string; productName?: string; rebuildLibrary?: '@electron/rebuild' | 'app-builder'; schemaVersion: number; snap?: IAppBuilderLib['config']['snap']; updateUrlBase?: string; uploadSizeLimit?: number; useCachedDependencies?: boolean; windows?: { icon?: FilePath; nsisCustomBinary?: { checksum?: string; debugLogging?: boolean; url: string; version?: string; }; nsisInclude?: FilePath; publisherName?: string[]; }; yarnVersion?: string; } export enum WindowsHSMCertType { azureTrustedSigning = 'azureTrustedSigning', ev = 'ev', file = 'file', } export interface CustomWindowsCodeSignFile { certType: string; hsmCertName: string; hsmCertType: WindowsHSMCertType.file; } export interface CustomWindowsCodeSignEV { certType: 'hsm'; hsmCertName: string; hsmCertType: WindowsHSMCertType.ev; } export interface CustomWindowsCodeSignAzureTrustedSigning { azureBaseSettings: { $azureClientSecretRef: string; clientId: string; codeSigningAccountName: string; resourceGroupName: string; subscriptionId: string; tenantId: string; }; azureCredentialsStored: boolean; azureSettings?: { accountUri: string; certificateProfileId: string; certificateProfileName: string; publisherName: string; }; certType: 'azureTrustedSigning'; } export type CustomMacCodeSign = | { certName: string; certPassword: string; certUrl: string; type: 'url'; } | { type: 'hsm'; }; export type CustomLinuxPGPKey = { $key: string; $password?: string; }; export type CustomMacNotarization = | CustomNotarizationApiKeyAuth | CustomNotarizationPasswordHsmAuth; export interface CustomNotarizationApiKeyAuth { $appleApiKey: string; appleApiIssuer: string; appleApiKeyId: string; type: 'hsm-api'; } export interface CustomNotarizationPasswordHsmAuth { $appSpecificPassword: string; appleId: string; teamId: string; type: 'hsm'; } export type ReleaseRedirectionRule = | { appId: string; disabled?: boolean; rule: 'appByPercentage'; salt: string; schedule?: { at: string; percentage: number }[]; } | { appId: string; ipList: string[]; rule: 'appByIp'; } | { appId: string; rule: 'app'; } | { buildId: string; ipList: string[]; rule: 'buildByIp'; } | { buildId: string; platforms: PlatformName[]; rule: 'buildByPlatform'; } | { feedUrl: string; ipList: string[]; rule: 'appByIp'; } | { feedUrl: string; rule: 'app'; }; export interface BaseApp extends Schemable { appModelId?: string; // artifact configs appxConfig?: Partial; cloned?: { appId: string; buildId?: string; clonedAt: string; clonedBy: string; stage: 'dev' | 'local' | 'prod'; }; // artifact configs customDomain?: string; customLinuxPgpKey?: CustomLinuxPGPKey; customMacCodeSign?: CustomMacCodeSign; customNotarization?: CustomMacNotarization; customWindowsCodeSign?: | CustomWindowsCodeSignAzureTrustedSigning | CustomWindowsCodeSignEV | CustomWindowsCodeSignFile; debConfig?: { enableUnattendedUpgrades?: boolean; installAptSources?: boolean; }; domainVerificationCode?: string; electronAppMigration?: ElectronAppMigration; id: string; macHsmCertNames?: Record; macUniversalInstallerConfig?: { shouldPinToVersion?: boolean; }; masConfig?: { arch?: 'arm64' | 'universal'; } & Partial; meta?: IAppMeta; nsisConfig?: Partial; parent?: { id: string; relationshipToParent: string } | null; // this property is dynamically resolved at queueBuild in cloud functions parentApp?: BaseApp; releasable?: boolean; // artifacts shouldCreate32BitWindowsArtifacts?: boolean; shouldCreateAppImages?: boolean; shouldCreateAppleIntelArtifacts?: boolean; shouldCreateAppleSiliconAssets?: boolean; shouldCreateAppXFiles?: boolean; shouldCreateArm64LinuxArtifacts?: boolean; shouldCreateArm64WindowsArtifacts?: boolean; shouldCreateDebianPackages?: boolean; shouldCreateDMGs?: boolean; shouldCreateMacAppStoreFiles?: boolean; shouldCreateMacPKG?: boolean; shouldCreateMacUniversalInstaller?: boolean; shouldCreateMacZipInstallers?: boolean; shouldCreateMSIInstallers?: boolean; shouldCreateNSISInstallers?: boolean; shouldCreateNSISWebInstaller?: boolean; shouldCreateRPMPackages?: boolean; shouldCreateSnapFiles?: boolean; snapStore?: { description?: string; login?: string }; subscription?: Subscription; useTdCert?: boolean; windowsHsmCertNames?: Record; } export type Subscription = { itemId: string; planId: string; priceId?: string; // todo: remove optional qualifier once we complete migration productId?: string; status: string; subscriptionId: string; };