Merge pull request #36 from rockbruno/properties-publics

Dry-run, Wrapper refactor, CircleCI

.circleci/config.yml

@@ -0,0 +1,60 @@
+version: 2
+
+aliases:      
+  - &install-bundle-dependencies
+    |
+      bundle install
+
+base_job: &base_job
+  macos:
+    xcode: "10.0.0"
+  shell: /bin/bash --login -eo pipefail
+  environment:
+    LC_ALL: en_US.UTF-8
+    LANG: en_US.UTF-8
+
+jobs:
+  build-and-test:
+    <<: *base_job
+
+    steps:
+      - checkout
+
+      - run:
+          name: Chruby
+          command: chruby
+
+      - run:
+          name: Install bundled gems
+          command: *install-bundle-dependencies
+
+      - run:
+          name: Run tests
+          command: bundle exec fastlane tests --verbose
+
+      - run:
+          name: Danger
+          command: bundle exec danger
+          when: always
+
+      - run:
+          name: Generate test results
+          command: cp fastlane/test_output/report.junit fastlane/test_output/results.xml
+          when: always
+
+      - store_test_results:
+          path: fastlane/test_output
+
+      - store_artifacts:
+          path: fastlane/test_output
+          destination: scan-test-results
+
+      - store_artifacts:
+          path: ~/Library/Logs/scan
+          destination: scan-logs
+
+workflows:
+  version: 2
+  build:
+    jobs:
+      - build-and-test

.gitignore

@@ -1,2 +1,55 @@
+## macOS
+.DS_Store
 
+## Build generated
+build/
+DerivedData/
+
+## Various settings
+*.pbxuser
+!default.pbxuser
+*.mode1v3
+!default.mode1v3
+*.mode2v3
+!default.mode2v3
+*.perspectivev3
+!default.perspectivev3
+xcuserdata/
+
+## Other
+*.moved-aside
+*.xccheckout
+*.xcscmblueprint
 *.profraw
+*.xcuserdata
+*.xcuserstate
+
+## Obj-C/Swift specific
+*.hmap
+*.ipa
+*.dSYM.zip
+*.dSYM
+*.orig
+
+## Playgrounds
+timeline.xctimeline
+playground.xcworkspace
+
+# Swift Package Manager
+.build/
+
+# CocoaPods
+Pods/
+
+# Carthage
+Carthage/Build
+
+# fastlane
+fastlane/README.md
+fastlane/report.xml
+fastlane/Preview.html
+fastlane/screenshots/*
+fastlane/test_output/*
+
+# CircleCI
+vendor/*

Gemfile

@@ -0,0 +1,10 @@
+source 'https://rubygems.org'
+
+gem 'synx'
+gem 'fastlane'
+
+# Danger
+gem 'xcpretty'
+gem 'xcpretty-json-formatter'
+gem 'danger'
+gem 'danger-xcode_summary'

Gemfile.lock

@@ -0,0 +1,195 @@
+GEM
+  remote: https://rubygems.org/
+  specs:
+    CFPropertyList (3.0.0)
+    addressable (2.5.2)
+      public_suffix (>= 2.0.2, < 4.0)
+    atomos (0.1.3)
+    babosa (1.0.2)
+    claide (1.0.2)
+    claide-plugins (0.9.2)
+      cork
+      nap
+      open4 (~> 1.3)
+    clamp (0.6.5)
+    colored (1.2)
+    colored2 (3.1.2)
+    colorize (0.8.1)
+    commander-fastlane (4.4.6)
+      highline (~> 1.7.2)
+    cork (0.3.0)
+      colored2 (~> 3.1)
+    danger (5.6.7)
+      claide (~> 1.0)
+      claide-plugins (>= 0.9.2)
+      colored2 (~> 3.1)
+      cork (~> 0.1)
+      faraday (~> 0.9)
+      faraday-http-cache (~> 1.0)
+      git (~> 1.5)
+      kramdown (~> 1.5)
+      no_proxy_fix
+      octokit (~> 4.7)
+      terminal-table (~> 1)
+    danger-plugin-api (1.0.0)
+      danger (> 2.0)
+    danger-xcode_summary (0.5.0)
+      danger-plugin-api (~> 1.0)
+    declarative (0.0.10)
+    declarative-option (0.1.0)
+    domain_name (0.5.20180417)
+      unf (>= 0.0.5, < 1.0.0)
+    dotenv (2.5.0)
+    emoji_regex (0.1.1)
+    excon (0.62.0)
+    faraday (0.15.3)
+      multipart-post (>= 1.2, < 3)
+    faraday-cookie_jar (0.0.6)
+      faraday (>= 0.7.4)
+      http-cookie (~> 1.0.0)
+    faraday-http-cache (1.3.1)
+      faraday (~> 0.8)
+    faraday_middleware (0.12.2)
+      faraday (>= 0.7.4, < 1.0)
+    fastimage (2.1.4)
+    fastlane (2.104.0)
+      CFPropertyList (>= 2.3, < 4.0.0)
+      addressable (>= 2.3, < 3.0.0)
+      babosa (>= 1.0.2, < 2.0.0)
+      bundler (>= 1.12.0, < 2.0.0)
+      colored
+      commander-fastlane (>= 4.4.6, < 5.0.0)
+      dotenv (>= 2.1.1, < 3.0.0)
+      emoji_regex (~> 0.1)
+      excon (>= 0.45.0, < 1.0.0)
+      faraday (~> 0.9)
+      faraday-cookie_jar (~> 0.0.6)
+      faraday_middleware (~> 0.9)
+      fastimage (>= 2.1.0, < 3.0.0)
+      gh_inspector (>= 1.1.2, < 2.0.0)
+      google-api-client (>= 0.21.2, < 0.24.0)
+      highline (>= 1.7.2, < 2.0.0)
+      json (< 3.0.0)
+      mini_magick (~> 4.5.1)
+      multi_json
+      multi_xml (~> 0.5)
+      multipart-post (~> 2.0.0)
+      plist (>= 3.1.0, < 4.0.0)
+      public_suffix (~> 2.0.0)
+      rubyzip (>= 1.2.2, < 2.0.0)
+      security (= 0.1.3)
+      simctl (~> 1.6.3)
+      slack-notifier (>= 2.0.0, < 3.0.0)
+      terminal-notifier (>= 1.6.2, < 2.0.0)
+      terminal-table (>= 1.4.5, < 2.0.0)
+      tty-screen (>= 0.6.3, < 1.0.0)
+      tty-spinner (>= 0.8.0, < 1.0.0)
+      word_wrap (~> 1.0.0)
+      xcodeproj (>= 1.6.0, < 2.0.0)
+      xcpretty (~> 0.3.0)
+      xcpretty-travis-formatter (>= 0.0.3)
+    gh_inspector (1.1.3)
+    git (1.5.0)
+    google-api-client (0.23.9)
+      addressable (~> 2.5, >= 2.5.1)
+      googleauth (>= 0.5, < 0.7.0)
+      httpclient (>= 2.8.1, < 3.0)
+      mime-types (~> 3.0)
+      representable (~> 3.0)
+      retriable (>= 2.0, < 4.0)
+      signet (~> 0.9)
+    googleauth (0.6.6)
+      faraday (~> 0.12)
+      jwt (>= 1.4, < 3.0)
+      memoist (~> 0.12)
+      multi_json (~> 1.11)
+      os (>= 0.9, < 2.0)
+      signet (~> 0.7)
+    highline (1.7.10)
+    http-cookie (1.0.3)
+      domain_name (~> 0.5)
+    httpclient (2.8.3)
+    json (2.1.0)
+    jwt (2.1.0)
+    kramdown (1.17.0)
+    memoist (0.16.0)
+    mime-types (3.2.2)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2018.0812)
+    mini_magick (4.5.1)
+    multi_json (1.13.1)
+    multi_xml (0.6.0)
+    multipart-post (2.0.0)
+    nanaimo (0.2.6)
+    nap (1.1.0)
+    naturally (2.2.0)
+    no_proxy_fix (0.1.2)
+    octokit (4.12.0)
+      sawyer (~> 0.8.0, >= 0.5.3)
+    open4 (1.3.4)
+    os (1.0.0)
+    plist (3.4.0)
+    public_suffix (2.0.5)
+    representable (3.0.4)
+      declarative (< 0.1.0)
+      declarative-option (< 0.2.0)
+      uber (< 0.2.0)
+    retriable (3.1.2)
+    rouge (2.0.7)
+    rubyzip (1.2.2)
+    sawyer (0.8.1)
+      addressable (>= 2.3.5, < 2.6)
+      faraday (~> 0.8, < 1.0)
+    security (0.1.3)
+    signet (0.9.1)
+      addressable (~> 2.3)
+      faraday (~> 0.9)
+      jwt (>= 1.5, < 3.0)
+      multi_json (~> 1.10)
+    simctl (1.6.5)
+      CFPropertyList
+      naturally
+    slack-notifier (2.3.2)
+    synx (0.2.1)
+      clamp (~> 0.6)
+      colorize (~> 0.7)
+      xcodeproj (~> 1.0)
+    terminal-notifier (1.8.0)
+    terminal-table (1.8.0)
+      unicode-display_width (~> 1.1, >= 1.1.1)
+    tty-cursor (0.6.0)
+    tty-screen (0.6.5)
+    tty-spinner (0.8.0)
+      tty-cursor (>= 0.5.0)
+    uber (0.1.0)
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.7.5)
+    unicode-display_width (1.4.0)
+    word_wrap (1.0.0)
+    xcodeproj (1.6.0)
+      CFPropertyList (>= 2.3.3, < 4.0)
+      atomos (~> 0.1.3)
+      claide (>= 1.0.2, < 2.0)
+      colored2 (~> 3.1)
+      nanaimo (~> 0.2.6)
+    xcpretty (0.3.0)
+      rouge (~> 2.0.7)
+    xcpretty-json-formatter (0.1.1)
+      xcpretty (~> 0.2, >= 0.0.7)
+    xcpretty-travis-formatter (1.0.0)
+      xcpretty (~> 0.2, >= 0.0.7)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  danger
+  danger-xcode_summary
+  fastlane
+  synx
+  xcpretty
+  xcpretty-json-formatter
+
+BUNDLED WITH
+   1.16.5

README.md

@@ -114,12 +114,8 @@ swiftshield -automatic -project-root /app/MyApp -automatic-project-file /app/MyA
 
 - `-ignore-modules`: Prevent certain modules from being obfuscated, separated by a comma. Use this if a certain module can't be properly obfuscated. Note that this should be the exact name of the imported module (not the target name!). Example: `MyLib,MyAppRichNotifications,MyAppWatch_Extension`
 
-- `-verbose`: Prints additional information.
-
 - `-show-sourcekit-queries`: Prints queries sent to SourceKit. Note that they are huge and will absolutely clutter your terminal, so use this only for bug reports and feature development!
 
-- `-obfuscation-character-count`: Set the number of characters that obfuscated names will have. By default, this is `32`. Be aware that using a small number will result in slower runs due to the higher possibility of name collisions.
-
 ### Manual mode
 
 ```
@@ -133,10 +129,14 @@ swiftshield -project-root /app/MyApp
 
 - `-tag`: Uses a custom tag. Default is `__s`.
 
+### Aditional parameters for both modes
+
 - `-verbose`: Prints additional information.
 
 - `-obfuscation-character-count`: Set the number of characters that obfuscated names will have. By default, this is `32`. Be aware that using a small number will result in slower runs due to the higher possibility of name collisions.
 
+- `-dry-run`: Does not actually overwrite the files. Useful for debugging!
+
 
 ## 🤝 Contributing
 
@@ -146,9 +146,10 @@ Contributions to SwiftShield are more than welcome! There's no contribution guid
 ## ✅ Automatic Mode Next Steps
 
 - [X] Method names
+- [X] Update Extension plists (Rich Notifications / Watch main classes)
+- [ ] "SDK Mode" (ignore `public`)
 - [ ] Properties
 - [ ] Module names
-- [ ] Update Extension plists (Rich Notifications / Watch main classes)
 
 
 ## License
@@ -158,4 +159,4 @@ SwiftShield is released under the GNU GPL v3.0 license. See LICENSE for details.
 
 ## Thanks
 
-Thanks to John Holdsworth from [Refactorator](https://github.com/johnno1962/Refactorator) for `SourceKit.swift`, and to SourceKitten for helping me figure out which compile arguments to ignore for SourceKit.
+Thanks to John Holdsworth from [Refactorator](https://github.com/johnno1962/Refactorator) for `SourceKit.swift`, Apple for their open-source SourceKit wrapper and to SourceKitten for helping me figure out which compile arguments to ignore for SourceKit.

SOURCEKITISSUES.md

@@ -17,5 +17,5 @@ The following types and cases might be working correctly in SourceKit, but are c
 - Typealiases and Associated Types: Not always indexed (`typealias Foo = UIImage | extension Foo {}` - Foo is ignored and indexed as UIImage). Note that these can't be reverse-engineered as they are purely an editor thing, so no action is required!
 - Enum cases and names: Although they are correctly indexed, some enums like `CodingKeys` are not meant to be changed. This will be activated again once the way to determine if an enum is related to internal frameworks is implemented.
 - **IN-REVIEW**: Methods with names under four characters: Operators only get indexed as such if they are declared in a global scope. Since most people use `public static func`, they get indexed as regular methods. To prevent operators from being obfuscated, methods with names shorter than four characters won't get obfuscated.
-- Properties: Not implemented yet!
+- Properties: Properties are on hold for a while because they break derived `Codable` types. Although the obfuscation works correctly, if you build `Codable` types to work on top of a backend's json, parsing will fail because of the different property name.
 - Module names: Not implemented yet!

SwiftShield.podspec

@@ -1,7 +1,7 @@
 Pod::Spec.new do |s|
   s.name = 'SwiftShield'
   s.module_name = 'SwiftShield'
-  s.version = '3.3.0'
+  s.version = '3.3.1'
   s.license = { type: 'GNU GPL v3.0', file: 'LICENSE.md' }
   s.summary = 'A tool that protects Swift iOS apps against class-dump attacks.'
   s.homepage = 'https://github.com/rockbruno/swiftshield'

SwiftShieldExample/SwiftShieldExample.xcodeproj/xcuserdata/bruno.rocha.xcuserdatad/xcschemes/xcschememanagement.plist

@@ -9,6 +9,11 @@
 			<key>orderHint</key>
 			<integer>3</integer>
 		</dict>
+		<key>SwiftShieldExample.xcscheme_^#shared#^_</key>
+		<dict>
+			<key>orderHint</key>
+			<integer>3</integer>
+		</dict>
 	</dict>
 </dict>
 </plist>