Merge branch 'main' into e2e/message-sent-interaction

.env.example

@@ -11,7 +11,6 @@ USE_WEB_PROXY=false
 USE_WDYR=false
 CAPTURE_METRICS=false
 ONYX_METRICS=false
-GOOGLE_GEOLOCATION_API_KEY=AIzaSyBqg6bMvQU7cPWDKhhzpYqJrTEnSorpiLI
 
 EXPENSIFY_ACCOUNT_ID_ACCOUNTING=-1
 EXPENSIFY_ACCOUNT_ID_ADMIN=-1

.env.production

@@ -7,4 +7,3 @@ PUSHER_APP_KEY=268df511a204fbb60884
 USE_WEB_PROXY=false
 ENVIRONMENT=production
 SEND_CRASH_REPORTS=true
-GOOGLE_GEOLOCATION_API_KEY=AIzaSyBFKujMpzExz0_z2pAGfPUwkmlaUc-uw1Q

.env.staging

@@ -6,5 +6,4 @@ EXPENSIFY_PARTNER_PASSWORD=e21965746fd75f82bb66
 PUSHER_APP_KEY=268df511a204fbb60884
 USE_WEB_PROXY=false
 ENVIRONMENT=staging
-SEND_CRASH_REPORTS=true
-GOOGLE_GEOLOCATION_API_KEY=AIzaSyD2T1mlByThbUN88O8OPOD8vKuMMwLD4-M
+SEND_CRASH_REPORTS=true

.eslintrc.js

@@ -55,6 +55,11 @@ const restrictedImportPaths = [
         name: 'date-fns/locale',
         message: "Do not import 'date-fns/locale' directly. Please use the submodule import instead, like 'date-fns/locale/en-GB'.",
     },
+    {
+        name: 'expensify-common',
+        importNames: ['Device'],
+        message: "Do not import Device directly, it's known to make VSCode's IntelliSense crash. Please import the desired module from `expensify-common/dist/Device` instead.",
+    },
 ];
 
 const restrictedImportPatterns = [
@@ -100,7 +105,6 @@ module.exports = {
         __DEV__: 'readonly',
     },
     rules: {
-        '@typescript-eslint/no-unsafe-call': 'off',
         '@typescript-eslint/no-unsafe-member-access': 'off',
         '@typescript-eslint/no-unsafe-assignment': 'off',
 
@@ -167,6 +171,7 @@ module.exports = {
 
         // Rulesdir specific rules
         'rulesdir/no-default-props': 'error',
+        'rulesdir/prefer-type-fest': 'error',
         'rulesdir/no-multiple-onyx-in-file': 'off',
         'rulesdir/prefer-underscore-method': 'off',
         'rulesdir/prefer-import-module-contents': 'off',
@@ -235,8 +240,21 @@ module.exports = {
         ],
     },
 
-    // Remove once no JS files are left
     overrides: [
+        // Enforces every Onyx type and its properties to have a comment explaining its purpose.
+        {
+            files: ['src/types/onyx/**/*.ts'],
+            rules: {
+                'jsdoc/require-jsdoc': [
+                    'error',
+                    {
+                        contexts: ['TSInterfaceDeclaration', 'TSTypeAliasDeclaration', 'TSPropertySignature'],
+                    },
+                ],
+            },
+        },
+
+        // Remove once no JS files are left
         {
             files: ['*.js', '*.jsx'],
             rules: {

.github/actions/javascript/getGraphiteString/getGraphiteString.ts

@@ -1,6 +1,15 @@
 import * as core from '@actions/core';
 import fs from 'fs';
 
+type RegressionEntry = {
+    metadata?: {
+        creationDate: string;
+    };
+    name: string;
+    meanDuration: number;
+    meanCount: number;
+};
+
 const run = () => {
     // Prefix path to the graphite metric
     const GRAPHITE_PATH = 'reassure';
@@ -24,11 +33,11 @@ const run = () => {
         }
 
         try {
-            const current = JSON.parse(entry);
+            const current: RegressionEntry = JSON.parse(entry);
 
             // Extract timestamp, Graphite accepts timestamp in seconds
             if (current.metadata?.creationDate) {
-                timestamp = Math.floor(new Date(current.metadata.creationDate as string).getTime() / 1000);
+                timestamp = Math.floor(new Date(current.metadata.creationDate).getTime() / 1000);
             }
 
             if (current.name && current.meanDuration && current.meanCount && timestamp) {

.github/libs/GitUtils.ts

@@ -66,11 +66,11 @@ function getCommitHistoryAsJSON(fromTag: string, toTag: string): Promise<CommitT
         console.log(`Running command: git ${args.join(' ')}`);
         const spawnedProcess = spawn('git', args);
         spawnedProcess.on('message', console.log);
-        spawnedProcess.stdout.on('data', (chunk) => {
+        spawnedProcess.stdout.on('data', (chunk: Buffer) => {
             console.log(chunk.toString());
             stdout += chunk.toString();
         });
-        spawnedProcess.stderr.on('data', (chunk) => {
+        spawnedProcess.stderr.on('data', (chunk: Buffer) => {
             console.error(chunk.toString());
             stderr += chunk.toString();
         });

.github/scripts/enforceRedirect.sh

@@ -0,0 +1,35 @@
+#!/bin/bash
+
+# HelpDot - Whenever an article is moved/renamed/deleted we should verify that
+# we have added a redirect link for it in redirects.csv. This ensures that we don't have broken links.
+
+declare -r RED='\033[0;31m'
+declare -r GREEN='\033[0;32m'
+declare -r NC='\033[0m'
+
+declare -r ARTICLES_DIRECTORY="docs/articles"
+declare -r REDIRECTS_FILE="docs/redirects.csv"
+
+hasRenamedOrDeletedArticle=false
+hasModifiedRedirect=false
+
+if git log origin/main..HEAD --name-status --pretty=format: $ARTICLES_DIRECTORY | grep -q -E "^(R|D)"
+then
+    echo "Articles have been renamed/moved/deleted"
+    hasRenamedOrDeletedArticle=true
+fi
+
+if git log origin/main..HEAD --name-status --pretty=format: $REDIRECTS_FILE | grep -q -E "^(M)"
+then
+    echo "Redirects.csv has been modified"
+    hasModifiedRedirect=true
+fi
+
+if [[ $hasRenamedOrDeletedArticle == true  && $hasModifiedRedirect == false ]]
+then
+    echo -e "${RED}Articles have been renamed or deleted. Please add a redirect link for the old article links in redirects.csv${NC}"
+    exit 1
+fi
+
+echo -e "${GREEN}Articles aren't moved or deleted, or a redirect has been added. Please verify that a redirect has been added for all the files moved or deleted${NC}"
+exit 0

.github/scripts/printPodspec.rb

@@ -0,0 +1,35 @@
+#!/usr/bin/env ruby
+
+# This file is a lightweight port of the `pod ipc spec` command.
+# It was built from scratch to imports some 3rd party functions before reading podspecs
+
+require 'cocoapods'
+require 'json'
+
+# Require 3rd party functions needed to parse podspecs. This code is copied from ios/Podfile
+def node_require(script)
+  # Resolve script with node to allow for hoisting
+  require Pod::Executable.execute_command('node', ['-p',
+    "require.resolve(
+      '#{script}',
+      {paths: [process.argv[1]]},
+    )", __dir__]).strip
+end
+node_require('react-native/scripts/react_native_pods.rb')
+node_require('react-native-permissions/scripts/setup.rb')
+
+# Configure pod in silent mode
+Pod::Config.instance.silent = true
+
+# Process command-line arguments
+podspec_files = ARGV
+
+# Validate each podspec file
+podspec_files.each do |podspec_file|
+  begin
+    spec = Pod::Specification.from_file(podspec_file)
+    puts(spec.to_pretty_json)
+  rescue => e
+    STDERR.puts "Failed to validate #{podspec_file}: #{e.message}"
+  end
+end

.github/scripts/verifyPodfile.sh

@@ -8,15 +8,20 @@ source scripts/shellUtils.sh
 
 title "Verifying that Podfile.lock is synced with the project"
 
-declare EXIT_CODE=0
+# Cleanup and exit
+# param - status code
+function cleanupAndExit {
+  cd "$START_DIR" || exit 1
+  exit "$1"
+}
 
 # Check Provisioning Style. If automatic signing is enabled, iOS builds will fail, so ensure we always have the proper profile specified
 info "Verifying that automatic signing is not enabled"
 if grep -q 'PROVISIONING_PROFILE_SPECIFIER = "(NewApp) AppStore"' ios/NewExpensify.xcodeproj/project.pbxproj; then
   success "Automatic signing not enabled"
 else
   error "Error: Automatic provisioning style is not allowed!"
-  EXIT_CODE=1
+  cleanupAndExit 1
 fi
 
 PODFILE_SHA=$(openssl sha1 ios/Podfile | awk '{print $2}')
@@ -29,7 +34,7 @@ if [[ "$PODFILE_SHA" == "$PODFILE_LOCK_SHA" ]]; then
   success "Podfile checksum verified!"
 else
   error "Podfile.lock checksum mismatch. Did you forget to run \`npx pod-install\`?"
-  EXIT_CODE=1
+  cleanupAndExit 1
 fi
 
 info "Ensuring correct version of cocoapods is used..."
@@ -45,45 +50,46 @@ if [[ "$POD_VERSION_FROM_GEMFILE" == "$POD_VERSION_FROM_PODFILE_LOCK" ]]; then
   success "Cocoapods version from Podfile.lock matches cocoapods version from Gemfile"
 else
   error "Cocoapods version from Podfile.lock does not match cocoapods version from Gemfile. Please use \`npm run pod-install\` or \`bundle exec pod install\` instead of \`pod install\` to install pods."
-  EXIT_CODE=1
+  cleanupAndExit 1
 fi
 
 info "Comparing Podfile.lock with node packages..."
 
 # Retrieve a list of podspec directories as listed in the Podfile.lock
-SPEC_DIRS=$(yq '.["EXTERNAL SOURCES"].[].":path" | select( . == "*node_modules*")' < ios/Podfile.lock)
+if ! SPEC_DIRS=$(yq '.["EXTERNAL SOURCES"].[].":path" | select( . == "*node_modules*")' < ios/Podfile.lock); then
+  error "Error: Could not parse podspec directories from Podfile.lock"
+  cleanupAndExit 1
+fi
+
+if ! read_lines_into_array PODSPEC_PATHS < <(npx react-native config | jq --raw-output '.dependencies[].platforms.ios.podspecPath | select ( . != null)'); then
+  error "Error: could not parse podspec paths from react-native config command"
+  cleanupAndExit 1
+fi
 
 # Format a list of Pods based on the output of the config command
-FORMATTED_PODS=$( \
-  jq --raw-output --slurp 'map((.name + " (" + .version + ")")) | .[]' <<< "$( \
-    npx react-native config | \
-    jq '.dependencies[].platforms.ios.podspecPath | select( . != null )' | \
-    xargs -L 1 pod ipc spec --silent
-  )"
-)
+if ! FORMATTED_PODS=$( \
+  jq --raw-output --slurp 'map((.name + " (" + .version + ")")) | .[]' <<< "$(./.github/scripts/printPodspec.rb "${PODSPEC_PATHS[@]}")" \
+); then
+  error "Error: could not parse podspecs at paths parsed from react-native config"
+  cleanupAndExit 1
+fi
 
 # Check for uncommitted package removals
 # If they are listed in Podfile.lock but the directories don't exist they have been removed
 while read -r DIR; do
   if [[ ! -d "${DIR#../}" ]]; then
     error "Directory \`${DIR#../node_modules/}\` not found in node_modules. Did you forget to run \`npx pod-install\` after removing the package?"
-    EXIT_CODE=1
+    cleanupAndExit 1
   fi
 done <<< "$SPEC_DIRS"
 
 # Check for uncommitted package additions/updates
 while read -r POD; do
   if ! grep -q "$POD" ./ios/Podfile.lock; then
     error "$POD not found in Podfile.lock. Did you forget to run \`npx pod-install\`?"
-    EXIT_CODE=1
+    cleanupAndExit 1
   fi
 done <<< "$FORMATTED_PODS"
 
-if [[ "$EXIT_CODE" == 0 ]]; then
-  success "Podfile.lock is up to date."
-fi
-
-# Cleanup
-cd "$START_DIR" || exit 1
-
-exit $EXIT_CODE
+success "Podfile.lock is up to date."
+cleanupAndExit 0

.github/workflows/deploy.yml

@@ -14,7 +14,7 @@ jobs:
         with:
           ref: staging
           token: ${{ secrets.OS_BOTIFY_TOKEN }}
-          
+
       - name: Setup git for OSBotify
         uses: ./.github/actions/composite/setupGitForOSBotifyApp
         id: setupGitForOSBotify
@@ -65,9 +65,6 @@ jobs:
           PR_LIST: ${{ steps.getReleasePRList.outputs.PR_LIST }}
 
       - name: 🚀 Create release to trigger production deploy 🚀
-        uses: softprops/action-gh-release@affa18ef97bc9db20076945705aba8c516139abd
-        with:
-          tag_name: ${{ env.PRODUCTION_VERSION }}
-          body: ${{ steps.getReleaseBody.outputs.RELEASE_BODY }}
+        run: gh release create ${{ env.PRODUCTION_VERSION }} --notes ${{ steps.getReleaseBody.outputs.RELEASE_BODY }}
         env:
           GITHUB_TOKEN: ${{ steps.setupGitForOSBotify.outputs.OS_BOTIFY_API_TOKEN }}

.github/workflows/deployExpensifyHelp.yml

@@ -29,9 +29,12 @@ jobs:
     env:
       IS_PR_FROM_FORK: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork }}
     runs-on: ubuntu-latest
+    continue-on-error: true
     steps:
       - name: Checkout
         uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
 
       - name: Setup NodeJS
         uses: ./.github/actions/composite/setupNode
@@ -42,6 +45,9 @@ jobs:
       - name: Check for duplicates and cycles in redirects.csv
         run: ./.github/scripts/verifyRedirect.sh
 
+      - name: Enforce that a redirect link has been created
+        run: ./.github/scripts/enforceRedirect.sh
+
       - name: Build with Jekyll
         uses: actions/jekyll-build-pages@0143c158f4fa0c5dcd99499a5d00859d79f70b0e
         with:

.github/workflows/platformDeploy.yml

@@ -134,7 +134,7 @@ jobs:
     name: Build and deploy Desktop
     needs: validateActor
     if: ${{ fromJSON(needs.validateActor.outputs.IS_DEPLOYER) }}
-    runs-on: macos-13-large
+    runs-on: macos-14-large
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -352,16 +352,6 @@ jobs:
         env:
           CF_API_KEY: ${{ secrets.CLOUDFLARE_TOKEN }}
 
-  # Build a version of iOS and Android HybridApp if we are deploying to staging
-  hybridApp:
-    runs-on: ubuntu-latest
-    needs: validateActor
-    if: ${{ fromJSON(needs.validateActor.outputs.IS_DEPLOYER) }}
-    steps:
-      - name: 'Deploy HybridApp'
-        if: ${{ !fromJSON(env.SHOULD_DEPLOY_PRODUCTION) }}
-        uses: Expensify/Mobile-Deploy/.github/workflows/deploy.yml@main
-
   postSlackMessageOnFailure:
     name: Post a Slack message when any platform fails to build or deploy
     runs-on: ubuntu-latest
@@ -376,6 +366,17 @@ jobs:
         with:
           SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
 
+  # Build a version of iOS and Android HybridApp if we are deploying to staging
+  hybridApp:
+    runs-on: ubuntu-latest
+    needs: validateActor
+    if: ${{ fromJSON(needs.validateActor.outputs.IS_DEPLOYER) && github.event_name == 'push' }}
+    steps:
+      - name: 'Deploy HybridApp'
+        run: gh workflow run --repo Expensify/Mobile-Deploy deploy.yml -f force_build=true
+        env:
+            GITHUB_TOKEN: ${{ secrets.OS_BOTIFY_TOKEN }}
+
   postSlackMessageOnSuccess:
     name: Post a Slack message when all platforms deploy successfully
     runs-on: ubuntu-latest

.github/workflows/testBuild.yml

@@ -228,7 +228,7 @@ jobs:
     if: ${{ fromJSON(needs.validateActor.outputs.READY_TO_BUILD) }}
     env:
       PULL_REQUEST_NUMBER: ${{ github.event.number || github.event.inputs.PULL_REQUEST_NUMBER }}
-    runs-on: macos-13-large
+    runs-on: macos-14-large
     steps:
       - name: Checkout
         uses: actions/checkout@v4

.github/workflows/testGithubActionsWorkflows.yml

@@ -25,6 +25,13 @@ jobs:
       - name: Setup Homebrew
         uses: Homebrew/actions/setup-homebrew@master
 
+      - name: Login to GitHub Container Regstry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: OSBotify
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Install Act
         run: brew install act