diff --git a/.github/assets/github-badge.png b/.github/assets/github-badge.png
new file mode 100644
index 000000000..ef3207c95
Binary files /dev/null and b/.github/assets/github-badge.png differ
diff --git a/.github/assets/mastodon.svg b/.github/assets/mastodon.svg
new file mode 100644
index 000000000..e35204864
--- /dev/null
+++ b/.github/assets/mastodon.svg
@@ -0,0 +1,3 @@
+
diff --git a/.github/assets/twitter.svg b/.github/assets/twitter.svg
new file mode 100644
index 000000000..1fb6a5f11
--- /dev/null
+++ b/.github/assets/twitter.svg
@@ -0,0 +1,3 @@
+
diff --git a/.github/workflows/auth-crowdin.yml b/.github/workflows/auth-crowdin.yml
new file mode 100644
index 000000000..ea67dec7c
--- /dev/null
+++ b/.github/workflows/auth-crowdin.yml
@@ -0,0 +1,41 @@
+name: "Sync Crowdin translations (auth)"
+
+on:
+ push:
+ paths:
+ # Run action when auth's intl_en.arb is changed
+ - "mobile/lib/l10n/arb/app_en.arb"
+ # Or the workflow itself is changed
+ - ".github/workflows/auth-crowdin.yml"
+ branches: [main]
+ schedule:
+ # Run every 24 hours - https://crontab.guru/#0_*/24_*_*_*
+ - cron: "0 */24 * * *"
+ workflow_dispatch: # Allow manually running the action
+
+jobs:
+ synchronize-with-crowdin:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+
+ - name: Crowdin's action
+ uses: crowdin/github-action@v1
+ with:
+ base_path: "auth/"
+ config: "auth/crowdin.yml"
+ upload_sources: true
+ upload_translations: true
+ download_translations: true
+ localization_branch_name: crowdin-translations-auth
+ create_pull_request: true
+ skip_untranslated_strings: true
+ pull_request_title: "[auth] New translations"
+ pull_request_body: "New translations from [Crowdin](https://crowdin.com/project/ente-authenticator-app)"
+ pull_request_base_branch_name: "main"
+ project_id: 575169
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
diff --git a/.github/workflows/auth-lint.yml b/.github/workflows/auth-lint.yml
new file mode 100644
index 000000000..fff7fb75f
--- /dev/null
+++ b/.github/workflows/auth-lint.yml
@@ -0,0 +1,40 @@
+name: "Lint (auth)"
+
+on:
+ # Run on every push to branches (this also covers pull requests)
+ push:
+ # See: [Note: Specify branch when specifying a path filter]
+ branches: ["**"]
+ # Only run if something changes in these paths
+ paths:
+ - "auth/**"
+ - ".github/workflows/auth-lint.yml"
+
+env:
+ FLUTTER_VERSION: "3.16.9"
+
+jobs:
+ lint:
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ working-directory: auth
+ steps:
+ - name: Checkout code and submodules
+ uses: actions/checkout@v4
+ with:
+ submodules: recursive
+
+ - name: Install Flutter ${{ env.FLUTTER_VERSION }}
+ uses: subosito/flutter-action@v2
+ with:
+ channel: "stable"
+ flutter-version: ${{ env.FLUTTER_VERSION }}
+ cache: true
+
+ - run: flutter pub get
+
+ - run: flutter analyze --no-fatal-infos
+
+ - name: Verify custom icon JSON
+ run: cat assets/custom-icons/_data/custom-icons.json | jq empty
diff --git a/.github/workflows/auth-release.yml b/.github/workflows/auth-release.yml
new file mode 100644
index 000000000..0adaaca28
--- /dev/null
+++ b/.github/workflows/auth-release.yml
@@ -0,0 +1,291 @@
+name: "Release (auth)"
+
+# [Note: Testing release workflows that are triggered by tags]
+#
+# To test this out, push a tag with a pre-release version. The version number
+# should be the version number of the next actual release.
+#
+# > When major, minor, and patch are equal, a pre-release version has lower
+# > precedence than a normal version. Example: 1.0.0-alpha < 1.0.0.
+# > https://semver.org
+#
+# So if the next release we intend to put out is 1.2.3, you can:
+#
+# git tag auth-v1.2.3-test
+# git push origin auth-v1.2.3-test
+#
+# We use a suffix like `-test` to indicate that these are test tags, and that
+# they belong to a pre-release.
+#
+# If you need to do multiple tests, add a +x at the end of the tag. e.g.
+# `auth-v1.2.3-test+1`.
+#
+# Once the testing is done, also delete the tag(s) please.
+
+on:
+ push:
+ # Run when a tag matching the pattern "auth-v*"" is pushed
+ tags:
+ - "auth-v*"
+
+env:
+ FLUTTER_VERSION: "3.16.9"
+
+jobs:
+ build-ubuntu:
+ runs-on: ubuntu-latest
+
+ defaults:
+ run:
+ working-directory: auth
+
+ steps:
+ - name: Checkout code and submodules
+ uses: actions/checkout@v4
+ with:
+ submodules: recursive
+
+ - name: Install Flutter ${{ env.FLUTTER_VERSION }}
+ uses: subosito/flutter-action@v2
+ with:
+ channel: "stable"
+ flutter-version: ${{ env.FLUTTER_VERSION }}
+ cache: true
+
+ - name: Setup keys
+ uses: timheuer/base64-to-file@v1
+ with:
+ fileName: "keystore/ente_auth_key.jks"
+ encodedString: ${{ secrets.SIGNING_KEY }}
+
+ - name: Create artifacts directory
+ run: mkdir artifacts
+
+ - name: Build independent APK
+ run: |
+ flutter build apk --release --flavor independent --dart-define=app.flavor=independent
+ mv build/app/outputs/flutter-apk/app-independent-release.apk artifacts/ente-${{ github.ref_name }}.apk
+ env:
+ SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_auth_key.jks"
+ SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
+ SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }}
+ SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }}
+
+ - name: Build PlayStore AAB
+ run: |
+ flutter build appbundle --release --flavor playstore --dart-define=app.flavor=playstore
+ env:
+ SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_auth_key.jks"
+ SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
+ SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }}
+ SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }}
+
+ - name: Install dependencies for desktop build
+ run: |
+ sudo apt-get update -y
+ sudo apt-get install -y libsecret-1-dev libsodium-dev libwebkit2gtk-4.0-dev libfuse2 ninja-build libgtk-3-dev dpkg-dev pkg-config rpm libsqlite3-dev locate
+
+ - name: Install appimagetool
+ run: |
+ wget -O appimagetool "https://github.com/AppImage/AppImageKit/releases/download/continuous/appimagetool-x86_64.AppImage"
+ chmod +x appimagetool
+ mv appimagetool /usr/local/bin/
+
+ - name: Build desktop app
+ # Temporarily disable desktop builds
+ if: false
+ run: |
+ flutter config --enable-linux-desktop
+ dart pub global activate flutter_distributor
+ flutter_distributor package --platform=linux --targets=deb --skip-clean
+ flutter_distributor package --platform=linux --targets=rpm --skip-clean
+ flutter_distributor package --platform=linux --targets=appimage --skip-clean
+ mv dist/**/*-*-linux.deb artifacts/ente-${{ github.ref_name }}-x86_64.deb
+ mv dist/**/*-*-linux.rpm artifacts/ente-${{ github.ref_name }}-x86_64.rpm
+ mv dist/**/*-*-linux.AppImage artifacts/ente-${{ github.ref_name }}-x86_64.AppImage
+ env:
+ LIBSODIUM_USE_PKGCONFIG: 1
+
+ - name: Generate checksums
+ run: sha256sum artifacts/ente-* > artifacts/sha256sum
+
+ - name: Create a draft GitHub release
+ uses: ncipollo/release-action@v1
+ with:
+ artifacts: "auth/artifacts/*"
+ draft: true
+ allowUpdates: true
+ updateOnlyUnreleased: true
+
+ - name: Upload AAB to PlayStore
+ # Temporarily disable GP upload, enable this once desktop build
+ # testing is complete.
+ if: false
+ uses: r0adkll/upload-google-play@v1
+ with:
+ serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
+ packageName: io.ente.auth
+ releaseFiles: build/app/outputs/bundle/playstoreRelease/app-playstore-release.aab
+ track: internal
+
+ build-windows:
+ runs-on: windows-latest
+
+ defaults:
+ run:
+ working-directory: auth
+
+ steps:
+ - name: Checkout code and submodules
+ uses: actions/checkout@v4
+ with:
+ submodules: recursive
+
+ - name: Install Flutter ${{ env.FLUTTER_VERSION }}
+ uses: subosito/flutter-action@v2
+ with:
+ channel: "stable"
+ flutter-version: ${{ env.FLUTTER_VERSION }}
+ cache: true
+
+ - name: Create artifacts directory
+ run: mkdir artifacts
+
+ - name: Build Windows installer
+ # Temporarily disable desktop builds
+ if: false
+ run: |
+ flutter config --enable-windows-desktop
+ dart pub global activate flutter_distributor
+ make innoinstall
+ flutter_distributor package --platform=windows --targets=exe --skip-clean
+ mv dist/**/ente_auth-*-windows-setup.exe artifacts/ente-${{ github.ref_name }}-installer.exe
+
+ - name: Retain Windows EXE and DLLs
+ # Temporarily disable desktop builds
+ if: false
+ run: cp -r build/windows/x64/runner/Release ente-${{ github.ref_name }}-windows
+
+ - name: Code sign Windows installer and EXE
+ # Temporarily disable desktop builds
+ if: false
+ uses: dlemstra/code-sign-action@v1
+ with:
+ certificate: "${{ secrets.WINDOWS_CERTIFICATE }}"
+ password: "${{ secrets.WINDOWS_CERTIFICATE_PASSWORD }}"
+ files: |
+ auth/artifacts/ente-${{ github.ref_name }}-installer.exe
+ auth/ente-${{ github.ref_name }}-windows/auth.exe
+
+ - name: Zip Windows EXE and DLLs
+ # Temporarily disable desktop builds
+ if: false
+ run: tar.exe -a -c -f auth/artifacts/ente-${{ github.ref_name }}-windows.zip auth/ente-${{ github.ref_name }}-windows
+
+ - name: Create a draft GitHub release
+ uses: ncipollo/release-action@v1
+ with:
+ artifacts: "auth/artifacts/*"
+ draft: true
+ allowUpdates: true
+ updateOnlyUnreleased: true
+
+ build-macos:
+ runs-on: macos-13 # latest is 12
+
+ defaults:
+ run:
+ working-directory: auth
+
+ steps:
+ - name: Checkout code and submodules
+ uses: actions/checkout@v4
+ with:
+ submodules: recursive
+
+ - name: Install Flutter ${{ env.FLUTTER_VERSION }}
+ uses: subosito/flutter-action@v2
+ with:
+ channel: "stable"
+ flutter-version: ${{ env.FLUTTER_VERSION }}
+ cache: true
+
+ - name: Install code signing dependencies
+ run: |
+ pip3 install codemagic-cli-tools
+
+ - name: Add provisioning profiles
+ run: |
+ PROFILES_HOME="$HOME/Library/MobileDevice/Provisioning Profiles"
+ mkdir -p "$PROFILES_HOME"
+ PROFILE_PATH="$(mktemp "$PROFILES_HOME"/$(uuidgen).provisionprofile)"
+ echo ${CM_PROVISIONING_PROFILE} | base64 --decode > "$PROFILE_PATH"
+ echo "Saved provisioning profile $PROFILE_PATH"
+ env:
+ CM_PROVISIONING_PROFILE: ${{ secrets.MAC_OS_BUILD_PROVISION_PROFILE_BASE64 }}
+
+ - name: Add certificates
+ run: |
+ # create variables
+ CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
+
+ # copy certificates from base64
+ echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode -o $CERTIFICATE_PATH
+
+ # add certificate to keychain
+ keychain initialize
+ keychain add-certificates --certificate $CERTIFICATE_PATH --certificate-password $P12_PASSWORD
+
+ # Use profile in current project
+ xcode-project use-profiles --project=macos/**/*.xcodeproj
+ env:
+ BUILD_CERTIFICATE_BASE64: ${{ secrets.MAC_OS_CERTIFICATE }}
+ P12_PASSWORD: ${{ secrets.MAC_OS_CERTIFICATE_PASSWORD }}
+
+ - name: Install build dependencies
+ run: |
+ python3 -m pip install setuptools
+ npm install -g appdmg
+
+ - name: Create artifacts directory
+ run: mkdir artifacts
+
+ - name: Build macOS DMG
+ # Temporarily disable desktop builds
+ if: false
+ run: |
+ flutter config --enable-macos-desktop
+ dart pub global activate flutter_distributor
+ flutter_distributor package --platform=macos --targets=dmg --skip-clean
+ mv dist/**/ente_auth-*-macos.dmg artifacts/ente-${{ github.ref_name }}.dmg
+
+ - name: Code sign DMG
+ # Temporarily disable desktop builds
+ if: false
+ run: |
+ CERT_NAME=$(security find-identity -v -p codesigning | grep "Developer ID Application" | awk -F'"' '{print $2}' | grep -m1 "")
+ codesign --force --timestamp --sign "$CERT_NAME" --options runtime artifacts/ente-${{ github.ref_name }}.dmg
+ codesign --verify --verbose=4 artifacts/ente-${{ github.ref_name }}.dmg
+
+ - name: Notarize and staple DMG
+ # Temporarily disable desktop builds
+ if: false
+ run: |
+ xcrun notarytool submit artifacts/ente-${{ github.ref_name }}.dmg \
+ --wait \
+ --apple-id $APPLE_ID \
+ --password $APPLE_PASSWORD \
+ --team-id $APPLE_TEAM_ID
+ xcrun stapler staple artifacts/ente-${{ github.ref_name }}.dmg
+ env:
+ APPLE_ID: ${{ secrets.APPLE_ID }}
+ APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
+ APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
+
+ - name: Create a draft GitHub release
+ uses: ncipollo/release-action@v1
+ with:
+ artifacts: "auth/artifacts/*"
+ draft: true
+ allowUpdates: true
+ updateOnlyUnreleased: true
diff --git a/.github/workflows/cli-release.yml b/.github/workflows/cli-release.yml
new file mode 100644
index 000000000..dabfc8dcf
--- /dev/null
+++ b/.github/workflows/cli-release.yml
@@ -0,0 +1,51 @@
+name: "Release (cli)"
+
+on:
+ push:
+ # Run when a tag matching the pattern "cli-v*"" is pushed
+ #
+ # Tip: to test this workflow, push at tag with a pre-release version,
+ # e.g. `cli-v1.2.3-test`, where 1.2.3 is the expected version number of
+ # the next release that'll go out.
+ #
+ # See: [Note: Testing release workflows that are triggered by tags]
+ tags:
+ - "cli-v*"
+
+jobs:
+ draft-release:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Create a draft GitHub release
+ uses: ncipollo/release-action@v1
+ with:
+ draft: true
+
+ build:
+ runs-on: ubuntu-latest
+ needs: draft-release
+
+ strategy:
+ matrix:
+ goos: [linux, windows, darwin]
+ goarch: ["386", amd64, arm64]
+ exclude:
+ - goarch: "386"
+ goos: darwin
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Build binaries and add to the release
+ uses: wangyoucao577/go-release-action@v1
+ with:
+ github_token: ${{ secrets.GITHUB_TOKEN }}
+ goos: ${{ matrix.goos }}
+ goarch: ${{ matrix.goarch }}
+ asset_name: ente-${{ github.ref_name }}-${{ matrix.goos }}-${{ matrix.goarch }}
+ release_name: ${{ github.ref_name }}
+ goversion: "1.20"
+ project_path: "./cli"
+ md5sum: false
+ sha256sum: true
diff --git a/.github/workflows/mobile-crowdin.yml b/.github/workflows/mobile-crowdin.yml
new file mode 100644
index 000000000..dbd978745
--- /dev/null
+++ b/.github/workflows/mobile-crowdin.yml
@@ -0,0 +1,41 @@
+name: "Sync Crowdin translations (mobile)"
+
+on:
+ push:
+ paths:
+ # Run action when mobiles's intl_en.arb is changed
+ - "mobile/lib/l10n/intl_en.arb"
+ # Or the workflow itself is changed
+ - ".github/workflows/mobile-crowdin.yml"
+ branches: [main]
+ schedule:
+ # Run every 24 hours - https://crontab.guru/#0_*/24_*_*_*
+ - cron: "0 */24 * * *"
+ workflow_dispatch: # Allow manually running the action
+
+jobs:
+ synchronize-with-crowdin:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+
+ - name: Crowdin's action
+ uses: crowdin/github-action@v1
+ with:
+ base_path: "mobile/"
+ config: "mobile/crowdin.yml"
+ upload_sources: true
+ upload_translations: true
+ download_translations: true
+ localization_branch_name: crowdin-translations-mobile
+ create_pull_request: true
+ skip_untranslated_strings: true
+ pull_request_title: "[mobile] New translations"
+ pull_request_body: "New translations from [Crowdin](https://crowdin.com/project/ente-photos-app)"
+ pull_request_base_branch_name: "main"
+ project_id: 574741
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
diff --git a/.github/workflows/mobile-lint.yml b/.github/workflows/mobile-lint.yml
new file mode 100644
index 000000000..c2e54d38a
--- /dev/null
+++ b/.github/workflows/mobile-lint.yml
@@ -0,0 +1,37 @@
+name: "Lint (mobile)"
+
+on:
+ # Run on every push (this also covers pull requests)
+ push:
+ # See: [Note: Specify branch when specifying a path filter]
+ branches: ["**"]
+ # Only run if something changes in these paths
+ paths:
+ - "mobile/**"
+ - ".github/workflows/mobile-lint.yml"
+
+env:
+ FLUTTER_VERSION: "3.13.4"
+
+jobs:
+ lint:
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ working-directory: mobile
+ steps:
+ - name: Checkout code and submodules
+ uses: actions/checkout@v4
+ with:
+ submodules: recursive
+
+ - name: Install Flutter ${{ env.FLUTTER_VERSION }}
+ uses: subosito/flutter-action@v2
+ with:
+ channel: "stable"
+ flutter-version: ${{ env.FLUTTER_VERSION }}
+ cache: true
+
+ - run: flutter pub get
+
+ - run: flutter analyze --no-fatal-infos
diff --git a/.github/workflows/mobile-release.yml b/.github/workflows/mobile-release.yml
new file mode 100644
index 000000000..3868da64a
--- /dev/null
+++ b/.github/workflows/mobile-release.yml
@@ -0,0 +1,56 @@
+name: "Release (photos independent)"
+
+on:
+ workflow_dispatch: # Allow manually running the action
+ push:
+ # Run when a tag matching the pattern "photos-v*"" is pushed
+ # See: [Note: Testing release workflows that are triggered by tags]
+ tags:
+ - "photos-v*"
+
+env:
+ FLUTTER_VERSION: "3.13.4"
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+
+ defaults:
+ run:
+ working-directory: mobile
+
+ steps:
+ - name: Checkout code and submodules
+ uses: actions/checkout@v4
+ with:
+ submodules: recursive
+
+ - name: Install Flutter ${{ env.FLUTTER_VERSION }}
+ uses: subosito/flutter-action@v2
+ with:
+ channel: "stable"
+ flutter-version: ${{ env.FLUTTER_VERSION }}
+ cache: true
+
+ - name: Setup keys
+ uses: timheuer/base64-to-file@v1
+ with:
+ fileName: "keystore/ente_photos_key.jks"
+ encodedString: ${{ secrets.SIGNING_KEY_PHOTOS }}
+
+ - name: Build independent APK
+ run: flutter build apk --release --flavor independent && mv build/app/outputs/flutter-apk/app-independent-release.apk build/app/outputs/flutter-apk/ente.apk
+ env:
+ SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_photos_key.jks"
+ SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS_PHOTOS }}
+ SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD_PHOTOS }}
+ SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD_PHOTOS }}
+
+ - name: Checksum
+ run: sha256sum build/app/outputs/flutter-apk/ente.apk > build/app/outputs/flutter-apk/sha256sum
+
+ - name: Create a draft GitHub release
+ uses: ncipollo/release-action@v1
+ with:
+ artifacts: "mobile/build/app/outputs/flutter-apk/ente.apk,mobile/build/app/outputs/flutter-apk/sha256sum"
+ draft: true
diff --git a/.github/workflows/server-lint.yml b/.github/workflows/server-lint.yml
new file mode 100644
index 000000000..e23036a6e
--- /dev/null
+++ b/.github/workflows/server-lint.yml
@@ -0,0 +1,33 @@
+name: "Lint (server)"
+
+on:
+ # Run on every push (this also covers pull requests)
+ push:
+ # See: [Note: Specify branch when specifying a path filter]
+ branches: ["**"]
+ # Only run if something changes in these paths
+ paths:
+ - "server/**"
+ - ".github/workflows/server-lint.yml"
+
+jobs:
+ lint:
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ working-directory: server
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Setup go
+ uses: actions/setup-go@v5
+ with:
+ go-version-file: "server/go.mod"
+ cache: true
+
+ - name: Install dependencies
+ run: sudo apt-get update && sudo apt-get install libsodium-dev
+
+ - name: Lint
+ run: "./scripts/lint.sh"
diff --git a/server/.github/workflows/prod-ci.yml b/.github/workflows/server-release.yml
similarity index 70%
rename from server/.github/workflows/prod-ci.yml
rename to .github/workflows/server-release.yml
index 791e5218c..8f0281951 100644
--- a/server/.github/workflows/prod-ci.yml
+++ b/.github/workflows/server-release.yml
@@ -1,16 +1,10 @@
-name: Prod CI
+name: "Release (server)"
on:
- workflow_dispatch:
- # Enable manual run
- push:
- # Sequence of patterns matched against refs/tags
- tags:
- - "v*" # Push events to matching v*, i.e. v4.2.0
+ workflow_dispatch: # Run manually
jobs:
build:
- # This job will run on ubuntu virtual machine
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
@@ -19,6 +13,8 @@ jobs:
- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & Push
with:
+ dockerfile: server/Dockerfile
+ directory: server
image: ente/museum-prod
registry: rg.fr-par.scw.cloud
enableBuildKit: true
diff --git a/.github/workflows/web-crowdin.yml b/.github/workflows/web-crowdin.yml
new file mode 100644
index 000000000..b55aad55d
--- /dev/null
+++ b/.github/workflows/web-crowdin.yml
@@ -0,0 +1,41 @@
+name: "Sync Crowdin translations (web)"
+
+on:
+ push:
+ paths:
+ # Run action when web's en-US/translation.json is changed
+ - "web/apps/photos/public/locales/en-US/translation.json"
+ # Or the workflow itself is changed
+ - ".github/workflows/web-crowdin.yml"
+ branches: [main]
+ schedule:
+ # Run every 24 hours - https://crontab.guru/#0_*/24_*_*_*
+ - cron: "0 */24 * * *"
+ workflow_dispatch: # Allow manually running the action
+
+jobs:
+ synchronize-with-crowdin:
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+
+ - name: Crowdin's action
+ uses: crowdin/github-action@v1
+ with:
+ base_path: "web/"
+ config: "web/crowdin.yml"
+ upload_sources: true
+ upload_translations: true
+ download_translations: true
+ localization_branch_name: crowdin-translations-web
+ create_pull_request: true
+ skip_untranslated_strings: true
+ pull_request_title: "[web] New translations"
+ pull_request_body: "New translations from [Crowdin](https://crowdin.com/project/ente-photos-web)"
+ pull_request_base_branch_name: "main"
+ project_id: 569613
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
diff --git a/.github/workflows/web-lint.yml b/.github/workflows/web-lint.yml
new file mode 100644
index 000000000..a905069f6
--- /dev/null
+++ b/.github/workflows/web-lint.yml
@@ -0,0 +1,41 @@
+name: "Lint (web)"
+
+on:
+ # Run on every push (this also covers pull requests)
+ push:
+ # [Note: Specify branch when specifying a path filter]
+ #
+ # Path filters are ignored for tag pushes, which causes this workflow to
+ # always run when we push a tag. Defining an explicit branch solves the
+ # issue. From GitHub's docs:
+ #
+ # > if you define both branches/branches-ignore and paths/paths-ignore,
+ # > the workflow will only run when both filters are satisfied.
+ #
+ # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
+ branches: ["**"]
+ # Only run if something changes in these paths
+ paths:
+ - "web/**"
+ - ".github/workflows/web-lint.yml"
+
+jobs:
+ lint:
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ working-directory: web
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Setup node and enable yarn caching
+ uses: actions/setup-node@v4
+ with:
+ node-version: 20
+ cache: "yarn"
+ cache-dependency-path: "web/yarn.lock"
+
+ - run: yarn install
+
+ - run: yarn lint
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 0ab286d34..22fb8ba19 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -42,7 +42,7 @@ projects to get started:
If your language is not listed for translation, please [create a GitHub
-issue](https://github.com/ente-io/ente/issues/new?title=Request+for+New+Language+Translation&body=Language+name%3A)
+issue](https://github.com/ente-io/ente/issues/new?title=Request+for+New+Language+Translation&body=Language+name%3A+%0AProject%3A+auth%2Fphotos%2Fboth)
to have it added. It is okay to have partial translations. Once ~90% of the
strings in a language get translated, we will start surfacing it in the apps.
@@ -63,8 +63,9 @@ If you'd like to contribute code, it is best to start small.
Each of the individual product/platform specific directories in this repository
have instructions on setting up a dev environment and making changes. The issues
-labelled "good first issues" should be good starting points. Once you have a
-bearing, you can head on to issues labelled "help wanted".
+and discussions (feature requests) labelled "good first issues" should be good
+starting points. Once you have a bearing, you can head on to issues or
+discussions labelled "help wanted".
If you're planning on adding a new feature or making any other substantial
change, please [discuss it with
diff --git a/README.md b/README.md
index de870e301..e99a53e86 100644
--- a/README.md
+++ b/README.md
@@ -70,6 +70,7 @@ existing users will be grandfathered in.
[
](https://apps.apple.com/app/id6444121398)
[
](https://play.google.com/store/apps/details?id=io.ente.auth)
[
](https://f-droid.org/packages/io.ente.auth/)
+[
](https://github.com/ente-io/ente/releases?q=tag%3Av2.0.34&expanded=true)
[
](https://auth.ente.io)
@@ -98,6 +99,8 @@ connect with the community.
[](https://discord.gg/z2YVKkycX3)
[](https://ente.io/blog/rss.xml)
+[](https://twitter.com/enteio) [](https://mstdn.social/@ente)
+
---
## Security
diff --git a/auth/.github/workflows/ci.yml b/auth/.github/workflows/ci.yml
deleted file mode 100644
index 3ceae8071..000000000
--- a/auth/.github/workflows/ci.yml
+++ /dev/null
@@ -1,86 +0,0 @@
-name: release
-
-# This workflow is triggered on pushes to the repository.
-on:
- workflow_dispatch:
- # Enable manual run
- push:
- # Sequence of patterns matched against refs/tags
- tags:
- - "v*" # Push events to matching v*, i.e. v4.2.0
-
-jobs:
- build:
- # This job will run on ubuntu virtual machine
- runs-on: ubuntu-latest
- steps:
- # Setup Java environment in order to build the Android app.
- - uses: actions/checkout@v2
- - uses: actions/setup-java@v2
- with:
- distribution: "adopt"
- java-version: "11"
-
- # Setup the flutter environment.
- - uses: subosito/flutter-action@v2
- with:
- channel: "stable"
- flutter-version: "3.13.4"
-
- # Fetch sub modules
- - run: git submodule update --init --recursive
-
- # Get flutter dependencies.
- - run: flutter pub get
-
- - name: Setup keys
- uses: timheuer/base64-to-file@v1
- with:
- fileName: "keystore/ente_auth_key.jks"
- encodedString: ${{ secrets.SIGNING_KEY }}
-
- # Build independent apk.
- - name: Build
- run: flutter build apk --release --flavor independent --dart-define=app.flavor=independent && mv build/app/outputs/flutter-apk/app-independent-release.apk build/app/outputs/flutter-apk/ente-auth.apk
- env:
- SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_auth_key.jks"
- SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
- SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }}
- SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }}
-
- # Build Play store aab.
- - name: Build
- run: flutter build appbundle --release --flavor playstore --dart-define=app.flavor=playstore
- env:
- SIGNING_KEY_PATH: "/home/runner/work/_temp/keystore/ente_auth_key.jks"
- SIGNING_KEY_ALIAS: ${{ secrets.SIGNING_KEY_ALIAS }}
- SIGNING_KEY_PASSWORD: ${{ secrets.SIGNING_KEY_PASSWORD }}
- SIGNING_STORE_PASSWORD: ${{ secrets.SIGNING_STORE_PASSWORD }}
-
- - name: Checksum
- run: sha256sum build/app/outputs/flutter-apk/ente-auth.apk > build/app/outputs/flutter-apk/sha256sum
-
- # Upload generated apk to the artifacts.
- - uses: actions/upload-artifact@v2
- with:
- name: release-apk
- path: build/app/outputs/flutter-apk/ente-auth.apk
-
- - uses: actions/upload-artifact@v2
- with:
- name: release-checksum
- path: build/app/outputs/flutter-apk/sha256sum
-
- # Create a Github release
- - uses: ncipollo/release-action@v1
- with:
- artifacts: "build/app/outputs/flutter-apk/ente-auth.apk,build/app/outputs/flutter-apk/sha256sum"
- token: ${{ secrets.GITHUB_TOKEN }}
-
- # Upload to Play store
- - uses: ente-io/upload-google-play@v1
- with:
- serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
- packageName: io.ente.auth
- releaseFiles: build/app/outputs/bundle/playstoreRelease/app-playstore-release.aab
- track: internal
diff --git a/auth/.github/workflows/desktop.yml b/auth/.github/workflows/desktop.yml
deleted file mode 100644
index 71a7edcd4..000000000
--- a/auth/.github/workflows/desktop.yml
+++ /dev/null
@@ -1,12 +0,0 @@
-name: desktop build
-
-on:
- workflow_dispatch:
-
-jobs:
- build-linux:
- name: Linux
- runs-on: ubuntu-20.04
-
- steps:
- - uses: actions/checkout@v2
diff --git a/auth/.github/workflows/l18n-crowdin.yml b/auth/.github/workflows/l18n-crowdin.yml
deleted file mode 100644
index bdfd83096..000000000
--- a/auth/.github/workflows/l18n-crowdin.yml
+++ /dev/null
@@ -1,35 +0,0 @@
-name: Sync crowdin translation
-
-on:
- push:
- paths: # run action automatically when app_en.arb file is changed
- - 'lib/l10n/arb/app_en.arb'
- branches: [ main ]
- schedule:
- - cron: '0 */12 * * *' # Every 12 hours - https://crontab.guru/#0_*/12_*_*_*
- workflow_dispatch: # for manually running the action
-
-jobs:
- synchronize-with-crowdin:
- runs-on: ubuntu-latest
-
- steps:
- - name: Checkout
- uses: actions/checkout@v3
-
- - name: crowdin action
- uses: crowdin/github-action@v1
- with:
- upload_sources: true
- upload_translations: true
- download_translations: true
- localization_branch_name: l10n_translations
- create_pull_request: true
- skip_untranslated_strings: true
- pull_request_title: 'New Translations'
- pull_request_body: 'New translations via [Crowdin GH Action](https://github.com/crowdin/github-action)'
- pull_request_base_branch_name: 'main'
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- CROWDIN_PROJECT_ID: ${{ secrets.CROWDIN_PROJECT_ID }}
- CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}
\ No newline at end of file
diff --git a/auth/android/app/build.gradle b/auth/android/app/build.gradle
index 7462f4d36..916e3b3c9 100644
--- a/auth/android/app/build.gradle
+++ b/auth/android/app/build.gradle
@@ -56,11 +56,11 @@ android {
signingConfigs {
release {
- storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : file(System.getenv("SIGNING_KEY_PATH"))
- keyAlias keystoreProperties['keyAlias'] ? keystoreProperties['keyAlias'] : System.getenv("SIGNING_KEY_ALIAS")
- keyPassword keystoreProperties['keyPassword'] ? keystoreProperties['keyPassword'] : System.getenv("SIGNING_KEY_PASSWORD")
- storePassword keystoreProperties['storePassword'] ? keystoreProperties['storePassword'] : System.getenv("SIGNING_STORE_PASSWORD")
- }
+ storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : System.getenv("SIGNING_KEY_PATH") ? file(System.getenv("SIGNING_KEY_PATH")) : null
+ keyAlias keystoreProperties['keyAlias'] ? keystoreProperties['keyAlias'] : System.getenv("SIGNING_KEY_ALIAS")
+ keyPassword keystoreProperties['keyPassword'] ? keystoreProperties['keyPassword'] : System.getenv("SIGNING_KEY_PASSWORD")
+ storePassword keystoreProperties['storePassword'] ? keystoreProperties['storePassword'] : System.getenv("SIGNING_STORE_PASSWORD")
+ }
}
flavorDimensions "default"
diff --git a/auth/android/app/src/main/AndroidManifest.xml b/auth/android/app/src/main/AndroidManifest.xml
index f2f1146ec..abe72b565 100644
--- a/auth/android/app/src/main/AndroidManifest.xml
+++ b/auth/android/app/src/main/AndroidManifest.xml
@@ -35,6 +35,13 @@
+
+
+
+
+
+
+