✒ A self-hosted, cross-platform service to sign iOS apps using any CI as a builder

iOS Signer Service

A self-hosted, cross-platform service to sign iOS apps using any CI as a builder

Introduction

There are many reasons to install apps outside the App Store. Unfortunately, this process is severely hindered by Apple and unrealistic for the average user. You need a better way to get things done.

Introducing ios-signer-service - a self-hosted, cross-platform service to sign iOS apps and install them on your device, all without a computer.

The setup consists of two parts:

  • This web service, which runs on a server with any operating system/architecture, and exposes a website where you can upload apps for signing. The website is the only place a user interacts with.
  • A macOS builder server, which the web service uses to perform the actual signing. The builder requirements are minimal, so any API-enabled Continuous Integration (CI) service, such as GitHub Actions, can be used.

More information and examples can be found in the installation section.

Disclaimer

This project is self-hosted; there is no public service. It does not provide any alternative catalog of apps. It does not give you free signing certificates, or circumvent any protective measures - you must have a valid signing certificate and provisioning profile. This project does not provide, promote, or support any form of piracy. This project is aimed solely at people who want to install homebrew apps on their device, much like the popular AltStore.

Features

  • No jailbreak required
  • All iOS versions supported
  • No computer required (apart from server to host the service)
  • Works with most CI providers, even for free
  • Minimalistic, mobile-friendly web interface
  • Upload unsigned apps, download signed apps
  • Install signed apps from the website straight to your iOS device via OTA
  • Choose from multiple signing profiles
  • Configure various properties of the signing process
  • Periodic old file cleanup

Screenshots

Mobile Desktop

Installation

Requirements

  • Web service server
    • All major operating systems and architectures are supported
    • Tested on a Raspberry Pi
  • Builder server, such as a CI like GitHub Actions, that:
    • Runs macOS
    • Supports workflow triggers via API
  • Valid code signing profile:
    • Certificate with key (.p12 file)
    • Provisioning profile (.mobileprovision file)

Builder

ios-signer-service offloads the signing process to a dedicated macOS builder. This step is necessary because signing is only officially supported on a macOS system. While third-party cross-platform alternatives exist, they are not as stable or quick to update as the official solution.

However, you don't need to own a Mac! In fact, you don't even need to pay anything. GitHub Actions, Semaphore CI, and some other CI providers give you free monthly allowance to use a macOS VM and build your projects. In this case, you will be using them to sign your apps.

An implementation for GitHub Actions and Semaphore CI can be found at ios-signer-ci. To host it, simply fork the repo and follow its README.

You can always use another CI provider, or even your own machine, given it supports remote workflow triggers over API. You will see the requirements in the configuration section below.

Web Service

ios-signer-service (this project) is a web service that you install on any server. The service exposes a web interface which allows the user to upload unsigned app files and have them signed using any of the configured signing profiles.

The easiest way to get the service is by downloading the pre-compiled binaries from the releases.

You can also use the official Docker image, but make sure to configure it properly:

  • Mount the configuration file to your host, so you can edit it after it's generated. The file's location in the container is just under the root directory: /signer-cfg.yml.
  • Mount the directory that you will use for the app's data. By default, the location in the container is: /data. You can set this path using the save_dir property in the configuration file.

The default port used by the service is 8080. You can override this by running the service with an argument -port 1234, where "1234" is your desired port. You can see a description of these arguments and more via -help.

ios-signer-service is not designed to run by itself - it does not offer encryption (HTTPS) or global authentication. This is a huge security issue, and OTA installations will not work! Instead, you have two options:

  • Reverse proxy (recommended)

    Run a reverse proxy like nginx, which wraps the service with HTTPS and authentication. You will need a valid HTTPS certificate (self-signed won't work with OTA due to Apple restriction), which means that you will also need a domain. While this setup is more involved, it is the industry-standard way to deploy any web application. It is also the most unrestricted, reliable and secure method by far.

    You must leave a few endpoints non-authenticated, as they are used by OTA and the builder. Don't worry, they are secured by long ids and/or the workflow key:

    /apps/:id/
    /jobs
    /jobs/:id
    

    (where :id is a wildcard parameter)

  • ngrok

    If you are just testing or can't afford the option above, you can also use ngrok. It offers a free plan that allows you to create a publicly accessible tunnel to your service, conveniently wrapped in ngrok's valid HTTPS certificate. Note that the free plan has a limit of 40 connections per minute, and the URLs change every time you restart ngrok, so you will have to remember to update them.

    To use ngrok, install the program, then just run the following command:

    ngrok http -inspect=false 8080

    You will get two URLs - make sure to always use the HTTPS one, both when configuring and when using the service. Also, make sure to enable basic_auth in the configuration below, or anybody could access your service.

When you run the service for the first time, it will exit immediately and generate a configuration file, signer-cfg.yml. Take your time to read through it and set it appropriately - the default's won't work!

An explanation of the settings:

# the builder's signing workflow
workflow:
  # an API endpoint that will trigger a run of the signing workflow
  trigger:
    # your builder's trigger url
    url: https://api.github.com/repos/foo/bar/actions/workflows/sign.yml/dispatches
    # data to send with the trigger request
    body: '{"ref":"master"}'
    # headers to send with the trigger request
    headers:
      # usually you'll add the CI's token here
      Authorization: Token MY_TOKEN
      # either json or form
      Content-Type: application/json
    # whether to attempt http2 or stick to http1
    # set to false if using Semaphore CI
    attempt_http2: true
  # a url that will be open when you click on "Status" in the website while a sign job is running
  status_url: https://github.com/foo/bar/actions/workflows/sign.yml
  # a key that you make up, which will be used by the builder to communicate with the service
  # make sure it is long and secure!
  key: MY_SUPER_LONG_SECRET_KEY
# the public address of your server, used to build URLs for the website and builder
# must be valid HTTPS or OTA won't work!
server_url: https://mywebsite.com
# where to save data like apps and signing profiles
save_dir: data
# apps older than this time will be deleted when a cleanup job is run
cleanup_mins: 10080
# how often does the cleanup job run
cleanup_interval_mins: 30
# protects the web ui with a username and password
# this does not overlap with the "workflow.key" protection
basic_auth:
  enable: false
  username: ""
  password: ""

Depending on your builder provider, the workflow section will vary. Here are examples of the most popular CI providers:

GitHub Actions

workflow:
  trigger:
    url: https://api.github.com/repos/YOUR_PROFILE/ios-signer-ci/actions/workflows/sign.yml/dispatches
    body: '{"ref":"master"}'
    headers:
      Authorization: Token YOUR_TOKEN
      Content-Type: application/json
    attempt_http2: true
  status_url: https://github.com/YOUR_PROFILE/ios-signer-ci/actions/workflows/sign.yml

Semaphore CI

workflow:
  trigger:
    url: https://YOUR_PROFILE.semaphoreci.com/api/v1alpha/plumber-workflows
    body: project_id=YOUR_PROJECT_ID&reference=refs/heads/master
    headers:
      Authorization: Token YOUR_TOKEN
      Content-Type: application/x-www-form-urlencoded
    attempt_http2: false
  status_url: https://YOUR_PROFILE.semaphoreci.com/projects/ios-signer-ci

Inside the save_dir directory from your configuration ("data" by default), you need to add at least one code signing profile. The structure is as follows:

data
|____profiles
| |____PROFILE_ID              # any unique string that you want
| | |____cert.p12              # the signing certificate
| | |____pass.txt              # the signing certificate's password
| | |____name.txt              # a name to show in the web interface
| | |____prov.mobileprovision  # the signing provisioning profile
| |____OTHER_PROFILE_ID
| | |____...

When an app is uploaded to the service for signing, a signing job is generated and stored in memory. The service then triggers the builder using the configured workflow trigger API. The builder will query the available jobs from the service using the /jobs endpoint, and download the most recent job's data. This data is a simple TAR file which contains all the necessary signing files. When the builder is finished, it will upload the signed file to the service using a "return id" found within the archive.

Frequently Asked Questions (F.A.Q.)

  • How do you export the certificate and key?

    On your Mac, open the Keychain app. There you will find your certificate (1) and private key (2). Select them by holding Command, then right-click (3) and select Export 2 items... (4). This will export you the .p12 file you need.

  • How can I debug a failing builder?

    Edit the sign.sh file in your builder's repo and remove the output suppression from the failing line. Usually this will be the xresign.sh call, so:

    ./xresign.sh ...  >/dev/null 2>&1

    Becomes:

    ./xresign.sh ...

    Next time you run a build, the logs will give you full details that you can use to resolve your issue. The reason that the output suppression is there in the first place is to prevent leaks of potentially sensitive information about your certificates and apps.

  • What kind of certificates/provisioning profiles are supported?

    Technically, everything is supported as long as your iOS device trusts it. This includes free signing profiles, but of course, they expire after a week. The only major difference between signing profiles is based on the provisioning profile's application-identifier. There are two types:

    • Wildcard, with app id = TEAM_ID.*

      • Can properly sign any app (TEAM_ID.app1, TEAM_ID.app2, ...)
      • Can't use special entitlements such as app groups (Apple restriction)
    • Explicit, with app id = TEAM_ID.app1

      • Can properly sign only one app (TEAM_ID.app1)
      • Can use any entitlement as long as it's in the provisioning profile
      • If you properly sign multiple apps with the same profile, only one of the apps can be installed on your device at a time. This is because their bundle ids will be identical and the apps will replace each other.
      • It is possible to improperly sign apps with an explicit profile by keeping their original bundle ids even if they don't match the profile's app id. For an example, with an app id TEAM_ID.app1, you could sign the apps TEAM_ID.app2 and TEAM_ID.app3. This way, you can have multiple apps installed at the same time, and they will run, but all of their entitlements will be broken, including file importing.
  • App runs, but malfunctions due to invalid signing/entitlements

    First, make sure you are signing the app correctly and not breaking the entitlements. Read the section just above.

    If that doesn't help, you need to figure out what entitlements the app requires. unc0ver 6.0.2 and DolphiniOS emulator need the app debugging (get-task-allow) entitlement. Make sure you are using a signing profile with get-task-allow=true in its provisioning profile. Also, when you upload such an app to this service, make sure to tick the Enable app debugging option. Since this is a potential security issue, it will be disabled by default unless you tick the box.

  • "This app cannot be installed because its integrity could not be verified."

    This error means that the signing process went terribly wrong. To debug the problem, install libimobiledevice (for Windows: imobiledevice-net). Download the problematic signed app from your service to your computer, and then attempt to install it on your iOS device:

    ideviceinstaller -i app.ipa

    You can also use -u YOUR_UDID -n to run this command over the network. When the installation finishes, you should see a more detailed error. Please create an issue here on GitHub and upload the unsigned app along with the detailed error from above so this can be fixed.

License

This project and all of its unlicensed dependencies under the SignTools organization are licensed under AGPL-3.0. A copy of the license can be found here. Raise an issue if you are interested in exclusive licensing.

Owner
Signing tools for your greatest iOS desires
null
Comments
  • GitHub Actions CI troubleshooting

    GitHub Actions CI troubleshooting

    Hi again. I have another issue where GitHub Actions cannot sign my .iPA file. It says

    /Users/runner/work/_temp/39df6836-3324-44f5-8d3f-c6d7d3fbe509.sh: line 1: ./sign.sh: No such file or directory
    Error: Process completed with exit code 1."
    

    Here's the screenshot: Screenshot 2021-03-03 at 21 17 17 Also, sorry for asking too much help. I love your project.

  • iSH killed by iOS due to high CPU usage when installing app

    iSH killed by iOS due to high CPU usage when installing app

    This only happens sometimes, likely with bigger files, and it could be attributed to either an out of memory error, or failure to emulate an instruction on ISH's side. More debugging is required.

  • Archiving app fails every time

    Archiving app fails every time

    I tried basic troubleshooting first

    Describe the bug

    Signing job errors out when archiving.

    Expected behavior

    Signing job successfully finishes.

    Logs

    Signing
    Obtaining provisioning profile...
    Archiving app...
    xcode_archive errored, retrying
    xcode_archive errored, retrying
    xcode_archive errored, retrying
    Traceback (most recent call last):
      File "/Users/runner/work/SignTools-CI/SignTools-CI/util.py", line 27, in run_process
        result = subprocess.run(cmd, capture_output=capture, check=check, env=env, cwd=cwd, timeout=timeout)
      File "/usr/local/Cellar/[email protected]/3.9.13_1/Frameworks/Python.framework/Versions/3.9/lib/python3.9/subprocess.py", line 528, in run
        raise CalledProcessError(retcode, process.args,
    subprocess.CalledProcessError: Command '('xcodebuild', '-allowProvisioningUpdates', '-project', '/private/var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpac__o323/SimpleApp/SimpleApp.xcodeproj', '-scheme', 'SimpleApp', 'clean', 'archive', '-archivePath', '/private/var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpac__o323/SimpleApp/archive.xcarchive')' returned non-zero exit status 65.
    
    The above exception was the direct cause of the following exception:
    
    Traceback (most recent call last):
      File "/Users/runner/work/SignTools-CI/SignTools-CI/sign.py", line 388, in <module>
        run()
      File "/Users/runner/work/SignTools-CI/SignTools-CI/sign.py", line 337, in run
        Signer(
      File "/Users/runner/work/SignTools-CI/SignTools-CI/xsign.py", line 620, in sign
        jobs[component] = self.__sign_primary(component, tmpdir, data)
      File "/Users/runner/work/SignTools-CI/SignTools-CI/xsign.py", line 284, in __sign_primary
        xcode_archive(simple_app_proj, "SimpleApp", archive)
      File "/Users/runner/work/SignTools-CI/SignTools-CI/xsign.py", line 68, in xcode_archive
        return exec_retry("xcode_archive", lambda: _xcode_archive(project_dir, scheme_name, archive))
      File "/Users/runner/work/SignTools-CI/SignTools-CI/xsign.py", line 61, in exec_retry
        raise last_error
      File "/Users/runner/work/SignTools-CI/SignTools-CI/xsign.py", line 53, in exec_retry
        return func()
      File "/Users/runner/work/SignTools-CI/SignTools-CI/xsign.py", line 68, in <lambda>
        return exec_retry("xcode_archive", lambda: _xcode_archive(project_dir, scheme_name, archive))
      File "/Users/runner/work/SignTools-CI/SignTools-CI/xsign.py", line 74, in _xcode_archive
        return run_process(
      File "/Users/runner/work/SignTools-CI/SignTools-CI/util.py", line 29, in run_process
        raise (
    Exception: {'stdout': 'Command line invocation:\n    /Applications/Xcode_12.5.1.app/Contents/Developer/usr/bin/xcodebuild -allowProvisioningUpdates -project /private/var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpac__o323/SimpleApp/SimpleApp.xcodeproj -scheme SimpleApp clean archive -archivePath /private/var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpac__o323/SimpleApp/archive.xcarchive\n\nUser defaults from command line:\n    IDEArchivePathOverride = /private/var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpac__o323/SimpleApp/archive.xcarchive\n    IDEPackageSupportUseBuiltinSCM = YES\n\nnote: Using new build system\nnote: Building targets in parallel\nnote: Build preparation complete\n\n** CLEAN SUCCEEDED **\n\nnote: Using new build system\nnote: Building targets in parallel\nnote: Planning build\nnote: Analyzing workspace\nnote: Constructing build description\nnote: Build preparation complete\nerror: No account for team "9FS5C6BF2T". Add a new account in the Accounts preference pane or verify that your accounts have valid credentials. (in target \'SimpleApp\' from project \'SimpleApp\')\nerror: No profiles for \'mv8.pb5v6x3.bf5o8bzx.ShareExtension\' were found: Xcode couldn\'t find any iOS App Development provisioning profiles matching \'mv8.pb5v6x3.bf5o8bzx.ShareExtension\'. (in target \'SimpleApp\' from project \'SimpleApp\')', 'stderr': '2022-06-02 14:27:27.751 xcodebuild[3128:18335] CFURLRequestSetHTTPCookieStorageAcceptPolicy_block_invoke: no longer implemented and should not be called\n** ARCHIVE FAILED **'}
    ==============================================
    Uploading screenshot...
      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                     Dload  Upload   Total   Spent    Left  Speed
    
      0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
      0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
    100 1170k    0   133  100 1170k    117  1033k  0:00:01  0:00:01 --:--:-- 1036k
    
    100 1170k    0   133  100 1170k    117  1033k  0:00:01  0:00:01 --:--:-- 1036k
    =========================
    
    Uploaded 1 file, 1 198 934 bytes
    
    wget https://bashupload.com/7DL8Z/test.jpg
    
    =========================
    
    ==============================================
    Cleaning up...
    Error: Process completed with exit code 1.
    

    System configuration

    • SignTools version: 2.5.16
    • Installation type: server
    • Builder type: SignTools-CI
    • Builder version: Commit https://github.com/SignTools/SignTools-CI/commit/2f3ffe4d8c4f2602af31de063081f1e2c2874193

    Additional context

    I feel like I'm doing something wrong but I don't know what. The error log mentions a team/missing account.

  • Error: Process completed with exit code 1

    Error: Process completed with exit code 1

    Hello, i have an dev accout but i cant sign my apps

    What is the problem?

    Run ./sign.sh Obtaining files... Creating keychain... Importing certificate... 1.2.840.113635.100.1.61 Signing... Usage: xresign.sh -i APP_PATH -c CERT_NAME [-epbdas ...]

    -i path to input app to sign -c Common Name of signing certificate in Keychain -e new entitlements to use for app (Optional) -p path to mobile provisioning file (Optional) -b new bundle id (Optional) -d enable app debugging (get-task-allow) (Optional) -a force enable support for all devices (Optional) -s force enable file sharing through iTunes (Optional) -n set bundle id to mobile provisioning app id (Optional) -w write bundle id to file (Optional) Error: Process completed with exit code 1.

  • Install not work with reverse proxy (nginx)

    Install not work with reverse proxy (nginx)

    I tried basic troubleshooting first

    Describe the bug

    ios 16, trying to sign app and install, signed succesfully through github ci, after clicking on install on the web through iphone, "installation starting, expect a pop up prompt" page comes up, but then a pop up comes up: "open this site in "itunes" ?" (cancel/open) and after that nothing happens.

    To reproduce

    Steps to reproduce the behavior:

    see above

    Expected behavior

    installation pop up if the ipa should be installed - but does not show.

    System configuration

    • SignTools version: [e.g. 2.1.1] 2.6.0
    • Installation type: [heroku, computer, phone; nginx, ngrok, cloudflared] phone, nginx
    • Builder type: [SignTools-CI, SignTools-Builder] signtools-ci
    • Builder version: [e.g. 1.0.0 for SignTools-Builder; the latest commi t hash of your repo for SignTools-CI, e.g. 03e0ed9] newest, freshly built.
  • How do you use an Apple developer Distribution certificate?

    How do you use an Apple developer Distribution certificate?

    Hi, I hope you can help me. I set up the ios-signer-service on Heroku as per instructions. Under PROFILE_CERT_BASE64 I pasted the base64 for my Apple developer Distribution certificate (as I want to enable various entitlements such as push notifications) and pasted the cert password in PROFILE_CERT_PASS. Is this the correct way to use my Apple Distribution certificate?

    When I try to sign an IPA I get this error: error: Revoke certificate: Your account already has an Apple Development signing certificate for this machine, but its private key is not installed in your keychain. Xcode can create a new one after revoking your existing certificate. (in target 'SimpleApp' from project 'SimpleApp')\nerror: No signing certificate "iOS Development" found: No "iOS Development" signing certificate matching team ID "SOMETEAMID" with a private key was found.

    Any idea what I might be doing wrong?

    Thank you!

  • Error 500 - no profile with id <name of ID>

    Error 500 - no profile with id

    Hi,

    I'm trying to upload an IPA into the web interface, after a couple of seconds, the web interface redirects to /apps and displays {"message":"Internal Server Error"}.

    My docker log is: {"time":"2021-03-04T07:18:15.894553187Z","id":"","remote_ip":"123.123.123.123","host":"https://mywebsite.ld","method":"POST","uri":"/apps","user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 11_2_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36","status":500,"error":"no profile with id 123","latency":371580849,"latency_human":"371.580849ms","bytes_in":58524658,"bytes_out":36}.

    Any better way to debug this ?

    Best regards.

  • github action failed with

    github action failed with "no development certificate found"

    I tried basic troubleshooting first

    Describe the bug I deployed signtool app via signTool-CI builder on heroku few minutes ago. When app execute, I can see that the job name "sign" is failed under "github action" with the following log, where I've provided developer certificate and apple account credential to use for profile import during app deployment on heroku. there is no error in app on heroku but github action failed with "no developer certificate found".

    Logs 21 (node:2347) MaxListenersExceededWarning: Possible EventEmitter memory leak detected. 11 error listeners added to [WriteStream]. Use emitter.setMaxListeners() to increase limit 22 (Use node --trace-warnings ... to show where the warning was created) 23 Download finished! 24 Traceback (most recent call last): 25 File "/Users/runner/work/signtoolios/signtoolios/./sign.py", line 1173, in 26 run() 27 File "/Users/runner/work/signtoolios/signtoolios/./sign.py", line 1081, in run 28 raise Exception("No development certificate found, aborting.") 29 Exception: No development certificate found, aborting.

  • A successfully built/signed ipa won't install

    A successfully built/signed ipa won't install

    Hi,

    I followed the instructions and currently running the web service on a Windows 10 machine with Github Actions as the builder with a developer account (provision + certificate). The build completed successfully and the file is made available for install/download.

    image

    But when I click the Install button nothing happens. No prompt, no install, nothing new on the iPhone's homepage. The browsers I tried were Safari and Chrome, both the same result.

    This is what I see in the web service console every time I press the Install button: {"time":"2021-04-07T08:51:21.8639162-04:00","id":"","remote_ip":"xx.xx.xx.xx","host":"my-private-url.trycloudflare.com","method":"GET","uri":"/apps/1df97ec4-9f61-4a58-acb9-bd4cb8293fab/manifest","user_agent":"com.apple.appstored/1.0 iOS/14.4.2 model/iPhone13,1 hwp/t8101 build/18D70 (6; dt:228) AMS/1","status":200,"error":"","latency":1394200,"latency_human":"1.3942ms","bytes_in":0,"bytes_out":1238}

    Any idea why it wouldn't install?

    Thank you!

    BTW I didn't mean to add the "bug" label. This could very well be a setup/user issue :) and not a "bug".

  • Github SignTools-CI error in signing process.

    Github SignTools-CI error in signing process.

    I tried basic troubleshooting first

    Bug description

    An error "connect ETIMEDOUT 152.X.X.X:443" (X for privacy) occurs during the signing process of the GitHub action. I'm using a docker container of SignTools and a nginx reverse proxy to expose the container on a custom subdomain (https://sign.example.com). I'm able to access the web server to upload and rename the IPAs. Since I also have other web servers on this machine the proxy to the container is only accessible through the domain. Trying to access the web server directly via the IP address will not work and the server will not respond. The server_url on my signer-cfg.yml if correct (https://sign.example.com). Is it possible that ./sign.py tries to access the web server directly via the IP address?

    Logs

    SignTools-CI GitHub action:

    sudo xcode-select -s /Applications/Xcode_13.2.1.app ./sign.py shell: /bin/bash -e {0} env: SECRET_URL: *** SECRET_KEY: ***

    connect ETIMEDOUT 152.X.X.X:443 Initializing dependencies... Traceback (most recent call last): File "/Users/runner/work/SignTools-CI/SignTools-CI/./sign.py", line 42, in run_process Downloading job files... result = subprocess.run(cmd, capture_output=capture, check=check, env=env, cwd=cwd, timeout=timeout) File "/usr/local/Cellar/[email protected]/3.10.6_1/Frameworks/Python.framework/Versions/3.10/lib/python3.10/subprocess.py", line 524, in run raise CalledProcessError(retcode, process.args, subprocess.CalledProcessError: Command '('node', 'node-utils/download.js', '***/jobs', '***', 'job.tar')' returned non-zero exit status 3.

    The above exception was the direct cause of the following exception:

    Traceback (most recent call last): File "/Users/runner/work/SignTools-CI/SignTools-CI/./sign.py", line 1155, in node_download(secret_url + "/jobs", job_archive, capture=False) File "/Users/runner/work/SignTools-CI/SignTools-CI/./sign.py", line 131, in node_download return run_process( File "/Users/runner/work/SignTools-CI/SignTools-CI/./sign.py", line 44, in run_process raise ( Exception: {'stdout': '', 'stderr': ''} Error: Process completed with exit code 1.

    System configuration

    • SignTools version: Docker latest
    • Installation type: docker, nginx
    • Builder type: SignTools-CI,
    • Builder version: SignTools-CI 4550595
  • Invalid or unsupported format for signature

    Invalid or unsupported format for signature

    I tried basic troubleshooting first

    Describe the bug

    Can't sign Rocket for Instagram due to an invalid format.

    Logs

    Initializing dependencies...
    Obtaining files...
    Download finished!
    Creating keychain...
    Using distribution certificate
    Using developer account
    Logging in (1/2)...
    Logging in (2/2)...
    If you receive a two-factor authentication (2FA) code, please submit it to the web service.
    Logged in!
    Extracting app...
    Signing...
    Using encoded original bundle id
    Preparing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/Rocket.dylib
    Preparing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/RIPass.dylib
    Preparing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/Hackogram.dylib
    Preparing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/libsubstrate.dylib
    Preparing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/FBSharedFramework.framework
    Preparing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/CydiaSubstrate.framework
    Preparing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/IGPyTorchFramework.framework
    Preparing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app
    Original entitlements:
    {
        "application-identifier": "CLX8X3P664.com.fab.lighthouse",
        "aps-environment": "production",
        "com.apple.developer.icloud-container-development-container-identifiers": [
            "iCloud.com.fab.lighthouse"
        ],
        "com.apple.developer.icloud-container-environment": [
            "Production",
            "Development"
        ],
        "com.apple.developer.icloud-container-identifiers": [
            "iCloud.com.fab.lighthouse"
        ],
        "com.apple.developer.icloud-services": "*",
        "com.apple.developer.team-identifier": "CLX8X3P664",
        "com.apple.developer.ubiquity-container-identifiers": [
            "iCloud.com.fab.lighthouse"
        ],
        "com.apple.developer.ubiquity-kvstore-identifier": "CLX8X3P664.*",
        "get-task-allow": false,
        "keychain-access-groups": [
            "CLX8X3P664.*",
            "com.apple.token"
        ]
    }
    ID mappings:
    {
        "CLX8X3P664": "2P5L2S79SV",
        "iCloud.com.fab.lighthouse": "iCloud.s0j.2dg.atgsizuuji"
    }
    Removed entitlements:
    [
        "application-identifier",
        "com.apple.developer.team-identifier"
    ]
    Processing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/Rocket.dylib
    Applying patches...
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/Rocket.dylib
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/Rocket.dylib
    Signing
    Signing with original entitlements
    Processing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/RIPass.dylib
    Applying patches...
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/RIPass.dylib
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/RIPass.dylib
    Signing
    Signing with original entitlements
    Processing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/Hackogram.dylib
    Applying patches...
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/Hackogram.dylib
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/Hackogram.dylib
    Signing
    Signing with original entitlements
    Processing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/libsubstrate.dylib
    Applying patches...
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/libsubstrate.dylib
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/libsubstrate.dylib
    Signing
    Signing with original entitlements
    Processing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/FBSharedFramework.framework
    Applying patches...
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/FBSharedFramework.framework/FBSharedFramework
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/FBSharedFramework.framework/FBSharedFramework
    Signing
    Signing with original entitlements
    Processing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/CydiaSubstrate.framework
    Applying patches...
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/CydiaSubstrate.framework/CydiaSubstrate
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/CydiaSubstrate.framework/CydiaSubstrate
    Signing
    Signing with original entitlements
    Processing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/IGPyTorchFramework.framework
    Applying patches...
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/IGPyTorchFramework.framework/IGPyTorchFramework
    Patching /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/IGPyTorchFramework.framework/IGPyTorchFramework
    Signing
    Signing with original entitlements
    Processing component /var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app
    Traceback (most recent call last):
      File "/Users/runner/work/SignTools-CI/SignTools-CI/sign.py", line 388, in <module>
        run()
      File "/Users/runner/work/SignTools-CI/SignTools-CI/sign.py", line 337, in run
        Signer(
      File "/Users/runner/work/SignTools-CI/SignTools-CI/xsign.py", line 588, in sign
        popen_check(pipe)
      File "/Users/runner/work/SignTools-CI/SignTools-CI/xsign.py", line 134, in popen_check
        raise Exception(data)
    Exception: {'message': "['/usr/bin/codesign', '--continue', '-f', '--no-strict', '-s', 'Apple Distribution', '/var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/Rocket.dylib'] failed with status code 1", 'stdout': '', 'stderr': '/var/folders/24/8k48jl6d249_n_qfxwsl6xvm0000gn/T/tmpo6n8fcra/Payload/Instagram.app/Frameworks/Rocket.dylib: invalid or unsupported format for signature'}
    ==============================================
    Uploading screenshot...
      % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                     Dload  Upload   Total   Spent    Left  Speed
    
      0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
     16 1171k    0     0   16  192k      0   333k  0:00:03 --:--:--  0:00:03  335k
    
    100 1171k    0   133  100 1171k    119  1054k  0:00:01  0:00:01 --:--:-- 1057k
    =========================
    
    Uploaded 1 file, 1 199 173 bytes
    
    wget https://bashupload.com/CFhVA/test.jpg
    
    =========================
    
    ==============================================
    Cleaning up...
    Error: Process completed with exit code 1.
    

    System configuration

    • SignTools version: latest
    • Installation type: computer
    • Builder type: SignTools-CI
    • Builder version: latest commit

    Additional context

    I'm able to sign other apps, it's just this one that doesn't work. I'm trying to resign it to enable push notifications on Rocket. Do you know if this is strictly because of the app or if it's a bug?

  • fix(deps): bump actions/checkout from 3.0.2 to 3.3.0

    fix(deps): bump actions/checkout from 3.0.2 to 3.3.0

    Bumps actions/checkout from 3.0.2 to 3.3.0.

    Release notes

    Sourced from actions/checkout's releases.

    v3.3.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3.2.0...v3.3.0

    v3.2.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3.1.0...v3.2.0

    v3.1.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3.0.2...v3.1.0

    Changelog

    Sourced from actions/checkout's changelog.

    Changelog

    v3.1.0

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • fix(deps): bump github.com/knadh/koanf from 1.4.3 to 1.4.5

    fix(deps): bump github.com/knadh/koanf from 1.4.3 to 1.4.5

    Bumps github.com/knadh/koanf from 1.4.3 to 1.4.5.

    Release notes

    Sourced from github.com/knadh/koanf's releases.

    v1.4.4

    What's Changed

    New Contributors

    Full Changelog: https://github.com/knadh/koanf/compare/v1.4.3...v1.4.4

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • fix(deps): bump github.com/labstack/echo/v4 from 4.9.0 to 4.10.0

    fix(deps): bump github.com/labstack/echo/v4 from 4.9.0 to 4.10.0

    Bumps github.com/labstack/echo/v4 from 4.9.0 to 4.10.0.

    Release notes

    Sourced from github.com/labstack/echo/v4's releases.

    v4.10.0

    Security

    • We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

      JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

    • This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

      Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

    Enhancements

    • Bump x/text to 0.3.8 #2305
    • Bump dependencies and add notes about Go releases we support #2336
    • Add helper interface for ProxyBalancer interface #2316
    • Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
    • Refactor func(Context) error to HandlerFunc #2315
    • Improve function comments #2329
    • Add new method HTTPError.WithInternal #2340
    • Replace io/ioutil package usages #2342
    • Add staticcheck to CI flow #2343
    • Replace relative path determination from proprietary to std #2345
    • Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For header) #2182
    • Add testcases for some BodyLimit middleware configuration options #2350
    • Additional configuration options for RequestLogger and Logger middleware #2341
    • Add route to request log #2162
    • GitHub Workflows security hardening #2358
    • Add govulncheck to CI and bump dependencies #2362
    • Fix rate limiter docs #2366
    • Refactor how e.Routes() work and introduce e.OnAddRouteHandler callback #2337

    v4.9.1

    Fixes

    • Fix logger panicing (when template is set to empty) by bumping dependency version #2295

    Enhancements

    • Improve CORS documentation #2272
    • Update readme about supported Go versions #2291
    • Tests: improve error handling on closing body #2254
    • Tests: refactor some of the assertions in tests #2275
    • Tests: refactor assertions #2301
    Changelog

    Sourced from github.com/labstack/echo/v4's changelog.

    v4.10.0 - 2022-12-27

    Security

    • We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

      JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

    • This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

      Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

    Enhancements

    • Bump x/text to 0.3.8 #2305
    • Bump dependencies and add notes about Go releases we support #2336
    • Add helper interface for ProxyBalancer interface #2316
    • Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
    • Refactor func(Context) error to HandlerFunc #2315
    • Improve function comments #2329
    • Add new method HTTPError.WithInternal #2340
    • Replace io/ioutil package usages #2342
    • Add staticcheck to CI flow #2343
    • Replace relative path determination from proprietary to std #2345
    • Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For header) #2182
    • Add testcases for some BodyLimit middleware configuration options #2350
    • Additional configuration options for RequestLogger and Logger middleware #2341
    • Add route to request log #2162
    • GitHub Workflows security hardening #2358
    • Add govulncheck to CI and bump dependencies #2362
    • Fix rate limiter docs #2366
    • Refactor how e.Routes() work and introduce e.OnAddRouteHandler callback #2337

    v4.9.1 - 2022-10-12

    Fixes

    • Fix logger panicing (when template is set to empty) by bumping dependency version #2295

    Enhancements

    • Improve CORS documentation #2272
    • Update readme about supported Go versions #2291
    • Tests: improve error handling on closing body #2254
    • Tests: refactor some of the assertions in tests #2275
    • Tests: refactor assertions #2301
    Commits
    • f36d566 Changelog for 4.10.0
    • a69727e Mark JWT middleware deprecated
    • 0056cc8 Improve comments wording
    • 45402bb Add echo.OnAddRouteHandler field. As name says - this handler is called when ...
    • f1cf1ec Fix adding route with host overwrites default host route with same method+pat...
    • 895121d Fix rate limiter docs (#2366)
    • abecadc Merge pull request #2362 from aldas/add_govulncheck_2_ci
    • bc75cc2 Add govulncheck to CI and bump dependencies. Refactor GitHub workflows.
    • 40eb889 build: harden echo.yml permissions
    • 135c511 Add request route with "route" tag to logger middleware (#2162)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • fix(deps): bump golang from 1.19.1-alpine to 1.19.4-alpine

    fix(deps): bump golang from 1.19.1-alpine to 1.19.4-alpine

    Bumps golang from 1.19.1-alpine to 1.19.4-alpine.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • fix(deps): bump alpine from 3.16.2 to 3.17.0

    fix(deps): bump alpine from 3.16.2 to 3.17.0

    Bumps alpine from 3.16.2 to 3.17.0.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Build Go applications for IOS
Build Go applications for IOS

go-build-for-ios Build Go applications for IOS This repository contains a PoC that lets you build any Go application for IOS platform. Cross-compilati

Jul 18, 2022
Design, compile and deploy your own Endlesss soundpacks with rapid iteration in Studio and iOS
Design, compile and deploy your own Endlesss soundpacks with rapid iteration in Studio and iOS

Squonker is a tool for building and installing your own custom Endlesss instruments.

Dec 28, 2021
Get and summarize iOS app reviews.

ceraxus Get and summarize iOS app reviews. Docker Version > docker --version Docker version 20.10.8, build 3967b7d > docker-compose --version docker-

May 3, 2022
sign Apple’s mobileconfig file to solve the ‘unsigned’ problem
sign Apple’s mobileconfig file to solve the ‘unsigned’ problem

amcs(apple mobile config signature) sign Apple’s mobileconfig file to solve the ‘unsigned’ problem the project rely openssl https://github.com/openssl

Nov 25, 2022
A produtivity tool built in go for cross platform use

This application is meant to implement some productivity tools in a way that could be easily used in a bunch of different environments. It will be easy to use and allow the user to easily hack it and modify it for their own use.

Nov 20, 2021
A compact, cross-platform scanner that scans ports and recognizes fingerprints.

portscan A compact, cross-platform scanner that scans ports and recognizes fingerprints. Usage: Usage of ./portscan: -H headers request headers

Apr 4, 2022
Purpose-built security agent for hosted runners
Purpose-built security agent for hosted runners

Step Security Agent Purpose-built security agent for hosted runners To pilot it, add the following code to your GitHub Actions workflow file as the fi

Nov 12, 2022
Sep 26, 2022
Build awesome Golang desktop apps and beautiful interfaces with Vue.js, React.js, Framework 7, and more...
Build awesome Golang desktop apps and beautiful interfaces with Vue.js, React.js, Framework 7, and more...

Guark Guark allows you to build beautiful user interfaces using modern web technologies such as Vue.js, React.js..., while your app logic handled and

Jan 1, 2023
A fully self-contained Nmap like parallel port scanning module in pure Golang that supports SYN-ACK (Silent Scans)

gomap What is gomap? Gomap is a fully self-contained nmap like module for Golang. Unlike other projects which provide nmap C bindings or rely on other

Dec 10, 2022
Product Analytics, Business Intelligence, and Product Management in a fully self-contained box
Product Analytics, Business Intelligence, and Product Management in a fully self-contained box

Engauge Concept It's not pretty but it's functional. Track user interactions in your apps and products in real-time and see the corresponding stats in

Nov 17, 2021
Generate self-signed, trusted certificates for local development.

Development Certificates Generator devcert takes away the pain of creating self-signed certificates for development manually. Usage $ devcert my-proje

Dec 13, 2022
Implementations of the Coconut signing scheme, cross-compatible between Rust and Go.

Coconut Coconut [paper] is a distributed cryptographic signing scheme providing a high degree of privacy for its users. You can find an overview of ho

Dec 9, 2022
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal

Easy and Powerful TLS Automation The same library used by the Caddy Web Server Caddy's automagic TLS features—now for your own Go programs—in one powe

Jan 6, 2023
"I do" stops interactive command if there is any potential risky pattern

Description ido (I do) executes your shell command provided as its input, but it may wait for you to confirm when there is some potential risky patter

Jan 2, 2023
Gryffin is a large scale web security scanning platform.

Gryffin (beta) Gryffin is a large scale web security scanning platform. It is not yet another scanner. It was written to solve two specific problems w

Dec 27, 2022
Package for controlling the Windows firewall (aka Windows Filtering Platform, WFP)

wf What This is a package for controlling the Windows Filtering Platform (WFP), also known as the Windows firewall. See its docs: https://godoc.org/in

Dec 6, 2022
A web-based testing platform for WAF (Web Application Firewall)'s correctness

WAFLab ?? WAFLab is a web-based platform for testing WAFs. Live Demo https://waflab.org/ Architecture WAFLab contains 2 parts: Name Description Langua

Oct 25, 2022