Summary: If Flipper server is not running, the offline landing site will offer an option to start it by trying to open 'start-server' under the `flipper-launcher://` scheme.
Reviewed By: mweststrate
Differential Revision: D45950872
fbshipit-source-id: 0d4e22c8474413e914c3c7b4fc9154ae628a8b42
Summary:
Until now, launching flipper-server with TCP would accept any incoming connection as long as it comes from the same origin (localhost) using web socket host origin verification.
This is not entirely secure as origin can be spoofed with tools like curl.
Our team created a security review and a proposal was written:
https://docs.google.com/document/d/16iXypCQibPiner061SoaQUFUY9tLVAEpkKfV_hUXI7c/
Effectively, Flipper can generate a token which is then used by the client to authenticate.
This diff contains the changes required to generate, obtain, and validate authentication tokens from clients connecting to flipper over TCP connections.
The token itself is a JWT token. JWT was chosen because it is a simple industry standard which offers three features which can immediately benefit us:
- Expiration handling. No need for Flipper to store this information anywhere.
- Payload. Payload can be used to push any data we deem relevant i.e. unix username.
- Signing. Signed and verified using the same server key pair which is already in place for certificate exchange.
Additionally, the token is stored in the Flipper static folder. This ensures that the browser and PWA clients have access to it.
Reviewed By: mweststrate
Differential Revision: D45179654
fbshipit-source-id: 6761bcb24f4ba30b67d1511cde8fe875158d78af
Summary:
The plugin is inteded to record intents being dispatched and handled
Current version is pretty simple and just records the intents correctly handled by IG app only (for now, integration is simple enough to add to FB, too)
Plugin prints the data associated with the target
Differential Revision: D43494264
fbshipit-source-id: 3e3cd41ade1d083990d15b3c2eb815db157c7163
Summary: Combining a bunch of individual tasks for dep upgrades into one diff.
Reviewed By: ivanmisuno
Differential Revision: D42706074
fbshipit-source-id: 054b2545ad1295699f47f4c6eb5065b7b9a1d6a0
Summary: As part of BE, this diff creates the initial Flipper plugin for VR Call Hub using `scarf flipper-plugin` from the tutorial https://www.internalfb.com/intern/staticdocs/flipper/docs/tutorial/intro/
Differential Revision: D42146201
fbshipit-source-id: 8bc52184b21b2e47304f694068d11fd962b07b9d
Summary: If there are no attributes for a given section, display a 'No data available' message rather than having an empty panel.
Reviewed By: antonk52
Differential Revision: D41400252
fbshipit-source-id: 0337702f638b9b917e6b3be5962838d2eb15c20d
Summary:
^
This laids the foundation for the inspector. It just reorganises a few bits.
Reviewed By: LukeDefeo
Differential Revision: D40319611
fbshipit-source-id: 8cf9b151c631faa1f26a7a6dfaa86b01abc42fe5
Summary:
We would like to version control Flipper and some of our custom plugins that are installed on developers' systems.
Flipper by default prompts users to upgrade so they sometimes do the update and then all our custom plugins break because they were compiled for an older version.
See https://github.com/facebook/flipper/issues/3947 for feature request info.
## Changelog
Adds notifyAvailable flag to config.json to disable prompting for users that "an update is available"
Pull Request resolved: https://github.com/facebook/flipper/pull/3992
Test Plan:
Tested by running locally.
Had to comment out the isProduction() check to confirm this it worked properly because this flag is false on dev versions.
Couldn't figure out how to manually test the handleOpenPluginDeeplink.tsx change but made a similar change there; happy to test that if you can tell me how to exercise that path.
Reviewed By: antonk52
Differential Revision: D39654481
Pulled By: antonk52
fbshipit-source-id: cef6b48d870915c48f620269c42d24b8ef1f4c29
Summary:
This is mainly an RFC version (happy to land it as a seed for a plugin that can be used to debug and/or control status) the plan is to have the following:
- One place to track the full life-cycle of status.
- Control and visualize playback and state.
- Troubleshoot errors and details of a given status (e.g. media links, evets, latencies .. etc).
Differential Revision: D38123193
fbshipit-source-id: 49229d604434d575d6aaddc818064598e7ccee92
Summary: Relay message to the React app via postmessage. Later, we will subscribe to these messages and update the plugins
Reviewed By: lblasa
Differential Revision: D39539590
fbshipit-source-id: c6742e45330e71b63c135c0267e6e9c5817fc9ff
Summary:
Scaffolded desktop UI for UI debugger
I changed getroot from an rpc call to an event sent on connect. The root should never change as its the application object.
Reviewed By: lblasa
Differential Revision: D38866008
fbshipit-source-id: ca0f1908bedb643238f11ed796922e3359619167
Summary:
After the upgrade to Electron in `92cdb81`, the reload functionality no
longer works. I believe this is due to the main menu creation being
moved to the main process where the `window` global variable is undefined
(whereas previously it was on the render process, where `window` would
be defined). Rather than rely on the `window` global, when a reload is
requested just reload the given `focusedWindow`.
Similarly, zooming was also broken, so fix that by going through `focusedWindow` rather than `webFrame` (since `webFrame` only exists in the render process).
Fixes https://github.com/facebook/flipper/issues/3839, https://github.com/facebook/flipper/issues/3820
## Changelog
changelog: Fixed reload & zoom in Flipper Desktop application.
Pull Request resolved: https://github.com/facebook/flipper/pull/3840
Test Plan: Built the application locally, verified that reload worked as expected (and would reload the application), verified that zooming (in, out, actual size) worked as expected.
Reviewed By: passy
Differential Revision: D38784319
Pulled By: mweststrate
fbshipit-source-id: c219063a8aaf42425678c2c8824f6fcde1cadd52
Summary:
This diff updates the Flipper plugin for UIQR+DDR to upsell people to use `arc uiqr` on the "Upload and Get Link" tab. At the moment I'm not showing the upsell on the "Upload Screens to Diff" tab since this functionality isn't really supported through `arc uiqr` yet.
The upsell uses localstorage to maintain its open/close state so it will show up by default but will be permanently dismissed (unless localstorage is cleared somehow :) ).
NOTE: I hacked out this UI using some existing reusable UIQR Flipper components and some extra styling for the background, but definitely open to feedback on the UI!
Differential Revision: D38232117
fbshipit-source-id: e1745e32974bd9e750bbbaaa2f47bafdd0ac87eb
Summary:
This avoids from having a constantly bouncing icon in a dock
and will just move it to the background.
Changelog: Flipper Server Mac App no longer bounces in Dock
Reviewed By: lblasa
Differential Revision: D37417459
fbshipit-source-id: e87b0b7191fe7e93a9b1a27bdc82a84e92248dc7
Summary:
This diff adds a check to ensure the user is logged in.
If they are not, we show an error message until the user logs in.
This will resolve the many posts we get about this such as https://fb.workplace.com/groups/208584557077075/posts/724180735517452/
Reviewed By: nscoding
Differential Revision: D37329064
fbshipit-source-id: efd416f07a0aae73c5e6c47f231419637b3df323
Summary: This allows using `--no-open`, etc. in a server context.
Reviewed By: lblasa
Differential Revision: D37246490
fbshipit-source-id: 4af75ed049d5523d83277a670cab2aaa3dfbc8c3
Summary: Added JS side of plugin to be displayed in the local Flipper Desktop app
Differential Revision: D36985721
fbshipit-source-id: f9d3cc28e418e95283c572fed4d40dbecfd2f236
Summary:
This is a completely meaningless change *but* it actually has an important
semantic meaning. I recently changed the `+x` bit to be set on the node binary
while bundling which is not always true when packing on Linux.
However, we don't consider permission bits as part of the checksums we build,
which means you will always get the previous version until we update the node version
or this very script because it's part of the same bundle.
So let's just ship this "update".
Reviewed By: mweststrate
Differential Revision: D36954703
fbshipit-source-id: 2d89cb1ee2e7bcce125c3f9efc9d8d39101ac133
Summary:
CHANGELOG: Upgrade electron to 18.2.0.
In Electron 18.2.0 we no longer have access to `remote`. Instead, we are recommended to implement IPC communications. We re-implement `remote` methods used before as IPC commands. To support type-safe execution of the commands, we create electron IPC clients on both sides: the main process and renderer process. We also move the main menu creation to the main process and track its usage via sending IPC messages to the renderer process where the logging happens.
Reviewed By: mweststrate
Differential Revision: D36593625
fbshipit-source-id: 6dcf531461ef2edceb9cac372a650f84f3370953
Summary:
Bumps [ws](https://github.com/websockets/ws) from 8.5.0 to 8.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/websockets/ws/releases">ws's releases</a>.</em></p>
<blockquote>
<h2>8.6.0</h2>
<h1>Features</h1>
<ul>
<li>Add the ability to remove confidential headers on a per-redirect basis (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/2030">https://github.com/facebook/flipper/issues/2030</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="ba214d9693"><code>ba214d9</code></a> [dist] 8.6.0</li>
<li><a href="8e3f1181f2"><code>8e3f118</code></a> [feature] Introduce the <code>'redirect'</code> event (<a href="https://github-redirect.dependabot.com/websockets/ws/issues/2030">https://github.com/facebook/flipper/issues/2030</a>)</li>
<li><a href="69e682806d"><code>69e6828</code></a> [ci] Test on node 18</li>
<li><a href="0b6eb71665"><code>0b6eb71</code></a> [ci] Do not test on node 17</li>
<li><a href="d062ded622"><code>d062ded</code></a> [example] Fix require path</li>
<li><a href="2cf6202f8a"><code>2cf6202</code></a> [example] Use the <code>WebSocket.WebSocket{,Server}</code> aliases</li>
<li><a href="62e9b199ad"><code>62e9b19</code></a> [doc] Fix nits</li>
<li><a href="2619c003ce"><code>2619c00</code></a> [minor] Fix nit in comment</li>
<li><a href="d086f4bcbb"><code>d086f4b</code></a> [minor] Make <code>abortHandshake()</code> emit the error in the next tick</li>
<li><a href="ff80d665f9"><code>ff80d66</code></a> [test] Do not use a relative URL</li>
<li>Additional commits viewable in <a href="https://github.com/websockets/ws/compare/8.5.0...8.6.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/3708
Reviewed By: timur-valiev
Differential Revision: D36371198
Pulled By: mweststrate
fbshipit-source-id: df9befdb3f95be2b8c564f87287bd8621e3a0c59
