Skip to content

fix(fingerprint): exclude JS-only changes from EAS fingerprint#30332

Merged
joaoloureirop merged 4 commits into
mainfrom
ota/fingerprint-controller-exclusion
Jun 2, 2026
Merged

fix(fingerprint): exclude JS-only changes from EAS fingerprint#30332
joaoloureirop merged 4 commits into
mainfrom
ota/fingerprint-controller-exclusion

Conversation

@joaoloureirop

@joaoloureirop joaoloureirop commented May 18, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Description

The EAS fingerprint was being invalidated by JS-only changes (e.g. @metamask/*-controller version bumps, package.json scripts/version edits, and JS-only yarn patches), forcing unnecessary native rebuilds and blocking OTA updates.

This change makes the fingerprint reflect only native-relevant inputs:

  • Resolves the set of packages with native code via Expo autolinking (yarn expo-modules-autolinking resolve for iOS and Android), with a safe fallback to hashing everything if resolution fails.
  • Adds a fileHookTransform that filters package.json down to the dependencies/devDependencies of native packages (plus expo autolinking overrides), and excludes .yarn/patches for JS-only packages.
  • Removes the static .yarn/patches extraSource and the now-redundant .fingerprintignore, since patch filtering is handled in the transform.

Note: the transform buffers package.json across streamed chunks before parsing, since fileHookTransform is invoked per-chunk.

Changelog

CHANGELOG entry: null

Related issues

Fixes:

Manual testing steps

Feature: EAS fingerprint excludes JS-only changes

  Scenario: JS-only dependency bump does not change the fingerprint
    Given a clean working tree
    When I run "yarn fingerprint:generate" and record the hash
    And I bump a JS-only dependency version in package.json
    And I run "yarn fingerprint:generate" again
    Then the hash is unchanged

  Scenario: native dependency bump changes the fingerprint
    Given a clean working tree
    When I bump a native dependency version in package.json
    And I run "yarn fingerprint:generate"
    Then the hash differs from the baseline

@github-actions

github-actions Bot commented May 18, 2026

Copy link
Copy Markdown
Contributor

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@metamaskbotv2 metamaskbotv2 Bot added the team-mobile-platform Mobile Platform team label May 18, 2026
@github-actions github-actions Bot added the pr-not-ready-for-e2e Skip E2E and block merging. Remove this label once the PR is ready to run the E2E tests. label May 18, 2026
@joaoloureirop joaoloureirop force-pushed the ota/fingerprint-controller-exclusion branch from 4e956d2 to d2e09dd Compare May 18, 2026 15:52
@sonarqubecloud

sonarqubecloud Bot commented May 18, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions github-actions Bot added size-M and removed size-XS labels Jun 2, 2026
@joaoloureirop joaoloureirop changed the title ci(ota): exclude @metamask controllers from OTA fingerprint check fix(fingerprint): exclude JS-only changes from EAS fingerprint Jun 2, 2026
@mm-token-exchange-service mm-token-exchange-service Bot added the INVALID-PR-TEMPLATE PR's body doesn't match template label Jun 2, 2026
tommasini
tommasini previously approved these changes Jun 2, 2026
View reviewed changes
@joaoloureirop joaoloureirop marked this pull request as ready for review June 2, 2026 14:44
@joaoloureirop joaoloureirop requested a review from a team as a code owner June 2, 2026 14:44
@github-actions github-actions Bot added the risk:medium AI analysis: medium risk label Jun 2, 2026
@joaoloureirop joaoloureirop removed the pr-not-ready-for-e2e Skip E2E and block merging. Remove this label once the PR is ready to run the E2E tests. label Jun 2, 2026
@joaoloureirop joaoloureirop requested a review from tommasini June 2, 2026 15:08
@joaoloureirop joaoloureirop enabled auto-merge June 2, 2026 15:13
@github-actions

github-actions Bot commented Jun 2, 2026

Copy link
Copy Markdown
Contributor

🔍 Smart E2E Test Selection

  • Selected E2E tags: None (no tests recommended)
  • Selected Performance tags: None (no tests recommended)
  • Risk Level: low
  • AI Confidence: 97%
click to see 🤖 AI reasoning details

E2E Test Selection:
The only changed file is fingerprint.config.js, which is an Expo EAS fingerprint configuration file. This file runs in a Node.js build environment (not in the React Native bundle) and is used solely to determine when native builds need to be regenerated on EAS.

The changes:

  1. Remove .yarn/patches as a blanket extraSources directory (to avoid JS-only patches invalidating the fingerprint unnecessarily)
  2. Add a fileHookTransform function that intelligently filters package.json to only hash native package dependencies, and filters .yarn/patches/ to only include patches for native packages

This is a pure build infrastructure optimization with zero impact on:

  • App source code or behavior
  • React Native components, controllers, or Engine
  • Navigation, UI, or user flows
  • E2E test infrastructure (Detox tests)
  • Performance characteristics

No E2E tests need to run for this change. The change cannot break any user-facing functionality or test flows.

Performance Test Selection:
The change is limited to the EAS fingerprint configuration file (a Node.js build-time script). It has no impact on app runtime performance, UI rendering, data loading, or any user-facing flows. No performance tests are warranted.

View GitHub Actions results

@codecov-commenter

codecov-commenter commented Jun 2, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.74%. Comparing base (1096b41) to head (1283b7f).
⚠️ Report is 9 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #30332   +/-   ##
=======================================
  Coverage   82.73%   82.74%           
=======================================
  Files        5576     5576           
  Lines      143554   143562    +8     
  Branches    33190    33193    +3     
=======================================
+ Hits       118774   118785   +11     
+ Misses      16874    16868    -6     
- Partials     7906     7909    +3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@joaoloureirop joaoloureirop added this pull request to the merge queue Jun 2, 2026
Merged via the queue into main with commit f624cec Jun 2, 2026
200 of 231 checks passed
@joaoloureirop joaoloureirop deleted the ota/fingerprint-controller-exclusion branch June 2, 2026 16:11
@github-actions github-actions Bot locked and limited conversation to collaborators Jun 2, 2026
@metamaskbotv2 metamaskbotv2 Bot added the release-7.81.0 Issue or pull request that will be included in release 7.81.0 label Jun 2, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@tommasini tommasini tommasini approved these changes

Assignees

No one assigned

Labels

INVALID-PR-TEMPLATE PR's body doesn't match template release-7.81.0 Issue or pull request that will be included in release 7.81.0 risk:medium AI analysis: medium risk size-M team-mobile-platform Mobile Platform team

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@joaoloureirop @codecov-commenter @tommasini