Skip to content

chore(runway): cherry-pick fix(fingerprint): exclude JS-only changes from EAS fingerprint#31013

Merged
tommasini merged 1 commit into
release/7.80.0from
runway-cherry-pick-7.80.0-1780490215
Jun 3, 2026
Merged

chore(runway): cherry-pick fix(fingerprint): exclude JS-only changes from EAS fingerprint#31013
tommasini merged 1 commit into
release/7.80.0from
runway-cherry-pick-7.80.0-1780490215

Conversation

@runway-github

@runway-github runway-github Bot commented Jun 3, 2026

Copy link
Copy Markdown
Contributor

Description

The EAS fingerprint was being invalidated by JS-only changes (e.g.
@metamask/*-controller version bumps, package.json
scripts/version edits, and JS-only yarn patches), forcing
unnecessary native rebuilds and blocking OTA updates.

This change makes the fingerprint reflect only native-relevant inputs:

  • Resolves the set of packages with native code via Expo autolinking
    (yarn expo-modules-autolinking resolve for iOS and Android), with a
    safe fallback to hashing everything if resolution fails.
  • Adds a fileHookTransform that filters package.json down to the
    dependencies/devDependencies of native packages (plus expo
    autolinking overrides), and excludes .yarn/patches for JS-only
    packages.
  • Removes the static .yarn/patches extraSource and the now-redundant
    .fingerprintignore, since patch filtering is handled in the transform.

Note: the transform buffers package.json across streamed chunks before
parsing, since fileHookTransform is invoked per-chunk.

Changelog

CHANGELOG entry: null

Related issues

Fixes:

Manual testing steps

Feature: EAS fingerprint excludes JS-only changes

  Scenario: JS-only dependency bump does not change the fingerprint
    Given a clean working tree
    When I run "yarn fingerprint:generate" and record the hash
    And I bump a JS-only dependency version in package.json
    And I run "yarn fingerprint:generate" again
    Then the hash is unchanged

  Scenario: native dependency bump changes the fingerprint
    Given a clean working tree
    When I bump a native dependency version in package.json
    And I run "yarn fingerprint:generate"
    Then the hash differs from the baseline
``` [f624cec](https://github.com/MetaMask/metamask-mobile/commit/f624cec5ad187e2ea0e17969d09e570e33bb9e95)

@joaoloureirop
chore(runway): cherry-pick fix(fingerprint): exclude JS-only changes …
5d992d1 
…from EAS fingerprint (#30332)

## **Description**

The EAS fingerprint was being invalidated by JS-only changes (e.g.
`@metamask/*-controller` version bumps, `package.json`
`scripts`/`version` edits, and JS-only yarn patches), forcing
unnecessary native rebuilds and blocking OTA updates.

This change makes the fingerprint reflect only native-relevant inputs:
- Resolves the set of packages with native code via Expo autolinking
(`yarn expo-modules-autolinking resolve` for iOS and Android), with a
safe fallback to hashing everything if resolution fails.
- Adds a `fileHookTransform` that filters `package.json` down to the
`dependencies`/`devDependencies` of native packages (plus `expo`
autolinking overrides), and excludes `.yarn/patches` for JS-only
packages.
- Removes the static `.yarn/patches` `extraSource` and the now-redundant
`.fingerprintignore`, since patch filtering is handled in the transform.

Note: the transform buffers `package.json` across streamed chunks before
parsing, since `fileHookTransform` is invoked per-chunk.

## **Changelog**

CHANGELOG entry: null

## **Related issues**

Fixes:

## **Manual testing steps**

```gherkin
Feature: EAS fingerprint excludes JS-only changes

  Scenario: JS-only dependency bump does not change the fingerprint
    Given a clean working tree
    When I run "yarn fingerprint:generate" and record the hash
    And I bump a JS-only dependency version in package.json
    And I run "yarn fingerprint:generate" again
    Then the hash is unchanged

  Scenario: native dependency bump changes the fingerprint
    Given a clean working tree
    When I bump a native dependency version in package.json
    And I run "yarn fingerprint:generate"
    Then the hash differs from the baseline
```
@runway-github runway-github Bot requested a review from a team as a code owner June 3, 2026 12:37
@github-actions

github-actions Bot commented Jun 3, 2026

Copy link
Copy Markdown
Contributor

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@mm-token-exchange-service mm-token-exchange-service Bot added the team-bots Bot team (for MetaMask Bot, Runway Bot, etc.) label Jun 3, 2026
@github-actions

github-actions Bot commented Jun 3, 2026

Copy link
Copy Markdown
Contributor

🔍 Smart E2E Test Selection

⏭️ Smart E2E selection skipped - PR targets a release or stable branch (release/* or stable)

All E2E tests pre-selected.

View GitHub Actions results

@github-actions github-actions Bot added the size-M label Jun 3, 2026
@tommasini tommasini merged commit d7ab64c into release/7.80.0 Jun 3, 2026
79 checks passed
@tommasini tommasini deleted the runway-cherry-pick-7.80.0-1780490215 branch June 3, 2026 12:45
@github-actions github-actions Bot locked and limited conversation to collaborators Jun 3, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@vpintorico vpintorico vpintorico approved these changes

Assignees

No one assigned

Labels

size-M team-bots Bot team (for MetaMask Bot, Runway Bot, etc.)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@vpintorico @tommasini @joaoloureirop