feat(connections): import and export connections on iOS#1738
Conversation
|
Preview deployment for your docs. Learn more about Mintlify Previews.
💡 Tip: Enable Workflows to automatically generate PRs for you. |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 2c63fb21b4
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| port: ssh.port, | ||
| username: ssh.username, | ||
| authMethod: ssh.authMethod.rawValue, | ||
| privateKeyPath: PathPortability.contractHome(ssh.privateKeyPath ?? ""), |
There was a problem hiding this comment.
When an iOS connection uses pasted private-key auth, the key material is stored separately in Keychain under com.TablePro.sshkeydata.<id> and IOSSSHProvider reloads it before connecting; this export only serializes privateKeyPath (which is empty for pasted keys), and the encrypted credentials path only includes passwords/passphrases. Re-importing even an encrypted export of such a connection therefore creates .privateKey auth with no key, so SSH tunnel creation fails with “No private key provided.”
Useful? React with 👍 / 👎.
| } | ||
| } | ||
|
|
||
| let safeMode = exportable.safeModeLevel.flatMap { SafeModeLevel(rawValue: $0) } ?? .off |
There was a problem hiding this comment.
When importing macOS exports with safeModeLevel values such as alert, alertFull, safeMode, or safeModeFull, this direct lookup uses the iOS enum (off, confirmWrites, readOnly), so those protective modes fall through to .off. The imported connection silently loses write-confirmation protection; map the macOS raw values to .confirmWrites or another supported iOS protection instead of defaulting them off.
Useful? React with 👍 / 👎.
| case "sshagent", "agent", "ssh agent": return .sshAgent | ||
| case "keyboardinteractive", "keyboard interactive": return .keyboardInteractive |
There was a problem hiding this comment.
When a macOS .tablepro export uses SSH Agent or Keyboard Interactive auth, these cases preserve that value on iOS, but SSHTunnelFactory.create only handles .password and .privateKey and throws for the default branch. That means the imported connection cannot connect on iOS; warn/skip these auth modes or map them to a supported editable state instead of saving an unsupported configuration.
Useful? React with 👍 / 👎.
1 participant
What
Brings connection import (and export) to the iPhone app. A TestFlight user asked for a way to import connections on iOS; the Mac app already had a full import/export system, but iOS had none of it.
Approach
The serialization, crypto, and import-analysis logic lived inside the macOS app target. Rather than duplicate it on iOS (which would let a crypto fix drift between platforms), it moves into a new shared SPM target both apps use.
TableProImportSPM target (Packages/TableProCore): the.tableproenvelope/exportable types,ConnectionExportCrypto(AES-256-GCM, PBKDF2 600k), and pureConnectionImportAnalyzer+ConnectionImportDecoder. No AppKit; builds on macOS and iOS.ImportItemStatus.duplicateassociated value to drop the macOS-type dependency. All callers and tests updated in the same commit..fileImporterfrom a new "more" menu, a nativeMobileConnectionImportSheet(preview, duplicate resolution, passphrase prompt for encrypted files),IOSConnectionImportService/IOSConnectionExportService, share-sheet export with an optional passphrase-encrypted credentials file, and.tableproopen-in from Files/AirDrop viaUTExportedTypeDeclarations+CFBundleDocumentTypesandonOpenURL.Secrets stay excluded by default; including passwords requires a passphrase that encrypts the file, matching Apple's Keychain guidance and the existing macOS behavior.
Tests
TableProImportTests(15): crypto round-trip including wrong passphrase and corrupt header, envelope round-trip, analyzer duplicate/warning logic, path portability.IOSConnectionImportServiceTests(4): credential restore key format and mapped-indices-only, suggested filename.--strictclean.Notes
TableProTeststarget has a pre-existing local link failure inOracleConnectionErrorTests(needs the OracleNIO fork built); unrelated to this change. The edited macOS import tests compile.