IPA — iOS va unga yaqin Apple mobil platformalaridagi applicationni package ko‘rinishida saqlash va tarqatish uchun ishlatiladigan fayl formati. IPA odatda compiled executable, resource, framework, metadata, entitlement va digital signaturega oid ma’lumotlarni o‘z ichiga oladi.
IPA fayl ZIP containerga asoslangan bo‘lishi mumkin, ammo oddiy archive’dan farqli ravishda Apple platformasi kutadigan application bundle tuzilishi va code signing talablariga ega.
Payload
IPA ichida asosiy application bundle ko‘pincha:
Payload/Application.app/
yo‘lida joylashadi.
.app directory executable va resourcelarni saqlaydi.
Application nomi build settingga bog‘liq.
Application bundle
Bundle tarkibi:
- native executable;
Info.plist;- asset catalog natijalari;
- storyboard yoki nib;
- framework;
- extension;
- localized resource;
- provisioningga oid ma’lumot;
- signature directory.
Build va targetga qarab tarkib farq qiladi.
Info.plist
Application metadata’sini saqlaydi:
- bundle identifier;
- display name;
- version;
- executable;
- supported orientation;
- permission description;
- URL scheme;
- capabilityga oid qiymatlar.
Noto‘g‘ri yoki yetishmagan privacy usage description permission so‘ralganda applicationni to‘xtatishi mumkin.
Bundle identifier
Application identity:
uz.uzbekdevs.app
ko‘rinishida bo‘lishi mumkin.
Signing, provisioning, App Store listing va capability shu IDga bog‘liq.
Identifierni o‘zgartirish ko‘pincha yangi application identity yaratadi.
Executable
Swift va Objective-C kodi native executablega compile qilinadi.
Target architecture va platformaga mos binary yaratiladi.
App Store processing bitcodega oid tarixiy yoki boshqa build processingni platforma siyosatiga qarab qo‘llashi mumkin.
Client executable reverse engineeringdan mutlaq himoyalanmagan.
Framework
Application third-party yoki ichki dynamic frameworklarni embed qilishi mumkin.
Frameworklar ham code signed bo‘lishi kerak.
Keraksiz architecture slice va debug symbol production package’dan chiqariladi.
Framework version compatibility buildda tekshiriladi.
App extension
Widget, share extension, notification service yoki boshqa extension IPA ichida alohida .appex bundle sifatida bo‘lishi mumkin.
Har extension:
- alohida executable;
- entitlement;
- provisioning;
- sandbox;
- resource
ga ega.
Host application bilan App Group orqali cheklangan data almashishi mumkin.
Code signing
IPA ichidagi executable code digital signature bilan imzolanadi.
System:
- certificate chain;
- bundle identity;
- entitlement;
- code integrity;
- provisioning
ni tekshiradi.
Fayl o‘zgarsa signature yaroqsiz bo‘lishi mumkin.
Provisioning profile
Development yoki ayrim distribution usullarida embedded provisioning profile applicationni:
- qaysi certificate;
- qaysi device;
- qaysi entitlement;
- qaysi bundle ID
bilan ishlashini belgilaydi.
App Store distributionda final processing boshqacha bo‘lishi mumkin.
Development IPA
Development build debugging va registered device’larda test uchun yaratiladi.
U development certificate va provisioning profile bilan imzolanadi.
Production userlarga tarqatilmaydi.
Debug entitlement va logging bo‘lishi mumkin.
Ad Hoc distribution
Cheklangan ro‘yxatdagi device identifikatorlariga application tarqatish usuli.
Provisioning profile allowed device’larni saqlaydi.
Tester soni va registration platforma qoidalariga bog‘liq.
Katta public distribution uchun mos emas.
Enterprise distribution
Tashkilot ichki applicationni xodim device’lariga tarqatishi mumkin.
Certificate faqat ichki foydalanish uchun.
Public foydalanuvchilarga enterprise IPA tarqatish policy buzilishi va certificate bekor qilinishiga olib kelishi mumkin.
Mobile Device Management nazoratli tarqatish beradi.
TestFlight
Beta application Apple infrastructure orqali testerga tarqatiladi.
Build App Store Connectga upload qilinadi.
Internal va external testing jarayonlari mavjud.
Buildning amal qilish muddati va review talablari platforma policy’siga bog‘liq.
App Store distribution
Public release App Store review va signing processingdan o‘tadi.
User odatda raw IPA faylini ko‘rmaydi.
Store device, account va regionga mos encrypted yoki processed package tarqatishi mumkin.
Developer upload qilgan artifact final user fayli bilan aynan byte-level bir xil bo‘lmasligi mumkin.
Version
CFBundleShortVersionString userga ko‘rinadigan version.
CFBundleVersion build raqami.
Har yangi upload unique yoki yuqoriroq build number talab qilishi mumkin.
Marketing version bir nechta buildga ega bo‘lishi mumkin.
Entitlement
Application capabilitylari signed entitlementda saqlanadi:
Entitlement developer portal, profile va application signature bilan mos bo‘ladi.
Encryption va export
Application cryptography ishlatsa export compliance savollariga javob berishi talab qilinishi mumkin.
System library ishlatish va custom cryptography holati farq qiladi.
Bu build metadata va distribution jarayonining bir qismi.
IPA tahlili
IPA archive sifatida ochilib metadata va resource ko‘rilishi mumkin.
Executable decompile yoki disassemble qilinishi ehtimoli bor.
Shu sababli:
- API secret;
- private key;
- admin credential;
- server authorization qoidasi
client package ichiga ishonib joylashtirilmaydi.
Hajm
Application download va install hajmiga:
- executable;
- framework;
- image;
- audio;
- localization;
- extension;
- architecture
ta’sir qiladi.
Asset catalog, optimization, dead-code stripping va dependency cleanup hajmni kamaytiradi.
IPA va APK
IPA Apple mobil platformasiga, APK Androidga tegishli.
Ikkalasi application package bo‘lsa ham:
- executable format;
- signing;
- permission;
- store;
- sandbox;
- distribution
mexanizmlari farq qiladi.
Birini ikkinchi platformaga o‘rnatib bo‘lmaydi.
Symbol fayli
Release build crash stacklarini o‘qish uchun dSYM symbol fayli yaratiladi. Store processing binary’ni o‘zgartirsa tegishli symbol versioni saqlanadi. dSYM IPA ichida userga tarqatilmasligi mumkin, ammo crash reporting tizimiga upload qilinadi.
Bog‘liq tushunchalar
IPA, iOS application, Application bundle, Payload, Info.plist, Code signing, Provisioning profile, TestFlight, App Store, Entitlement, Bundle identifier