Prepare v9

CHANGELOG.md

@@ -1,3 +1,10 @@
+## Custom Fork v9
+- Improve migrate script handling of some formatting edge cases
+- Add migrate script manual option to override all values using the fingerprint values
+- Add an opt-in scripts-only-mode for Android <10 ROMs
+- Add autopif script to allow extracting the latest Xiaomi.eu custom.pif.json values
+- Add killgms script to allow manual DroidGuard process killing
+
 ## Custom Fork v8
 - Rename VERBOSE_LOGS to verboseLogs to better differentiate Advanced Settings from Build Fields or System Properties
 - Improve replace list to also allow file paths replacing/hiding systemlessly
@@ -6,12 +13,4 @@
 - Update default/example app replace list for more ROM spoof injection methods
 - Fix retaining disabled ROM apps through module updates in some scenarios
 
-## Custom Fork v7
-- Fix non-/system ROM spoof injection app replacement
-- Add missing XiaomiEUInject-Stub to the default/example replace list
-- Improve code, scripts and logging
-- Fix ROM spoof injection app replacement when using KernelSU and APatch
-- Spoof init.svc.adbd to DroidGuard by default to further hide USB Debugging
-- Improve hiding from detection by user apps
-
 _[Previous changelogs](https://github.com/osm0sis/PlayIntegrityFork/releases)_

README.md

@@ -10,7 +10,7 @@ A Zygisk module which fixes "ctsProfileMatch" (SafetyNet) and "MEETS_DEVICE_INTE
 
 To use this module you must have one of the following (latest versions):
 
-- [Magisk](https://github.com/topjohnwu/Magisk) with Zygisk enabled (and Enforce DenyList enabled if NOT also using [Shamiko](https://github.com/LSPosed/LSPosed.github.io/releases)/[Zygisk Assistant](https://github.com/snake-4/Zygisk-Assistant), for best results)
+- [Magisk](https://github.com/topjohnwu/Magisk) with Zygisk enabled (and Enforce DenyList enabled if NOT also using [Shamiko](https://github.com/LSPosed/LSPosed.github.io/releases) or [Zygisk Assistant](https://github.com/snake-4/Zygisk-Assistant), for best results)
 - [KernelSU](https://github.com/tiann/KernelSU) with [Zygisk Next](https://github.com/Dr-TSNG/ZygiskNext) module installed
 - [APatch](https://github.com/bmax121/APatch) with [Zygisk Next](https://github.com/Dr-TSNG/ZygiskNext) module installed
 
@@ -26,7 +26,7 @@ You can fill out the included template [example.pif.json](https://raw.githubuser
 
 Note this is just a template with the current suggested defaults, but with this fork you can include as few or as many android.os.Build class fields and Android system properties as needed to pass DEVICE verdict now and in the future if the enforced checks by Play Integrity change.
 
-As a general rule you can't use values from recent devices due to them only being allowed with full hardware backed attestation. See the Resources below for information and scripts to help find a working fingerprint.
+As a general rule you can't use values from recent devices due to them only being allowed with full hardware backed attestation. A script to extract the latest Xiaomi.eu public fingerprint is included with the module; see the autopif section below for usage and caveats, and see the Resources below for information and scripts to help find a working private fingerprint.
 
 Older formatted custom.pif.json files from cross-forks and previous releases will be automatically migrated to the latest format. Simply ensure the filename is custom.pif.json and place it in the module directory before upgrading.
 
@@ -46,7 +46,6 @@ A migration may also be performed manually with `sh migrate.sh` and custom.pif.j
 
 - Scripts:
   - [gen_pif_custom.sh](https://xdaforums.com/t/tools-zips-scripts-osm0sis-odds-and-ends-multiple-devices-platforms.2239421/post-89173470) - Script to generate a custom.pif.json from device dump build.prop files
-  - [autopif.sh](https://xdaforums.com/t/module-play-integrity-fix-safetynet-fix.4607985/post-89233630) - Script to extract the latest working Xiaomi.eu fingerprint (though frequently banned and may be banned for RCS use while otherwise passing) to test an initial setup
   - [pif-test-json-file.sh](https://xdaforums.com/t/tools-zips-scripts-osm0sis-odds-and-ends-multiple-devices-platforms.2239421/post-89482876) - Script to automate generating and testing json files to attempt to find working fingerprints 
   - [install-random-fp.sh](https://xdaforums.com/t/script-for-randomly-installing-custom-device-fingerprints.4647408/) - Script to randomly switch between multiple working fingerprints found by the user
 
@@ -56,6 +55,14 @@ A migration may also be performed manually with `sh migrate.sh` and custom.pif.j
 
 You can customize the included default [example.app_replace.list](https://raw.githubusercontent.com/osm0sis/PlayIntegrityFork/main/module/example.app_replace.list) from the module directory (/data/adb/modules/playintegrityfix) then rename it to custom.app_replace.list to systemlessly replace any additional conflicting custom ROM spoof injection app paths to disable them.
 
+## About 'autopif.sh' and 'killgms.sh' script files
+
+There's intentionally no custom./pif.json in my fork by default, because the goal remains to be futureproof, and including something that could/will be banned and obsolete the next day would be contrary to that goal. If you don't care to have your own private fingerprint to use or don't have time to look for one currently then simply run the extraction script from a root prompt with `sh autopif.sh` in the module directory (/data/adb/playintegrityfix/), or from a file explorer app that supports script execution.
+
+The autopif script extracts the latest working Xiaomi.eu fingerprint (though frequently banned and may be banned for RCS use while otherwise passing Play Integrity and SafetyNet) to test an initial setup.
+
+The killgms script forces the Google Play Services DroidGuard process (com.google.android.gms.unstable) to end, making it restart with the next attestation attempt; useful for testing out different private fingerprints without requiring a reboot in between.
+
 ## Troubleshooting
 
 Make sure Google Play Services (com.google.android.gms) is NOT on the Magisk DenyList if Enforce DenyList is enabled since this interferes with the module; the module does prevent this using scripts but it only happens once during each reboot.
@@ -114,6 +121,21 @@ No.
 
 [Play Integrity API](https://xdaforums.com/t/info-play-integrity-api-replacement-for-safetynet.4479337/) - FAQ/information about PI (Play Integrity) replacing SN (SafetyNet)
 
+## About Scripts-only mode
+
+An advanced mode intended for older Android <10 stock ROMs or those with stock-like values, (and some other rare special cases,) since they generally only need a few prop changes to pass Play Integrity DEVICE verdict. Due to this the majority of the previous information does not apply to or contradicts that of Scripts-only mode, so to avoid confusion it's contained in the Details area below.
+
+<details>
+<summary><strong>Details</strong></summary>
+
+- Manually opt-in by creating a file named scripts-only-mode in the module directory, either from a root prompt with `mkdir -p /data/adb/modules/playintegrityfix; touch /data/adb/modules/playintegrityfix/scripts-only-mode` or from a file explorer app, and then re/flashing the module. Scripts-only mode will remain enabled until this file is removed and the module is reflashed again.
+
+- During install all unused default mode files (including custom.pif.json) are removed from the module directory, effectively disabling the Zygisk components of PIF: attestation fallback and device spoofing. You'll see "Scripts-only mode" indicated in the module description in your root manager app.
+
+- For best results, you should still most likely enable Magisk's Enforce DenyList option if NOT also using [Shamiko](https://github.com/LSPosed/LSPosed.github.io/releases) or [Zygisk Assistant](https://github.com/snake-4/Zygisk-Assistant). The module will automatically add the Google Play Services DroidGuard process (com.google.android.gms.unstable) to the Magisk DenyList, if missing, since for Scripts-only mode it's necessary on some configurations (generally Android 9).
+
+</details>
+
 ## Credits
 
 Module scripts were adapted from those of kdrag0n/Displax's Universal SafetyNet Fix (USNF) module, please see the commit history of [Displax's USNF Fork](https://github.com/Displax/safetynet-fix/tree/dev/magisk) for proper attribution.

module/module.prop

@@ -1,7 +1,7 @@
 id=playintegrityfix
 name=Play Integrity Fork
-version=v8
-versionCode=80001
+version=v9
+versionCode=90000
 author=osm0sis & chiteroman @ xda-developers
 description=Fix CTS profile (SafetyNet) and DEVICE verdict (Play Integrity)
 updateJson=https://raw.githubusercontent.com/osm0sis/PlayIntegrityFork/main/update.json

update.json

@@ -1,6 +1,6 @@
 {
-    "version": "v8",
-    "versionCode": 80000,
-    "zipUrl": "https://github.com/osm0sis/PlayIntegrityFork/releases/download/v8/PlayIntegrityFork-v8.zip",
+    "version": "v9",
+    "versionCode": 90000,
+    "zipUrl": "https://github.com/osm0sis/PlayIntegrityFork/releases/download/v9/PlayIntegrityFork-v9.zip",
     "changelog": "https://raw.githubusercontent.com/osm0sis/PlayIntegrityFork/main/CHANGELOG.md"
 }