autopif2.sh: automatically update TrickyStore security_patch.txt system date

- opt in by creating /data/adb/tricky_store/security_patch.txt
- OS Patch Level (system= entry in TS 1.2.1+) must match *.security_patch spoofed to gms in order to pass Legacy PI Strong so automatically update with Beta print
- if boot= or vendor= entries are also needed in security_patch.txt to pass New PI Strong (due to an old/custom ROM) these must be manually added, or, all= may be used instead of system= and autopif2 will keep it up to date

Note: TS's OS Patch Level (system=), Boot Patch Level (boot=), and Vendor Patch Level (vendor=) must all be 11 months or less old in order to pass New PI Strong.

module/autopif2.sh

@@ -152,6 +152,7 @@ if [ -f "$MIGRATE" ]; then
     grep -q '//"\*.security_patch"' $OLDJSON && PATCH_COMMENT=1;
     grep -qE "verboseLogs|VERBOSE_LOGS" $OLDJSON && ARGS="-a";
   fi;
+  [ -f /data/adb/tricky_store/security_patch.txt ] && unset PATCH_COMMENT;
   item "Converting pif.json to custom.pif.json with migrate.sh:";
   rm -f custom.pif.json;
   sh $MIGRATE -i $ARGS pif.json;
@@ -182,6 +183,14 @@ if [ "$DIR" = /data/adb/modules/playintegrityfix/autopif2 ]; then
   fi;
   item "Installing new json ...";
   cp -fv $NEWNAME ..;
+  TS_SECPAT=/data/adb/tricky_store/security_patch.txt;
+  if [ -f "$TS_SECPAT" ]; then
+    item "Updating Tricky Store security_patch.txt ...";
+    [ ! -s "$TS_SECPAT" ] && echo "system=" > $TS_SECPAT;
+    grep -q 'all=' $TS_SECPAT && sed -i "s/all=.*/all=$SECURITY_PATCH/" $TS_SECPAT;
+    grep -q 'system=' $TS_SECPAT && sed -i "s/system=.*/system=$(echo ${SECURITY_PATCH//-} | cut -c-6)/" $TS_SECPAT;
+    cat $TS_SECPAT;
+  fi;
   if [ -f /data/adb/modules/playintegrityfix/killpi.sh ]; then
     item "Killing any running GMS DroidGuard/Play Store processes ...";
     sh /data/adb/modules/playintegrityfix/killpi.sh 2>&1 || true;