
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
@embrace-io/react-navigation
Advanced tools
This is used to track React Native screens with the Embrace SDK
[!IMPORTANT]
This module requires React Native Embrace SDK.
Embrace can collect basic session data and crashes as you've already seen in the Crash Reporting and Session Reporting sections. Embrace can also collect the screens that your app opened and include it as context within your sessions. Here's how you add the screen tracker to the session.
Currently we are only supporting the React Navigation SDK, if you are using another library please contact us at support@embrace.io, on Slack, or open a new issue if you would like to request support.
yarn add @embrace-io/react-navigation
Or
npm install @embrace-io/react-navigation
Add an useRef for the NavigationContainer and pass it to Embrace's hook
import {useRef} from 'react'
import {useEmbraceNavigationTracker} from '@embrace-io/react-navigation';
function App() {
// Create the reference
const navigationRef = useRef();
// Pass the reference to Embrace's Hook
useEmbraceNavigationTracker(navigationRef);
return (
// Assign the NavigationContainer reference value to the useRef created
<NavigationContainer ref={navigationRef}>
<Screens... />
</NavigationContainer>
);
}
Embrace automatically collects the native screens, if you do not want to see them in the session you can disable it.
Go to your embrace-config.json inside android/app/src/main and add the sdk_config, your file should be like this
{
"app_id": "APP_ID",
"api_token": "API_TOKEN",
...
// Add this lines
"sdk_config": {
"view_config": {
"enable_automatic_activity_capture": false
}
}
}
Go to your Embrace-info.plist inside ios/YOURAPPNAME and add ENABLE_AUTOMATIC_VIEW_CAPTURE as false, your file should be like this
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>API_KEY</key>
<string>{API_KEY}</string>
<key>CRASH_REPORT_ENABLED</key>
<true/>
<!-- Add this key and the value as false-->
<key>ENABLE_AUTOMATIC_VIEW_CAPTURE</key>
<false/>
</dict>
</plist>
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.