Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
expo-modules-core
Advanced tools
The expo-modules-core package is a core library for Expo modules, providing essential utilities and base classes for building and integrating native modules in Expo and React Native applications. It helps in creating consistent and efficient modules that can be used across different platforms.
Module Registry
The Module Registry feature allows you to access native modules registered in the Expo environment. This example demonstrates how to import and use a native module called 'MyModule' to perform an action.
import { NativeModulesProxy } from 'expo-modules-core';
const { MyModule } = NativeModulesProxy;
MyModule.doSomething();
Event Emitters
Event Emitters in expo-modules-core enable you to listen to and handle events emitted by native modules. This example shows how to create an event emitter for a module and add a listener for a specific event.
import { EventEmitter } from 'expo-modules-core';
const emitter = new EventEmitter(MyModule);
emitter.addListener('eventName', (event) => {
console.log(event);
});
Platform-specific Code
The Platform module allows you to write platform-specific code by checking the operating system at runtime. This example demonstrates how to log different messages based on whether the app is running on iOS or Android.
import { Platform } from 'expo-modules-core';
if (Platform.OS === 'ios') {
console.log('Running on iOS');
} else if (Platform.OS === 'android') {
console.log('Running on Android');
}
React Native is a popular framework for building mobile applications using JavaScript and React. It provides a set of core components and APIs for building cross-platform apps. Compared to expo-modules-core, React Native offers a broader range of functionalities but requires more setup and configuration for native modules.
react-native-device-info is a library that provides device information for React Native apps. It offers functionalities similar to the Platform module in expo-modules-core but focuses specifically on retrieving device-related information such as device model, OS version, and more.
react-native-event-listeners is a library for managing event listeners in React Native applications. It provides similar functionality to the EventEmitter in expo-modules-core, allowing you to add and remove event listeners easily.
The core of Expo Modules architecture.
For managed Expo projects, please follow the installation instructions in the API documentation for the latest stable release. If you follow the link and there is no documentation available then this library is not yet usable within managed projects — it is likely to be included in an upcoming Expo SDK release.
For bare React Native projects, you must ensure that you have installed and configured the expo
package before continuing.
npm install expo-modules-core
Run npx pod-install
after installing the npm package.
No additional set up necessary.
Many React Native libraries come with platform-specific (native) code. This native code has to be linked into the project and, in some cases, configured further. These actions require some modifications to the native project files. One of the steps that has to be done with the native configuration is to enable the autolinking mechanism that takes care of including any supported module's native code into the project. The following configuration is required:
Caution! After you have made the following changes you will need to run
pod install
again.
# Podfile
require File.join(File.dirname(`node --print "require.resolve('react-native/package.json')"`), "scripts/react_native_pods")
require File.join(File.dirname(`node --print "require.resolve('expo-modules-core/package.json')"`), "cocoapods.rb")
require File.join(File.dirname(`node --print "require.resolve('expo-modules-core/package.json')"`), "scripts/autolinking")
# ...
target "TargetName" do
use_unimodules!
config = use_native_modules!
use_react_native!(:path => config["reactNativePath"])
# ...
end
// app/build.gradle
apply from: new File(["node", "--print", "require.resolve('expo-modules-core/package.json')"].execute(null, rootDir).text.trim(), "../gradle.groovy")
apply from: new File(["node", "--print", "require.resolve('react-native/package.json')"].execute(null, rootDir).text.trim(), "../react.gradle")
apply from: new File(["node", "--print", "require.resolve('expo-updates/package.json')"].execute(null, rootDir).text.trim(), "../scripts/create-manifest-android.gradle")
// ...
apply from: new File(["node", "--print", "require.resolve('@react-native-community/cli-platform-android/package.json')"].execute(null, rootDir).text.trim(), "../native_modules.gradle");
applyNativeModulesAppBuildGradle(project)
// settings.gradle
apply from: new File(["node", "--print", "require.resolve('expo-modules-core/package.json')"].execute(null, rootDir).text.trim(), "../gradle.groovy");
includeUnimodulesProjects()
apply from: new File(["node", "--print", "require.resolve('@react-native-community/cli-platform-android/package.json')"].execute(null, rootDir).text.trim(), "../native_modules.gradle");
applyNativeModulesSettingsGradle(settings)
The scripts that are referenced in Gradle and Cocoapods are usually found the related package inside the project's node_modules
directory. In the case of monorepos (such as Yarn workspaces) the project directory may not contain node_modules
at all; instead, the modules are likely to be located at the root of the repository. In order to ensure that both cases are supported, we take advantage of the Node dependency resolution strategy. We invoke a subprocess that spawns the simple JavaScript snippet that tries to locate the desired npm package containing the script we need.
` `
(backtick) (alternative reference).The Node process that is spawned runs require.resolve
to obtain the path to a module's package.json
(if you look for the module location using solely module name, you'll be given the path to the file pointed by the main
attribute from the package.json
and we need to know the location of the module's root directory). We then assemble the path to the desired script and execute it.
You can read more about the scripts and libraries used in the examples above in their official READMEs.
Contributions are very welcome! Please refer to guidelines described in the contributing guide.
FAQs
The core of Expo Modules architecture
The npm package expo-modules-core receives a total of 695,598 weekly downloads. As such, expo-modules-core popularity was classified as popular.
We found that expo-modules-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 27 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.