Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
instabug-reactnative
Advanced tools
Instabug is an in-app feedback and bug reporting tool for mobile apps. With just a simple shake, your users or beta testers can report bugs or send in-app feedback and the SDK will capture an environment snapshot of your user's device including all console logs, and server-side network requests compiling all these details in one organised dashboard to help you debug and fix bugs faster.
Instabug also provides you with a reliable crash reporter that automatically captures a detailed report of the running environment, the different threads’ states, the steps to reproduce the crash, and the network request logs. All the data is captured automatically with no need for breadcrumbs, and you can always reply back to your users and they will receive your messages within the app.
For more info, visit Instabug.com.
In Terminal, navigate to your React Native directory and install the instabug-reactnative
package:
npm install instabug-reactnative
Or if you prefer to use Yarn instead of npm:
yarn add instabug-reactnative
CocoaPods on iOS needs this extra step:
cd ios && pod install && cd ..
To start using Instabug, import it as follows, then initialize it in the constructor
or componentWillMount
. This line will let the SDK work with the default behavior. The SDK will be invoked when the device is shaken. You can customize this behavior through the APIs.
import Instabug from 'instabug-reactnative';
Instabug.init({
token: 'APP_TOKEN',
invocationEvents: [Instabug.invocationEvent.shake],
});
You can find your app token by selecting the SDK tab from your Instabug dashboard.
:warning: If you're updating the SDK from versions prior to v11, please check our migration guide.
Instabug needs access to the microphone and photo library to be able to let users add audio and video attachments. Starting from iOS 10, apps that don’t provide a usage description for those 2 permissions would be rejected when submitted to the App Store.
For your app not to be rejected, you’ll need to add the following 2 keys to your app’s info.plist file with text explaining to the user why those permissions are needed:
NSMicrophoneUsageDescription
NSPhotoLibraryUsageDescription
If your app doesn’t already access the microphone or photo library, we recommend using a usage description like:
<app name>
needs access to the microphone to be able to attach voice notes."<app name>
needs access to your photo library for you to be able to attach images."The permission alert for accessing the microphone/photo library will NOT appear unless users attempt to attach a voice note/photo while using Instabug.
For your app crashes to show up with a fully symbolicated stack trace, we will automatically generate the source map files and upload them to your dashboard on release build. To do so, we rely on your app token being explicitly added to Instabug.init({token: 'YOUR_APP_TOKEN'})
in JavaScript.
If your app token is defined as a constant, you can set an environment variable INSTABUG_APP_TOKEN
to be used instead.
We also automatically read your versionName
and versionCode
to upload your sourcemap file. alternatively, can also set the environment variables INSTABUG_APP_VERSION_NAME
and INSTABUG_APP_VERSION_CODE
to be used instead.
To disable the automatic upload, you can set the environment variable INSTABUG_SOURCEMAPS_UPLOAD_DISABLE
to TRUE.
Instabug network logging is enabled by default. It intercepts any requests performed with fetch
or XMLHttpRequest
and attaches them to the report that will be sent to the dashboard. To disable network logs:
import { NetworkLogger } from 'instabug-reactnative';
NetworkLogger.setEnabled(false);
Instabug Repro Steps are enabled by default. It captures a screenshot of each screen the user navigates to. These screens are attached to the BugReport when sent.
We support the two most popular React Native navigation libraries:
v5
set the onStateChange
to Instabug.onStateChange
in your NavigationContainer as follows:
<NavigationContainer onStateChange={Instabug.onStateChange} />
<=v4
set the onNavigationStateChange
to Instabug.onNavigationStateChange
in your App wrapper as follows:
export default () => <App onNavigationStateChange={Instabug.onNavigationStateChange} />;
Register Instabug.componentDidAppearListener
listener using:
Navigation.events().registerComponentDidAppearListener(Instabug.componentDidAppearListener);
Alternatively, you can report your screen changes manually using the following API
Instabug.reportScreenChange('screenName');
You can disable Repro Steps using the following API:
Instabug.setReproStepsConfig({ all: ReproStepsMode.disabled });
For more details about the supported APIs and how to use them, check our Documentation.
FAQs
React Native plugin for integrating the Instabug SDK
We found that instabug-reactnative demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.