Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
onesignal-expo-plugin
Advanced tools
The OneSignal Expo plugin allows you to use OneSignal without leaving the managed workflow. Developed in collaboration with SweetGreen.
The OneSignal Expo plugin allows you to use OneSignal without leaving the managed workflow. Developed in collaboration with SweetGreen.
This plugin is an Expo Config Plugin. It extends the Expo config to allow customizing the prebuild phase of managed workflow builds (no need to eject to a bare workflow). For the purposes of OneSignal integration, the plugin facilitates automatically generating/configuring the necessary native code files needed to get the OneSignal React-Native SDK to work. You can think of adding a plugin as adding custom native code.
expo run:[android|ios]
)You need both the onesignal-expo-plugin
and the react-native-onesignal
npm package.
npx expo install onesignal-expo-plugin
# npm
npm install react-native-onesignal
# yarn
yarn add react-native-onesignal
Add the plugin to the front of the plugin array. It should be added automatically if you ran npx expo install
. Just make sure it is the first plugin in the array and to configure any desired plugin props:
app.json
{
"plugins": [
[
"onesignal-expo-plugin",
{
"mode": "development",
}
]
]
}
or
app.config.js
export default {
...
plugins: [
[
"onesignal-expo-plugin",
{
mode: "development",
}
]
]
};
You can pass props to the plugin config object to configure:
Plugin Prop | ||
---|---|---|
mode | required | Used to configure APNs environment entitlement. "development" or "production" |
devTeam | optional | Used to configure Apple Team ID. You can find your Apple Team ID by running expo credentials:manager e.g: "91SW8A37CR" |
iPhoneDeploymentTarget | optional | Target IPHONEOS_DEPLOYMENT_TARGET value to be used when adding the iOS NSE. A deployment target is nothing more than the minimum version of the operating system the application can run on. This value should match the value in your Podfile e.g: "12.0" . |
smallIcons | optional | An array of local paths to small notification icons for Android. Image should be white, transparent, and 96x96 in size. Input images will be automatically scaled down and placed in the appropriate resource folders. e.g: ["./assets/ic_stat_onesignal_default.png"] . See https://documentation.onesignal.com/docs/customize-notification-icons#small-notification-icons. |
largeIcons | optional | An array of local paths to large notification icons for Android. Image should be white, transparent, and 256x256 in size. e.g: ["./assets/ic_onesignal_large_icon_default.png"] . See https://documentation.onesignal.com/docs/customize-notification-icons#large-notification-icons. |
smallIconAccentColor | optional | The accent color to use for notification icons on Android. Must be a valid hex value, e.g: "#FF0000" |
iosNSEFilePath | optional | The local path to a custom Notification Service Extension (NSE), written in Objective-C. The NSE will typically start as a copy of the default NSE, then altered to support any custom logic required. e.g: "./assets/NotificationService.m" . |
Add your OneSignal App ID to your Expo constants via the extra
param:
Example:
{
"extra": {
"oneSignalAppId": "<YOUR APP ID HERE>"
}
}
You can then access the value to pass to the initialize
function:
import { OneSignal } from 'react-native-onesignal';
import Constants from "expo-constants";
OneSignal.initialize(Constants.expoConfig.extra.oneSignalAppId);
Alternatively, pass the app ID directly to the function:
OneSignal.initialize("YOUR-ONESIGNAL-APP-ID");
In your configuration file, make sure you set:
Property | Details |
---|---|
version | Your app version. Corresponds to CFBundleShortVersionString on iOS. It is a human-readable version number of an iOS app, and is typically in the format of "X.X.X" (e.g. "1.0" or "2.3.1"). It is the version number that is typically displayed to users in the App Store and in the app itself. This value will be used in your NSE* target's plist file. |
ios.buildNumber | Build number for your iOS standalone app. Corresponds to CFBundleVersion and must match Apple's specified format (e.g: "42" or "100"). The build number is used by the App Store and iOS to identify and track different versions of an app, and is typically incremented for each new release. It is a number typically used for the developer's and system reference. This value will be used in your NSE* target's plist file. |
ios.bundleIdentifier | Bundle identifier for your iOS standalone app. Corresponds to CFBundleIdentifier . It's a unique identifier string that is used to identify an iOS app or bundle. It is typically in the format of "com.companyname.appname" (e.g. "com.example.myapp" ). This value will be used in your NSE* target's plist and entitlements file. |
* NSE = Notification Service Extension. Learn more about the NSE here.
See our EAS documentation for help with EAS.
To distribute your iOS application via EAS, you will need to ensure your credentials are set up correctly. See our credentials setup guide for instructions.
Prebuilding in Expo will result in the generation of the native runtime code for the project (and ios
and android
directories being built). By prebuilding, we automatically link and configure the native modules that have implemented CocoaPods, autolinking, and other config plugins. You can think of prebuild like a native code bundler.
When you run expo prebuild
we enter into a custom managed workflow which provides most of the benefits of bare workflows and managed workflows at the same time.
It may make sense to prebuild locally to inspect config plugin changes and help in debugging issues.
npx expo prebuild
# nukes changes and rebuilds
npx expo prebuild --clean
EAS Note: if you choose to stay in a fully managed workflow by not prebuilding, EAS will still run npx expo prebuild
at build time. You can also prebuild locally but remain in a fully managed workflow by adding the android
and ios
directories to your .gitignore.
The following commands will prebuild and run your application. Note that for iOS, push notifications will not work in the Simulator.
# Build and run your native iOS project
npx expo run:ios
# Build and run your native Android project
npx expo run:android
Contributions, issues and feature requests are welcome!
Feel free to check issues page.
Give a ⭐️ if this project helped you!
FAQs
The OneSignal Expo plugin allows you to use OneSignal without leaving the managed workflow. Developed in collaboration with SweetGreen.
The npm package onesignal-expo-plugin receives a total of 8,101 weekly downloads. As such, onesignal-expo-plugin popularity was classified as popular.
We found that onesignal-expo-plugin demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.