Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
react-native-background-task
Advanced tools
Periodic background tasks for React Native apps, cross-platform (iOS and Android), which run even when the app is closed.
Periodic background tasks for React Native apps, cross-platform (iOS and Android), which run even when the app is closed.
This library allows the scheduling of a single periodic task, which executes when the app is in the background or closed, no more frequently than every 15 minutes. Network, AsyncStorage etc can be used (anything except UI), so perfect for things like a background data sync for offline support.
Behind the scenes, this library takes a different approach with each platform:
Background Fetch
technique.To achieve a unified API, this library exposes the lowest common denominator (e.g. only support for a single task, even though Android can support multiple).
For more per-platform flexibility, there are other platform-specific libraries with more granular customisation.
$ npm install react-native-background-task --save
$ react-native link react-native-background-task
android/app/src/main/java/myapp/MainApplication.java
, add the following to
the end of the onCreate()
method:BackgroundTaskPackage.useContext(this);
For iOS support, this library relies on version 2.0.x of react-native-background-fetch which can be installed as follows:
$ npm install react-native-background-fetch@2.0.x --save
$ react-native link react-native-background-fetch
This library will behave correctly on iOS as long as react-native-background-fetch
is installed alongside it, and has been linked with your project.
define(task)
Define the JS code that this module should be executing.
Parameters:
task
: required () => void
- Function to be executed in the backgroundschedule(options)
Specify the scheduling options for the task, and register it with the platform's scheduler.
componentDidMount
). This is to avoid double-scheduling when the task
launches in headless mode.console.warn
if the device is task was unable to be scheduled.Parameters:
options?
: Object
- Any configuration you want to be set with
the task. Note that most of these will only work on one platform.
period?
: number
- (Android only) Desired number of seconds between each
execution of the task. Even on Android, the OS will only take this as a
recommendation, and will enforce a minimum of 15 minutes (similar to iOS).
Default is 900 (15 minutes)timeout?
: number
- (Android only) Number of seconds the task will have
to execute. iOS has a hardcoded limit of 30 seconds. Default 30 seconds.finish()
Must be called at the end of your task to indicate to the OS that it's finished. (Only required on iOS, no-op on Android).
cancel()
Cancels any currently scheduled task.
statusAsync()
Query the status of background tasks within this app. Returns a Promise with an object of the following shape:
available
: boolean
- Whether background tasks are available to the app.
On Android this will always be true, but on iOS background tasks could be
blocked (see UIBackgroundRefreshStatus).unavailableReason?
: string
- If unavailable, gives the reason:
BackgroundTask.UNAVAILABLE_DENIED
: - The user explicitly disabled
background behavior for this app or for the whole system.BackgroundTask.UNAVAILABLE_RESTRICTED
: - Background updates
unavailable and can't be enabled by the user (e.g. parental controls).Android:
iOS:
statusAsync()
to check for this).$ adb logcat *:S ReactNative:V ReactNativeJS:V BackgroundTask:V
Keep in mind that after the app leaves the foreground, you'll have to wait at least 50% of the desired period (so, default is 7m30s) before the task executes.
import React from 'react'
import { Text } from 'react-native'
import BackgroundTask from 'react-native-background-task'
BackgroundTask.define(() => {
console.log('Hello from a background task')
BackgroundTask.finish()
})
class MyApp extends React.Component {
componentDidMount() {
BackgroundTask.schedule()
}
render() {
return <Text>Hello world</Text>
}
}
import React from 'react'
import { Alert, AsyncStorage, Button } from 'react-native'
import BackgroundTask from 'react-native-background-task'
BackgroundTask.define(async () => {
// Fetch some data over the network which we want the user to have an up-to-
// date copy of, even if they have no network when using the app
const response = await fetch('http://feeds.bbci.co.uk/news/rss.xml')
const text = await response.text()
// Data persisted to AsyncStorage can later be accessed by the foreground app
await AsyncStorage.setItem('@MyApp:key', text)
// Remember to call finish()
BackgroundTask.finish()
})
class MyApp extends React.Component {
componentDidMount() {
BackgroundTask.schedule({
period: 1800, // Aim to run every 30 mins - more conservative on battery
})
// Optional: Check if the device is blocking background tasks or not
this.checkStatus()
}
async checkStatus() {
const status = await BackgroundTask.statusAsync()
if (status.available) {
// Everything's fine
return
}
const reason = status.unavailableReason
if (reason === BackgroundTask.UNAVAILABLE_DENIED) {
Alert.alert('Denied', 'Please enable background "Background App Refresh" for this app')
} else if (reason === BackgroundTask.UNAVAILABLE_RESTRICTED) {
Alert.alert('Restricted', 'Background tasks are restricted on your device')
}
}
render() {
return (
<View>
<Button
title="Read results from AsyncStorage"
onPress={async () => {
const result = await AsyncStorage.getItem('@MyApp:key')
console.log(result)
}}
/>
</View>
)
}
}
FAQs
Periodic background tasks for React Native apps, cross-platform (iOS and Android), which run even when the app is closed.
The npm package react-native-background-task receives a total of 72 weekly downloads. As such, react-native-background-task popularity was classified as not popular.
We found that react-native-background-task demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.