Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

☂️ React Native Compatibility Tracker 2.0 #12

Open
50 of 76 tasks
leotm opened this issue Mar 1, 2023 · 0 comments
Open
50 of 76 tasks

☂️ React Native Compatibility Tracker 2.0 #12

leotm opened this issue Mar 1, 2023 · 0 comments
Labels
tracker

Comments

@leotm
Copy link
Member

leotm commented Mar 1, 2023
edited
Loading

Priority matrix

  • SES: module / lockdown shim
  • JS engine: JSC* / V8 (debug) / Hermes / more
  • JS transformer: Babel / SWC, react-codemod
  • JS features: BigInt / Promises / etc, libs
  • RN version: <=0.66.x / 0.66.5* metamask-mobile / 0.69.x* / 0.70.x / 0.71.x metamask-mobile / 0.72.x / 0.73.x
    • min: platform :ios, '11.0' 0.69+: 12.4
  • RN bundler: Metro / Re.Pack / rn-esbuild, bundling / sourcemaps
  • RN platform: Android / iOS / rn-web / rn-macos / rn-windows
  • RN variant* mode: debug / release
  • RN arch: old / new**
  • SES integration: entry file / RN core

* undergoing retirement
** 3rd party libs not yet mature, but issues prioritised

Tracker

metamask-mobile

  • LogBox.ignoreLogs([...])
  • deps (Sentry, eth...)
  • e2e (Detox/(Appium))
    • 4.3. Enabling unencrypted traffic for Detox

      For Detox to work, its native code running on Android device has to be able to connect to the Node.js host running tests. It sends an unencrypted HTTP traffic via virtual localhost interface, that's why you need to create a new file which adds a couple of exceptions to the security rules.
      If properly configured, this approach in no way compromises the security settings of your app. For more details, refer to Android’s security-config guide and the dedicated article in the Android developers blog.

Notes

RN 0.66.5 types (globals.d.ts) (js global objects)

android-jsc (fbarchive) (debug-mode, release-mode)
"jsc-android": "^250231.0.0" (WebKitGTK 2.26.1) pre-RN 0.72
jscFlavor = 'org.webkit:android-jsc:+' (or jscFlavor = 'org.webkit:android-jsc-intl:+')
pre-release: v294992.0.0 (WebKitGTK 2.36.3) (only jscFlavor = 'org.webkit:android-jsc-intl:+')
Moved out of package.json in 0.72-stable | RN Monorepo | Migrate to package

v8-android (debug-mode: Remote JS Debugging, opt-in: release-mode)
v11.110.1 (jit/aot, intl/nointl)

Simplified model of moving parts (todo: interactive diagram)

javascript-environment: RN JS engines (3), transforms (~37), polyfills (11)

JavaScriptCore does not use JIT due to the absence of writable executable memory in iOS apps

When using Chrome debugging, all JavaScript code runs within Chrome itself, communicating with native code via WebSockets. Chrome uses V8 as its JavaScript engine

RN JS features per engine/platform table (excluding with)

metro-react-native-babel-preset v0.76.0
facebook/metro@e5950ae: [Breaking]: Increase minimum Node version from 14 to 16
package.json: 36 plugins
main.js: 23 extraPlugins.push
babel > packages

tc39: terminology glossary

Node (debug via cli-doctor)

Screenshot 2023-03-20 at 11 46 50

Screenshot 2023-03-20 at 11 46 56

https://drive.google.com/file/d/1mgKxKlpgjm2_KX4TP-G7hUti-JKjR2Xv/view

https://tmikov.blogspot.com/2023/09/how-to-speed-up-micro-benchmark-300x.html

https://www.youtube.com/watch?v=q-xKYA0EO-c

Join the convo 🌍
@leotm leotm added the tracker label Mar 12, 2023
This was referenced Apr 1, 2023
Closed
Open
@leotm leotm mentioned this issue Apr 24, 2023
Open
6 tasks
@leotm leotm changed the title React Native Compatibility Tracker 2.0 ☂️ React Native Compatibility Tracker 2.0 Apr 24, 2023
@leotm leotm mentioned this issue Jun 13, 2023
Merged
13 tasks
leotm added a commit to MetaMask/metamask-mobile that referenced this issue Nov 10, 2023
@leotm @legobeat
feat: SES lockdown v0.18.8 (iOS JSC) (#6586)
6edfe34 
## **Description**

Problem being solved: prototype pollution/poisoning

SES lockdown (shim v0.18.8) on iOS JSC, baked early into RN core before
RN initialisation for the simplest minimal solution
as opposed to previous approach of shim'ing at the beginning of our
entry file requiring further complex lib patches

with SES lockdown on Android Hermes (introduced earlier in our [RN v0.71.6 upgrade](#6220))
being followed up separately
currently bundling successfully, but runtime not yet functional

_SES lockdown on Android JSC was also passing smoke tests after some work prior to Hermes_
_so a backup engine worth keeping on ice being followed up separately_ 

_Previous patches no longer required:
[`eth-keyring-controller`](https://github.com/MetaMask/metamask-mobile/pull/3794/files#diff-19aae36749eec9908c74557591fade5cc596e9a40422d88594c0fba456870389),
`ethjs-contract` (one not [two](https://github.com/MetaMask/metamask-mobile/pull/3794/files#diff-1970015453fca9583682c37a44695a3d26645329e586bb70ff6f05b74f936802)), [`web3-core-methods`](LavaMoat/docs#8), [`metro-react-native-babel-preset`](LavaMoat/docs#4), Sentry [config](LavaMoat/docs#6) (see previous PR: #3794

_Nb: `@babel/plugin-transform-regenerator` removed from
`metro-react-native-babel-preset` since initial investigation_
_Nb: `@babel/plugin-transform-runtime` config opt `regenerator: true`
previously caused iOS animated node assertion failures_
_Nb: default `@babel/plugin-transform-runtime` via
`metro-react-native-babel-preset` causes additional 4 SES warnings_

<details>
<summary>Nb: Current behaviour (not SES)</summary>

```
main, jsc
- import wallet via SRP
  - tap form field: disables cmd+D (app must be closed, no Metro restart)

main, v8
- (fresh) import wallet via SRP
  - if cmd+v paste ok, bot Import btn tappable when filled, but spinner hang (no error/warn), ~20s Metro dc
  - restart, enter pw, tap Unlock btn, spinner hang, still ~20s Metro dc
  - tap Reset Wallet, hang
- import (continued)
  - partial responsiveness
    - tap form field: dev menu disabled (cmd+d, app must be closed)
    - unresponsive: tap Back, tap Show, cannot tap Import, cmd+v disabled
    - responsive: cycle/input fields
    - still ~20s Metro dc
```

</details>

<details>
<summary>Previous SES warnings when locking down at entry file (not RN
InitializeCore)</summary>

https://www.diffchecker.com/fjj1iObp

```console
# JSC (26)
Removing intrinsics.Object.setPrototypeOf.default
Removing intrinsics.Object.setPrototypeOf.__esModule
Removing intrinsics.Object.assign.default
Removing intrinsics.Object.assign.__esModule
Removing intrinsics.Reflect.construct.default
Removing intrinsics.Reflect.construct.__esModule
Removing intrinsics.Reflect.decorate
Removing intrinsics.Reflect.metadata
Removing intrinsics.Reflect.defineMetadata
Removing intrinsics.Reflect.hasMetadata
Removing intrinsics.Reflect.hasOwnMetadata
Removing intrinsics.Reflect.getMetadata
Removing intrinsics.Reflect.getOwnMetadata
Removing intrinsics.Reflect.getMetadataKeys
Removing intrinsics.Reflect.getOwnMetadataKeys
Removing intrinsics.Reflect.deleteMetadata
Removing intrinsics.%ArrayPrototype%.toReversed
Removing intrinsics.%ArrayPrototype%.toSorted
Removing intrinsics.%ArrayPrototype%.toSpliced
Removing intrinsics.%ArrayPrototype%.with
Removing intrinsics.%ArrayPrototype%.@@unscopables.toReversed
Removing intrinsics.%ArrayPrototype%.@@unscopables.toSorted
Removing intrinsics.%ArrayPrototype%.@@unscopables.toSpliced
Removing intrinsics.%TypedArrayPrototype%.toReversed
Removing intrinsics.%TypedArrayPrototype%.toSorted
Removing intrinsics.%TypedArrayPrototype%.with
```

```console
# V8 (33)
Removing intrinsics.Object.assign.default
Removing intrinsics.Object.assign.__esModule
Removing intrinsics.Object.setPrototypeOf.default
Removing intrinsics.Object.setPrototypeOf.__esModule
Removing intrinsics.JSON.rawJSON
Removing intrinsics.JSON.isRawJSON
Removing intrinsics.Reflect.construct.default
Removing intrinsics.Reflect.construct.__esModule
Removing intrinsics.Reflect.decorate
Removing intrinsics.Reflect.metadata
Removing intrinsics.Reflect.defineMetadata
Removing intrinsics.Reflect.hasMetadata
Removing intrinsics.Reflect.hasOwnMetadata
Removing intrinsics.Reflect.getMetadata
Removing intrinsics.Reflect.getOwnMetadata
Removing intrinsics.Reflect.getMetadataKeys
Removing intrinsics.Reflect.getOwnMetadataKeys
Removing intrinsics.Reflect.deleteMetadata
Removing intrinsics.%ArrayPrototype%.toReversed
Removing intrinsics.%ArrayPrototype%.toSorted
Removing intrinsics.%ArrayPrototype%.toSpliced
Removing intrinsics.%ArrayPrototype%.with
Removing intrinsics.%ArrayPrototype%.@@unscopables.toReversed
Removing intrinsics.%ArrayPrototype%.@@unscopables.toSorted
Removing intrinsics.%ArrayPrototype%.@@unscopables.toSpliced
Removing intrinsics.%ArrayBufferPrototype%.transferToFixedLength
Removing intrinsics.%ArrayBufferPrototype%.detached
Removing intrinsics.%StringPrototype%.isWellFormed
Removing intrinsics.%StringPrototype%.toWellFormed
Removing intrinsics.%RegExpPrototype%.unicodeSets
Removing intrinsics.%TypedArrayPrototype%.toReversed
Removing intrinsics.%TypedArrayPrototype%.toSorted
Removing intrinsics.%TypedArrayPrototype%.with
```

</details>

<details>
<summary>Notes on patch creation</summary>

- `--exclude 'nothing'` to include `package.json` changes, then trim
patch
- `react-native` requires trimming majority of patch after initial diffs
- upon failure on symlinks, `git clean -fdx` and re-create

</details>

## **Related issues**

Fixes
- LavaMoat/docs#1 various issues
  - #3794 previous pr
- LavaMoat/docs#12 various issues

Worthy read for everyone on adding/upgrading libraries
- endojs/endo#1855

## **Manual testing steps**

App functions normally

## **Screenshots/Recordings**

### **Before**

Previously failing iOS (JSC) E2E tests have now been fixed

- LavaMoat/docs#9
  - https://github.com/MetaMask/metamask-mobile/assets/1881059/3cac630f-6ec8-4975-a273-8a115a4e8fe9
  - https://github.com/MetaMask/metamask-mobile/assets/1881059/67221672-d1a3-4346-a783-5f93b53dbbe9
  - https://github.com/MetaMask/metamask-mobile/assets/1881059/baa6e512-e307-4f0f-ae2f-77bfb4a29baf
  - https://github.com/MetaMask/metamask-mobile/assets/1881059/c21ffb0b-c9df-4223-ba73-5383dc8627f5

And more screenshots in related issues linked above

### **After**

App functions normally

---------

Co-authored-by: legobeat <[email protected]>
@leotm leotm mentioned this issue Dec 20, 2023
Closed
11 tasks
@andreabadesso andreabadesso mentioned this issue Jan 30, 2024
Merged
6 tasks
@leotm leotm pinned this issue Feb 23, 2024
@leotm leotm mentioned this issue Apr 22, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
tracker
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@leotm