Compiling an APK file it is part of development or deployment? - react-native

After about 40 hours of coding I've completed a gig on Fiverr, but now the client is asking me for the apk file. I tried to build it but I've been stuck for hours and now that I get the error I have a very long list of things to try so I'm wondering if I should be doing this at all... I was paid for developing an app, not for compiling or deploying and no other client has ever asked for the apk file.
Plus probably he will want modifications and I'll have to compile again and for some reason he doesn't want to use Expo and test the app easily.
More context: He said he works on a software company and they have too much work so they had to go to fiverr, so he is not ignorant about what software development is.
He never mentioned compiling and the job title is "develop a react native app", there are other sellers who offer develop and compile, develop and deploy, develop and publish, etc, but not me.
So what do you think, is this part of my job?

This is a frequently encountered problem when I was doing freelance work. I ask myself the following
Is it part of the requirements that were agreed upon.
Will a reasonable person expect it to be implied from the requirements.
Will the usability of the app be substandard if the specified change is not made.
There are usually multiple back-and-forth requests from the client. If I am making a change free of charge, I explain why it is included in our agreement. And when it comes time that the client requests additional things, they are usually very understanding about extra charges.
My opinion on your case
If the agreement were to "develop an android app" from no existing code, it is quite reasonably expected that the app runs in a typical physical device rather than an emulator of your choice. On the other hand, it is not reasonably expected to run on their specific customized equipment, or their emulator or compiler of choice.
Hence, an APK as a deliverable, is quite reasonable.

Related

How to test/debug cross-platforms desktop apps(Windows, MacOS) with limited resources

I am trying to build a desktop app.
I am thinking of using electron on the recommendation of a web-developer friend of mine, but as I am the only sole developer, I don't have the means to test the software on different platforms(OS, hardware etc.).So I am anticipating that this will cause a problem later, in the end, to test/debug software on different platforms and different OS.
I have ruled out web-apps because of some privacy concerns of the users for the remote data hosting.
Software is pretty lightweight and is almost equivalent to the image viewer apps with some slight modifications.
How to solve the problem of variations of different platforms?
Any literature suggestions pointing me in the general direction are also welcome.
Sometimes it helps to think of Electron as two processes.
The renderer vs the main processes. Generally the renderer process which runs the HTML/CSS/JS is it's own isolated component, and you communicate to the main process using IPC.
So generally for the UI, you can use mostly any web based testing framework to test reliability. At Amna, for example, we use Cypress as our E2E testing platform. You an also use something like QAWolf. Both should work with localhost. In general, most website testing tools should work fine, and consistently across platforms.
Where this gets tricky is when a UI functionality makes a call to the OS or the main process. For example, saving to the disk, or launching a program.
The general flow is this, and I've yet to find radically simpler options:
Set-Up a VM or buy a machine with the corresponding OS. I used Spot VMs in Azure for this.
Manually test the scenarios you care about in each VM before you ship
If you have a lot of cases that rely on the OS, then you should be able to further optimize this by using an automated test runner like Spectron.
From experience, what I've realized is that most of the iterations I do happen more on the UI than the underlying functions with the cross-platform capabilities. And if your code has good separation (e.g. contextIsolation:true, nodeIntegration:false), it should be pretty obvious when you need to do an entire "cross-platform" test vs just UI tests.
I'm not familiar with a lot of large-scale electron testing frameworks, I do know that ToDesktop handles package building and generating binaries to perform a smoke test and verify things open across different operating systems.
It depends.
The answer depends on what you are building, so it makes sense to figure out what you actually want to build. Some questions you might ask yourself:
Do I need a database?
Do I need authentication?
Do I need portability?
Do I need speed to market?
Do I want to pick a language I'm familiar in?
These are all good questions and there are dozens more we all ask ourselves. However, back to your original question.
Electron is a fine choice
Yes, there are alternatives. But Electron is used for Visual Studio Code, Facebook Messenger, Microsoft Teams and Figma. Choosing Electron means there are other developers making apps and there are proven apps in the market so you don't have to worry about a dead ecosystem.
Electron is easy to onboard if you know web technologies, think js, html and css. If you know these, you can transfer your web dev knowledge and make a cross-platform app. You don't have to worry about learning each OS since the UI is the webpage which will look mostly* the same between each OS. (*some very minor differences, but essentially the same).
Cross-platform deployment is easy
There are a few ways of bringing your app to multiple platforms, I happen to be most familiar with electron-builder, but the other two solutions work as well.
Many templates to start with
I am biased, since I'm the author of secure-electron-template which is one of the many templates you can choose from when starting an app. However, I recently reviewed all Electron templates and found that only 4 do not have serious security vulnerabilities.
The Electron framework frequently is updated, and over the course of the past few years there has been a shift in the way Electron apps are made. Some earlier frameworks didn't have good secure defaults which some of the older Electron templates inherited and thus, aren't as secure as new frameworks that follow security guidelines.
If you decide on Electron, give my template a try. It's got a number of features I'm building out in order to help the community with features they might want (ie. internationalization (i18n), saving local data, custom context menus, page routing, e2e unit testing, and how one can use license key validation, to name a few things).

Whats the difference between development and production mode?

Unfortunately, I am not much aware of these two terms and I have a feeling that I need to know more about these as I am approaching an app release.
so, if I am running the app on development mode am I not using exactly the same code as production? Like what does it actually change and whats the purpose of it?
If it's in the sense of server than that's understandable, I don't wanna mess with the server that's being used by the users, so I guess i need to connect to a second server - development, however, I am interested to know what does it change in my code? I am still gonna use the same locally stored project right?
Sorry for being so naive!
The development build is used - as the name suggests - for development reasons. You have Source Maps, debugging and often times hot reloading ability in those builds.
React Native includes some very useful tools for development: remote JavaScript debugging in Chrome, live reload, hot reloading, and an element inspector similar to the beloved inspector that you use in Chrome.
The production build, on the other hand, runs in production mode which means this is the code running on your client's side. The production build runs uglify and builds your source files into one or multiple minimized files. There's also no source maps or hot reloading included.
Further more , Production mode is most useful for two things. They are
Testing your app's performance, as Development slows your app down considerably and Catching bugs that only show up in production.
Hope this might help
https://docs.expo.io/versions/latest/workflow/development-mode/

What happens to a published app in the App Store if you cancel you Indie Seat with Appcelerator?

I published an app to the App Store using Titanium Studio in 2013. I have recently found a bug in the code that I want to fix and publish.
I logged into Appcelerator's website to download the latest studio since it's been three years, only to find out that it's a paid platform now.
I just want to make a quick bug fix and publish. I don't need any of the services that come with the platform.
I realize there is a free SDK that you can compile yourself, etc, etc.
I don't mind paying for a $36 for one month only if it enables me to just publish a new version of my app.
My question is, if I publish the app after paying the $36 and then cancel my subscription, will the cancellation affect my app? Does the IDE inject some sort of "call home" time bomb?
I tried asking the support at appcelerator but they answered like a politician and dodged it.
Thanks for any help.
A published/compiled app has no direct connection with appcelerator. So if you cancel the subscription nothing happens.
However, if you use paid services... things might go wrong.
Statistics for example is a paid service. If you cancel subscription I assume the app keeps working but will make calls to their backend that most likely will fail (not sure about this). App should keep working.
If you use any cloud service (push notifications, arrow storage etc) your app will stop working of course.
If you don't use any of the services, you can just cancel and be done with it.
That said, if you just want to make 1 change to an app you could just dive in and compile without the Appcelerator Platform and just use the Open Source code.

IBM WorkLight android source security

I am using IBM workLight 4.0 version, currently i am developing a simple insurance applicatoin, everything is done well. After Android setup has taken, from the .APK (android setup file) i can extract the HTML5 and javascript source. I felt it is insecure from the hackers and might be missused by someone.
Can you please anyone can tell me how to secure code in Setup/deployment?
The answer to this is Obfuscate you code before you create an APK. For more information on obfuscation visit wiki.
I previous stackoverflow post tell how to do it for android.
How to avoid reverse engineering of an APK file?
For Javascript obfuscation visit this stackoverflow question
How can I obfuscate (protect) JavaScript?
And one more thing HTML cannot be obfuscated, you can see the HTML source and associated css by pressing F12.
Worklight 4.0 was still in use in 2013? :)
Android Proguard is unavailable to Worklight-based Android apps in Worklight v4 to v6.2 (current release).
The only way to add some degree of obfuscation to an Android app in Worklight is by using the Google Closure compiler. You can follow the steps to do so in the following blog post by Anton Aleksandrov: Obfuscating JavaScript code in Worklight applications.
Note:
Wikipedia defines code obfuscation in a following way
In software development, obfuscation is the deliberate act of creating obfuscated code, i.e. source or machine code that is difficult for humans to understand. Programmers may deliberately obfuscate code to conceal its purpose (security through obscurity) or its logic, in order to prevent tampering, deter reverse engineering, or as a puzzle or recreational challenge for someone reading the source code. Programs known as obfuscators transform readable code into obfuscated code using various techniques.
Two important things to be noted from the above definition are
- The purpose of code obfuscation is to conceal its purpose, prevent tampering, deter reverse engineering or puzzle someone reading the code.
- Obfuscated code is difficult for humans to understand.
So basically obfuscating your code means converting it to a format that is difficult for humans to read. Not impossible. Just difficult.
Therefore - it is very important to understand that code obfuscation, especially in JavaScript, is a relatively weak security measure. Most modern web debugging tools are smart enough to "prettify" the obfuscated code reverting it to a much more readable (however still not original) format.

this profile cannot be installed on devices ?? iPhone distribution ... any ideas

I'm getting a "new" kind of error in the provisioning hell from iPhone. Does anyone have an idea what's going on .. because reinstalling , redownloading of the profile doesn't work.
I've uploaded a screenshot.
http://img94.imageshack.us/img94/1559/picture15f.png
So the part where it says cannot be installed on devices?
If that is your distribution certificate (as your title implies) then the error message is correct. Distribution certificates are only for submitting applications to Apple for review.
Instead you will want to install a development certificate on your phone. That will allow you to load your phone with your own code for testing before submitting to Apple.
I would absolutely call it hell. Signing my first app for Apple is taking 100 times longer than it took for Android. I'm not quite sure why such tight security is needed. I've been spending an entire day on this security stuff. I'm sure once I figure it out it won't be too horrible, but this is a real pain so far.