How to eject from EXPO?

Please provide the following:

  1. SDK Version: 45
  2. Platforms(Android/iOS/web/all): anndroid

Hey guys i cant seems to find a documentation of ejecting from expo in the docs, how can i eject from expo in SDK 45?

the term “eject” isn’t used anymore because it gives an inaccurate idea of what you’re doing. the command is called “prebuild” - it generates ios and android directories for your project, and that’s it. the same command is run on eas build prior to compiling the native projects. more info here. if what you want is to add some custom native code, see this guide.

oh i see, if i come from managed workflow and wants to do the prebuild, is there any errors i should expect when migrating?

you’ll need to ensure that your environment is setup to be able to build ios/android apps, but otherwise it should work. that said, sdk 45 is quite old now so you may encounter issues with xcode

Hi @royanzain

These days there is much less need to “eject”. In the past you would have to do that if you wanted to install some dependency that included native code, but these days you can install many such dependencies in an Expo app without ejecting/prebuilding. For some of them you will need a config plugin, though.

If you tell us why you want to prebuild then maybe we can suggest a way to accomplish the same thing without having to prebuild, which will simplify things going forwards.

oh i see, no cuz were going to try for obfuscating but the library requires me to eject when using expo. im stuck on how to securely hide api key in front end, i know i shouldnt store it in front end but were half way to the project being closed.

I’ve had a quick look at their documentation. It’s definitely out of date wrt. Expo.

As far as I can see you should only need to follow the “Setting up the plugin” section of the Adding Jscrambler to my App page and you’ll need to look at the “Download your transformations and use with API” section of the Getting Started page. You should not have to eject/prebuild for this to work.

You will need to arrange for the API keys to be added to the right file during the build process using Expo Secrets and a pre-build hook. Also, you’ll need to do the Metro config in an Expo-compatible way.

Putting the API keys in the right place during the build would be done similarly to this:

Using private npm packages

Unfortunately, there’s no way to do this absolutely securely. Even with something like JScrabler it will just be more difficult to get, but not impossible:

From Storing Sensitive Info:

Never store sensitive API keys in your app code. […]

If you must have an API key or a secret to access some resource from your app, the most secure way to handle this would be to build an orchestration layer between your app and the resource. This could be a serverless function (e.g. using AWS Lambda or Google Cloud Functions) which can forward the request with the required API key or secret. Secrets in server side code cannot be accessed by the API consumers the same way secrets in your app code can.

One option would be to make the user authenticate to a backend server. When this happens, the server can send the API key to the app and the app can use that to make the API calls. So the API key doesn’t have to appear in the source code.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.