AppSweep Integration for React Native Android

Scenario:
Following the documentation of AppSweep, we need to add

plugins {
// your other plugins
id “com.guardsquare.appsweep” version “latest.release”
}
into app-level gradle to upload to Appsweep in build time.

Current gradle’s structure which recommend by React Native is “apply plugin” instead of “plugins{}”.

Question:
Is there anyway to integrate AppSweep into AppSweep by using “apply plugin”?

Hi Huynh,

It’s fantastic to see that you’re using AppSweep to scan your app for security vulnerabilities.

There are various ways to integrate the AppSweep Gradle plugin into your project. Based on the scenario you described, I recommend trying the following structure in your Gradle file.

To get started, it would be a good idea to include this block of code at the beginning of your application module’s build.gradle file.

plugins {
    id "com.guardsquare.appsweep" version "latest.release" apply false
}

After adding the block, you can add any other plugins you want. Finally, apply the AppSweep Gradle plugin.

// PLEASE ADD ALL OTHER PLUGINS LIKE ANDROID AND ... IN HERE
apply plugin: "com.guardsquare.appsweep"

In the end, your Gradle file should have a structure like the following sample.

plugins {
    id "com.guardsquare.appsweep" version "latest.release" apply false
}

apply plugin: "com.android.application"
// ADD OTHER PLUGINS
apply plugin: "com.guardsquare.appsweep"

Should you have any further questions, please don’t hesitate to write to us.

Best,
Fo

I got error when applied the plugin. Is the plugin conflict with the other libraries?

FAILURE: Build failed with an exception.

  • Where:
    Build file ‘…/node_modules/@onfido/react-native-sdk/android/build.gradle’ line: 59

  • What went wrong:
    A problem occurred evaluating project ‘:onfido_react-native-sdk’.

Failed to apply plugin ‘com.android.internal.library’.
Gradle#projectsEvaluated(Action) on build ‘PROJECT_NAME’ cannot be executed in the current context.

My gradle files are in attachment.
build(app).gradle (12.0 KB)
build(root).gradle (2.1 KB)

Hello Huynh,

We are sorry to hear that you are experiencing a problem. We will investigate the issue and respond back to you as soon as possible. Meanwhile, could you please try the steps below and let us know if it solves the issue?

  1. Clean your build files.
  2. Clean your node_modules.
  3. Clean your Gradle cache.
  4. If you are using Android Studio, kindly invalidate your Android Studio cache.
  5. Clean other caches that you may have in your project.
  6. Rebuild your project.

Please inform us if these steps resolve the issue.

Hi fo_jn,
I have cleaned the cache as your instruction but the error is still the same.

FYI:

  • Where:
    Build file ‘…/node_modules/@onfido/react-native-sdk/android/build.gradle’ line: 59
    is apply plugin: ‘com.android.library’

I have changed apply plugin: ‘com.guardsquare.appsweep’ to
beforeEvaluate {
if(rootProject.ext.enableDexGuardPlugin) {
apply plugin: ‘com.guardsquare.appsweep’
}
}

Although I can successfully build the project with this changes, I get an error when try ./gradlew uploadToAppsweepDebug to upload to Appsweep.

Error: Task ‘uploadToAppsweepDebug’ not found in root project ‘PROJECT_NAME’.

Hi @Huynh_Vo,

we will investigate this, at the moment we are not sure yet what the problem is.

Just a heads up though: at as of now, the scanning capabilities of AppSweep for ReactNative apps are limited. If you want to see what AppSweep can find in your app, I would suggest you build the apk without Gradle and upload that manually (if you haven’t done so).

All the best,
Dennis