JSPatch – Dynamically update iOS apps

[[139654]]

JSPatch is a recent amateur project. By introducing a very small engine into the project, you can use JavaScript to call any native interface of Objective-C and gain the capabilities of the scripting language: dynamically update the APP, replace the project's native code to fix bugs.

use

Have you ever had this experience: after the new version is launched, a serious bug is found, which may cause a surge in crash rate and may make network requests unable to be issued. At this time, all you can do is to quickly fix the bug and submit it to wait for the long AppStore review, and then hope that users will upgrade quickly. It takes huge manpower and time costs to complete the fix of this bug.

JSPatch can be used to solve this problem. Just introduce JSPatch into the project, and you can issue JS script patches when bugs are found to replace native methods. This allows you to fix bugs instantly without updating the APP.

example

In the above code, the array element may exceed the array range and cause a crash. If JSPatch is referenced in the project, you can send a JS script to fix this bug:

In this way, -tableView:didSelectRowAtIndexPath: in JPTableViewController is replaced with the implementation in this JS script, fixing the bug without the user noticing.

For more usage documentation and demos, please refer to the github project homepage.

#p#

principle

JSPatch uses the built-in JavaScriptCore.framework of iOS as the JS engine, but does not use its JSExport feature for JS-OC function intercommunication. Instead, it passes the class name and function name to be called from JS to Objective-C through Objective-C Runtime, and then uses NSInvocation to dynamically call the corresponding OC method. The detailed implementation principle and various pitfalls and hack methods encountered during the implementation process will be introduced in another article.

Solution comparison

There are already some solutions that can implement dynamic patching, such as WaxPatch, which can use Lua to call OC methods. Compared with WaxPatch, JSPatch has the following advantages:

1.JS language

JS is more widely used in the field of application development than Lua. Currently, there is a trend of integration between front-end development and terminal development. As an extended scripting language, JS is the best choice.

2. Comply with Apple rules

JSPatch is more in line with Apple's rules. 3.3.2 of the iOS Developer Program License Agreement states that executable code cannot be distributed dynamically, except for code executed through Apple's JavaScriptCore.framework or WebKit. JS is executed through JavaScriptCore.framework.

3. Small

Using the system's built-in JavaScriptCore.framework, there is no need for an embedded script engine and the size is compact.

4. Support blocks

Wax stopped development and maintenance several years ago and does not support the transfer of blocks between Objective-C and Lua programs. Although some third parties have implemented blocks, there are many restrictions on parameters when using them.

Compared with WaxPatch, JSPatch has the disadvantage of not supporting iOS6 because it needs to introduce JavaScriptCore.framework. In addition, the memory usage is currently higher than wax, and it is being continuously improved.

risk

JSPatch enables scripting languages ​​to call all native OC methods, unlike the web front-end which limits its capabilities to the browser, which has some security risks:

1. If you download the original JS during the network transmission process, the JS script may be tampered with by the middleman, and any method may be executed to steal the relevant information in the APP. You can encrypt the transmission process or use https directly to solve this problem.

2. If the downloaded JS is saved locally without encryption, users can also manually replace or tamper with the script on a non-jailbroken machine. This is not as harmful as the first point, because the operator is the owner of the phone, and there is no risk of the relevant information in the APP being stolen. If you want to prevent users from modifying the code and affecting the operation of the APP, you can choose simple encrypted storage.

Other Uses

JSPatch can dynamically patch and modify the code in the APP freely. In theory, you can also use JSPatch to implement a business module or even the entire APP, just like wax. However, it is not recommended because:

1. JSPatch, like wax, uses the interface of Objective-C Runtime to find the corresponding class and method through string reflection for calling. The string processing in the middle will cause a certain performance loss. In addition, the type conversion between the two languages ​​also has performance loss. If it is used to make a complete business module, a large number of frequent back and forth calls may cause performance problems.

2. During the development process, you need to use OC thinking to write JS/Lua, which loses the characteristics of the scripting language itself.

3. Neither JSPatch nor wax has IDE support, and the development efficiency is low.

If you want to dynamically add modules to your app, React Native currently provides a good solution that solves the above three problems:

1. JS/OC will not communicate frequently, but will transmit in batches when events are triggered to improve efficiency. (See React Native communication mechanism for details)

2. There is no need to consider OC's feelings during the development process. Just follow the ideas of the React framework and perform pure JS development. React Native will take care of the rest for you.

3. React Native even has IDE ready.

Therefore, it is recommended to try React Native for dynamically adding business modules. However, React Native does not provide reflection calls and method replacements for native OC interfaces, and cannot modify native code. JSPatch fills this gap with a compact engine, and cooperates with React Native to use a unified JS language to keep a native APP in an extensible and modifiable state at all times.

JSPatch is currently in the development stage, and there are still some issues with stability and functionality. We welcome suggestions/bugs/PRs and everyone to work on this project together.

Copyright Statement: The right to publish this article on the WeChat public platform has been "exclusively represented" to the designated public account: iOS Development (iOSDevTips).