A library to generate a fingerprint from a React Native project.
@expo/fingerprint provides an API to generate a fingerprint (hash) of your project for use in determining compatibility between the native layer and JavaScript layer of your app. The hash calculation is configurable, but is by default derived from hashing app dependencies, custom native code, native project files, and configuration.
@expo/fingerprint is included with expo and expo-updates by default.
If you wish to use @expo/fingerprint as a standalone package, you can install it by running the command:
- npx expo install @expo/fingerprintimport * as Fingerprint from '@expo/fingerprint';
- npx @expo/fingerprint --help@expo/fingerprint provides defaults that should work for most projects, but also provides a few ways to configure the fingerprinting process to better fit your app structure and workflow.
Placed in your project root, .fingerprintignore is a .gitignore-like ignore mechanism used to exclude files from hash calculation. It behaves similarly but instead uses minimatch for pattern matching which has some limitations (see documentation for ignorePaths under Options).
For example, to skip a folder but keep some files:
# Ignore the entire /app/ios folder
/app/ios/**/*
# But still keep /app/ios/Podfile and /app/ios/Podfile.lock
!/app/ios/Podfile
!/app/ios/Podfile.lock
Placed in your project root, fingerprint.config.js allows you to specify custom hash calculation configuration beyond what is configurable in the .fingerprintignore.
For supported configurations, see Config and SourceSkips.
Below is an example fingerprint.config.js configuration, assuming you have @expo/fingerprint installed as a direct dependency:
/** @type {import('@expo/fingerprint').Config} */
const config = {
sourceSkips: [
'ExpoConfigRuntimeVersionIfString',
'ExpoConfigVersions',
'PackageJsonAndroidAndIosScriptsIfNotContainRun',
],
};
module.exports = config;
If you are using @expo/fingerprint through expo (where @expo/fingerprint is installed as a transitive dependency), you can import fingerprint from expo/fingerprint:
/** @type {import('expo/fingerprint').Config} */
@expo/config-plugins raw functionsWhen using config plugins with raw functions, it's essential to be aware of certain limitations, particularly in the context of fingerprinting. The library makes a best effort to generate fingerprints for changes made through config plugins; however, raw functions pose specific challenges. Raw functions are not serializable as fingerprints, which means they cannot be directly used for generating unique hashes.
To work around this limitation, the library employs one of the following strategies to create serializable fingerprints for raw functions:
Using Function.name: The library utilizes the Function.name property if available for named raw functions. This property provides a recognizable name for the function, which can be used as a fingerprint property.
Using withAnonymous: For anonymous raw functions without a Function.name, the library resorts to using withAnonymous as the fingerprint property. This is a generic identifier for anonymous functions.
Here's an example to illustrate a case in which the library will use [withMyPlugin, withAnonymous] as plugin properties for fingerprint hashing:
const { withInfoPlist } = require('expo/config-plugins');
const withMyPlugin = (config) => {
return withInfoPlist(config, (config) => {
config.modResults.NSLocationWhenInUseUsageDescription = 'Allow $(PRODUCT_NAME) to use your location';
return config;
});
};
export default ({ config }) => {
config.plugins ||= [];
config.plugins.push(withMyPlugin);
config.plugins.push((config) => config);
return config;
};
It's important to note that due to this design, if you make changes to the implementation of raw config plugins functions, such as altering the Info.plist value within withMyPlugin, the fingerprint will still generate the same hash value. To ensure unique fingerprints when modifying config plugins implementations, consider the following options:
Avoid Anonymous Functions: Avoid using anonymous raw config plugins functions. Instead, use named functions whenever possible, and ensure that their names remain consistent as long as the implementation changes.
Use Local config plugins: Alternatively, you can create local config plugins as separate modules, each with its own export. This approach allows you to specify a different function name when making changes to the config plugins implementations.
Here's an example of using a local config plugin:
const { withInfoPlist } = require('expo/config-plugins');
const withMyPlugin = config => {
return withInfoPlist(config, config => {
config.modResults.NSLocationWhenInUseUsageDescription =
'Allow $(PRODUCT_NAME) to use your location';
return config;
});
};
module.exports = withMyPlugin;
{
"expo": {
%%placeholder-start%%... %%placeholder-end%%
"plugins": "./plugins/withMyPlugin"
}
}
By following these guidelines, you can effectively manage changes to config plugins and ensure that fingerprinting remains consistent and reliable.
| Parameter | Type |
|---|---|
| projectRoot | string |
| options(optional) | Options |
Create a fingerprint for a project.
Promise<Fingerprint>Example
const fingerprint = await createFingerprintAsync('/app');
console.log(fingerprint);
| Parameter | Type |
|---|---|
| projectRoot | string |
| options(optional) | Options |
Create a native hash value for a project.
Promise<string>Example
const hash = await createProjectHashAsync('/app');
console.log(hash);
| Parameter | Type |
|---|---|
| fingerprint | Fingerprint |
| projectRoot | string |
| options(optional) | Options |
Diff the fingerprint with the fingerprint of the provided project.
Promise<FingerprintDiffItem[]>Example
// Create a fingerprint for the project
const fingerprint = await createFingerprintAsync('/app');
// Make some changes to the project
// Calculate the diff
const diff = await diffFingerprintChangesAsync(fingerprint, '/app');
console.log(diff);
| Parameter | Type |
|---|---|
| fingerprint1 | Fingerprint |
| fingerprint2 | Fingerprint |
Diff two fingerprints. The implementation assumes that the sources are sorted.
FingerprintDiffItem[]Example
// Create a fingerprint for the project
const fingerprint = await createFingerprintAsync('/app');
// Make some changes to the project
// Create a fingerprint again
const fingerprint2 = await createFingerprintAsync('/app');
const diff = await diffFingerprints(fingerprint, fingerprint2);
console.log(diff);
| Property | Type | Description |
|---|---|---|
| hash | string | - |
| isTransformed(optional) | boolean | Indicates whether the source is transformed by |
| Property | Type | Description |
|---|---|---|
| children | (undefined | DebugInfoFile | DebugInfoDir)[] | - |
| hash | string | - |
| path | string | - |
| Property | Type | Description |
|---|---|---|
| hash | string | - |
| isTransformed(optional) | boolean | Indicates whether the source is transformed by |
| path | string | - |
| Property | Type | Description |
|---|---|---|
| hash | string | The final hash value of the whole project fingerprint. |
| sources | FingerprintSource[] | Sources and their hash values from which the project fingerprint was generated. |
| Property | Type | Description |
|---|---|---|
| debugInfo(optional) | DebugInfoContents | - |
| hex | string | - |
| id | string | - |
| type | 'contents' | - |
| Property | Type | Description |
|---|---|---|
| debugInfo(optional) | DebugInfoDir | - |
| hex | string | - |
| id | string | - |
| type | 'dir' | - |
| Property | Type | Description |
|---|---|---|
| debugInfo(optional) | DebugInfoFile | - |
| hex | string | - |
| id | string | - |
| type | 'file' | - |
| Property | Type | Description |
|---|---|---|
| contents | string | Buffer | - |
| id | string | - |
| reasons | string[] | Reasons of this source coming from. |
| type | 'contents' | - |
| Property | Type | Description |
|---|---|---|
| filePath | string | - |
| reasons | string[] | Reasons of this source coming from. |
| type | 'dir' | - |
| Property | Type | Description |
|---|---|---|
| filePath | string | - |
| reasons | string[] | Reasons of this source coming from. |
| type | 'file' | - |
| Property | Type | Description |
|---|---|---|
| concurrentIoLimit(optional) | number | I/O concurrency limit. Default: The number of CPU cores. |
| debug(optional) | boolean | Whether to include verbose debug info in source output. Useful for debugging. |
| dirExcludes(optional) | string[] |
Exclude specified directories from hashing. The supported pattern is the same as |
| enableReactImportsPatcher(optional) | boolean | Enable ReactImportsPatcher to transform imports from React of the form Default: true for Expo SDK 51 and lower. |
| extraSources(optional) | HashSource[] | Additional sources for hashing. |
| fileHookTransform(optional) | FileHookTransformFunction | A custom hook function to transform file content sources before hashing. |
| hashAlgorithm(optional) | string | The algorithm to use for Default: 'sha1' |
| ignorePaths(optional) | string[] | Ignore files and directories from hashing. The supported pattern is the same as Please note that the pattern matching is slightly different from gitignore. Partial matching is unsupported. For example,
|
| platforms(optional) | Platform[] | Limit native files to those for specified platforms. Default: ['android', 'ios'] |
| silent(optional) | boolean | Whether running the functions should mute all console output. This is useful when fingerprinting is being done as part of a CLI that outputs a fingerprint and outputting anything else pollutes the results. |
| sourceSkips(optional) | SourceSkips | Skips some sources from fingerprint. Value is the result of bitwise-OR'ing desired values of SourceSkips. Default: DEFAULT_SOURCE_SKIPS |
| useRNCoreAutolinkingFromExpo(optional) | boolean | Use the react-native core autolinking sources from Default: true for Expo SDK 52 and higher. |
Supported options for use in fingerprint.config.js
Type: Pick<Options, 'concurrentIoLimit' | 'hashAlgorithm' | 'ignorePaths' | 'extraSources' | 'enableReactImportsPatcher' | 'useRNCoreAutolinkingFromExpo' | 'debug' | 'fileHookTransform'> extended by:
| Property | Type | Description |
|---|---|---|
| sourceSkips(optional) | SourceSkips | SourceSkipsKeys[] | - |
Literal Type: multiple types
Acceptable values are: DebugInfoFile | DebugInfoDir | DebugInfoContents
Hook function to transform file content sources before hashing.
| Parameter | Type |
|---|---|
| source | FileHookTransformSource |
| chunk | Buffer | string | null |
| isEndOfFile | boolean |
| encoding | BufferEncoding |
Buffer | string | null
The source parameter for FileHookTransformFunction.
Type: object shaped as below:
| Property | Type | Description |
|---|---|---|
| filePath | string | - |
| type | 'file' | - |
Or object shaped as below:
| Property | Type | Description |
|---|---|---|
| id | string | - |
| type | 'contents' | - |
Type: object shaped as below:
| Property | Type | Description |
|---|---|---|
| addedSource | FingerprintSource | The added source. |
| op | 'added' | The operation type of the diff item. |
Or object shaped as below:
| Property | Type | Description |
|---|---|---|
| op | 'removed' | The operation type of the diff item. |
| removedSource | FingerprintSource | The removed source. |
Or object shaped as below:
| Property | Type | Description |
|---|---|---|
| afterSource | FingerprintSource | The source after. |
| beforeSource | FingerprintSource | The source before. |
| op | 'changed' | The operation type of the diff item. |
Type: HashSource extended by:
| Property | Type | Description |
|---|---|---|
| debugInfo(optional) | DebugInfo | Debug info from the hashing process. Differs based on source type. Designed to be consumed by humans as opposed to programmatically. |
| hash | string | null | Hash value of the |
Literal Type: multiple types
Acceptable values are: HashResultFile | HashResultDir | HashResultContents
Literal Type: multiple types
Acceptable values are: HashSourceFile | HashSourceDir | HashSourceContents
Bitmask of values that can be used to skip certain parts of the sourcers when generating a fingerprint.
SourceSkips.ExpoConfigVersions = 1Versions in app.json, including Android versionCode and iOS buildNumber
SourceSkips.ExpoConfigRuntimeVersionIfString = 2runtimeVersion in app.json if it is a string
SourceSkips.ExpoConfigNames = 4App names in app.json, including shortName and description
SourceSkips.ExpoConfigIosBundleIdentifier = 16iOS bundle identifier in app.json
SourceSkips.ExpoConfigAssets = 128Assets in app.json, including icons and splash assets
SourceSkips.ExpoConfigAll = 256Skip the whole ExpoConfig. Prefer the other ExpoConfig source skips when possible and use this flag with caution. This will potentially ignore some native changes that should be part of most fingerprints. E.g., adding a new config plugin, changing the app icon, or changing the app name.
SourceSkips.PackageJsonAndroidAndIosScriptsIfNotContainRun = 512package.json scripts if android and ios items do not contain "run". Because prebuild will change the scripts in package.json, this is useful to generate a consistent fingerprint before and after prebuild.
SourceSkips.PackageJsonScriptsAll = 1024Skip the whole scripts section in the project's package.json.