jail-monkey

v2.8.2

A React Native module for identifying jail-broken, rooted, or mock locations on iOS and Android For more information about how to use this package see README

Latest version published 15 days ago

License: MIT

NPM

GitHub

Package Health Score

84 / 100

security
No known security issues
popularity
Recognized
maintenance
Healthy
community
Sustainable

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

All Versions

Version				Vulnerabilities	License Risk
2.8.2	\|	12/2024		0 C 0 H 0 M 0 L	0 H 0 M 0 L
2.8.0	\|	12/2022	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
2.7.0	\|	06/2022		0 C 0 H 0 M 0 L	0 H 0 M 0 L
1.0.0	\|	04/2018		0 C 0 H 0 M 0 L	0 H 0 M 0 L
0.2.0	\|	01/2018		0 C 0 H 0 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Recognized

Weekly Downloads (44,041)

GitHub Stars: 605
Forks: 147
Contributors: 40

Direct Usage Popularity

The npm package jail-monkey receives a total of 44,041 downloads a week. As such, we scored jail-monkey popularity level to be Recognized.

Based on project statistics from the GitHub repository for the npm package jail-monkey, we found that it has been starred 605 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Sustainable

Readme.md: Yes
Contributing.md: No
Code of Conduct: No
Contributors: 40
Funding: No

With more than 10 contributors for the jail-monkey repository, this is possibly a sign for a growing and inviting community.

We found a way for you to contribute to the project! Looks like jail-monkey is missing a Code of Conduct.

Embed Package Health Score Badge

Maintenance

Healthy

Commit Frequency

Open Issues: 37
Open PR: 15
Last Release: 15 days ago
Last Commit: 15 days ago

Further analysis of the maintenance status of jail-monkey based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that jail-monkey demonstrates a positive version release cadence with at least one new version released in the past 3 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: not defined

Age: 8 years
Dependencies: 0 Direct
Versions: 29
Install Size: 172 kB
Dist-tags: 1
# of Files: 57
Maintainers: 6
TS Typings: Yes

jail-monkey has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Not sure how to use jail-monkey?

To help you get started, we've collected the most common ways that jail-monkey is being used within popular public projects.

mattermost / mattermost-mobile / app / mattermost_managed / mattermost-managed.android.js View on Github

isTrustedDevice: () => {
        if (__DEV__) {
            return true;
        }

        return JailMonkey.trustFall();
    },
    supportsFaceId: async () => false,

View more ways to use jail-monkey

WARNING: I don't have the devices to test anymore, so testing is done by those submitting PRs bona fide.

Jail Monkey

Can you ever really trust a phone?

Why?

Are users claiming they are crossing the globe in seconds and collecting all the Pokeballs? Some apps need to protect themselves in order to protect data integrity. JailMonkey allows you to:

Identify if a phone has been jail-broken or rooted for iOS/Android.
Detect mocked locations for phones set in "developer mode".
(ANDROID ONLY) Detect if the application is running on external storage such as an SD card.

Use

import JailMonkey from 'jail-monkey'

if (JailMonkey.isJailBroken()) {
  // Alternative behaviour for jail-broken/rooted devices.
}

Circle of Trust

API

Method	Returns	Description
`isJailBroken`	`boolean`	is this device jail-broken/rooted.
`canMockLocation`	`boolean`	Can this device fake its GPS location.
`trustFall`	`boolean`	Checks if the device violates either `isJailBroken` or `canMockLocation`.
`isDebuggedMode`	`Promise`	Is the application is running in debug mode. Note that this method returns a Promise.

iOS Only APIs

Method	Returns	Description
`jailBrokenMessage`	`string`	Returns the reason for jailbroken detection. Will return an empty string on Android.

Android Only APIs

Method	Returns	Description
`hookDetected`	`boolean`	Detects if there is any suspicious installed applications.
`isOnExternalStorage`	`boolean`	Is the application running on external storage (ie. SD Card)
`AdbEnabled`	`boolean`	Is Android Debug Bridge enabled.
`isDevelopmentSettingsMode`	`Promise`	Whether user has enabled development settings on their device. Note that this method returns a Promise.
`androidRootedDetectionMethods`	`RootedDetectionMethods`	Returns an object with the results of all the Android rooted detection methods for more granular detection, this can be helpful if some devices are giving false positives.

type RootedDetectionMethods = {
  rootBeer: {
    detectRootManagementApps: boolean;
    detectPotentiallyDangerousApps: boolean;
    checkForSuBinary: boolean;
    checkForDangerousProps: boolean;
    checkForRWPaths: boolean;
    detectTestKeys: boolean;
    checkSuExists: boolean;
    checkForRootNative: boolean;
    checkForMagiskBinary: boolean;
  },
  jailMonkey: boolean;
}

On iOS all of the Android only methods will return false or Promise where appropriate.

❗ Since emulators are usually rooted, you might want to bypass these checks during development. Unless you're keen on constant false alarms ⏰

Install

npm i jail-monkey --save
react-native link # Not required as of React Native 0.60.0

for iOS:

cd ios &amp;&amp; pod install

If you use rnpm, you may have trouble as rnpm does not link Android properly after 0.29.0!

Note: On Android you should include location.isFromMockProvider() from your location provider to compliment JailMonkey.canMockLocation(). Most react-native location libraries already have this check built in

Additional Info

This has been made public to help keep it up to date. As detection measures get better or out-dated, please send updates to this project so it can be the best method of detection.

Special thanks to this fantastic blog article: https://blog.geomoby.com/2015/01/25/how-to-avoid-getting-your-location-based-app-spoofed/

jail-monkey development dependencies

FAQs

What is jail-monkey?

A React Native module for identifying jail-broken, rooted, or mock locations on iOS and Android. Visit Snyk Advisor to see a full health score report for jail-monkey, including popularity, security, maintenance & community analysis.

Is jail-monkey popular?

The npm package jail-monkey receives a total of 44,041 weekly downloads. As such, jail-monkey popularity was classified as a recognized. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is jail-monkey well maintained?

We found that jail-monkey demonstrated a healthy version release cadence and project activity. It has a community of 40 open source contributors collaborating on the project. See the full package health analysis to learn more about the package maintenance status.

Is jail-monkey safe to use?

The npm package jail-monkey was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 21 December-2024, at 02:04 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP