Hi! Not Fanghao but another Discord iOS engineer. We wrote our own library for OTA updates but React Native Code Push (https://github.com/Microsoft/react-native-code-push) is a pretty reasonable out of the box solution. Because our OTA solution is designed for hotfixing issues rather than feature releases we push to everyone, and we also have a flag that forces our users to relaunch the app if the bug is app breaking.
How do you comply with Apple's App Store Review Guidelines when using this (specifically, this clause):
2.5.2 Apps should be self-contained in their bundles, and may not read or write data outside the designated container area, nor may they download, install, or execute code which introduces or changes features or functionality of the app, including other apps.
Also,
> we also have a flag that forces our users to relaunch the app if the bug is app breaking
Apple allows updates to Javascript outside of the review process as long as it subscribes to certain guidelines (1), including but not limited to: not changing core feature functionality, being limited to bug fixes, and also that the app doesn't provide unlimited access to native SDK or system functions. React Native provides a limited API to js code so it's fine.
As far as your second question, we simply deploy store logic that loads a Modal telling our users that they must relaunch the app.
Since OTA updates can only impact JS, we can offer a button that essentially calls something like `window.refresh` and it reloads the JS bundle within the container. We actually recently leveraged ErrorBoundaries in React 16 to do something similar in our app as well.
That doesn't quite answer the question like victoriasun did–you can execute code not in the binary (e.g. JavaScript), but it doesn't say that you can download new code and execute that.
I've used code push before and didn't really love the lack of visibility into what was running on the other side, it also feels really risky to make it a core part of my app considering that microsoft has already changed direction on backend hosting for code push at least once.
Any chance you could share any info about the architecture design of your homegrown system? I've seen a few snippets where devs build their bundles and host them in s3, how complicated was it for you to roll your own OTA solution? Would you guys do it again or would you use Code Push?
Our architecture design is honestly pretty simple. Before the app fetches the JS bundle it checks a hash to see if it's on the right version, and if not, it fetches the other one instead. I honestly don't know enough about code push to speak to it, so I can't really answer this question. Generally speaking however, we try to be cognizant of increasing the amount of dependencies we have while still optimizing for speed.
