release: freeRASP 4.5.0 (#140)

* feat: refactor event dispatcher

* fix

* update SDKs

* add ios identifier

* feat: update ios sdk

* feat: unify lifecycle events

* fix

* update changelog for ios

* lint

* fix: changelog + version

* Update CHANGELOG.md

Co-authored-by: martinzigrai <102868889+martinzigrai@users.noreply.github.com>

---------

Co-authored-by: martinzigrai <102868889+martinzigrai@users.noreply.github.com>

Author: tompsota

CHANGELOG.md

@@ -5,6 +5,55 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [4.5.0] - 2026-03-03
+
+- Android SDK version: 18.0.4
+- iOS SDK version: 6.14.1
+
+### React Native
+
+#### Changed
+
+- Updated the internal handling of ExternalIdResult on Android (for `storeExternalId()` method)
+
+### Android
+
+#### Added
+
+- Added support for `KernelSU` to the existing root detection capabilities
+- Added support for `HMA` to the existing root detection capabilities
+- Added new malware detection capabilities
+- Added `onAutomationDetected()` callback to `ThreatDetected` interface
+  - We are introducing a new capability, detecting whether the device is being automated using tools like Appium
+- Added value restrictions to `externalId`
+  - Method `storeExternalId()` now returns `ExternalIdResult`, which indicates `Success` or `Error` when `externalId` violates restrictions
+
+#### Fixed
+
+- Fixed exception handling for the KeyStore `getEntry` operation
+- Fixed issue in `ScreenProtector` concerning the `onScreenRecordingDetected` invocations
+- Merged internal shared libraries into a single one, reducing the final APK size
+- Fixed bug related to key storing in keystore type detection (hw-backed keystore check)
+- Fixed manifest queries merge
+
+#### Changed
+
+- Removed unused library `tmlib`
+- Refactoring of signature verification code
+- Updated compile and target API to 36
+- Improved root detection capabilities
+- Detection of wireless ADB added to ADB detections
+
+### iOS
+
+#### Added
+
+- Added time spoofing detection, detecting an inaccurate device clock. It is a new threat `timeSpoofing`.
+
+#### Changed
+
+- Improved jailbreak detection methods.
+
 ## [4.4.0] - 2026-02-06
 
 - Android SDK version: 18.0.1

android/build.gradle

@@ -105,7 +105,7 @@ dependencies {
   implementation "com.facebook.react:react-native:$react_native_version"
   implementation "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version"
   implementation "org.jetbrains.kotlinx:kotlinx-serialization-json:1.4.1"
-  implementation "com.aheaditec.talsec.security:TalsecSecurity-Community-ReactNative:18.0.2"
+  implementation "com.aheaditec.talsec.security:TalsecSecurity-Community-ReactNative:18.0.4"
 }
 
 if (isNewArchitectureEnabled()) {

android/src/main/java/com/freeraspreactnative/FreeraspReactNativeModule.kt

@@ -9,7 +9,6 @@ import com.aheaditec.talsec_security.security.api.SuspiciousAppInfo
 import com.aheaditec.talsec_security.security.api.Talsec
 import com.aheaditec.talsec_security.security.api.TalsecConfig
 import com.aheaditec.talsec_security.security.api.TalsecMode
-import com.aheaditec.talsec_security.security.api.ThreatListener
 import com.facebook.react.bridge.Arguments
 import com.facebook.react.bridge.LifecycleEventListener
 import com.facebook.react.bridge.Promise
@@ -19,8 +18,8 @@ import com.facebook.react.bridge.ReactMethod
 import com.facebook.react.bridge.ReadableMap
 import com.facebook.react.bridge.UiThreadUtil.runOnUiThread
 import com.facebook.react.bridge.WritableArray
+import com.facebook.react.bridge.WritableMap
 import com.facebook.react.modules.core.DeviceEventManagerModule
-import com.freeraspreactnative.events.BaseRaspEvent
 import com.freeraspreactnative.events.RaspExecutionStateEvent
 import com.freeraspreactnative.events.ThreatEvent
 import com.freeraspreactnative.interfaces.PluginExecutionStateListener
@@ -38,15 +37,24 @@ class FreeraspReactNativeModule(private val reactContext: ReactApplicationContex
 
   private val lifecycleListener = object : LifecycleEventListener {
     override fun onHostResume() {
+      PluginThreatHandler.threatDispatcher.onResume()
+      PluginThreatHandler.executionStateDispatcher.onResume()
       if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.UPSIDE_DOWN_CAKE) {
         reactContext.currentActivity?.let { ScreenProtector.register(it) }
       }
     }
 
     override fun onHostPause() {
+      PluginThreatHandler.threatDispatcher.onPause()
+      PluginThreatHandler.executionStateDispatcher.onPause()
       if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.UPSIDE_DOWN_CAKE) {
         reactContext.currentActivity?.let { ScreenProtector.unregister(it) }
       }
+      if (reactContext.currentActivity?.isFinishing == true) {
+        PluginThreatHandler.threatDispatcher.unregisterListener()
+        PluginThreatHandler.executionStateDispatcher.unregisterListener()
+        PluginThreatHandler.unregisterSDKListener(reactContext)
+      }
     }
 
     override fun onHostDestroy() {
@@ -61,16 +69,21 @@ class FreeraspReactNativeModule(private val reactContext: ReactApplicationContex
   init {
     reactContext.addLifecycleEventListener(lifecycleListener)
     initializeEventKeys()
+    PluginThreatHandler.initializeDispatchers(PluginListener(reactContext))
   }
 
   @ReactMethod
   fun talsecStart(
     options: ReadableMap, promise: Promise
   ) {
+    if (talsecStarted) {
+      promise.resolve("freeRASP started")
+      return
+    }
 
     try {
       val config = buildTalsecConfig(options)
-      PluginThreatHandler.registerListener(reactContext)
+      PluginThreatHandler.registerSDKListener(reactContext)
       runOnUiThread {
         Talsec.start(reactContext, config, TalsecMode.BACKGROUND)
         mainHandler.post {
@@ -149,10 +162,10 @@ class FreeraspReactNativeModule(private val reactContext: ReactApplicationContex
   @ReactMethod
   fun addListener(eventName: String) {
     if (eventName == ThreatEvent.CHANNEL_NAME) {
-      PluginThreatHandler.threatDispatcher.listener = PluginListener(reactContext)
+      PluginThreatHandler.threatDispatcher.registerListener()
     }
     if (eventName == RaspExecutionStateEvent.CHANNEL_NAME) {
-      PluginThreatHandler.executionStateDispatcher.listener = PluginListener(reactContext)
+      PluginThreatHandler.executionStateDispatcher.registerListener()
     }
   }
 
@@ -165,10 +178,10 @@ class FreeraspReactNativeModule(private val reactContext: ReactApplicationContex
   @ReactMethod
   fun removeListenerForEvent(eventName: String, promise: Promise) {
     if (eventName == ThreatEvent.CHANNEL_NAME) {
-      PluginThreatHandler.threatDispatcher.listener = null
+      PluginThreatHandler.threatDispatcher.unregisterListener()
     }
     if (eventName == RaspExecutionStateEvent.CHANNEL_NAME) {
-      PluginThreatHandler.executionStateDispatcher.listener = null
+      PluginThreatHandler.executionStateDispatcher.unregisterListener()
     }
     promise.resolve("Listener unregistered")
   }
@@ -302,48 +315,40 @@ class FreeraspReactNativeModule(private val reactContext: ReactApplicationContex
     private val mainHandler = Handler(Looper.getMainLooper())
 
     internal var talsecStarted = false
+  }
+
+  internal class PluginListener(private val reactContext: ReactApplicationContext) :
+    PluginThreatListener, PluginExecutionStateListener {
 
-    private fun notifyEvent(event: BaseRaspEvent, appReactContext: ReactApplicationContext) {
+    override fun threatDetected(threatEventType: ThreatEvent) {
       val params = Arguments.createMap()
-      params.putInt(event.channelKey, event.value)
-      appReactContext.getJSModule(DeviceEventManagerModule.RCTDeviceEventEmitter::class.java)
-        .emit(event.channelName, params)
+      params.putInt(threatEventType.channelKey, threatEventType.value)
+      notifyEvent(ThreatEvent.CHANNEL_NAME, params)
     }
 
-    /**
-     * Sends malware detected event to React Native
-     */
-    private fun notifyMalware(suspiciousApps: MutableList<SuspiciousAppInfo>, appReactContext: ReactApplicationContext) {
-      // Perform the malware encoding on a background thread
+    override fun malwareDetected(suspiciousApps: MutableList<SuspiciousAppInfo>) {
       backgroundHandler.post {
-
-        val encodedSuspiciousApps = suspiciousApps.toEncodedWritableArray(appReactContext)
-
+        val encodedSuspiciousApps = suspiciousApps.toEncodedWritableArray(reactContext)
         mainHandler.post {
           val params = Arguments.createMap()
           params.putInt(ThreatEvent.CHANNEL_KEY, ThreatEvent.Malware.value)
           params.putArray(
             ThreatEvent.MALWARE_CHANNEL_KEY, encodedSuspiciousApps
           )
-
-          appReactContext.getJSModule(DeviceEventManagerModule.RCTDeviceEventEmitter::class.java)
-            .emit(ThreatEvent.CHANNEL_NAME, params)
+          notifyEvent(ThreatEvent.CHANNEL_NAME, params)
         }
       }
     }
-  }
-
-  internal class PluginListener(private val reactContext: ReactApplicationContext) : PluginThreatListener, PluginExecutionStateListener {
-    override fun threatDetected(threatEventType: ThreatEvent) {
-      notifyEvent(threatEventType, reactContext)
-    }
 
-    override fun malwareDetected(suspiciousApps: MutableList<SuspiciousAppInfo>) {
-      notifyMalware(suspiciousApps, reactContext)
+    override fun raspExecutionStateChanged(event: RaspExecutionStateEvent) {
+      val params = Arguments.createMap()
+      params.putInt(event.channelKey, event.value)
+      notifyEvent(event.channelName, params)
     }
 
-    override fun raspExecutionStateChanged(event: RaspExecutionStateEvent) {
-      notifyEvent(event, reactContext)
+    private fun notifyEvent(eventName: String, params: WritableMap) {
+      reactContext.getJSModule(DeviceEventManagerModule.RCTDeviceEventEmitter::class.java)
+        .emit(eventName, params)
     }
   }
 }

android/src/main/java/com/freeraspreactnative/PluginThreatHandler.kt

@@ -10,8 +10,13 @@ import com.freeraspreactnative.events.ThreatEvent
 
 internal object PluginThreatHandler {
 
-  internal val threatDispatcher = ThreatDispatcher()
-  internal val executionStateDispatcher = ExecutionStateDispatcher()
+  internal lateinit var threatDispatcher: ThreatDispatcher
+  internal lateinit var executionStateDispatcher: ExecutionStateDispatcher
+
+  fun initializeDispatchers(listener: FreeraspReactNativeModule.PluginListener) {
+    threatDispatcher = ThreatDispatcher(listener)
+    executionStateDispatcher = ExecutionStateDispatcher(listener)
+  }
 
   private val threatDetected = object : ThreatListener.ThreatDetected() {
 
@@ -111,11 +116,11 @@ internal object PluginThreatHandler {
 
   private val internalListener = ThreatListener(threatDetected, deviceState, raspExecutionState)
 
-  internal fun registerListener(context: Context) {
+  internal fun registerSDKListener(context: Context) {
     internalListener.registerListener(context)
   }
 
-  internal fun unregisterListener(context: Context) {
+  internal fun unregisterSDKListener(context: Context) {
     internalListener.unregisterListener(context)
   }
 }

android/src/main/java/com/freeraspreactnative/dispatchers/ExecutionStateDispatcher.kt

@@ -3,36 +3,51 @@ package com.freeraspreactnative.dispatchers
 import com.freeraspreactnative.events.RaspExecutionStateEvent
 import com.freeraspreactnative.interfaces.PluginExecutionStateListener
 
-internal class ExecutionStateDispatcher {
+internal class ExecutionStateDispatcher(private val listener: PluginExecutionStateListener) {
   private val cache = mutableSetOf<RaspExecutionStateEvent>()
 
-  var listener: PluginExecutionStateListener? = null
-    set(value) {
-      field = value
-      if (value != null) {
-        flushCache(value)
-      }
+  private var isAppInForeground = false
+  private var isListenerRegistered = false
+
+  fun registerListener() {
+    isListenerRegistered = true
+    isAppInForeground = true
+    flushCache()
+  }
+
+  fun unregisterListener() {
+    isListenerRegistered = false
+    isAppInForeground = false
+  }
+
+  fun onResume() {
+    isAppInForeground = true
+    if (isListenerRegistered) {
+      flushCache()
     }
+  }
+
+  fun onPause() {
+    isAppInForeground = false
+  }
 
   fun dispatch(event: RaspExecutionStateEvent) {
-    val currentListener = listener
-    if (currentListener != null) {
-      currentListener.raspExecutionStateChanged(event)
+    if (isAppInForeground && isListenerRegistered) {
+      listener.raspExecutionStateChanged(event)
     } else {
       synchronized(cache) {
-        val checkedListener = listener
-        checkedListener?.raspExecutionStateChanged(event) ?: cache.add(event)
+        cache.add(event)
       }
     }
   }
 
-  private fun flushCache(registeredListener: PluginExecutionStateListener) {
+  private fun flushCache() {
     val events = synchronized(cache) {
       val snapshot = cache.toSet()
       cache.clear()
       snapshot
     }
-    events.forEach { registeredListener.raspExecutionStateChanged(it) }
+    events.forEach { listener.raspExecutionStateChanged(it) }
   }
 }