Move jailbreak check to hellocodenameone startup

[shai-almog]

Motivation

• Ensure the app fails fast on compromised devices by performing jailbreak detection during app initialization.
• Consolidate jailbreak detection logic into runtime startup instead of a standalone test to catch issues earlier.
• Improve iOS native detection to catch modern dynamic-library injection and common bypass libraries.

Description

• Enhanced Ports/iOSPort/nativeSources/CN1JailbreakDetector.m to import <unistd.h> and <stdlib.h>, check getenv("DYLD_INSERT_LIBRARIES"), scan loaded images via _dyld_image_count()/_dyld_get_image_name() for known bypass libraries, and exit when detected.
• Updated restricted path checks and write-test behavior in CN1JailbreakDetector.m by moving MobileSubstrate entry, adding "/private/var/lib/apt/", using BOOL wroteFile = [@"Test" writeToFile:...] and removing the test file on success.
• Kept additional runtime checks (fork() and process tracing via sysctl) to detect abnormal behavior and exit when bypass indications are found.
• Removed the standalone JailbreakDetectionTest.java and added a startup assertion in scripts/hellocodenameone/common/src/main/kotlin/com/codenameone/examples/hellocodenameone/HelloCodenameOne.kt that calls Display.getInstance().isJailbrokenDevice() and uses check(!...) to fail initialization if the device is jailbroken.

Testing

• No automated tests were executed for these changes.
• The previous standalone test JailbreakDetectionTest.java was deleted and not run as part of CI.
• No native compilation or runtime verification was performed automatically for the iOS detector changes.
• The startup assertion was added to application initialization but was not executed in an automated test run.

---

Codex Task

[github-actions]

✅ Continuous Quality Report

Test & Coverage

• ✅ Tests: 2282 total, 0 failed, 0 skipped
• 📊 Line coverage: 52.86% [HTML preview] [Download]
  • Lowest covered classes
    • com.codename1.io.rest.RequestBuilder$FetchAsPropertyListActionListener – 0.00%
    • com.codename1.io.rest.RequestBuilder$FetchAsPropertiesActionListener – 0.00%
    • com.codename1.ui.Display$EdtException – 0.00%
    • com.codename1.ui.BrowserWindow$BrowserForm – 0.00%
    • com.codename1.ui.plaf.CSSBorder$LinearGradient – 0.00%
    • com.codename1.io.rest.RequestBuilder$GetAsStringAsyncImplActionListener – 0.00%
    • com.codename1.io.rest.RequestBuilder$GetAsJsonMapActionListener – 0.00%
    • com.codename1.payment.Purchase$SynchronizeReceiptsSyncRunnable – 0.00%
    • com.codename1.io.rest.RequestBuilder$GetAsBytesAsyncImplActionListener – 0.00%
    • com.codename1.io.rest.RequestBuilder$FetchAsJsonMapActionListener – 0.00%

Static Analysis

• ❌ SpotBugs: 152 findings (Normal: 92, Low: 60) [HTML preview] [Download]
  • Top findings
    • Normal: CodenameOne/src/com/codename1/capture/Capture.java:262 – Naked notify in com.codename1.capture.Capture$CallBack.actionPerformed(ActionEvent) (rule: NN_NAKED_NOTIFY)
    • Normal: CodenameOne/src/com/codename1/charts/ChartComponent.java:489 – Integral division result cast to double or float in com.codename1.charts.ChartComponent.pointerDragged(int[], int[]) (rule: ICAST_IDIV_CAST_TO_DOUBLE)
    • Normal: CodenameOne/src/com/codename1/charts/ChartComponent.java:682 – Return value of com.codename1.charts.renderers.XYMultipleSeriesRenderer.isPanEnabled() ignored, but method has no side effect (rule: RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT)
    • Normal: CodenameOne/src/com/codename1/charts/ChartComponent.java:770 – Return value of com.codename1.charts.renderers.XYMultipleSeriesRenderer.isZoomEnabled() ignored, but method has no side effect (rule: RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT)
    • Normal: CodenameOne/src/com/codename1/charts/compat/Paint.java:38 – Unused field: com.codename1.charts.compat.Paint.g (rule: UUF_UNUSED_FIELD)
    • …and 147 more
• ❌ PMD: 2574 findings (P2: 1, P3: 503, P4: 2070) [HTML preview] [Download]
  • Top findings
    • P2: CodenameOne/src/com/codename1/ui/Display.java:1040 – Avoid using a branching statement as the last in a loop. (rule: AvoidBranchingStatementAsLastInLoop)
    • P3: CodenameOne/src/com/codename1/charts/views/LineChart.java:208 – These nested if statements could be combined (rule: CollapsibleIfStatements)
    • P3: CodenameOne/src/com/codename1/components/RSSReader.java:500 – Overriding method merely calls super (rule: UselessOverridingMethod)
    • P3: CodenameOne/src/com/codename1/facebook/Album.java:198 – Overriding method merely calls super (rule: UselessOverridingMethod)
    • P3: CodenameOne/src/com/codename1/facebook/FaceBookAccess.java:1312 – Unnecessary semicolon (rule: UnnecessarySemicolon)
    • …and 2569 more
• ❌ Checkstyle: 220917 findings (Warning: 220917) [HTML preview] [Download]
  • Top findings
    • Warning: CodenameOne/src/com/codename1/db/ThreadSafeDatabase.java:30:1 – Extra separation in import group before 'java.io.IOException' (rule: CustomImportOrderCheck)
    • Warning: CodenameOne/src/com/codename1/db/ThreadSafeDatabase.java:32 – First sentence of Javadoc is missing an ending period. (rule: SummaryJavadocCheck)
    • Warning: CodenameOne/src/com/codename1/db/ThreadSafeDatabase.java:36 – Line is longer than 100 characters (found 143). (rule: LineLengthCheck)
    • Warning: CodenameOne/src/com/codename1/db/ThreadSafeDatabase.java:39:5 – 'member def modifier' has incorrect indentation level 4, expected level should be 2. (rule: IndentationCheck)
    • Warning: CodenameOne/src/com/codename1/db/ThreadSafeDatabase.java:40:5 – 'member def modifier' has incorrect indentation level 4, expected level should be 2. (rule: IndentationCheck)
    • …and 220912 more

Generated automatically by the PR CI workflow.

[shai-almog]

iOS screenshot updates

Compared 30 screenshots: 23 matched, 6 updated, 1 missing reference.

• BrowserComponent — updated screenshot. Screenshot differs (1206x2622 px, bit depth 8).

  
  Preview info: Preview provided by instrumentation.
  Full-resolution PNG saved as BrowserComponent.png in workflow artifacts.

• graphics-draw-arc — updated screenshot. Screenshot differs (1206x2622 px, bit depth 8).

  
  Preview info: JPEG preview quality 20; JPEG preview quality 20; downscaled to 603x1311.
  Full-resolution PNG saved as graphics-draw-arc.png in workflow artifacts.

• graphics-draw-gradient — updated screenshot. Screenshot differs (1206x2622 px, bit depth 8).

  
  Preview info: JPEG preview quality 10; JPEG preview quality 10; downscaled to 844x1835.
  Full-resolution PNG saved as graphics-draw-gradient.png in workflow artifacts.

• graphics-draw-round-rect — missing reference. Reference screenshot missing at /Users/runner/work/CodenameOne/CodenameOne/scripts/ios/screenshots/graphics-draw-round-rect.png.

  
  Preview info: JPEG preview quality 10; JPEG preview quality 10; downscaled to 844x1835.
  Full-resolution PNG saved as graphics-draw-round-rect.png in workflow artifacts.

• graphics-draw-string — updated screenshot. Screenshot differs (1206x2622 px, bit depth 8).

  
  Preview info: JPEG preview quality 10; JPEG preview quality 10; downscaled to 422x918.
  Full-resolution PNG saved as graphics-draw-string.png in workflow artifacts.

• graphics-draw-string-decorated — updated screenshot. Screenshot differs (1206x2622 px, bit depth 8).

  
  Preview info: JPEG preview quality 10; JPEG preview quality 10; downscaled to 603x1311.
  Full-resolution PNG saved as graphics-draw-string-decorated.png in workflow artifacts.

• kotlin — updated screenshot. Screenshot differs (1206x2622 px, bit depth 8).

  
  Preview info: Preview provided by instrumentation.
  Full-resolution PNG saved as kotlin.png in workflow artifacts.

Benchmark Results

• VM Translation Time: 371 seconds
• Compilation Time: 74 seconds

Detailed Performance Metrics

Metric	Duration
Build Time Statistics
Setup & Unzip	32482 ms
Extract Extensions	20 ms
Google Services Setup	2 ms
Scan Classes	601 ms
Extract Libs	794 ms
Inject Build Hints	37 ms
Generate Unit Tests	1 ms
Generate Stubs	1705 ms
Compile Stubs	2114 ms
Generate Icons	990 ms
Prepare ParparVM	185 ms
ParparVM Execution	209785 ms
Post-VM Setup	134 ms
CocoaPods	4528 ms
Finalize	31 ms
Total Time	253412 msMaven Overhead : 118000 ms
CocoaPods Install (Script)	1000 ms
Simulator Boot (Run)	145000 ms
App Install	32000 ms
App Launch	6000 ms
Test Execution	191000 ms

[shai-almog]

Compared 30 screenshots: 30 matched.

Native Android coverage

• 📊 Line coverage: 24.83% (2661/10717 lines covered) [HTML preview] (artifact android-coverage-report, jacocoAndroidReport/html/index.html)
  • Other counters: instruction 24.45% (12352/50528), branch 15.30% (715/4672), complexity 17.52% (743/4241), method 33.08% (602/1820), class 34.98% (106/303)
  • Lowest covered classes
    • com.codename1.impl.android.com.codename1.impl.android.AndroidContactsManager – 0.00% (0/400 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.AndroidImplementation$Video – 0.00% (0/168 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.IntentIntegrator – 0.00% (0/139 lines covered)
    • com.codename1.impl.android.util.com.codename1.impl.android.util.Base64 – 0.00% (0/117 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.AndroidImplementation$SocketImpl – 0.00% (0/77 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.AndroidTextureView – 0.00% (0/76 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.AndroidSurfaceView – 0.00% (0/73 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.LocalNotificationPublisher – 0.00% (0/65 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.FridaDetectionUtil – 0.00% (0/64 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.PushNotificationService – 0.00% (0/59 lines covered)

✅ Native Android screenshot tests passed.

Native Android coverage

• 📊 Line coverage: 24.83% (2661/10717 lines covered) [HTML preview] (artifact android-coverage-report, jacocoAndroidReport/html/index.html)
  • Other counters: instruction 24.45% (12352/50528), branch 15.30% (715/4672), complexity 17.52% (743/4241), method 33.08% (602/1820), class 34.98% (106/303)
  • Lowest covered classes
    • com.codename1.impl.android.com.codename1.impl.android.AndroidContactsManager – 0.00% (0/400 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.AndroidImplementation$Video – 0.00% (0/168 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.IntentIntegrator – 0.00% (0/139 lines covered)
    • com.codename1.impl.android.util.com.codename1.impl.android.util.Base64 – 0.00% (0/117 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.AndroidImplementation$SocketImpl – 0.00% (0/77 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.AndroidTextureView – 0.00% (0/76 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.AndroidSurfaceView – 0.00% (0/73 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.LocalNotificationPublisher – 0.00% (0/65 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.FridaDetectionUtil – 0.00% (0/64 lines covered)
    • com.codename1.impl.android.com.codename1.impl.android.PushNotificationService – 0.00% (0/59 lines covered)