[HOLD mobile reunification] Create a mechanism to deprecate older app versions

[roryabraham]

Problem

When we change Onyx schemas in the API layer, that can cause breaking changes to the Onyx schema in the App, and the App needs to be able to adapt to that. There are lots of things we can do to cleverly migrate things such that the user never needs to be forced to update the app or log out and back in:

1. Make front-end Onyx migrations to migrate existing data
2. Support both schemas in PHP, log client versions coming in via API requests, and create follow-up issues to check when older client versions are no longer being used.
3. Implement code-push to automatically run JS-only updates on all platforms.

However, ultimately there are always going to be stand-out cases where all of these fail:

• A user doesn’t use the app for a while, has auto-update disabled, and opens it
• Imaginary code-push solution can’t work because there are native changes between current version and latest
• (bonus): we become aware that an older version has a critical security vulnerability and we want to force all users to update it

In those cases, the only solutions we’re (currently) left with are:

• Knowingly break older versions of the client in unknown/unpredictable ways, In the worst case, a user might have to completely uninstall and reinstall the app, which is a pain.
• Continue supporting multiple Onyx schemas in PHP forever :face_vomiting:
• (bonus) live with the security vulnerability

Solution

Create a mechanism by which we can forcibly deprecate older versions of the app, so that no users can use them anymore and we don’t have to continue supporting them in the API. It's important to note that if employed correctly, this is something that users should never really encounter. In theory, the only time any user would ever see it is if there is some bug that we know about and have already fixed, and we’re preventing the user from experiencing that bug by forcing them to upgrade.

Upwork Automation - Do Not Edit

• Upwork Job URL: https://www.upwork.com/jobs/~01149f4f62e865aef7
• Upwork Job ID: 1605635046031433728
• Last Price Increase: 2022-12-21

[melvin-bot]

Job added to Upwork: https://www.upwork.com/jobs/~01149f4f62e865aef7

[roryabraham]

Draft implementation plan:

1. Hardcode a minimum supported App version in the API
2. In calls to OpenApp and ReconnectApp, check if the client appversion provided in all E/App API requests is lower than the minimum supported version hard-coded in the API.
3. If it is, then have OpenApp and ReconnectApp set a field in Onyx like IS_APP_VERSION_DEPRECATED.
4. In App/src/Expensify.js, subscribe to IS_APP_VERSION_DEPRECATED, and if it’s set then don’t render <NavigationRoot>, and instead just show a static page that tells the user they need to update, and gives them no other options to use the app. It should include an update button which:
   • On web, just refreshes the page
   • On desktop, call quitAndInstallWithUpdate via the Electron context bridge (just calling window.electron.send(ELECTRON_EVENTS.START_UPDATE); should do the trick)
   • On iOS/Android, just link to the app listing where an update should be available.
   • On all platforms, make sure that OpenApp will clear the IS_APP_VERSION_DEPRECATED key when if the app version is greater than the minimum supported app version in the API

[roryabraham]

I don't personally agree that this should be on HOLD for anything, but I've put it on HOLD for WAQ because that was the majority consensus in the slack thread

[roryabraham]

Also, I'm not sure how much a C+ will be able to help test here without having access to a dev API. I suppose @mollfpr would be able to help test the front-end UI logic by hardcoding the field to display it 🤷🏼

[roryabraham]

Taking this off HOLD and making it a weekly

[roryabraham]

No update yet

[roryabraham]

No update

[roryabraham]

No update yet. Started working on this locally but it's lower priority and the current update code in E/App is really a mess across the various platforms. I can thank myself for that because I wrote it (I think it was the first contribution I made to E/App). The desktop update code is pretty confusing on top of that too

[roryabraham]

No update, prioritizing comp, ECX, and PR reviews

[roryabraham]

Forgot to include this in that predesign but this has been discussed enough that I think we can just do it.

[roryabraham]

Probably won't have an update this week

[shubham1206agra]

This might help for Android probably
https://medium.com/android-news/implement-in-app-update-in-android-68892bd11e35

[roryabraham]

No update from me

[melvin-bot]

This issue has not been updated in over 15 days. @mollfpr, @roryabraham eroding to Monthly issue.

P.S. Is everyone reading this sure this is really a near-term priority? Be brave: if you disagree, go ahead and close it out. If someone disagrees, they'll reopen it, and if they don't: one less thing to do!

[roryabraham]

No update

[roryabraham]

No update

[roryabraham]

Brought this up in slack again: https://expensify.slack.com/archives/C07J32337/p1699286574241479

It seems it's still contentious, but @AndrewGable and I at least have consensus that we should wait until mobile reunification to reconsider this feature.

[roryabraham]

On HOLD

[roryabraham]

On HOLD

[marcaaron]

Was chatting with @roryabraham today who brought this issue to my attention.

We implemented a version of this as part of the Group Chats design doc.

It should be live after the next deploy. So I'm gonna close this one in favor of this.

Stack Overflow process for deprecating an old app version is here.