Does anyone have experience with CODE PUSH (Microsoft APP center) for financial applications? Is CP something that can be secured at a level where malicious code injection is virtually eliminated (from a technical/product perspective)?
The value of CODE PUSH for multiples teams working on a single super app is clear, but I am trying to identify the drawbacks.
Cheers
CodePush has a Code-signing feature that should fix security issues. You just sign your CodePush update with your private key. Then updates will be checked on devices with your public key. It will guarantee that no updates will be installed except signed with your private key.
More info here: https://github.com/microsoft/react-native-code-push/blob/master/docs/setup-android.md#code-signing-setup