Build using bare workflow

A while ago I have created a Project using the expo sdk version 35 next to update lastest. I found vulneravilities using a tool for security in my expo app where the Fstack-protector-all and FObjc-arc flags are not found. This means the App is not compiled with Stack Smashing Protector (SSP) flag and Automatic Reference Countng (ARC) flag either. Reading in the forum the option is to generate the ipa file using expokit but it’s deprecated, which take me to the bare and managed workflows to do (already the ‘bare’ option created a native structure but it has issues to build and run) so howerver it has limitations of some features of the sdk that I already have implemented in my code, such as notifications and builds services.

There is some way or step by step doc to generate the build for both Android and ios using what’s already built in expo (typescript/javascript modules), just enabling flasgs I need for. Need help!

i’m not the expert on these topics on the expo team but i am curious, could you link me to the information that you’re relying on for why you these flags should be enabled?

Thanks for replay. I’m using MobSF, before the release I want to make sure that my app is secure. After I decomplile the expo built ipa/apk with this tool the dashboard displays some security alerts (is based on the methodology for IT security risk analysis).