It gains root access and transfers all of your data? Any source on that, other than “trust me”?

I agree with others that it’s full of disinformation and can be used for propaganda, but getting root access to your phone (which usually disables a bunch of banking apps and others) seems like a stretch. Unless there’s a different type of rooting going on?

I’m sure there’s shady shit going on, but I’d really love to see a reputable report on it.

Also, if you’re trying to deal with branches, I really prefer trunk based development. Everything deployable to your environments comes from trunk/master/main (whatever you call it). It should help prevent people overriding your changes, as long as you are using git and merge/pull requests. Have a good pipeline to ensure builds and tests are successful before merges, and use feature flags where needed.

The smaller the release, the better. You don’t want to do a big bang release and have to figure out which of the 20 things you just released is having a problem.

Otherwise, your case sounds like it could use feature flags. Develop your feature and release it through all environments, but keep it turned off in production until you are ready to use it.