-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
F-Droid Release #8
Comments
I could even check to include it with my repo – but as long as the APKs are signed with debug keys that won't be possible:
See: Could you please sign the APKs at |
You're right, I must have a bug in my GitHub Actions file, I'll fix it as soon as I can. |
Fixed, the apk now is signed with release key |
Thanks Antonio, that looks good! Preparing the integration here now. Meanwhile, from the output of my scanners:
android {
dependenciesInfo {
// Disables dependency metadata when building APKs.
includeInApk = false
// Disables dependency metadata when building Android App Bundles.
includeInBundle = false
}
} For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains. Nothing of the above is a show-stopper here (I'm integrating your app with my repo now). But for transparency, these questions would be good to have clarified (and of course the blob removed, if possible). So if you could help with those details I'd include them then. Thanks a lot! |
OK, there you go: That looks fine so far (metadata where imported from your PlayStore listing). For some background to above questions: So once above questions are answered, I can fill those gaps and the "chocolate" goes away, showing the proper explanations instead. Your app will become available here around 7 pm UTC, with the next sync. Those having my repository configured with their favorite F-Droid client will automatically be able to access it from there as well. If you like what you see there, be welcome to pick a badge to link there e.g. from your README 😃 |
Thank you very much for your work. I use WRITE_EXTERNAL_STORAGE to be able to download the EPUB and then share it. |
Which EPUB? I thought this is a bookmark app?
Thanks, I've set that accordingly then.
Great, thanks! |
Shiori has the ability to save the content of bookmarks, one option is to save it as Epub. |
Ah, now I get it, thanks! But if it's just for this one file, why not using SAF (Storage Access Framework) and let the user pick a location? SAF was introduced with Android 5, which is the minimal version your app supports. It has its culprits and complexities, true – but for saving/reading a single file it should be fine. Your app the wouldn't need to declare a single storage permission. |
I can't use SAF because the epub is not public, to download it, I need authorization via a sessionID that is sent in the headers. |
So where do you store the EPUB then? If it is inside your own application's scope, you won't need any storage permissions either. If not, I don't see what difference SAF makes in this context. But OK, you will know better than me what is needed. I've set the explanations accordingly. Thanks! |
I'm using the Downloads folder |
But you're right, I'll change the storage location to be within the app's scope and remove the permission. |
Oww… that one is special fun with SAF over Android versions, requiring a different permission with every second Android version… well, almost. Will need
If it should be private anyway, good idea. An export can always be offered, be it via share or SAF then. |
Finally I've removed the 'MANAGE_EXTERNAL_STORAGE', thanks for the advice |
But with today's update, we have some new permission alerts:
What happened, and what are they needed for? Dragged in by one of the new dependencies? |
I have updated the AGP and some libraries, I assume one of the libraries must have added it. I will check to see what has happened." |
When updating the Android Gradle Plugin, it seems necessary to set the minSdkVersion in all modules to prevent the addition of those permissions:
This is the log of the manifest-merger: 1.0.0/AndroidManifest.xml:20:5-44 |
Good find! Yes, I remember that some permissions are automatically implied based on targetSdk (see here. I knew that for Good to see this resolved, thanks! |
it can be useful if you release app in F-Droid too.
this link maybe helpful
The text was updated successfully, but these errors were encountered: