You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
usesCleartextTraffic: guess that's needed to connect to the gadgets as they don't have certificates and thus use plain http?
android.permission.SYSTEM_ALERT_WINDOW is used for… what?
DEPENDENCY_INFO_BLOCK is easy to get rid of:
android {
dependenciesInfo {
// Disables dependency metadata when building APKs.
includeInApk =false// Disables dependency metadata when building Android App Bundles.
includeInBundle =false
}
}
For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.
The text was updated successfully, but these errors were encountered:
Android Studio (and also IntelliJ IDEA) add that by default as Google likes to have it. I've summed up some details on those checks on the info page in my repo, see What about security? There will hopefully be a full and detailed article on this available soon (I have the draft ready but it needs some "fine tuning" to not be too techy and "overwhelming" 😉)
will try your fix...
Thanks! Worked out on many projects already, I'm not aware of any where it didn't.
My scanner got a few new checks in January, and with today's release reported:
Could you please help me clarify those?
usesCleartextTraffic
: guess that's needed to connect to the gadgets as they don't have certificates and thus use plain http?android.permission.SYSTEM_ALERT_WINDOW
is used for… what?DEPENDENCY_INFO_BLOCK
is easy to get rid of:For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.
The text was updated successfully, but these errors were encountered: