fix Play Store upload: pin httplib2 to escape 0.20.4 redirect bug

[transphorm]

Summary

• Fixes Android Play Store deploys failing at upload with Redirected but the response is missing a Location: header.
• Root cause: the GitHub runner ships httplib2 0.20.4 as a system package, which satisfied the unpinned >=0.19.0 floor so pip never replaced it. httplib2 0.20.x has a resumable-upload redirect regression that breaks the resumable session init for the AAB upload.
• Pins the Play Store upload's Python deps (critically httplib2==0.31.2) and installs them with --upgrade so the fixed version overrides the pre-installed one. Exact pins also make the deploy reproducible, so a future upstream release can't silently break it again.

Changes

Config/infra

• Add app/scripts/requirements-play-store.txt pinning the upload_to_play_store.py deps: httplib2==0.31.2, google-auth==2.53.0, google-auth-oauthlib==1.4.0, google-auth-httplib2==0.4.0, google-api-python-client==2.197.0.
• .github/workflows/mobile-deploy.yml: install step now runs python -m pip install --upgrade -r .../requirements-play-store.txt (same interpreter that runs the upload, forces replacement of system httplib2), plus a verification line that prints the resolved httplib2.__version__ / __file__ so the CI log proves it escaped /usr/lib/python3/dist-packages.

Test Plan

• CI deploy install step logs httplib2 0.31.2 … (not …/dist-packages/… 0.20.4)
• Android deploy upload step proceeds past session init to 📶 … % uploaded and completes
• pip install -r app/scripts/requirements-play-store.txt resolves cleanly (verified locally in a clean venv: exit 0)

🤖 Generated with Claude Code

Summary by CodeRabbit

• Chores
  • Improved Play Store deployment pipeline reliability by consolidating Python dependency management and addressing httplib2 compatibility issues to ensure more consistent app updates.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
self-webview-app	Ignored	Preview	Jun 2, 2026 12:44am

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: a93bb117-a11a-459a-b3e8-f964f69bc04a

📥 Commits

Reviewing files that changed from the base of the PR and between 1afecc7 and 045d9cf.

📒 Files selected for processing (1)

• .github/workflows/mobile-deploy.yml

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/mobile-deploy.yml

---

📝 Walkthrough

Walkthrough

This PR migrates Python dependency installation for Play Store uploads from an inline pip install command to a managed requirements file. A new app/scripts/requirements-play-store.txt file pins versions of httplib2 and Google API/auth libraries, and the Android deployment workflow now installs from this file while adding diagnostics for httplib2 visibility.

Changes

Play Store Deployment Dependencies

Layer / File(s)	Summary
Dependency specification app/scripts/requirements-play-store.txt	Pinned versions for httplib2, google-auth, google-auth-oauthlib, google-auth-httplib2, and google-api-python-client, with documentation that httplib2 overrides a runner system package.
Workflow integration .github/workflows/mobile-deploy.yml	Android pipeline step now installs from the requirements file instead of inline pip install, and adds a diagnostic command to print httplib2 version and path.

---

🎯 2 (Simple) | ⏱️ ~8 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically identifies the main change: pinning httplib2 to resolve a Play Store upload regression caused by a buggy 0.20.4 version in the GitHub runner environment.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/play-store-upload-httplib2-pin

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR fixes a Play Store AAB upload failure caused by the GitHub runner shipping httplib2==0.20.4, which has a resumable-upload redirect bug. The fix moves the Python dependency install to a pinned requirements-play-store.txt file and forces an upgrade via --upgrade.

• Two of the five pinned versions appear to be ahead of what is currently published on PyPI: google-auth-httplib2==0.4.0 (latest found: 0.3.1) and google-api-python-client==2.197.0 (latest found: 2.196.0). The pip install step will fail immediately for either of these, leaving the Android deploy job broken.
• A debug diagnostic line (python -c \"import httplib2; print(...)\") was left in the workflow; it is harmless but adds log noise on every run.

Confidence Score: 3/5

The workflow change itself is sound, but two of the pinned package versions in the new requirements file appear not to exist on PyPI, which will cause the Android deploy job to fail at the install step.

The requirements file pins google-auth-httplib2==0.4.0 and google-api-python-client==2.197.0, and web searches against PyPI confirm the highest published versions are 0.3.1 and 2.196.0 respectively. A pip install against either of those exact pins will error out, meaning the intended fix for the AAB upload regression would never reach the upload step.

app/scripts/requirements-play-store.txt — the two version pins that don't resolve need to be corrected before this can land.

Important Files Changed

Filename	Overview
app/scripts/requirements-play-store.txt	New pinned requirements file for Play Store upload deps — two of the five pinned versions (google-auth-httplib2==0.4.0, google-api-python-client==2.197.0) do not exist on PyPI and will cause the install step to fail.
.github/workflows/mobile-deploy.yml	Replaces the inline pip install one-liner with a requirements file install; adds a diagnostic httplib2 version print that was likely left in from debugging.

Sequence Diagram

sequenceDiagram
    participant GH as GitHub Actions
    participant PIP as pip/PyPI
    participant PY as upload_to_play_store.py
    participant PS as Google Play Store API

    GH->>PIP: pip install --upgrade -r requirements-play-store.txt
    note over PIP: Resolves pinned versions including httplib2==0.31.2
    PIP-->>GH: packages installed (or error if version missing)
    GH->>GH: verify httplib2 version diagnostic print
    GH->>PY: run upload script
    PY->>PS: resumable AAB upload via httplib2 transport
    PS-->>PY: 200 OK

Loading

_{Reviews (1): Last reviewed commit: "pr feedback" | Re-trigger Greptile}