Closed IzzySoft closed 7 months ago
Hi,
Thank you so much for all the good work. I did recently add the ability to upload a image to the app to change book titles. Not sure why it is picking up audio and video though. Perhaps the dependency causes that to be added? not 100% sure. I can release a new release with a quickfix for the DEPENDENCY_INFO_BLOCK
by Saturday or so
Thanks, Kara
Thank you so much for all the good work.
Thanks for the warm feedback! Which surprisingly I get almost everywhere with my reports – which is pretty much overwhelming and, of course, motivating :heart_eyes:
Not sure why it is picking up audio and video though.
Actually, that's exactly the part that got me confused. And yes, I'd suspect a dependency there as well. I cannot tell which one you added – but if you're sure you do not need those permissions, here's how to get rid of them: Removing Unwanted Manifest Permissions With tools:node
<uses-permission android:name="android.permission.READ_MEDIA_AUDIO" tools:node="remove" />
<uses-permission android:name="android.permission.READ_MEDIA_VIDEO" tools:node="remove" />
I can release a new release with a quickfix for the
DEPENDENCY_INFO_BLOCK
by Saturday or so
Cool, thanks! If you prefer you could check the tools:node
alongside, take a few more days for testing to rule out side-effects, and have both ready a little later. Or split it up into two steps – whichever you prefer.
Thanks a lot! Izzy.
Oof. Seems you've added Sentry, so my scanner yelled again. May I ask if Sentry is configured opt-in?
In regards to your first message, I will try to rule out any side effects but it should probably be done by Saturday or Sunday.
In regards to your second, yes Sentry is opt-in rather than opt-out. Wouldn't be right to track people without their permission.
Thank, Kara
Great, thanks! Will add Sentry to the "allow-list" then (i.e. suppressing the Tracking AF it would otherwise have triggered) – and wait patiently for the other part. Glad you hold the value of privacy high! :heart_eyes:
Hey Izzy,
Something came up today that had me swamped and I don't think I will be able to get the release out tonight. Will most likely be tomorrow.
Thanks, Kara
No worries. I know you're on it and you care, so a day or two more won't be a problem. Thanks!
Oh btw, do you have a email I can contact for a more personal inquiry?
@IzzySoft is there any more issues coming up or am I good to close this issue?
assuming your busy and gonna close this assuming everything's good
Argh, the next issue where Github lost notifications for. I just got the one about the issue being closed :cry: So apologies for not having replied earlier – I simply did not know you've asked!
do you have a email I can contact for a more personal inquiry?
Yes. Contact details are listed on my website. But you can use my nick from here, @ and as domain qumran.org, which is what I use for "devel stuff" (Github etc).
is there any more issues coming up
At some point maybe (I constantly "polish my shields") – but scrolling up what we've dealt with here, probably not in the next few weeks/month :wink:
my recently upgraded scanner just got some of its new routines triggered by today's update of your app and reported:
By its description JellyBook plays contents from the JellyFin server. These permissions suggest it also covers local content on the device, is that true? A clarification for those permissions would be much appreciated, because…
Chocolate :wink: As for
DEPENDENCY_INFO_BLOCK
, that's easy to fix inbuild.gradle
:For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.