Permissions

[IzzySoft]

Just wondering what for the app requires INTERNET? Neither description nor screenshots give a clue. If it's not needed, would cou consider removing it? Thanks in advance!

[arsvechkarev]

Hi! The app downloads icons for passwords over the network. You can find out more here: ImagesLoading.kt, icons/files, names.txt.

Of course this isn't a super-necessary feature, but it is much easier to navigate around your passwords with it, especially if you have several dozen of them :)

[IzzySoft]

Ah. Might be helpful if that would be mentioned more prominently (e.g. in the app description). I know that feature from KeepassXC, but even I did not think of that when seeing the permission. Dealing with sensitive data like passwords, one becomes "extra cautious". Personally, I prefer a password manager to only deal with the passwords and their encryption but not reach out over the network (e.g. I use a different tool for syncing my password stores or backing them up).

Agreed, it's a useful feature – and I cannot think about an alternative way to approach that (apart from making that feature an addon for those who want it). Quite unfortunate that INTERNET is not a runtime permission, and most Android folks would need an application firewall to control that…

TL;DR: Could you mention that with the app description, or at least in the Readme, so it's easy to find?

Meanwhile:

With the next sync around 7 pm UTC, Vault will become available here. F-Droid.org listing will take a bit longer. I suggest to try achieving reproducible builds there, to make a switch easy then :wink:

Oh, PS: If you could apply another tiny little change to your full_description.txt I'd be really thankful: Insert an empty line before the bullet point list, and turn the bullet points into simple asterisks (*)? Then it could be parsed as Markdown, and I could tell my updater to take it along with future releases.

[arsvechkarev]

Your point about making it an addon feature is really good, I'll think about it, thanks)

And also I updated README and full_description.txt, check it out and tell me if I missed something :)

[IzzySoft]

Thanks! That looks excellent, both! I've just enabled pulling fulldesc as well then. With any future release, when being pulled by my updater (usually within 24h of your creating a new tag and attaching the APK there) Fastlane will be checked along and changed files updated here as well.

Glad you like the addon idea. Should you really implement that, just let me know and I'll integrate that with my repo as well :smiley:

[bmp]

Is it possible to provide an option where this is optional? To download from the internet or use a local folder?

[graves501]

Aegis Authenticator also uses icons for its entries, but it seems like the icons are part of the application, it definitely does not internet access.

Link: https://github.com/beemdevelopment/Aegis

The icons should be optional like @bmp suggested or already part of the app.

[bmp]

Is it possible to provide an option where this is optional? To download from the internet or use a local folder?

@arsvechkarev Would you be considering this as a possibility? The link provided by @graves501 seems to be a good way to solve this.

[arsvechkarev]

Hi everyone! I just released version 1.0.2, where this feature could be disabled. I will try to come up with a nice solution like in Aegis, but for now I hope that a simple on/off switch will be good enough. Thanks everybody for participating! Let's make this issue completed, and if you have any other questions, feel free to open a new one.