Can you please clarify what cleartext connections are established, and why those are needed? As for DEPENDENCY_INFO_BLOCK, that's easily avoided:
android {
dependenciesInfo {
// Disables dependency metadata when building APKs.
includeInApk = false
// Disables dependency metadata when building Android App Bundles.
includeInBundle = false
}
}
For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.
Thanks in advance!
Oh, if you want to have a laugh, look at what the snake oil industry reports. They suspect the app could have to do with … Monero, by all means! :zany_face:
Running my scanner over today's release it reports:
Can you please clarify what cleartext connections are established, and why those are needed? As for
DEPENDENCY_INFO_BLOCK, that's easily avoided:For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.
Thanks in advance!
Oh, if you want to have a laugh, look at what the snake oil industry reports. They suspect the app could have to do with … Monero, by all means! :zany_face: