Open IzzySoft opened 6 months ago
It must be signed. But I think I forgot to enable v1 signing scheme. apksigner verify --min-sdk-version 24
should succeed.
fdroidserver rejects it.
$ apksigner verify --verbose MyLocation_v1.05.apk
DOES NOT VERIFY
ERROR: Missing META-INF/MANIFEST.MF
$ apksigner verify --verbose --min-sdk-version 24 MyLocation_v1.05.apk
Verifies
Verified using v1 scheme (JAR signing): false
Verified using v2 scheme (APK Signature Scheme v2): true
Verified using v3 scheme (APK Signature Scheme v3): false
Number of signers: 1
Confirmed: v1 is missing (so is v3). I don't think changing fdroidserver code for this would be a good idea¹, so could you please provide a "fully signed" APK (i.e. with v1 – not sure whether v3 is needed, so if you have one with v1+v2 we can find out).
¹ feel free to open an issue there of course; if it's thought allright, their call could always pass the app's minSdk to the verify call. But I don't want to fiddle with that part if it's not done by upstream, as it complicates the update process (of fdroidserver) here.
Updated. v3 and v4 are left disabled on purpose.
Could you please replace the APK at release v1.05 with a signed one? My updater complains: