tools/sign_release.sh currently runs apksigner, but does not crash on warnings. This is because Autograph uses apksigner v1 instead of v2, meaning that it does not sign files found in META-INF. These files cannot be cleaned up, as many are important to AndroidX.
Once Autograph has updated to using apksigner v2, we should add the -Werr (crash on warning) option back to our call to apksigner verify.
Vision statement / What / Requirements
tools/sign_release.shcurrently runs apksigner, but does not crash on warnings. This is because Autograph usesapksignerv1 instead of v2, meaning that it does not sign files found in META-INF. These files cannot be cleaned up, as many are important to AndroidX.Once Autograph has updated to using
apksignerv2, we should add the-Werr(crash on warning) option back to our call toapksigner verify.