Wrong APK at tag v0.2.3?

[IzzySoft]

The arm64 APK at tag v0.2.3 identifies as

package: name='com.capybara.calculator' versionCode='2001' versionName='0.2.2'

Was the wrong APK attached accidentally – or did you rather forget to update versionName and versionCode? Shouldn't that line rather read

version: 0.2.3+5

The +5 stands for the versionCode (which should always be increased when making a new release, hence 5 here). Without that, each release will have the same versionCode, resulting in Android considering it the same version (hence no update notifications); e.g. for all releases, the arm64 variant mentioned above will have versionCode='2001', i.e. versionCode + 2000 (for armeabi it would be `+1000).

May I kindly ask to have that fixed? Thanks in advance!

[rajput-hemant]

Hi @IzzySoft,

Thanks a bunch for pointing out the version code and version number issue in my Calculator app! I apologize for the delay in fixing it; life had some other plans for me. 🙏

I've resolved the problem in this commit.

Also, I have updated the assets in the previous release itself instead of creating another release, so kindly make sure to have the latest APKs from here.

Your input is incredibly valuable to us. If you have more suggestions or run into any other issues, please don't hesitate to let us know.

Cheers

[IzzySoft]

Oof:

WARNING: "com.capybara.calculator_2005.apk" is signed by a key that is not allowed

What happened to your signing key?

[rajput-hemant]

@IzzySoft I'm not sure, sir. I built APKs as usual and updated the release assets. I didn't make any other changes, so I'm not sure what could have caused this issue since I didn't explicitly sign the APKs.

[IzzySoft]

That's strange then. How does signing happen then if you didn't do it? It's definitely a different signing key, as the sha256 show:

• before: 39c9ce478b037ee242de48c53558f905943ebd7ccd0e652ad970017580a9f1e1
• v0.2.3: 175c28be0795015dbb0b251e00395c0c178200146d0d25e409bc6f89398e89cb

Taking a closer look: there we go. You've used a debug key before. Hm, but you're still using a debug key now:

## OLD:
Signer #1 certificate DN: C=US, O=Android, CN=Android Debug
Signer #1 certificate SHA-256 digest: 39c9ce478b037ee242de48c53558f905943ebd7ccd0e652ad970017580a9f1e1
Signer #1 certificate SHA-1 digest: 48f551816f727f3f70d22843a2dfaa56ba872489
Signer #1 certificate MD5 digest: 300ab36a5de266b8008eb480094f0221
Signer #1 key algorithm: RSA
Signer #1 key size (bits): 2048
Signer #1 public key SHA-256 digest: ac66cf208fe6963113caa1e53759ade0a37e78dded5ac23b8d447064d027d6b0
Signer #1 public key SHA-1 digest: bd779f41c7ef1807f952a93bd66dfc197f0d0b1a
Signer #1 public key MD5 digest: 64fc7f66eeffdee0541d22286236729e

## NEW:
Signer #1 certificate DN: C=US, O=Android, CN=Android Debug
Signer #1 certificate SHA-256 digest: 175c28be0795015dbb0b251e00395c0c178200146d0d25e409bc6f89398e89cb
Signer #1 certificate SHA-1 digest: 7e62dcf5b3e94d060a04466ab902380c46f88974
Signer #1 certificate MD5 digest: 4ff52ca893bd854600a3694d76d12aaf
Signer #1 key algorithm: RSA
Signer #1 key size (bits): 2048
Signer #1 public key SHA-256 digest: 7666d6ba5b90af8b6de01ed88ff740ab1ed1a6f5466609c1089e97ca6f43cbe9
Signer #1 public key SHA-1 digest: eeead83969eeee5a28e1aa5991adaad9c6d6d886
Signer #1 public key MD5 digest: b21802743a39fc202c64880dc78ef84e

You shouldn't use a debug key for APKs which are released and distributed. Those should be signed using a release key.

[rajput-hemant]

@IzzySoft

I've enabled signingConfigs.release to utilize release keys for the release build in this commit. Additionally, I've updated the assets in the lastest release signed with the release keys. You can find the updated APKs here.

[IzzySoft]

Thanks! Switching to the new release key (and version) then. Please keep it safe so we won't need to switch again :wink:

Btw: if you want another badge for the top-row of your Readme, I do have a fitting shield you can use :smiley:

[rajput-hemant]

@IzzySoft

Thank you for the suggestion! I'll definitely add the IzzyOnDroid download badge to the top row of my README. It would be greatly appreciated if you could provide me with the direct link to my APK on your (IzzyOnDroid) website, as I'm having trouble locating it myself. Also, I apologize for the delayed response; I didn't receive a notification, so that's on me.

[IzzySoft]

What for do you need the link to the APK? That's the very same you provide here (as it's taken from here). Links should rather go to the app's page in my repo.

[rajput-hemant]

I apologize for the confusion. What I was referring to is the link to my app's page in the IzzyOnDroid repository, not the APK itself. I've managed to locate it now, and I didn't realize I could access it using my app's code name. My apologies for any misunderstanding. Also, I've now added your download badge as per your suggestion. Thanks

[IzzySoft]

Ah, a misunderstanding – and my fault: that URL I should have communicated indeed, apologies from my end too! And thanks for adding the badge :star_struck: