Open IzzySoft opened 4 months ago
recloudstream[bot]
commented
4 months ago Hello IzzySoft. Please do not report any provider bugs here. This repository does not contain any providers. Please find the appropriate repository and report your issue there or join the discord.
Found provider name: Anroll
IzzySoft
commented
4 months ago Yeah, please provide(r) information :rofl: Sorry. But the term mentioned does not even exist in the report, so I could not resist. No idea what that bot took that from…
IndusAryan
commented
4 months ago @IzzySoft query all packages is used for 2 things on cs3
similary request install packages is for
although these are dangerous permissions but cs3 does them clean, as a flexible plugin based media center it has to do all of this
Blatzar
commented
4 months ago REQUEST_INSTALL_PACKAGES is to update the app, as per the comment. Cloudstream updates itself, this is a required permission. Updates with github is the only official way of updating the app, it is not made for updates using external stores only.
https://github.com/recloudstream/cloudstream/blob/master/app/src/main/AndroidManifest.xml#L12
UPDATE_PACKAGES_WITHOUT_USER_ACTION is not strictly required and more 'dangerous', and like the comment says it allows the app to update itself without an extra click, for a better experience.
https://github.com/recloudstream/cloudstream/blob/master/app/src/main/AndroidManifest.xml#L15
QUERY_ALL_PACKAGES is used to get all aniyomi packages for the aniyomi compat extension and any future work with similar extensions.
https://github.com/recloudstream/cloudstream/blob/master/app/src/main/AndroidManifest.xml#L20-L23
READ_EXTERNAL_STORAGE and MANAGE_EXTERNAL_STORAGE is simply to get downloads working properly, especially on all API levels where unprivileged storage access doesn't exist. Downloading without permissions is a newer thing (A12+) and we support Android 5.
https://github.com/recloudstream/cloudstream/blob/master/app/src/main/AndroidManifest.xml#L7-L8
usesCleartextTraffic is required because some sites are simply not https. Not having it would break some extensions and might hamper extension development.
Usually all permissions are at least moderately explained in the manifest, please check there if anything is confusing :+1:
IzzySoft
commented
4 months ago Thanks @IndusAryan and @Blatzar! Combining your input I now have added the following to the app's "green list":
android.permission.QUERY_ALL_PACKAGES: needed to check for available extensions and media players
android.permission.READ_EXTERNAL_STORAGE: needed in combination with MANAGE_EXTERNAL_STORAGE
android.permission.MANAGE_EXTERNAL_STORAGE: needed to get downloads working properly, especially on all API levels without unprivileged storage accessWith REQUEST_INSTALL_PACKAGES we have an issue here, as "self-updaters" violate the inclusion policy – as does "downloading other binaries". Can you please outline how that is dealt with? There are two conditions allowing for exceptions: of course an "app store client" (think of F-Droid clients, or Obtainium) need this, and those installing such an app are fully aware of the downloads and their sources. For other apps exceptions are possible if an "explicit and informed consent" is given – which is usually achieved in having that feature turned off by default, and with the toggle explaining where the files will be downloaded from and that they would bypass the extra checks performed in the repo (here, the IzzyOnDroid repo – but same would be true for F-Droid.org).
Is that "informed opt-in" already there, or could it be made that way?
Blatzar
commented
4 months ago The app shows an alert, fully cancelable, skippable and able to be turned off.
It only ever updates the app if the user clicks the "update" button. I would personally think of this as user consent.
Turning off this feature is a no-go since then people will simply not realize updates are available.
I understand that F-droid has strict requirements, but CloudStream was not intended to be put on F-droid, if these informed and optional self updates are too much then we are at an impasse as we will not change this system.
IzzySoft
commented
4 months ago @Blatzar OK, that at least turns down the urgency a bit :wink: Thanks for outlining and visualizing!
I understand that F-droid has strict requirements
This rule is identical at F-Droid and with the IzzyOnDroid App Inclusion Policy.
The app shows an alert, fully cancelable, skippable and able to be turned off.
OK, so it's opt-out. Opt-in would be preferable, but I'd say we might be able to close an eye on this.
I would personally think of this as user consent.
I agree. It just misses the "informed" attribute – as the implications are not made clear. People might expect all updates to come from the repo they've installed the app from, including having passed all checks there. Could that be included somehow at least? Maybe something like "New update found at Github ⓘ", and linking the ⓘ to some background details including that the downloads do not go through any additional scans at e.g. app stores/repos? Would that be a compromise we could agree on?
Steps to reproduce
For the last update, the scanners at the IzzyOnDroid repo gave some warnings:
Could you please clarify those? Especially the
REQUEST_INSTALL_PACKAGESworries me there. What apps is this streaming player trying to install?Thanks in advance!
Expected behavior
n/a
Actual behavior
n/a
Cloudstream version and commit hash
n/a
Android version
n/a
Logcat
No response
Other details
No response
Acknowledgements