samuelclay / NewsBlur

NewsBlur is a personal news reader that brings people together to talk about the world. A new sound of an old instrument.
http://www.newsblur.com
MIT License
6.91k stars 1k forks source link

Android: `OperationCanceledException` on closing the folder immediately #1884

Open shuvashish76 opened 3 months ago

shuvashish76 commented 3 months ago

Steps:

  1. Expand any folder
  2. Click on the folder to view all All feeds but before it loads & show data, click back
  3. App crashes
FATAL EXCEPTION: e1.c
Process: com.newsblur, PID: 29089
android.os.OperationCanceledException: interrupted (code 9 SQLITE_INTERRUPT)
    at android.database.sqlite.SQLiteConnection.nativeExecuteForCursorWindow(Native Method)
    at android.database.sqlite.SQLiteConnection.executeForCursorWindow(SQLiteConnection.java:895)
    at android.database.sqlite.SQLiteSession.executeForCursorWindow(SQLiteSession.java:836)
    at android.database.sqlite.SQLiteQuery.fillWindow(SQLiteQuery.java:62)
    at android.database.sqlite.SQLiteCursor.fillWindow(SQLiteCursor.java:149)
    at android.database.sqlite.SQLiteCursor.getCount(SQLiteCursor.java:137)
    at h1.r.n(SourceFile:23)
    at y1.a.h(SourceFile:9)
    at L1.D.run(SourceFile:97)
    at m.j.run(SourceFile:13)
    at R1.i.run(SourceFile:3)
    at R1.a.run(SourceFile:92)
    Suppressed: Q1.f: [k0{Cancelling}@e2e039d, Dispatchers.IO]

Device details: App version: 13.2.4 (220) Model: Lenovo TB-8704X

sictiru commented 3 months ago

@shuvashish76 This exception is handled starting from version 13.2.6. The latest version available in the Play Store is 13.3.0. I see that you're using version 13.2.4, is that from F-Droid? I'm not familiar with their way of pulling the latest version from Play Store

shuvashish76 commented 3 months ago

Yes it's from F-Droid. ThankYou for the info.

I'm not familiar with their way of pulling the latest version from Play Store

That's not how it works. F-Droid build from source. https://gitlab.com/fdroid/fdroiddata/-/blob/master/metadata/com.newsblur.yml

But unlike other apps it's not automated as it's heavily patched by F-Droid hence requires manual intervention. I've notified F-Droid maintainers multiple times in the past to update new versions. (link)

Ping @licaon-kter for the explanation and possible solutions.

licaon-kter commented 3 months ago

Not even humans know when a new version is out: https://github.com/samuelclay/NewsBlur/tags

I can't find anything other than https://github.com/samuelclay/NewsBlur/blob/master/clients/android/NewsBlur/buildSrc/src/main/java/Config.kt#L8-L9 so whatever they pushed to Play is not open source as the source is not here?

sictiru commented 3 months ago

@licaon-kter The latest build was not merged into master yet. Would it help to push tags on releases for F-Droid?

shuvashish76 commented 3 months ago

I'm bit surprised that Newsblur devs didn't know how F-Droid works despite being their app on F-Droid since 30-10-2012 (~12years!!!) 🙈

licaon-kter commented 3 months ago

@shuvashish76 that's not important, there's a spectrum of caring about F-Droid :)

@sictiru yes, please, commit code, Tag :) ping us

sictiru commented 2 months ago

@licaon-kter Does this work for you? https://github.com/samuelclay/NewsBlur/releases/tag/Android_v13.3.0

shuvashish76 commented 2 months ago
@IzzySoft scanner report

``` Offending libs: --------------- * BillingClient (/com/android/billingclient): NonFreeComp,NonFreeNet * Firebase Data Transport (/com/google/android/datatransport): NonFreeNet * Google Mobile Services (/com/google/android/gms): NonFreeComp * Google Play Core (/com/google/android/play/core): NonFreeNet,NonFreeComp SigningBlock blobs: ------------------- 0x504b4453 (DEPENDENCY_INFO_BLOCK; GOOGLE) ```

Since you're attaching apk files, is it possible to establish a FOSS flavor so that it can be served through IzzyOnDroid (the largest 3rd party F-Droid repo) (Already asked there). BTW the app can co-exist on both the repositories. Currently it's impossible to purchase premium through F-Droid as they removed Play Services, BillingClient, Play InApp-Review.

IzzySoft commented 2 months ago

To clarify and safe you from having to collect the details from multiple places, @sictiru – these are the results from the scanner report @shuvashish76 referred to:

Offending libs:
---------------
* BillingClient (/com/android/billingclient): NonFreeComp,NonFreeNet
* Firebase Data Transport (/com/google/android/datatransport): NonFreeNet
* Google Mobile Services (/com/google/android/gms): NonFreeComp
* Google Play Core (/com/google/android/play/core): NonFreeNet,NonFreeComp

4 offenders.

SigningBlock blobs:
-------------------
0x504b4453 (DEPENDENCY_INFO_BLOCK; GOOGLE)

You see, BillingClient drags in additional proprietary dependencies, which F-Droid is patching out to be able to build and distribute the app. The steps to do so differ between releases, so this requires manual adjustments – which is why automated updates are disabled. A FOSS build flavor would help with that as well, as then auto-updates could be enabled at F-Droid as (hopefully) no manual adjustments would be required anymore.

At IzzyOnDroid, we could then pick up the FOSS flavor as well and maybe even establish it as Reproducible Build (also see Reproducible Builds, special client support and more in our repo), which would give an additional plus (confirming the APK really contains what it claims to). And we could even pick up your Fastlane from its custom location (something F-Droid does not support). Also, updates at IzzyOnDroid are faster and usually show up within less than 24h of your making them available here (even with automated updates, F-Droid would take 3-5 days at least).

As for DEPENDENCY_INFO_BLOCK, that can easily be avoided with a minor addition to your build.gradle:

android {
    dependenciesInfo {
        // Disables dependency metadata when building APKs.
        includeInApk = false
        // Disables dependency metadata when building Android App Bundles.
        includeInBundle = false
    }
}

For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains. More details can be found e.g. here: Ramping up security: additional APK checks are in place with the IzzyOnDroid repo.

Thanks in advance!

licaon-kter commented 2 months ago

Updated and enabled autoupdates https://gitlab.com/fdroid/fdroiddata/-/commit/abf962a1cb9184aa90ba3777443f96b90318957a

@sictiru so, the next time you update versionName/Code and tag, this will be picked up by F-Droid

shuvashish76 commented 2 months ago

@IzzySoft what are the alternatives for BillingClient for FOSS friendly flavor? I guess you've experience such cases where apps are served in your repo for such reasons‽

IzzySoft commented 2 months ago

@shuvashish76 as long as no "license check" is involved, see Monetarization for some examples. If checking is needed (e.g. for "pro features" to be enabled), that could be combined with some code sent e.g. by mail in return and then entered into the app. TitaniumBackup did something back then, with a license file to be placed into a specific location.

samuelclay commented 1 week ago

Anything else we need to do here? @sictiru