search

sunilpaulmathew / Weather

An open-source, privacy-oriented application for accurate real-time weather updates!
https://smartpack.github.io/
GNU General Public License v3.0
18 stars 1 forks source link

APK Download #3

Open IzzySoft opened 8 months ago

IzzySoft commented 8 months ago

Hi Sunil, I wonder there's no APKs at the releases. An oversight – or intentional? :wink:

sunilpaulmathew commented 8 months ago

Hi Sunil, I wonder there's no APKs at the releases. An oversight – or intentional? 😉

Intentional. I'm slowly stopping to provide APK's with releases, at-least for the new apps that I work. In fact, I'm not building APK's at all for this app. By the way, I forgot to follow up, the request for packaging this app in F-Droid is till not addressed.

As side note, I'm now living in your country.

IzzySoft commented 8 months ago

I'm slowly stopping to provide APK's with releases

May I ask why? I think it's a good idea having multiple channels. And with no APK, I cannot include your app with my repo – while you are waiting for it to appear at F-Droid.

I'm now living in your country.

Welcome here then! North, south, east or west?

sunilpaulmathew commented 8 months ago

I'm slowly stopping to provide APK's with releases

May I ask why? I think it's a good idea having multiple channels. And with no APK, I cannot include your app with my repo – while you are waiting for it to appear at F-Droid.

No specific reason. I'm just lazy, but might change my mind in future.

I'm now living in your country.

Welcome here then! North, south, east or west?

Thank you. & I'm in Berlin. Are you too far?

IzzySoft commented 8 months ago

might change my mind in future.

Looking forward to that :smile:

I'm in Berlin. Are you too far?

~600 km south-west of it, in Munich.

sunilpaulmathew commented 6 months ago

@IzzySoft Now we have an APK file on v0.5.

IzzySoft commented 6 months ago

Looks good so far, thanks, going to set it up here now. One thing I'd ask you to take care for with the next release if you please:

SigningBlock blobs:
-------------------
0x504b4453 (DEPENDENCY_INFO_BLOCK; GOOGLE)

Easy thing to solve:

android {
    dependenciesInfo {
        // Disables dependency metadata when building APKs.
        includeInApk = false
        // Disables dependency metadata when building Android App Bundles.
        includeInBundle = false
    }
}

For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.

! repo/in.sunilpaulmathew.weatherwidget_5.apk declares sensitive permission(s): android.permission.ACCESS_COARSE_LOCATION android.permission.ACCESS_FINE_LOCATION
! repo/in.sunilpaulmathew.weatherwidget_5.apk contains signature block blobs: 0x504b4453 (DEPENDENCY_INFO_BLOCK; GOOGLE)

I guess the location permissions are to get the weather for the current location (i.e. to adjust to it when on the move)?

Apart from that, it will go live with the next sync around 7 pm UTC, as usual.

sunilpaulmathew commented 6 months ago

ogle can read it – and nobody else can even verify what it really contains.

! repo/in.sunilpaulmathew.weatherwidget_5.apk declares sensitive permission(s): an

Thanks. Yes. More specifically, to automatically find the current location when app first starts (optional) and to recheck the location (not much reliable since app doesn't ask permission to use location in background) whenever app re-acquire weather data (applicable only if location permission is granted + Location Service is enabled in app settings.

IzzySoft commented 6 months ago

Thanks! Updated here accordingly.

Will you take care for that blob?

sunilpaulmathew commented 6 months ago

Will you take care for that blob?

Sure