22 Apr 2021 |
izzy | wow, both would have 2.5.0 so that would fit. | 21:20:40 |
izzy | OK, so I replace "apktool" in the apt line by "libsmali-java/testing apktool/testing". | 21:21:17 |
_hc | one sec, let me test it | 21:21:30 |
izzy | OK | 21:23:14 |
izzy | just run "apktool d -r some.apk" (-r skips resources, which my scanner doesn't need – prevents some crashes) | 21:24:18 |
_hc | izzy: https://gitlab.com/fdroid/issuebot/-/merge_requests/16 | 21:30:28 |
izzy | _hc: thanks, cool! | 21:31:13 |
_hc | on that note, good night! | 21:31:28 |
izzy | Then I simply drop my local branch I just started for that. And yes, good night! | 21:31:42 |
Fay (she/her) | _hc: <sure, whatever you can do in a build entry is acceptible> I'm replacing ~/android-sdk/tools/ with a newer version (https://dl.google.com/android/repository/commandlinetools-linux-6514223_latest.zip) as part of my build entry, which fixes my java 8 vs 11 issues in CI. I assume that counts as acceptable? | 22:25:16 |
Fay (she/her) | with the CI nkd & build path fixes I proposed - and some small changes on my end (e.g. unsetting PYTHONPATH) - my python-for-android app now builds reproducibly - including signature copying - in CI :) | 22:28:15 |
23 Apr 2021 |
_hc | 幸猫: yes that seems fine. I would add a SHA256 check of the download, you can verify it against our binary transparency log https://gitlab.com/fdroid/android-sdk-transparency-log/-/blob/master/checksums.json#L1993 | 06:44:07 |
_hc | like this https://github.com/guardianproject/tor-android/blob/6079b701c4133185108585d4e6b5add38cf3a604/.gitlab-ci.yml#L23 | 06:46:59 |
_hc | FYI I have a Samsung Galaxy II N7100 which is one of the devices supported by Replicant. If anyone wants to run Replicant with no binary blobs on a device with an isolated baseband, I can send it to them | 07:25:53 |
_hc | * FYI I have a Samsung Galaxy Note II N7100 which is one of the devices supported by Replicant. If anyone wants to run Replicant with no binary blobs on a device with an isolated baseband, I can send it to them | 07:26:15 |
_hc | oops, its a Note II not just a 2 | 07:26:24 |
_hc | you can make calls using only free software, no binary blob, IIRC | 07:27:46 |
izzy | _hc: quick feedback: Using Apktool from testing did the trick, thanks again! | 07:40:35 |
izzy | https://fdroid.gitlab.io/-/fdroiddata/-/jobs/1205831672/artifacts/public/issuebot/1205831672/8846/iod-scan-apk.php.json | 07:40:55 |
_hc | nice! | 07:45:47 |
_hc | so its official: issuebot supports moduiles written in languages bsides Python :) | 07:46:47 |
izzy | Yes! \o/ | 11:25:18 |
izzy | And I've just checked in some improvements. Should Apktool exit with a non-zero return code, the report now reflects that (to distinguish between "no offenders found" and "nothing found b/c Apktool crashed").. | 11:26:28 |
izzy | reportData also extended. Let's watch that for a while now. If it works out fine, it's just a single line to comment out logging to console (in the `logger()` procedure). | 11:27:39 |
izzy | if anyone has questions on this one ( fossdd FestplattenSchni linsui ), just ask me. Issuebot report should reflect reality now, full details can be found in artifacts (public/issuebot/<subdir_with_highest_id>/<subdir>/*.json) | 11:30:09 |
_hc | izzy: did you see issuebot!17 | 11:56:37 |
_hc | https://gitlab.com/fdroid/issuebot/-/merge_requests/17 | 11:57:55 |
Fay (she/her) | _hc: I was already checking the SHA512 :) | 12:46:54 |
Fay (she/her) | unfortunately, some parts of the python-for-android/buildozer toolchain still download stuff w/o checking checksums :( | 12:47:28 |
Fay (she/her) | and buildozer even downloads ant over http :( | 12:47:52 |