APK at v3.2.1 broken

[IzzySoft]

Can you please check what went wrong with the last release? The packages contain no versionCode:

package: name='com.thehcj.quacker' versionCode='' versionName='3.2.1'

(this is from the arm64 APK, but the armeabi has the same issue). I had to disable updates for now until this is fixed, as that invalid APK would be pulled over and again.

Thanks in advance for checking and fixing!

[TheHCJ]

I did not realise there was no version code on the packages, I suspect it is down to the new build process I am using and I will update it with a fix ASAP

[TheHCJ]

I think I have found the root cause and I will be able to fix it by 18:00 UTC+0

[TheHCJ]

This means you should be able to re-enable updates for Quacker

[IzzySoft]

Sorry to disappoint you – but the APKs you've attached a few minutes ago have the same problem still:

package: name='com.thehcj.quacker' versionCode='' versionName='3.2.1'

(I just had manually triggered an update to check and make sure) Like last time, only the "fat build" is unaffected.

[TheHCJ]

Yh, I think it'll be best to disable updates for now as it seems I may have screwed something up with the build scripts, I'll keep you updated!

[IzzySoft]

Err… I just got a hint from someone who's interest was sparked. Could it be you've pokered a bit too high, and

300200100 * 10 + abiCode > max possible version code

?

[IzzySoft]

That would be this line. You didn't seem to do that before: the arm64-v8a I have here from a previous release simply has 300003090 as versionCode – so no "x10+ABI" there. So maybe just skipping the output.versionCodeOverride for now?

[IzzySoft]

I just learned:

max version code is 2147483647 (it's a signed 32-bit int).

So yeah, this must be the culprit – as 300200100 * 10 > 2147483647 (even 300003090 * 10 > 2147483647 which confirms that this "factor 10" must have been introduced only lately). So the "quick way out" is dropping that change again, going back to how it was before. And remember you've got not much room for increments anymore, so be careful with larger numbers 😉

[TheHCJ]

Done, I have removed the factor 10

[TheHCJ]

@IzzySoft the version code issue is now fixed

[IzzySoft]

Thanks! That worked out (goes live with the next sync around 7 pm UTC) – and left only…

! repo/com.thehcj.quacker_300200103.apk declares sensitive permission(s):
  android.permission.READ_EXTERNAL_STORAGE
! repo/com.thehcj.quacker_300200103.apk contains signature block blobs: 0x504b4453 (DEPENDENCY_INFO_BLOCK; GOOGLE)

The former just needs an explanation (what is read from local storage there needing that permission? The description of the app is rather short and gives no clue to that). The latter one is solved easily:

android {
    dependenciesInfo {
        // Disables dependency metadata when building APKs.
        includeInApk = false
        // Disables dependency metadata when building Android App Bundles.
        includeInBundle = false
    }
}

For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.

[TheHCJ]

READ_EXTERNAL_STORAGE is used for importing data from a file

[IzzySoft]

Thanks! Added to the app's "green list" (which includes the reason given being shown along the permission, effective immediately).

Will you take care for the DEPENDENCY_INFO_BLOCK with one of the next releases?

[TheHCJ]

I had added this code to the build file:

android {
    dependenciesInfo {
        // Disables dependency metadata when building APKs.
        includeInApk = false
        // Disables dependency metadata when building Android App Bundles.
        includeInBundle = false
    }
}

Is that enough to take care of it?

[IzzySoft]

Yes, that should do – thanks! Next release should tell us if it worked out 😉