mirror/fdroidclient
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidclient.git synced 2026-04-21 07:18:05 -04:00
Code Issues Packages Projects Releases Wiki Activity
7,540 Commits 5 Branches 324 Tags
eb3c4d2de5c021747ba905dc94de3cf62177d722
Commit Graph

16 Commits

Author SHA1 Message Date
Hans-Christoph Steiner
80a50dcfd4 vendor 'cc.mvdan.accesspoint:library:0.2.0' to remove jcenter entirely 
Code was in https://github.com/mvdan/libaccesspoint

Note that this project is **abandoned** since its method doesn't work on Android
7.1 or later. Have a look at these newer alternatives that have been tested to
work on Android 8.0:

* https://github.com/shinilms/direct-net-share
* https://github.com/geekywoman/direct-net-share
* https://github.com/aegis1980/WifiHotSpot
 2022-01-19 20:43:24 +01:00
proletarius101
d440cb0c81 Fix status bar color 2021-08-26 13:09:00 +00:00
proletarius101
42c0fe7430 Migrate the image loader to Glide 2021-07-01 15:57:06 +00:00
Hans-Christoph Steiner
39f680bb24 resync gradle verification metadata 2021-06-16 14:35:10 +02:00
Isira Seneviratne
19ffd2b491 Use ActivityCompat.recreate(). 2021-06-16 12:29:32 +00:00
Isira Seneviratne
5fad229dbe Update RxJava to version 3. 2021-06-15 08:51:16 +00:00
proletarius101
e48c49ce0c Change the bottom navigation bar to the material component one 2021-05-18 12:39:58 +00:00
proletarius101
aaf08fea0c Update material components library to 1.3.0 2021-04-28 19:17:05 +08:00
Hans-Christoph Steiner
1cd02f02e0 fix trove4j verification error 
trove4j-20160824.pom uploaded to mavenCentral has more info in it, so a
different sha256.
 2021-04-12 15:57:40 +02:00
Hans-Christoph Steiner
04ab3aefa4 update gradle verification metadata 
./gradlew --write-verification-metadata pgp,sha256 assemble
./gradlew --write-verification-metadata sha256 assemble
 2021-04-07 22:00:20 +02:00
Isira Seneviratne
ab8e7935b0 Add WorkManagerTestRule. 2021-01-21 06:18:23 +05:30
Isira Seneviratne
df66d127c2 Add AndroidX WorkManager. 2021-01-21 06:17:28 +05:30
Hans-Christoph Steiner
83b7d7ff67 bump all test dependencies 
Hopefully this will give some stability in the Robolectric tests.
 2021-01-19 09:06:05 +01:00
Hans-Christoph Steiner
4640146842 gradle dependency verification is too buggy with .pom metadata 
This disables the verification of .pom files.  .pom files can add
dependencies, so it would be good to have them verified.  But since this
current setup requires all JAR to be verified, any new dependencies would
fail anyway:
https://docs.gradle.org/current/userguide/dependency_verification.html#sec:disabling-metadata-verification

In some cases everything works fine, like on gitlab-ci, and in other places
it always gives errors like this:

```
A problem occurred configuring root project 'client'.
> Dependency verification failed for configuration ':classpath'
  4 artifacts failed verification:
    - all-1.2.0.pom (com.sun.activation:all:1.2.0) from repository MavenRepo
    - jvnet-parent-1.pom (net.java:jvnet-parent:1) from repository MavenRepo
    - oss-parent-7.pom (org.sonatype.oss:oss-parent:7) from repository MavenRepo
    - oss-parent-9.pom (org.sonatype.oss:oss-parent:9) from repository MavenRepo
  This can indicate that a dependency has been compromised. Please carefully verify the checksums.

  Open this report for more details: file:///home/hans/code/fdroid/client/build/reports/dependency-verification/at-1603359642220/dependency-verification-report.html
```

@glennmen and @eighthave both are getting that error.
 2020-10-22 11:49:17 +02:00
Hans-Christoph Steiner
708a6d8dbd allow differing sha256 values in Google Maven vs Android Offline 
It turns out that some of the dependencies in the Google Offline Components
downloadable maven repository have difference to the ones Google publishes
to maven.google.com.  WTF.  In any case, the new Gradle Dependency
Verification feature handles this gracefully.  I manually verified the
diffs between the two using diffoscope.  One just differed by timestamps in
the ZIP header, and the other just differed by linefeeds at the end of the
file.  Then I generated this metadata update using:

`./gradlew --write-verification-metadata pgp,sha256`

* https://developer.android.com/studio#offline
 2020-08-04 09:46:43 +02:00
Hans-Christoph Steiner
be5bdf3219 enable built-in gradle dependency verification 
This fully replaces gradle-witness and goes far beyond what it offered. As
far as I can tell, this actually will verify every single artifact that
gradle downloads and uses.

This was generated in two passes to get both the PGP and the SHA256 info:

```
./gradlew --write-verification-metadata pgp,sha256 build connectedFullDebugAndroidTest --export-keys
./gradlew --write-verification-metadata sha256 build connectedFullDebugAndroidTest
```

Thanks to  @vlsi who made me aware of this, and helped make it possible.
closes !837
 2020-07-21 10:33:44 +02:00