-
-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Question on permissions and signing details #367
Comments
So to clarify the warnings:
|
via insecure connections? 😱 Don't those servers support https?
Ah, thanks – yes, that explains
Thanks, great! |
Scanner yelled at me again with today's update, asking for
Apologies for nagging – but those who use my repo expect me to take care, and I don't want to disappoint them 😉 |
Hi @IzzySoft, we are running some updates that should get rid of some warnings. We'll definitely let you know when we have finalised some changes (that affect these warnings). |
Wonderful, thanks a lot! |
My recently enhanced scanner just reported on yesterday's update of your app:
Could you please clarify what those permissions are needed/used for – and also which "cleartext connections" are used? As for the
DEPENDENCY_INFO_BLOCK
, that's pretty easy to heal:For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.
Thanks in advance!
The text was updated successfully, but these errors were encountered: