New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Question on permissions #1821
Comments
PS: with KeePassDX being available at IzzyOnDroid, maybe you want to pick a badge to link there, next to the other three? 😉 |
I haven't changed the permissions since the last version.
Yes indeed
I'll take a look. |
Probably not – but i have extended my scanners since 😉 Details are outlined here: Ramping up security: additional APK checks are in place with the IzzyOnDroid repo
Thanks for confirming! I've put that to your app's "green list" with the explanation added:
Thanks! Excluding it for the APK would suffice, in case you think you'll need it for the AAB to upload to Google Play. That said: Thanks a lot for maintaining your app – I'm one of your happy "users" myself! |
@J-Jamet Auto-type feature of Autofill service feature only not Magikeyboard right? Or required for both? |
@shuvashish76 android.view.InputMethod is the Magikeyboard declaration |
On the latest APK, my scanner reports:
Can those please be clarified? I assume
InputMethod
is needed for auto-type. ForQUERY_ALL_PACKAGES
I found #996 which is still open, so I assume the reason given there („used to open applications directly from their applicationId from an "AndroidApp" field“) still holds true?As for
DEPENDENCY_INFO_BLOCK
, this can easily be avoided:For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.
The text was updated successfully, but these errors were encountered: