Status Update
No update yet.
Comments
ga...@google.com
Okay. I tried a bunch of agp+android studio versions
The last working version was classpath("com.android.tools.build:gradle:7.4.0-alpha06")
once I moved to
classpath("com.android.tools.build:gradle:7.4.0-alpha07") then things start breaking on firebase app dist.
ga...@google.com
Scott, assigning to you as it seem to complain the zip is not aligned while packaging which is very puzzling considering the steps...
ga...@google.com
OP, when you build the APK with AGP, are you doing any post-processing on the APK and/or do you have any custom tasks that are modifying the APK?
Can you try to verify the alignment of your APK with zipalign locally (zipalign is included in build-tools):
zipalign -c -v 4 foo.apk
wa...@gmail.com
Not doing any post processing. No custom tasks. I will try to verify alignment now. Give me a sec.
ga...@google.com
Scenario 1:
built my apk with agp alpha09, but didn't update firebase (bom = 30.2.0)
/Users/idle/Library/Android/sdk/build-tools/31.0.0/zipalign -c -v 4 app-release.apk
"Verification succesful"
Scenario 2:
built my apk with agp alpha09, but I DID update firebase (bom = 30.3.1)
/Users/idle/Library/Android/sdk/build-tools/31.0.0/zipalign -c -v 4 app-release.apk
"Verification FAILED"
Description
Affected library:'com.android.tools.build', name: 'apksig', version: '4.1.1'
In class
com.android.apksig.ApkVerifier$Resultis the methodgetV4SchemeSigners()marked private which makes it impossible to use it.The other methods
getV1SchemeSigners(),getV2SchemeSigners(),getV3SchemeSigners()are all public. Please apply this also forgetV4SchemeSigners()so that it is possible to retrieve the details of the v4 signature when using apksig library.Source code reference:https://android.googlesource.com/platform/tools/apksig/+/refs/heads/master/src/main/java/com/android/apksig/ApkVerifier.java