kotomj / security-showcase-android Goto Github PK
View Code? Open in Web Editor NEWSample application pointing some security related practices on Android device.
Sample application pointing some security related practices on Android device.
Hi,
hope find you well with this cold call.
I am an author of mocking framework for Kotlin
I see you are using mockito-kotlin.
I just want you to be aware that there is solution that fully supports Kotlin and ask to try it in your new/current projects.
I can help you if you answer to this issue.
Thanks and please star it
android/app/build/tmp/kapt3/stubs/rostiDebug/cz/koto/securityshowcase/ShowcaseKeystoreCompatConfig.java:4: error: cannot access KeystoreCompatConfigM
e:
e: public final class ShowcaseKeystoreCompatConfig extends cz.koto.keystorecompat.compat.KeystoreCompatConfig {
e: ^
e: class file for cz.koto.keystorecompat23.compat.KeystoreCompatConfigM not found
e: java.lang.IllegalStateException: failed to analyze: java.lang.AssertionError: annotation tree hasn't been attributed yet: @kotlin.Metadata(mv = {1, 1, 9}, bv = {1, 0, 2}, k = 1, d1 = {"\u0000\u0018\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\b\n\u0000\n\u0002\u0010\u000b\n\u0000\u0018\u00002\u00020\u0001B\u0005\u00a2\u0006\u0002\u0010\u0002J\b\u0010\u0003\u001a\u00020\u0004H\u0016J\b\u0010\u0005\u001a\u00020\u0006H\u0016\u00a8\u0006\u0007"}, d2 = {"Lcz/koto/securityshowcase/ShowcaseKeystoreCompatConfig;", "Lcz/koto/keystorecompat/compat/KeystoreCompatConfig;", "()V", "getDialogDismissThreshold", "", "isRootDetectionEnabled", "", "app_rostiDebug"})
R8 should identify direct reflective use of constructors.
Got a problem with my build.gradle
// KeystoreCompat
implementation('cz.koto:android-keystore-compat:1.2.0') {
exclude group: 'com.android.support'
}
"Failed to resolve: android-keystore-compat"
Maybe you've forgotten to add .aar file to bintray?
After review, Security Showcase, cz.koto.securityshowcase, has been removed from Google Play because it violates the deceptive device settings changes policy.
You must explain to users why you are requesting the 'android.permission.BIND_DEVICE_ADMIN' in your app. Apps must provide accurate disclosure of their functionality and should perform as reasonably expected by the user. Any changes to device settings must be made with the user's knowledge and consent and be easily reversible by the user.
Next Steps
Read through the Deceptive Device Settings Changes policy for more details, and make sure your app complies with all policies listed in the Developer Program Policies.
If you don't need the BIND_DEVICE_ADMIN permission in your app:
Remove your request for this permission from your app's manifest.
Sign in to your Play Console and submit the modified, policy compliant APK.
Or, if you need the BIND_DEVICE_ADMIN permission in your app:
Include the following snippet in your app’s store listing description: “This app uses the Device Administrator permission.”
Provide prominent user facing disclosure of this usage before asking the user to enable this permission within your app. Your disclosure must meet each of the following requirements:
Disclosure must be displayed in normal course of usage of your app. Your users should not be required to navigate into a menu or settings to view disclosure.
Disclosure must describe the functionality Device Admin permission is enabling for your app. Each security policy used with the Device Admin request must be declared in your disclosure, and each policy must be accompanied with justification for the request.
Disclosure cannot only be placed in your privacy policy, terms of service or end user license agreement (EULA).
If approved, your app will again be available with all installs, ratings, and reviews intact.
Regards,
Joy
Google Play Review Team
Hello,
Could you add minimal info on how to use it and minimal example code to the readme? I tried to crack one of your examples mentioned, but I really don't get those multiple dismiss settings, why are they and what for... Same goes with "force" settings...
Hi, quick question over here: Is it currently safe to use KeystoreCompat 1.1.2 and publish an app to the play store without it being rejected? Just wondering because you said you were working on a new version which didn't relay on BIND_DEVICE_ADMIN
. We are working on an app that currently targets KitKat (pre-Lollipop) and I have this feeling BIND_DEVICE_ADMIN
is sort of needed for such minSDK.
Thanks
Current installation requires to define android-keystore-compat
itself. But it also requires to list all implementation dependencies.
dependencies {
api("cz.koto:android-keystore-compat:2.0.1") {
exclude group: 'com.android.support'
}
api("cz.koto:android-keystore-compat-base:2.0.1")
api("cz.koto:android-keystore-compat-19:2.0.1")
api("cz.koto:android-keystore-compat-21:2.0.1")
api("cz.koto:android-keystore-compat-23:2.0.1")
implementation('com.scottyab:rootbeer-lib:0.0.6') {
exclude group: 'com.android.support'
}
}
Fix this ugly installation requirement to simplify gradle definition
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.