Profile cover photo
Profile photo
Tomáš Kypta
167 followers
167 followers
About
Tomáš's interests
View all
Tomáš's posts

I just stumbled upon another Gradle bug/feature in its dependency resolution process.
If you want to load a Maven dependency that has a classifier from a Maven repository, make sure the repository also contains the same artifact (and the same version) without a classifier.
Otherwise Gradle insists it's not there and build fails.
For some reason it tries to find the no-classifier dependency first (even if you don't use it).

Post has shared content

Post has attachment
Did you know that ProGuard supports providing custom obfuscation dictionaries via -obfuscationdictionary, -classobfuscationdictionary or -packageobfuscationdictionary ?
But ReTrace script in Android SDK can't deobfuscate the stacktraces. It supports only [A-Za-z0-9_$] characters. That's because Android SDK contains ProGuard 4.7 and deobfuscation of optimized stacktraces was added in ProGuard 5.2.
But don't worry, there's a solution.
You can download ProGuard 5.2 https://sourceforge.net/projects/proguard/
Or you can use Facebook's fork of ProGuard https://github.com/facebook/proguard which is supposed to be much faster.
Or you can use ReTrace from DexGuard (paid).

Post has attachment
Slides from my lecture on Writing testable Android apps at Socialbakers https://speakerdeck.com/tomik/writing-testable-android-apps #androiddev

Post has attachment
Slides from my aDevMeetup lecture on ProGuard https://speakerdeck.com/tomik/proguard   #aDevM    #androiddev  

Post has shared content
I've open-sourced the web-based layer visualizer we used in the "Android Design for Developers" +Udacity course! Check it out here:

https://github.com/romannurik/LayerVisualizer

Note: web-based meaning you put together the UI in HTML/CSS, not Android code
Animated Photo

Post has attachment

Post has attachment

Post has shared content
The aforementioned change can be found here: https://android.googlesource.com/platform/frameworks/base/+/aaa0fee (thanks +Radovan Paška for finding it).
It means that the method works only for apps that have android.permission.REAL_GET_TASKS permission (this permission can be acquired only by a system app) or for apps that have android.permission.GET_TASKS and are system apps.
This week Google released Android update "LMY48I", to correct the "stagefright" security vulnerability on its Nexus devices.  The "stagefright" vulnerability had been heralded as one of the most dangerous in the history of Android.

Unfortunately, the update also contains intentional changes that render many system utilities, security tools, and antivirus products less effective (or even non-functional).  SystemPanel is one of the tools severely affected by this change, and in the current version many features will not work on Android 5.1.1 versions with build numbers after LMY48I.

The reason for this issue is that Google removed the ability for applications to determine what other applications are running on a device.  That is, you are no longer allowed to see what applications are running in the background on your phone or tablet.  In my opinion, removing this ability has a significant negative security consequence.

The developer documentation for this now-removed feature is unchanged, and in fact still describes it with the suggestion that it be used to build applications like SystemPanel, i.e., "Note: this method is only intended for debugging or building a user-facing process management UI."  See http://developer.android.com/reference/android/app/ActivityManager.html#getRunningAppProcesses%28%29

This breakage is unquestionably deliberate: it's described in the LMY48I changelog.  And of course, Google-preinstalled system apps will be unaffected and retain their abilities, it's only applications that you as the user wish to install that will be negatively affected.  Removing this functionality was not necessary to correct the "stagefright" security vulnerability.

The one bit of good news here is that SystemPanel should be able to survive this.  I am working feverishly to get a beta together that works on this crippled release of Android, and most functionality will be restored.

This is possible by using lower-level Linux APIs (e.g. the /proc pseudo-filesystem) to retrieve  information about running applications.  It is not a complete replacement though, and some data will no longer be available.

The situation may take a turn for the worse when Google releases Android M, as that version's SELinux implementation appears to hide even more information from the user.  In Android M (Developer Preview 2), the user is entirely restricted from seeing information about Linux system processes which are not Android applications.  This statement is based on my own observations of the Android M Preview's behavior, and it may not be the case in the shipped product.  If things stay as they are in the current developer preview though, Android M will be providing a convenient shelter for malware or battery-draining processes to operate without the possibility of detection.

I still do recommend that everyone install the update that fixes the "stagefright" vulnerability ASAP, even if SystemPanel is temporarily broken and reduced in functionality as a result.  An updated version of SystemPanel will be made available very soon.

Post has attachment
New version of Android Studio/IntelliJ IDEA plugin Android ButterKnife Zelezny is out.
It now supports ButterKnife 7 and adds navigation links between @OnClick methods and @Bind/@InjectView field.
Wait while more posts are being loaded