Android Dev - App Feedback Thread - October 01, 2021

---

• App Feedback Thread - October 01, 2021
• Has anyone actually use the In-App Review Plugin on their apps? In-App Review vs Traditional Popup(redirect to playstore page)
• What conflict did you have at work as an Android developer and how did you solve it?
• Simple Button Design
• Review to unlock a part of the app
• Updating my tech stack: RxJava vs Flow
• Question about metadata of music apps
• How to locate app data on a tablet memory
• How to listen to the traffic of a Reddit app and post about it on Reddit?
• [Help] M1 or Intel Mac for Android dev?
• So many options, but which one do you use to replace SingleLiveEvent?
• REVENUE: Personalised vs. non-personalised ads
• Google Play indexing problem?
• Sync failed
• Please I need some serious help
• Custom views [kotlin]
• Sync Failed
• Android Studio Bumblebee Canary 13 available
• Using Jetpack Compose in production
• All About Opt-In Annotations - zsmb.co
• I'm trying to move from only-used-by-me projects to releasable projects, but I could use some advice on how to set up API key protection.
• Firebase Remote Config: in-app default parameter values
• Upgraded to Arctic Fox 2020.3.1 and my "src/main/jni" is not showing in the project anymore.
• Android Antitrust Appeal Case: Google asks the judge to revoke the $5 billion fine
• GPlay: 30 characters limitation
• If your app require a device unique ID for tracking data or white listing device, watch this video to get some idea how it should be done!

App Feedback Thread - October 01, 2021 Posted: 01 Oct 2021 06:00 AM PDT This thread is for getting feedback on your own apps. Developers: must provide feedback for others must include Play Store, GitHub, or BitBucket link must make a top level comment must make an effort to respond to questions and feedback from commenters app may be open or closed source Commenters: must give constructive feedback in replies to top level comments must not include links to other apps To cut down on spam, accounts who are too young or do not have enough karma to post will be removed. Please make an effort to contribute to the community before asking for feedback. As always, the mod team is only a small group of people, and we rely on the readers to help us maintain this subreddit. Please report any rule breakers. Thank you. submitted by /u/AutoModerator [link] [comments]

Has anyone actually use the In-App Review Plugin on their apps? In-App Review vs Traditional Popup(redirect to playstore page) Posted: 01 Oct 2021 01:52 AM PDT submitted by /u/Alert-Fault6435 [link] [comments]

What conflict did you have at work as an Android developer and how did you solve it? Posted: 01 Oct 2021 06:06 AM PDT What's the best way to answer this Interview question? submitted by /u/inAbigworld [link] [comments]

Simple Button Design Posted: 30 Sep 2021 11:47 AM PDT submitted by /u/DismalCall5534 [link] [comments]

Review to unlock a part of the app Posted: 01 Oct 2021 08:07 AM PDT A perhaps simple YES/NO question: Can I encourage users to leave a review to gain something in return (a game mode in this case)? Why I'm asking Is because I don't want my app to be taken down if this goes against Google Play rules. If yes: Have you done this? What was the result? Does users really like this? submitted by /u/Plebimus [link] [comments]

Updating my tech stack: RxJava vs Flow Posted: 01 Oct 2021 07:33 AM PDT Hi everyone! 👋 So, I'm about to start a new project from scratch and I'm looking into updating my tech stack. The last project I've completely created from scratch is from 2 years ago, and well, we all know how much technologies can change in a few years. In that last project I used: Retrofit with the RxJava adapter exposing Singles. RxJava to plug-and-play different Repositories. Dagger for DI using a multi-module architecture and SubComponents to expose my dependencies to the feature modules. 100% Kotlin So, for this new project I'll be using: Retrofit exposing coroutines My Repositories would expose a Kotlin's Flow interface instead of using RxJava Hilt on top of Dagger. I'm pretty much sold on the idea of using Hilt, honestly I've tried it, and it does remove a lot of boilerplate code. I've seen some people complain about issues with dynamic feature modules, but I'm not going to use those so I think it would be fine. -------------------​ Now, the only thing that I'm still trying to figure out is if I actually want to use is Kotlin Flows. So far I haven't had any issues replacing RxJava with Kotlin Flows, the API is kinda the same, I'm not sure if the RxJava API and the Flow API are 100% equivalent. I mean, I haven't seen any Flow API function equivalent to RxJava's concatDelayError which is useful when you want to contact several network calls together and handle any error last. I've implemented a few Interactors/UseCases where I zip several network calls together, and flat map one of those network calls if something goes wrong. So I can kinda do the same things that I'd do with RxJava. I've also been reading a few articles in favor and against RxJava/Flow. So, I'm going to list these articles below and digest a few interesting pointers: Vasiliy's RxJava Lessons Learned: Doing a totally disrespectful TL;DR of the article great content, it basically says that RxJava has died and no one should use it anymore. It says that one of the issues with RxJava is the humongous steep learning curve. I agree with that it is not easy to learn about all the RxJava components (Observable, Single, Subject, Disposable, Schedulers, etc.) and also lear its API (zip, flatmap, concat, merge, etc.). But, I consider RxJava learning curve no more difficult than Dagger. It says that RxJava code spreads over the codebase like a cancer. Well, I usually have to provide my Schedulers via Dagger modules and then inject them directly into the Repositories. I'm not sure if I'd go as far as saying that it spreads like cancer, but sure, you need to carry the Schedulers somehow. Vasya's RxJava vs Flow: One of the most interesting articles I've found about this topic. Super detailed comparisons between RxJava and Flow. RxJava has more operators than Flow. Although, you can somehow workaround this, for example you can use a try/catch to implement the onErrorResume. Kotlin has multi-platform support. It's not Java so feels good having one less Java library there. Flow's code looks much more intuitive than RxJava's. RxJava deals with Observables, Single, Completables, and other components. Flow is just Flow. So, TL;DR: You guys think it is time to change RxJava by Flow? Anyone who has moved from RxJava to Flow, have you found anything that you didn't like? Or something that required much more boilerplate code than with RxJava? I'm 80% convinced to move to Flow by now, but I'd like to hear what everyone else thinks. Appreciate all the feedback. Thanks, 🙇 🙇 🙇 submitted by /u/alarghi [link] [comments]

Question about metadata of music apps Posted: 01 Oct 2021 07:23 AM PDT How can I get metadata of different music apps, I have used intent filter with broadcast listener, but except for Spotify no other apps seem to fire any of the intent filters, am I missing something here I'm a new android developer. submitted by /u/neojake [link] [comments]

How to locate app data on a tablet memory Posted: 01 Oct 2021 07:16 AM PDT Hi there :) I have an app on my Android tablet that shows short video loops (2 or 3 seconds). I assume it is using the RAM. Is it possible to locate the loops on the tablet's memory? No relevant files could be found in the android cache folder or in any of the app folders. submitted by /u/lokoloko1337 [link] [comments]

How to listen to the traffic of a Reddit app and post about it on Reddit? Posted: 01 Oct 2021 06:20 AM PDT Hey! I think there will be quite a few people who have interesting tasks for working with applications. For example - traffic analysis for, of course, testing these very applications! You have had a difficult burden - you need to debug the production assembly of your employer's application (but how else?) - and you begin your search for solutions to problems. And you will have many problems along the way. I am writing about how they can be solved. The classic path begins with installing some Charles, setting up a proxy server in it, and trying to listen to traffic, but we quickly run into a problem - all adequate modern applications use HTTPS, and therefore, you will have to install a certificate on your device, which will allow you to listen to traffic … This is where the fun begins … Let's create a checklist to guide us through the process: Preliminary preparations to start installing the emulator You are here Installing the emulator Installing a certificate for MITM Checking the operability of listening to traffic Disappointment Getting root access Transferring the certificate to the system store Disappointment(?) SSL Unpinning Profit !!! Installing Android Emulator I will not describe the entire installation procedure, I hope you can do all preparatory steps to find yourself in a situation where you just have to select a certain type of OS in the emulator, and all the previous steps have already been completed. So: We choose any suitable option, with an important caveat - it must be an assembly without Google Play, but with Google Play Services (it will be seen later). Accordingly, we choose a device without a triangle 1 2) We select any image of interest that contains Google Play APIs 2 3) Set the Cold Boot parameter to ON 3 It is done! Installing the emulator Installing a proxy-sniffer certificate I will use Fiddler Everywhere to listen for traffic. And I will show you the procedure for setting up this software, according to which we will close one more item on our roadmap. Here I will make a small lyrical digression - this program is paid, and even by subscription, and it will cost, in the best case, $10 per month. But, you will have a 30-day trial, after which you need more gold, so you can use any other tool. I tried to use Postman - it also has a proxy-tooling, however, the root certificates that Postman generates are not suitable for installation in Android 10/11. However, the support service is already vigilant, and, I hope, in the allotted 30 days of trial everything will work as it should (in Postman) and you will be able to use the most convenient (from my point of view) tool for solving this problem. When this happens, I will supplement this article. And now we return to the process of installing the certificate on the device (emulator). We need to expand the Advanced Settings item in the Fiddler settings, and export the root certificate. At the moment I am a Windows user and on this OS it will appear on the desktop, a hint about this is shown by hovering over the question icon. 4 After exporting the certificate, with a smooth movement of the hands, transfer it to the running emulator - the file will be in the .../Downloads folder. After that, you can immediately go to the settings and install our certificate: 5 6 7 Fine! We can put a tick next to one more item: Installing a certificate for MITM Check if everything is ok It's time to check whether our efforts have yielded at least some useful results. The guinea pig of today's experiment will be the Reddit app and the first thing we see if we try to download posts: 8 Emptiness. 9 And also endless SSL handshake attempts in Fiddler. It seems it's time to put a dash immediately opposite two points of our roadmap: Checking the operability of wiretapping Disappointment I am root It seems to me that the moment has come to tell us why we even need a root? It's all about that notorious change to Android 7, after which user certificates were no longer trusted. Therefore - we need to do something with our installed certificate so that we can use it to study the traffic of our working application. And this can be done only if your device is rooted. There is also the reason for using the emulator, and the related features: without an emulator, you will have to have a constantly rooted device, if it is a separate dedicated smartphone, then there are especially no problems with this (well, except for charging, gradual obsolescence and limitations of a particular model), however, if you have your device, then the disadvantages of the root can be significant - not working security system, broken Google Pay or fallen off cameras… Well, among other things, the emulator makes it easy to change the Android version (however, you will have to repeat everything the actions listed here, but you will already have this article, and I'm writing all this without it). Now let's get started. Thanks to the wonderful project, the whole process is reduced to running just one script, with a little preparatory work. Also, pay attention to what is displayed in the console and if you are using Windows - then run not .sh, but .bat. Perhaps WSL will come in handy here, but my system, let's say, with some features that WSL does not allow to use (if you know how to get both WSL and Android Emulator on the Ryzen 5000 series, then please write a comment about it) … And here are the works themselves: ./rootAVD.sh ~/Library/Android/sdk/system-images/android-30/google_apis/x86_64/ramdisk.img In addition, you need to restart the emulator. Well, for Windows users, the path to the image will be something like this: C:\Users\Me\AppData\Local\Android\Sdk\system-images\android-30\google_apis\x86_64\ramdisk.img At the output, we get a root, which is saved when the emulator is restarted, but you should not do the wipe. 10 11 We put a daw: Getting root access Making the certificate trusted To do this, we need to transfer it to the trust store. Here we need the root (not only here but later). To do this, we run a chain of the following commands: adb shell su mkdir -m 700 /data/certs cp /system/etc/security/cacerts/* /data/certs/ mount -t tmpfs tmpfs /system/etc/security/cacerts cp /data/misc/user/0/cacerts-added/* /system/etc/security/cacerts/ mv /data/certs/* /system/etc/security/cacerts/ chown root:root /system/etc/security/cacerts/* chmod 644 /system/etc/security/cacerts/* chcon u:object_r:system_file:s0 /system/etc/security/cacerts/* Then we see the following picture in the system certificates: 12 13 Our certificate has become a systemic one, so we will close one more item: Transferring the certificate to the system store And let's check our application right away: 14 15 Fine! Now we can listen to HTTPS traffic of any (or?) Applications from the emulator. Let's try another app - Avito to solidify the result (it is a Russian app for selling things between people). 16 17 It seems that something went wrong here. However, you already know everything, since you saw a giant spoiler at the very beginning, so we put one more daw: Disappointment! SSL-Unpinning There are many solutions to this topic, but, as a rule, they all revolve around one idea - rebuilding the application you want to study. This approach is very cumbersome, complex and can lead to procrastination, so something is needed that will make everything much simpler and more universal. And the recipe for this something is right here, for free and without SMS: Thanks to the presence of root, install Xposed Thanks to Xposed, we will install the module for unbinding SSL binding Profit !!! (two points here would look dull) Now let's go in order. Installing Xposed Taking into account our initial plan to listen to everything and everyone on the emulator, some difficulties appear at this step - we need to choose a successful combination of software solutions that will work on the emulator. Thanks to this article, you will not have to spend several hours looking for these solutions and just follow a simple instruction: Download the latest version of the Magisk module with an interesting name Riru and install it via Magisk Close the emulator, and then run it again (this step emulates a reboot, which, for some reason, does not work for me, if it works for you, it may be enough) Find a module called Riru - LSPosedin the Magisk repository and install it Reboot the emulator again Open the LSPosed application, in which you need to install the Xposed-module SSLUnpinning We switch all the jackdaws in the settings of this module for all applications that we want to listen to and activate the module itself Reboot the emulator After that, you find yourself in a situation where you have an emulator with: Full root (Magisk) Installed MITM certificate in User-space Installed Xposed (LSPosed) Installed module for SSL-Unpinning In the process, having the following set of pictures: 18 19 20 This is a link to an image that Reddit did not miss due to the limit on images in the amount of 20 pieces. You can honestly check the box: SSL Unpinning The time has come to check if this locomotive is working: This is a link to an image that Reddit did not miss due to the limit on images in the amount of 20 pieces. This is a link to an image that Reddit did not miss due to the limit on images in the amount of 20 pieces. Works! We can also put the last checkbox: Profit!!! What are the nuances? Firstly, every time the emulator is turned on, it will be necessary to make the certificates trusted again (in principle, after all these procedures, you can disable Cold Boot, and then you will not have to, but sooner or you will have to restart the emulator "hard", and then you will not have to work with the certificates ). Perhaps there is a permanent solution here, or it can, at worst, be automated, but I'm tired. Secondly, not all applications, in principle, want to run on the emulator. The most reliable option is to have a set of dedicated phones running different versions of Android, all of which will have the entire arsenal of tools from this manual (with minor changes), but this is not always possible. In the end, I will once again duplicate the entire instruction point by point, so that the algorithm itself is clear: Making preparations (installing Android Studio) to be able to install/run the emulator Install the emulator with the parameters defined above We install the applications of interest to us on the emulator by dragging and dropping the cursor and make sure that they work in principle and all this will not be in vain Get root (Magisk) using the instructions above Reboot the emulator Install Riru Reboot the emulator Install LSPosed Reboot the emulator Install Xposed module SSLUnpinning We put all the jackdaws in the module for the applications of interest to us and for the module itself (turn it on) Close the emulator Turn off Cold Boot Turn on the emulator Install the MITM CA-certificate in the User-space (count - just install) We make the certificate trusted according to the instructions above We configure Proxy on the emulator according to the parameters specified above, or your own (depending on which tool for traffic analysis you are going to use) Analyzing the operation of the application If you install additional applications on the emulator, then you need to put daws in front of them in SSLUnpinning (via LSPosed) and hard reboot the emulator, followed by fixing the certificates after the reboot. On this, everything, until we meet again! submitted by /u/alphamikle [link] [comments]

[Help] M1 or Intel Mac for Android dev? Posted: 01 Oct 2021 06:16 AM PDT Hi I have an option to get 16inch Macbook Pro 2019 or Macbook Air/Pro M1. What are your suggestions? My primary tasks are Android app development (and use emulator quite rarely for testing also). Cost is not an issue. Thanks... submitted by /u/anirudhgupta281998 [link] [comments]

So many options, but which one do you use to replace SingleLiveEvent? Posted: 01 Oct 2021 05:07 AM PDT I found you can use a sharedFlow MutableSharedFlow<Action>(replay = 0) or a channel private val _action = Channel<Action>(capacity = Channel.CONFLATED) val action = _action.consumeAsFlow() Also not sure about which capacity is best for this But I found a bunch of posts mentioning BroadcastChannelbut since it's deprecated for sharedFlow and stateFlow, I would think the sharedFlow with replay 0 is the way to go, but I can't decide which one is best. The aim is to purely find a replacement for SingleLiveEvent submitted by /u/dotcomslashwhatever [link] [comments]

REVENUE: Personalised vs. non-personalised ads Posted: 01 Oct 2021 04:30 AM PDT Hi there, I am working on implementing a banner ad in my Android app. I am quite opposed to ads in general and do not like my app users to be tracked because of it. Hence, I am considering adding only non-personalised ads to my app, even if I might earn less. Does anyone know how much revenue loss (in percent) I can expect in general, compared to personalised ads? (I implement AdMob banner ads). I could not find any reliable information about it in the internet, hence I would like to hear your experience/opinions. ​ Thanks in advance for your help! Cheers :) submitted by /u/Michael_K14 [link] [comments]

Google Play indexing problem? Posted: 01 Oct 2021 04:23 AM PDT I have noticed that lots of apps have disappeared from Play Store (mine included). I can't even find something like: TINDER using certain google accounts (from others it's appearing). But it looks like google is not properly indexing +18 apps. Has anyone noticed it too? submitted by /u/Gloomy-Dirt-8293 [link] [comments]

Sync failed Posted: 01 Oct 2021 04:14 AM PDT Hi, I god some sync error issues in my android studio gradle project. "Gradle project sync failed. Basic functionaltiy(e.g. editing, debugging) will not work properly)" Could not find method implemenation() for arguments [random libary]. Thank you for your support. Kind regards submitted by /u/Qforyouisyou1 [link] [comments]

Please I need some serious help Posted: 01 Oct 2021 03:06 AM PDT I am developing an app and I wasn't to get the track details of any music playing from any app in the background, I set intent filter on my main activity, but It can only detect changes in Spotify but not other apps, for example Jiosaavan, Gaana or Amazon music or wynk, please help me figure out what's the problem and what's the solution, please. submitted by /u/neojake [link] [comments]

Custom views [kotlin] Posted: 01 Oct 2021 02:51 AM PDT Hi guys. I want to learn about android custom views using kotlin but I dont know where to start. Is there any good resource you guys may recommend to me like a course or anything else. Thanks submitted by /u/HugoooOliveira000 [link] [comments]

Sync Failed Posted: 01 Oct 2021 02:46 AM PDT Could someone tell me what the reason is, please? Kind Regards ​ ​ https://preview.redd.it/2m8bf5uo8tq71.png?width=1385&format=png&auto=webp&s=840b7f3a8ded1f4d44b5507a178c4bbd70035bf4 submitted by /u/Qforyouisyou1 [link] [comments]

Android Studio Bumblebee Canary 13 available Posted: 30 Sep 2021 09:58 AM PDT submitted by /u/androidtoolsbot [link] [comments]

Using Jetpack Compose in production Posted: 30 Sep 2021 01:29 PM PDT Anyone using Jetpack Compose in production? How trustworthy is the API and is it prone to change? Do you feel any improvement in the project in comparison to XML layout?! submitted by /u/mohseniod [link] [comments]

All About Opt-In Annotations - zsmb.co Posted: 30 Sep 2021 08:14 AM PDT submitted by /u/zsmb [link] [comments]

I'm trying to move from only-used-by-me projects to releasable projects, but I could use some advice on how to set up API key protection. Posted: 30 Sep 2021 05:16 PM PDT I am trying to take things a bit more seriously with my Android projects (semi-self taught) and I want to release something for the first time on Google Play. I'm not expecting people to download it, but I want to get a hang of the better development practices. My project now requires API keys for Microsoft's Translator API on Azure. For my previous projects, meant just for me, I was pretty loose with storing API keys and secrets. But those were free API keys, these are not (after a certain amount of monthly usage), so I'd much prefer someone not easily finding them and making me go over my $0 budget. After spending a bit of time looking into this, I still have no idea what I should do. I'm not too familiar with how the Android builds there apps in general (they didn't teach mobile development at my college and android standards seem to change yearly now), so I don't know what is easily accessible and not easily accessible from a decompiled APK. I have some feelings about the pros/cons of certain solutions, but I'm not confident. So feel free to let me know if something I think is incorrect (I prob am). Ideas I've found for solving this issue and my initial thoughts: Something as simple as putting the keys in local.properties and accessing them with Google's secret gradle plugin (source). This seems convenient, but I feel like this is limited to only open source projects. How secure would this be if releasing onto Google Play and not just hosting as an open source project? What happens to the local.properties file when the app is built? Get a server. I've seen two methods for this commonly brought up: get the keys from the server, or get the server to do the API calls and have the server respond with the results. Both make sense, but I'm not sure how to implement this. Biggest hurdle: need a server. The first way has less moving parts but technically still makes the API keys accessible to the application. Every server hosting option I have found is subscription-based with vague pricing models. I'm not surprised by this, but I thought there'd be better options. Haven't found any server event function services that have at least a free tier to work with. AWS Lambda does, but for this use case I need API Gateway and other services with different limits it seems. Seriously, if there is a product that could do either option with a decent free version, let me know please Putting it somewhere in assets or resources (most notable for putting into shared preferences). This just seems like another version of hardcoding it. Again, I'm not sure about what happens at build time so I may be wrong, but this does not seem like a good idea. I read this is a very common way it's done, is that true? Using the NDK and taking advantage of the NDK being in binary. I found this interesting. It's not as secure as the server implementation, but it kinda feels to be a good amount of difficultly for cracking it. I read that the NDK could use the checksum to verify it's my app calling it, that seems pretty good if true. I'm leaning towards this but I would appreciate some insight from people with more experience. How dangerous are options #1, 3, and 4 compared to #2's server implementation? Is there a possible solution I missed? Apologies for the rambling. submitted by /u/AGMarasco [link] [comments]

Firebase Remote Config: in-app default parameter values Posted: 30 Sep 2021 02:32 PM PDT Learn how to properly configure the in-app default values for your Firebase Remote Config parameters https://medium.com/dipien/firebase-remote-config-in-app-default-parameter-values-15c933c86fc submitted by /u/maxirosson [link] [comments]

Upgraded to Arctic Fox 2020.3.1 and my "src/main/jni" is not showing in the project anymore. Posted: 30 Sep 2021 11:51 AM PDT I updated AS and now my native files in "src/main/jni" are not shown in the project. I build the files externally but I want the whole 'jni' folder to be visible in the project as I use AS for editing and searching the files. Do you know how I make them visible again? Maybe a method to make any folder visible in the project? submitted by /u/emile_b [link] [comments]

Android Antitrust Appeal Case: Google asks the judge to revoke the $5 billion fine Posted: 30 Sep 2021 09:37 AM PDT submitted by /u/amancoreseg [link] [comments]

GPlay: 30 characters limitation Posted: 30 Sep 2021 08:35 AM PDT Hey guys, What do you think about the new 30 characters in title limitation? Have you changed your titles already? If yes, how has it impacted? submitted by /u/bersus [link] [comments]

If your app require a device unique ID for tracking data or white listing device, watch this video to get some idea how it should be done! Posted: 30 Sep 2021 03:19 PM PDT submitted by /u/mohseniod [link] [comments]

You are subscribed to email updates from Developing Android Apps. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States