apkeep - A command-line tool for downloading APK files from various sources

Electronic Frontier Foundation

Last update: Dec 29, 2022

Related tags

Command-line apkeep

Overview

`apkeep` - A command-line tool for downloading APK files from various sources

Installation

Precompiled binaries for apkeep on various platforms can be downloaded here.

To install from crates.io, simply install rust and run

cargo install apkeep

Or to install from the latest commit in our repository, run

cargo install --git https://github.com/EFForg/apkeep.git

Usage

See USAGE.

Examples

The simplest example is to download a single APK to the current directory:

apkeep -a com.instagram.android .

This downloads from the default source, APKPure, which does not require credentials. To download directly from the google play store:

apkeep -a com.instagram.android -d GooglePlay -u '[email protected]' -p somepass .

Or, to download from the F-Droid open source repository:

apkeep -a org.mozilla.fennec_fdroid -d FDroid .

To download a specific version of an APK (possible for APKPure or F-Droid), use the @version convention:

apkeep -a [email protected] .

Or, to list what versions are available, use -l:

apkeep -l -a org.mozilla.fennec_fdroid -d FDroid

Refer to USAGE to download multiple APKs in a single run.

Specify a CSV file or individual app ID

You can either specify a CSV file which lists the apps to download, or an individual app ID. If you specify a CSV file and the app ID is not specified by the first column, you'll have to use the --field option as well. If you have a simple file with one app ID per line, you can just treat it as a CSV with a single field.

Download Sources

You can use this tool to download from a few distinct sources.

The Google Play Store, given a username and password
APKPure, a third-party site hosting APKs available on the Play Store
F-Droid, a repository for free and open-source Android apps. apkeep verifies that these APKs are signed by the F-Droid maintainers, and alerts the user if an APK was downloaded but could not be verified

Usage Note

Users should not use app lists or choose so many parallel APK fetches as to place unreasonable or disproportionately large load on the infrastructure of the app distributor.

When using with the Google Play Store as the download source, a few considerations should be made:

Google may terminate your Google account based on Terms of Service violations. Read their Terms of Service, avoid violating it, and choose an account where this outcome is acceptable.
The session works with a specific "device profile," so only APKs available for that device, location, language, etc. will be available. In time we hope to make this profile configurable.
Paid and DRM apps will not be available.
Using Tor will make it a lot more likely that the download will fail.

License: MIT

Comments

Security check is needed
Hello there!

I'm getting the following error message when I try to download an app from the Google Play Store:

Security check is needed, try to visit https://accounts.google.com/b/0/DisplayUnlockCaptcha to unlock, or setup an app-specific password

I tried the following:

account password without MFA

account password without MFA and "unsecure" connection enabled (or however that is called)

app-specific password (with MFA)

I obviously tried to visit the link above. Nothing seems to work.

Full disclosure, I'm having the same issue using python module gpapi (https://github.com/NoMore201/googleplay-api) which is not really maintained for some time now.
opened by pnu-s 14

provide secure method for receiving password

apkeep --password only seems to accept it straight on the command line, which means that any user on the system can see the password. For example:

$ apkeep --username $GOOGLE_PLAY_USERNAME --password $GOOGLE_PLAY_PASSWORD --app com.instagram.android . &
$ ps auxww|grep '[a]pkeep'
user       24792  0.0  0.8 155032 12788 pts/0    Sl+  10:33   0:00 apkeep --username [email protected] --password mysecretpw --app com.instagram.android .
$

A couple ideas off the top of my head:

generic apkeep config file that stores username, password, download-source, etc
accept password on stdin
add an option like --password-env
add an option like --password-file

Here's an attempt at using stdin:

$ echo $GOOGLE_PLAY_PASSWORD | RUST_BACKTRACE=full apkeep --download-source google-play --username $GOOGLE_PLAY_USERNAME  --app com.instagram.android .
thread 'main' panicked at 'called `Option::unwrap()` on a `None` value', src/main.rs:258:68
stack backtrace:
   0:     0x55c8d4173f5c - std::backtrace_rs::backtrace::libunwind::trace::h91c465e73bf6c785
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/../../backtrace/src/backtrace/libunwind.rs:93:5
   1:     0x55c8d4173f5c - std::backtrace_rs::backtrace::trace_unsynchronized::hae9da36f5d58b5f3
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
   2:     0x55c8d4173f5c - std::sys_common::backtrace::_print_fmt::h7f499fa126a7effb
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/sys_common/backtrace.rs:67:5
   3:     0x55c8d4173f5c - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::h3e2b509ce2ce6007
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/sys_common/backtrace.rs:46:22
   4:     0x55c8d4199a7c - core::fmt::write::h753c7571fa063ecb
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/core/src/fmt/mod.rs:1168:17
   5:     0x55c8d416cf63 - std::io::Write::write_fmt::h2815c0519c99ba09
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/io/mod.rs:1660:15
   6:     0x55c8d41767f2 - std::sys_common::backtrace::_print::h64941a6fc8b0ed9b
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/sys_common/backtrace.rs:49:5
   7:     0x55c8d41767f2 - std::sys_common::backtrace::print::hcf25e43e1a9b0766
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/sys_common/backtrace.rs:36:9
   8:     0x55c8d41767f2 - std::panicking::default_hook::{{closure}}::h78d3e6cf97fc623d
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:211:50
   9:     0x55c8d41763d5 - std::panicking::default_hook::hda898f8d3ad1a5ae
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:228:9
  10:     0x55c8d4176e43 - std::panicking::rust_panic_with_hook::h1a5ea2d6c23051aa
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:606:17
  11:     0x55c8d4176b32 - std::panicking::begin_panic_handler::{{closure}}::h07f549390938b73f
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:500:13
  12:     0x55c8d4174404 - std::sys_common::backtrace::__rust_end_short_backtrace::h5ec3758a92cfb00d
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/sys_common/backtrace.rs:139:18
  13:     0x55c8d4176899 - rust_begin_unwind
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:498:5
  14:     0x55c8d3bec181 - core::panicking::panic_fmt::h3a79a6a99affe1d5
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/core/src/panicking.rs:116:14
  15:     0x55c8d3bec0cd - core::panicking::panic::h97167cd315d19cd4
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/core/src/panicking.rs:48:5
  16:     0x55c8d3c615f7 - apkeep::main::{{closure}}::haea92ef1e07077bc
  17:     0x55c8d3cf4cc8 - tokio::park::thread::CachedParkThread::block_on::h5936f68a762c7fb9
  18:     0x55c8d3cca65d - tokio::runtime::thread_pool::ThreadPool::block_on::h733851653c9e1e7f
  19:     0x55c8d3c396f0 - tokio::runtime::Runtime::block_on::h1c507136206fb4b1
  20:     0x55c8d3bf3a8f - apkeep::main::h45d5df049dd7a7b0
  21:     0x55c8d3ce14c3 - std::sys_common::backtrace::__rust_begin_short_backtrace::h2e8e9baaeee364be
  22:     0x55c8d3c1c1e9 - std::rt::lang_start::{{closure}}::hb5611eb8782ae681
  23:     0x55c8d4173610 - core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once::h443f738a8e9f947a
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/core/src/ops/function.rs:259:13
  24:     0x55c8d4173610 - std::panicking::try::do_call::h1e21ba261ba489ec
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:406:40
  25:     0x55c8d4173610 - std::panicking::try::h6afd48af8b6c96ac
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:370:19
  26:     0x55c8d4173610 - std::panic::catch_unwind::h85dd95e0bab7fb60
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panic.rs:133:14
  27:     0x55c8d4173610 - std::rt::lang_start_internal::{{closure}}::h038455e697c8b03e
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/rt.rs:128:48
  28:     0x55c8d4173610 - std::panicking::try::do_call::h6b0ad65979f3077a
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:406:40
  29:     0x55c8d4173610 - std::panicking::try::h010108d314169ac6
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panicking.rs:370:19
  30:     0x55c8d4173610 - std::panic::catch_unwind::hff397f912b1535c2
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/panic.rs:133:14
  31:     0x55c8d4173610 - std::rt::lang_start_internal::h52e73755f77c7dd9
                               at /rustc/9d1b2106e23b1abd32fce1f17267604a5102f57a/library/std/src/rt.rs:128:20
  32:     0x55c8d3bfa992 - main
  33:     0x7f3bd0d9bd0a - __libc_start_main
  34:     0x55c8d3bec8fa - _start
  35:                0x0 - <unknown>

opened by eighthave 12

Termux: "libssl.so.1.1" not found

Unable to execute apkeep v0.12.0 on Termux

$ ./apkeep-aarch64-linux-android -h
CANNOT LINK EXECUTABLE "./apkeep-aarch64-linux-android": library "libssl.so.1.1" not found: needed by main executable
$ dpkg -S libssl
openssl-1.1: /data/data/com.termux/files/usr/lib/openssl-1.1/libssl.so.1.1
openssl: /data/data/com.termux/files/usr/lib/pkgconfig/libssl.pc
openssl: /data/data/com.termux/files/usr/lib/libssl.so
openssl: /data/data/com.termux/files/usr/lib/libssl.so.3
openssl-1.1: /data/data/com.termux/files/usr/lib/openssl-1.1/libssl.so
openssl-1.1: /data/data/com.termux/files/usr/lib/openssl-1.1/pkgconfig/libssl.pc
$ uname -a
Linux localhost 4.14.256-QuicksilveR-ginkgo-v2.5/8d0a0c31 #1 SMP PREEMPT Sat Apr 9 00:55:32 PDT 2022 aarch64 Android

Info: Android: 12 Termux: 0.118.0 Apkeep: 0.12.0

opened by Generator 7

Support any F-Droid repo
https://github.com/EFForg/apkeep/commit/c30cda59d620ea58d747a310870154d13b0533b9 add supports for f-droid.org https://github.com/EFForg/apkeep/issues/5

F-Droid provides everything needed to run your own repository as well.

The only thing that'd change for those is the download URL and the fingerprint, the rest would stay the same.

Some example repos:

https://guardianproject.info/fdroid/

https://apt.izzysoft.de/fdroid/

enhancement f-droid
opened by chirayudesai 6
Windows release

Hi,

First, thanks a lot for this very interesting tool 💯

Do you plan to provide a binary version for the Windows platforms ?

Thanks a lot in advance for your feedback 👍

opened by righettod 6
Split APKs lack base APK

Is it intentional that -d google-play -o split_apk=true only downloads the split APKs and not the base APK (which usually contains the dex code)? IMHO this renders the option unusable, since the downloaded packages cannot be installed and executed.

opened by asit-fdraschbacher 5
Verify non-mainline f-droid repo indexes correctly

The mainline F-Droid repository verifies the package index correctly with v1 signatures.

As per discussion in https://github.com/EFForg/apkeep/issues/15, most repositories are failing package index verification. This has something to do with the underlying verification crates - e.g. https://docs.rs/x509-certificate/ and https://docs.rs/cryptographic-message-syntax/.
f-droid

opened by Hainish 5

Split apk support

Missing Native Libraries

[10:43 edu@xps tmp] >  apkeep -d GooglePlay -u '[email protected]' -p "password" . -a com.bitso.wallet
Downloading com.bitso.wallet...
com.bitso.wallet downloaded successfully!
[10:43 edu@xps tmp] >  unzip -l com.bitso.wallet.apk |egrep "\.so$"

Installed APK from GooglePlay

sargo:/data/app/~~1O4T9lFuOfkxiwkYzMdXCA==/com.bitso.wallet-6muMdzgrI_Jlt5TPNIY6-A== # ls -lah
total 26M
drwxrwxr-x 4 system system  3.4K 2022-03-15 09:48 .
drwxrwxr-x 3 system system  3.4K 2022-03-15 09:48 ..
-rw-r--r-- 1 system system   19M 2022-03-15 09:48 base.apk
drwxr-xr-x 3 system system  3.4K 2022-03-15 09:48 lib
drwxrwx--x 3 system install 3.4K 2022-03-15 09:48 oat
-rw-r--r-- 1 system system   32M 2022-03-15 09:48 split_config.arm64_v8a.apk
-rw-r--r-- 1 system system   96K 2022-03-15 09:48 split_config.en.apk
-rw-r--r-- 1 system system  617K 2022-03-15 09:48 split_config.xxhdpi.apk

It'd be great to be able to specify the architecture so ARM64 libraries could be downloaded as well. @Hainish

opened by enovella 5

Google Play APK download panics

Description

I've been trying to download an APK from the Google Play Store using apkeep but sadly encountered an error. I used the following command:

apkeep -a com.instagram.android -d GooglePlay -u '[email protected]' -p 'VYsAAtDzQSZ57LCE25SdKQVHZqnQsTVs2u3rmPqkAY9ph' .

Note: The username and password are altered, but contain the same type of characters as the username and password I use for the account in question, since after looking at the error it seems like the password encryption function fails with my username or password, so I figured providing credentials with the same character set could help with debugging the issue.

Anyway, running the command results in the following error:

thread 'main' panicked at 'called `Option::unwrap()` on a `None` value', /home/marvin/.cargo/registry/src/github.com-1ecc6299db9ec823/gpapi-0.2.3/src/lib.rs:128:64
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

With Rust Backtrace:

thread 'main' panicked at 'called `Option::unwrap()` on a `None` value', /home/marvin/.cargo/registry/src/github.com-1ecc6299db9ec823/gpapi-0.2.3/src/lib.rs:128:64
stack backtrace:
   0:     0x55aac0fef0c0 - std::backtrace_rs::backtrace::libunwind::trace::h34055254b57d8e79
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/../../backtrace/src/backtrace/libunwind.rs:90:5
   1:     0x55aac0fef0c0 - std::backtrace_rs::backtrace::trace_unsynchronized::h8f1e3fbd9afff6ec
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
   2:     0x55aac0fef0c0 - std::sys_common::backtrace::_print_fmt::h3a99a796b770c360
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/sys_common/backtrace.rs:67:5
   3:     0x55aac0fef0c0 - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::h32d1f94a80615d18
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/sys_common/backtrace.rs:46:22
   4:     0x55aac101122c - core::fmt::write::h306731c068f7162c
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/core/src/fmt/mod.rs:1110:17
   5:     0x55aac0fe95e5 - std::io::Write::write_fmt::hd2fa90334eee2a21
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/io/mod.rs:1588:15
   6:     0x55aac0ff111b - std::sys_common::backtrace::_print::h5abaa2601a852287
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/sys_common/backtrace.rs:49:5
   7:     0x55aac0ff111b - std::sys_common::backtrace::print::h8d81445442bb638f
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/sys_common/backtrace.rs:36:9
   8:     0x55aac0ff111b - std::panicking::default_hook::{{closure}}::hcfe804496a9fa747
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/panicking.rs:208:50
   9:     0x55aac0ff0bf1 - std::panicking::default_hook::hbea8e3ccf2ba8901
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/panicking.rs:225:9
  10:     0x55aac0ff17e4 - std::panicking::rust_panic_with_hook::h7ee9e1a2d0f8975a
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/panicking.rs:622:17
  11:     0x55aac0ff1297 - std::panicking::begin_panic_handler::{{closure}}::h8ab3b4491718b2c7
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/panicking.rs:517:13
  12:     0x55aac0fef5bc - std::sys_common::backtrace::__rust_end_short_backtrace::hd489062ffa586a9f
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/sys_common/backtrace.rs:141:18
  13:     0x55aac0ff1229 - rust_begin_unwind
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/panicking.rs:515:5
  14:     0x55aac0b652e1 - core::panicking::panic_fmt::hca6330e3e14086b4
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/core/src/panicking.rs:92:14
  15:     0x55aac0b6522d - core::panicking::panic::h1a48d878ff3dcd40
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/core/src/panicking.rs:50:5
  16:     0x55aac0beb8ed - gpapi::Gpapi::login::{{closure}}::h6672c5a304ac6268
  17:     0x55aac0bf30d1 - <core::future::from_generator::GenFuture<T> as core::future::future::Future>::poll::h4de8fc0f50538533
  18:     0x55aac0c26779 - tokio::runtime::enter::Enter::block_on::h5a168d8b4a0b10b9
  19:     0x55aac0b9aedf - tokio::runtime::Runtime::block_on::h06014407f50a2936
  20:     0x55aac0bb6dda - apkeep::main::hbfb9de017ffc11c2
  21:     0x55aac0c779c3 - std::sys_common::backtrace::__rust_begin_short_backtrace::h8caefb424b900ce0
  22:     0x55aac0c77a19 - std::rt::lang_start::{{closure}}::h091082558be5e806
  23:     0x55aac0ff1de9 - core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once::h2aabc384aab89b7b
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/core/src/ops/function.rs:259:13
  24:     0x55aac0ff1de9 - std::panicking::try::do_call::hc5fcacb7a85fc7b1
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/panicking.rs:401:40
  25:     0x55aac0ff1de9 - std::panicking::try::hb5d9603af3abbe3a
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/panicking.rs:365:19
  26:     0x55aac0ff1de9 - std::panic::catch_unwind::h98fe6ac3925e64b4
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/panic.rs:434:14
  27:     0x55aac0ff1de9 - std::rt::lang_start_internal::h22ac7383c516f93e
                               at /rustc/a178d0322ce20e33eac124758e837cbd80a6f633/library/std/src/rt.rs:34:21
  28:     0x55aac0bb6ef2 - main
  29:     0x7f3f3ed910b3 - __libc_start_main
  30:     0x55aac0b65abe - _start
  31:                0x0 - <unknown>

System Specifications

OS: Ubuntu 20.04 Virtualization: KVM/QEMU CPU: AMD EPYC-Rome (8) @ 3.593GHz CPU Architecture: x86_64

bug

opened by NurMarvin 5

Split APK support may not download native code

Bullhead & angler (aarch64)

There's no split_config.arm64_v8a.apk file in the folder or APK:

apkeep -d google-play -u '[email protected]' -p "passw" -o device=angler  . -a com.nianticlabs.pokemongo
Downloading com.nianticlabs.pokemongo...
com.nianticlabs.pokemongo downloaded successfully!

No native libraries inside.

unzip -l com.nianticlabs.pokemongo.apk |egrep .so$

Or...

unzip -l com.nianticlabs.pokemongo.apk |grep lib
      653  1981-01-01 01:01   META-INF/android_bglib_release.kotlin_module
     1527  1981-01-01 01:01   META-INF/kotlin-stdlib-common.kotlin_module
       67  1981-01-01 01:01   META-INF/kotlin-stdlib-jdk7.kotlin_module
     4837  1981-01-01 01:01   META-INF/kotlin-stdlib.kotlin_module
   337563  1981-01-01 01:01   assets/bin/Data/Managed/Resources/mscorlib.dll-resources.dat
      706  1981-01-01 01:01   kotlin/ExperimentalStdlibApi.kotlin_metadata

Physical device

There are native libraries in the app:

sunfish:/data/app # find|grep nianti
./~~vzYZvFWf1LfUWj7dl26mHQ==/com.nianticlabs.pokemongo-n-P7avC4NFJ7qN9C6g2Wkg==
./~~vzYZvFWf1LfUWj7dl26mHQ==/com.nianticlabs.pokemongo-n-P7avC4NFJ7qN9C6g2Wkg==/base.dm
./~~vzYZvFWf1LfUWj7dl26mHQ==/com.nianticlabs.pokemongo-n-P7avC4NFJ7qN9C6g2Wkg==/split_config.arm64_v8a.apk
./~~vzYZvFWf1LfUWj7dl26mHQ==/com.nianticlabs.pokemongo-n-P7avC4NFJ7qN9C6g2Wkg==/lib
./~~vzYZvFWf1LfUWj7dl26mHQ==/com.nianticlabs.pokemongo-n-P7avC4NFJ7qN9C6g2Wkg==/lib/arm64
./~~vzYZvFWf1LfUWj7dl26mHQ==/com.nianticlabs.pokemongo-n-P7avC4NFJ7qN9C6g2Wkg==/base.apk
sunfish:/data/app #

opened by enovella 4

mention issues and risks in README
Hey @Hainish happy to see you all diving into this work :). Unless you've found a magic bullet, I imagine that the standard issues with Google Play downloaders will also apply here.

Google could terminate your Google account based on Terms of Service violations, users should setup burner accounts.

The session works with a specific "device profile", so only APKs available for that device/location/language/etc will be available

Paid and DRM apps will not be available.

Using Tor will might it a lot more likely that the download will fail.

For example, an overview of related issues for Aurora Store are being tracked here: https://gitlab.com/CalyxOS/calyxos/-/issues/613
documentation
opened by eighthave 4
cargo-update: bump base64 from 0.13.1 to 0.20.0
Bumps base64 from 0.13.1 to 0.20.0.

Changelog

Sourced from base64's changelog.

0.20.0

Breaking changes

Update MSRV to 1.57.0

Decoding can now either ignore padding, require correct padding, or require no padding. The default is to require correct padding.

The NO_PAD config now requires that padding be absent when decoding.

0.20.0-alpha.1

Breaking changes

Extended the Config concept into the Engine abstraction, allowing the user to pick different encoding / decoding implementations.

What was formerly the only algorithm is now the FastPortable engine, so named because it's portable (works on any CPU) and relatively fast.

This opens the door to a portable constant-time implementation (#153, presumably ConstantTimePortable?) for security-sensitive applications that need side-channel resistance, and CPU-specific SIMD implementations for more speed.

Standard base64 per the RFC is available via DEFAULT_ENGINE. To use different alphabets or other settings (padding, etc), create your own engine instance.

CharacterSet is now Alphabet (per the RFC), and allows creating custom alphabets. The corresponding tables that were previously code-generated are now built dynamically.

Since there are already multiple breaking changes, various functions are renamed to be more consistent and discoverable.

MSRV is now 1.47.0 to allow various things to use const fn.

DecoderReader now owns its inner reader, and can expose it via into_inner(). For symmetry, EncoderWriter can do the same with its writer.

encoded_len is now public so you can size encode buffers precisely.

Commits

9fcde48 v0.20.0

68919ae Merge pull request #202 from marshallpierce/mp/edition-2021

f58f441 Also updated fuzzers

d86e8c8 Update to edition 2021

766fbc9 Merge pull request #198 from marshallpierce/mp/invalid-padding

250323c More fuzzer fixes

bcbc669 Minor cleanup

604a3ca fix fuzzers

0996b81 Merge branch 'master' into mp/invalid-padding

442a809 Merge pull request #197 from marshallpierce/mp/update-msrv

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0
cargo-update: bump serde_json from 1.0.89 to 1.0.91
Bumps serde_json from 1.0.89 to 1.0.91.

Release notes

Sourced from serde_json's releases.

v1.0.91

Opt out of -Zrustdoc-scrape-examples on docs.rs for now

v1.0.90

Documentation improvements

Commits

26f147f Release 1.0.91

d9cdb98 Opt out -Zrustdoc-scrape-examples on docs.rs

331511d Release 1.0.90

8753829 Replace ancient CI service provider in readme

0a43394 Update build status badge

8794844 Prevent build.rs rerunning unnecessarily on all source changes

0b54871 Time out workflows after 45 minutes

ecad462 Fix renamed let_underscore_drop lint

9295c96 Resolve needless_borrowed_reference clippy lints

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0
cargo-update: bump clap from 4.0.29 to 4.0.32
Bumps clap from 4.0.29 to 4.0.32.

Release notes

Sourced from clap's releases.

v4.0.32

[4.0.32] - 2022-12-22

Fixes

(parser) When overriding required(true), consider args that conflict with its group

v4.0.31

[4.0.31] - 2022-12-22

Performance

Speed up parsing when a lot of different flags are present (100 unique flags)

v4.0.30

[4.0.30] - 2022-12-21

Fixes

(error) Improve error for args_conflicts_with_subcommand

Changelog

Sourced from clap's changelog.

[4.0.32] - 2022-12-22

Fixes

(parser) When overriding required(true), consider args that conflict with its group

[4.0.31] - 2022-12-22

Performance

Speed up parsing when a lot of different flags are present (100 unique flags)

[4.0.30] - 2022-12-21

Fixes

(error) Improve error for args_conflicts_with_subcommand

Commits

ec4ccf0 chore: Release

13fdb83 docs: Update changelog

b877345 Merge pull request #4573 from epage/conflict

85ecb3e fix(parser): Override required when parent group has conflict

d145b8b test(parser): Demonstrate required-overload bug

0eccd55 chore: Release

1e37c25 docs: Update changelog

dcd5fec Merge pull request #4572 from epage/group

dde22e7 style: Update for latest clippy

dd8435d perf(parser): Reduce duplicate lookups

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0
cargo-update: bump serde from 1.0.149 to 1.0.152
Bumps serde from 1.0.149 to 1.0.152.

Release notes

Sourced from serde's releases.

v1.0.152

Documentation improvements

v1.0.151

Update serde::{ser,de}::StdError to re-export core::error::Error when serde is built with feature="std" off and feature="unstable" on (#2344)

v1.0.150

Relax some trait bounds from the Serialize impl of HashMap and BTreeMap (#2334)

Enable Serialize and Deserialize impls of std::sync::atomic types on more platforms (#2337, thanks @badboy)

Commits

ccf9c6f Release 1.0.152

b25d0ea Link to Hjson data format

4f4557f Link to bencode data format

bf400d6 Link to serde_tokenstream data format

4d2e36d Wrap flexbuffers bullet point to 80 columns

df6310e Merge pull request #2347 from dtolnay/docsrs

938ab5d Replace docs.serde.rs links with intra-rustdoc links

ef5a0de Point documentation links to docs.rs instead of docs.serde.rs

5d186c7 Opt out -Zrustdoc-scrape-examples on docs.rs

44bf363 Release 1.0.151

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies
opened by dependabot[bot] 0
Migrate from OpenSSL to rustls

I've removed direct OpenSSL dependencies, but the upstream dependency remains in https://github.com/EFForg/rs-google-play/ due to https://github.com/rustls/rustls/issues/1125

opened by Hainish 0
Only download wanted filetypes

.xapk files seem to be APKPure-specific and as far as I can tell and not easily installed in other ways. It would be great if I could tell apkeep to only download .apk files (even if that's not the latest available version).

opened by TheLastProject 0