NewPipe icon indicating copy to clipboard operation
NewPipe copied to clipboard
verified publisher icon TeamNewPipe

Update check consent

Open TobiGr opened this issue 1 year ago • 1 comments

What is it?

  • [ ] Bugfix (user facing)
  • [x] Feature (user facing)
  • [ ] Codebase improvement (dev facing)
  • [ ] Meta improvement to the project (dev facing)

Description of the changes in your PR

Ask for consent before enabling auto update check.

To Do

  • [x] Implement settings migration triggering the consent check on update
  • [x] Refactor the App.isFirstRun to be set inside App and read only (should the variable be static?)
  • [ ] Provide testing APK which does not rely on release signature check to ask for consent
  • [ ] Do testing

Before/After Screenshots/Screen Record

To come

Fixes the following issue(s)

  • Closes https://github.com/TeamNewPipe/NewPipe/discussions/10785

APK testing

The APK can be found by going to the "Checks" tab below the title. On the left pane, click on "CI", scroll down to "artifacts" and click "app" to download the zip file which contains the debug APK of this PR. You can find more info and a video demonstration on this wiki page.

Due diligence

TobiGr avatar Jan 26 '24 19:01 TobiGr

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarqubecloud[bot] avatar Jan 26 '24 20:01 sonarqubecloud[bot]

Code looks good to me, even if the placement of the alert dialog code in the update settings fragment seems a bit weird to me.

I put it there because the dialog is working with the setting to keep that stuff in one place. For that reason, I did not put it into the MainFragment. If you want me to move it there, I'll do it.

TobiGr avatar Mar 22 '24 20:03 TobiGr

Do you think that the first run code migration should be reverted? I don't think that's necessary, but do what you think is the best :)

The migration is not necessary anymore because wasUserAskedForConsen() is checked on app start

TobiGr avatar Mar 23 '24 20:03 TobiGr

The migration is not necessary anymore because wasUserAskedForConsen() is checked on app start

I meant the refactoring of the first run code, sorry for the confusion.

AudricV avatar Mar 23 '24 20:03 AudricV

I meant the refactoring of the first run code, sorry for the confusion.

Will do that tomorrow

TobiGr avatar Mar 27 '24 20:03 TobiGr

@AudricV I just looked at the code again. Now that we have the isFirstRun() check in the MainAcitivity again, the refactor is needed. I'd therefore keep it as it is and would squash the commits if you are ok with that.

TobiGr avatar Mar 28 '24 22:03 TobiGr

Here an APK for you to test: NewPipe updatechecker.zip This is the expected behavior:

  • The first time the app is opened, no update check is run, and no consent is asked (this is to avoid a bad onboarding and welcoming experience)
  • The second time, no update check is run, but the user is asked for consent
  • If the user accepted to check for updates, from the third time onwards, the app will check for updates, otherwise it will never do so

The APK is signed with @Stypox keys. The fingerprint for which to check for updates has been set to f3c6b6ddf4f4c9e2fa5c5e65799dc388d17eae626acfa6e29f571b3520883b75, i.e. the fingerprint of my key. The version code of the APK is that of 0.26.0 (995) instead of 0.26.1 (996) so that version checks show a notification. The package name is org.schabi.newpipe.updatechecker.

Stypox avatar Mar 29 '24 10:03 Stypox

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarqubecloud[bot] avatar Mar 29 '24 10:03 sonarqubecloud[bot]