This is insurance to make sure that packageNames are not abused for
exploiting F-Droid. The database queries already use SQL Prepared
Statements, but who know what else might be exploitable.
fdroid/fdroidclient#1588
Keep PRNGFixes as it is since it is security sensitive, standardized
code from Google. While F-Droid never wants to do anything with
hardware IDs at all, this code uses the Build.SERIAL as a seed for the
random number generator, so it is safe privacy-wise.
ACRA E ACRA caught a IllegalStateException for org.fdroid.fdroid.debug
E java.lang.IllegalStateException: Fatal Exception thrown on Scheduler.Worker thread.
E at rx.internal.schedulers.ScheduledAction.run(ScheduledAction.java:62)
E at android.os.Handler.handleCallback(Handler.java:751)
E at android.os.Handler.dispatchMessage(Handler.java:95)
E at android.os.Looper.loop(Looper.java:154)
E at android.app.ActivityThread.main(ActivityThread.java:6128)
E at java.lang.reflect.Method.invoke(Native Method)
E at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:889)
E at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:779)
E Caused by: java.lang.NullPointerException: Attempt to invoke virtual method 'int java.lang.String.hashCode()' on a
null object reference
E at org.fdroid.fdroid.localrepo.peers.BonjourPeer.hashCode(BonjourPeer.java:41)
E at sun.misc.Hashing.singleWordWangJenkinsHash(Hashing.java:48)
E at java.util.HashMap.put(HashMap.java:423)
E at java.util.HashSet.add(HashSet.java:217)
E at rx.internal.operators.OperatorDistinct$1.onNext(OperatorDistinct.java:62)
E at rx.internal.operators.OperatorObserveOn$ObserveOnSubscriber.pollQueue(OperatorObserveOn.java:202)
E at rx.internal.operators.OperatorObserveOn$ObserveOnSubscriber$2.call(OperatorObserveOn.java:162)
E at rx.internal.schedulers.ScheduledAction.run(ScheduledAction.java:55)
E ... 7 more
The query was trying to figure out some thing about suggestedVercode
which shouldn't at all be necessary for setting the iconUrl.
The index already contains the icon pointing to the suggested version by
that repository, so we just take that regardless.
fdroid/fdroidclient#1569
```python
import glob
import os
import re
locale_pat = re.compile(r'.*values-([a-z][a-z][a-zA-Z-]*)/strings.xml')
translation_pat = re.compile(r'.*name="settings_label"[^>]*>"?([^"<]*).*')
for f in glob.glob('/home/hans/code/android.googlesource.com/packages/apps/Settings/res/values-[a-z][a-z]*/strings.xml'):
m = locale_pat.search(f)
if m:
locale = m.group(1)
if locale.endswith('-nokeys'):
continue
#print(locale)
with open(f) as fp:
m = translation_pat.search(fp.read())
if m:
word = m.group(1)
print(locale, '\t', word)
fdroid = '/home/hans/code/fdroid/client/app/src/main/res/values-' + locale + '/strings.xml'
if os.path.exists(fdroid):
with open(fdroid) as fp:
data = fp.read()
with open(fdroid, 'w') as fp:
fp.write(re.sub(r'menu_settings">[^<]+</string', 'menu_settings">' + word + '</string', data))
```
fdroid/fdroidclient#1569fdroid/fdroidclient#887
```python
import glob
import os
import re
locale_pat = re.compile(r'.*values-([a-zA-Z-]*)/strings.xml')
translation_pat = re.compile(r'.*name="corpus_name_websearch_nearby">([^<]*).*')
for f in glob.glob('/tmp/Velvet/res/values-*/strings.xml'):
m = locale_pat.search(f)
if m:
locale = m.group(1)
with open(f) as fp:
m = translation_pat.search(fp.read())
if m:
word = m.group(1)
print(locale, '\t', word)
fdroid = '/home/hans/code/fdroid/client/app/src/main/res/values-' + locale + '/strings.xml'
if os.path.exists(fdroid):
with open(fdroid) as fp:
data = fp.read()
with open(fdroid, 'w') as fp:
fp.write(re.sub(r'main_menu__swap_nearby">[^<]+</string', 'main_menu__swap_nearby">' + word + '</string', data))
```
For many languages, there are unavoidable long words needed for the labels
on the button bar, for example, the standard word for Settings can be up to
15 characters long:
https://gitlab.com/fdroid/fdroidclient/issues/1569#note_126469088
The BottomBar was scaling the active one up, and sizing all the fields based
on that size. This removes that animation, and sets all tabs to always have
the same text size. That makes it possible to make the spacing tighter.
This also sets the text truncating mode to "middle" which sticks an elipsis
in the middle of the truncated word and shows the start and end.
closes#1569closes!756
