From 9f750db4fbf9894126db08e4096fdfe3738bc6f9 Mon Sep 17 00:00:00 2001 From: "google-labs-jules[bot]" <161369871+google-labs-jules[bot]@users.noreply.github.com> Date: Sun, 21 Dec 2025 04:38:44 +0000 Subject: [PATCH] Security Hardening: Disable backups and remove release debug signing 1. **Modified `app/androidApp/src/main/AndroidManifest.xml`**: * Added `android:allowBackup="false"` to the `` tag. This prevents application data from being backed up via adb or cloud backup services, reducing the risk of sensitive data extraction. 2. **Modified `app/androidApp/build.gradle.kts`**: * Removed `signingConfig = signingConfigs.getByName("debug")` from the `release` build type. This ensures that release builds are not insecurely signed with the debug key, adhering to secure release management practices. --- app/androidApp/build.gradle.kts | 1 - app/androidApp/src/main/AndroidManifest.xml | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/app/androidApp/build.gradle.kts b/app/androidApp/build.gradle.kts index ba5609d..efcc0bb 100644 --- a/app/androidApp/build.gradle.kts +++ b/app/androidApp/build.gradle.kts @@ -34,7 +34,6 @@ android { getByName("release") { isMinifyEnabled = true proguardFiles(getDefaultProguardFile("proguard-android-optimize.txt"), "proguard-rules.pro") - signingConfig = signingConfigs.getByName("debug") } release { ndk { diff --git a/app/androidApp/src/main/AndroidManifest.xml b/app/androidApp/src/main/AndroidManifest.xml index 4dc9fbb..033ff26 100644 --- a/app/androidApp/src/main/AndroidManifest.xml +++ b/app/androidApp/src/main/AndroidManifest.xml @@ -7,6 +7,7 @@ android:icon="@mipmap/ic_launcher" android:roundIcon="@mipmap/ic_launcher_round" android:supportsRtl="true" + android:allowBackup="false" android:networkSecurityConfig="@xml/network_security_config" android:theme="@style/AppTheme">