add common.sign_apk() for nighly as test for using in publish

Since the MD5 migration was quite a bit of work, it makes sense to start on moving away from SHA1 as much as possible while it is easy to do. SHA256 will only work in APK signatures on android-18 (4.3) or newer. So if an APK has a minSdkVersion of 18 or newer, then sign with SHA256. https://issuetracker.google.com/issues/36956587 https://android-review.googlesource.com/c/platform/libcore/+/44491
2025-11-09 08:50:28 +03:00 · 2017-11-30 21:10:41 +01:00 · 2017-11-30 21:10:41 +01:00 · 1c3a4479ab
commit 1c3a4479ab
parent 7da0854fa1
3 changed files with 129 additions and 0 deletions
--- a/fdroidserver/publish.py
+++ b/fdroidserver/publish.py
@ -339,6 +339,7 @@ def main():
                                                                      unsigned_dir,
                                                                      output_dir))

+                # TODO replace below with common.sign_apk() once it has proven stable
                # Sign the application...
                p = FDroidPopen([config['jarsigner'], '-keystore', config['keystore'],
                                 '-storepass:env', 'FDROID_KEY_STORE_PASS',