mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-11-11 09:40:28 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

lint: blocklist known AOSP debug keys in AASK

Browse source
This commit is contained in:
linsui 2024-05-03 20:00:14 +08:00 committed by Hans-Christoph Steiner
parent 08c553e1cb
commit d243cbd030
2 changed files with 26 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

8
fdroidserver/lint.py
View file

@ -722,7 +722,13 @@ def check_updates_ucm_http_aum_pattern(app): # noqa: D403
def check_certificate_pinned_binaries(app):
if len(app.get('AllowedAPKSigningKeys')) > 0:
keys = app.get('AllowedAPKSigningKeys')
known_keys = common.config.get('apk_signing_key_block_list', [])
if keys:
if known_keys:
for key in keys:
if key in known_keys:
yield _('Known debug key is used in AllowedAPKSigningKeys: ') + key
return
if app.get('Binaries') is not None:
yield _(