KindnessInfinity

joined 2 years ago
MODERATOR OF
androidofficial
androidapps
grapheneos
twoxchromosomes
sorted by: new top controversial old
23
GrapheneOS version 2024050300 released (grapheneos.org)
 

Pixel 4a (5G) and Pixel 5 are end-of-life and shouldn't be used anymore due to lack of security patches for firmware and drivers. We provide extended support for harm reduction.

Tags:

  • 2024050300-redfin (Pixel 4a (5G), Pixel 5)
  • 2024050300 (Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, emulator, generic, other targets)

Changes since the 2024042200 release:

  • remove special handling of the resolver activity ("Open with..." dialog) which was added to Android in order to support instant apps as preparation for our in-development App Communication Scopes feature
  • fix Google Fi eSIM activation
  • improve isolation of the eSIM activation apps
  • improve GrapheneOS infrastructure for per-app state
  • enable heap memory tagging for vendor processes by default, remove the user-facing toggle in the Settings and restrict toggling the value to debug builds
  • disable most handling for instant apps in the package manager as attack surface reduction
  • disable out-of-band APEX updates as attack surface reduction
  • only allow first party app source and shell to update system packages
  • improve robustness of original-package handling
  • Settings: hide GNSS SUPL and PSDS settings on devices without GNSS hardware
  • fix regression from our Android 14 QPR2 port causing Storage/Contact Scopes link to disappear after going back to the permissions screen
  • improve setup wizard theme to more closely match the stock Pixel OS configuration
  • backport mainline APEX module patches for Android Health, Media Provider, Network Stack, and Wi-Fi
  • kernel (5.10): update to latest GKI LTS branch revision including update to 5.10.212
  • kernel (5.15): update to latest GKI LTS branch revision including update to 5.15.150
  • kernel (6.1): update to latest GKI LTS branch revision including update to 6.1.80
  • Log Viewer: use human readable UTC time for logcat timestamps
  • GmsCompatConfig: update to version 105
  • GmsCompatConfig: update to version 106
  • GmsCompatConfig: update to version 107
  • GmsCompatConfig: update to version 108
  • GmsCompatConfig: update to version 109
  • Vanadium: update to version 124.0.6367.82.0
  • Vanadium: update to version 124.0.6367.82.1
  • Vanadium: update to version 124.0.6367.82.2
  • Vanadium: update to version 124.0.6367.113.0
  • Apps: update to version 23
  • work around our app repository client taking ownership of updates for the debug toggle we use to test new Android Auto releases
  • fix debug build option for testing same versionCode package updates
16
[UPDATED] GrapheneOS Organization Discuss Forum and Attestation.app Issues With Mailbox.org Email Addresses (grapheneos.social)
submitted 1 year ago* (last edited 1 year ago) by KindnessInfinity@lemmy.ml to c/grapheneos@lemmy.ml
0 comments fedilink
 

We'll be blacklisting mailbox.org and websites using it for email hosting for registration on discuss.grapheneos.org and as an alert email for attestation.app. They're blocking emails from our mail server for a convoluted, nonsensical reason and won't stop.

Our mail server has a clean IPv4 address not on any reasonable blacklist. We've had the IP address for a long time and have moved it between multiple servers. We don't send marketing emails and don't even have a mailing list. The only automated emails are services users request.

mailbox.org says they're blocking our confirmation emails from discuss.grapheneos.org via the IPv4 address for mail.grapheneos.org because the IPv6 /64 address for our website (not our mail server) (grapheneos.org) is listed as suspicious by Spamhaus...

We host our website and network services via geographically distributed VPS instances and direct traffic to them via GeoDNS with failover. It's essentially a self-hosted CDN. They're VPS instances with only a single IPv6 address. The /64 doesn't belong to us, they give us a /128.

Our emails are accepted by Google, Microsoft, Apple and nearly all small providers. Other than mailbox.org, only tiny mail providers entirely blocking emails from the OVH address space or refusing to whitelist IPv4 addresses within /24 blocks are blocking our emails.

The blacklist will improve usability since users will get an error message on discuss.grapheneos.org registration, changing their forum email address or setting an alert email for attestation.app instead of mailbox.org rejecting emails without telling users.

mailbox.org has whitelisted the GrapheneOS domains so emails are now always getting through to our users instead of being rejected. We still disagree with blocking emails based on IPv6 addresses used by website server instances but at least it's no longer our problem.

13
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 109 released (github.com)
 

Changes in version 109:

  • update max supported version of Play services to 24.17
  • update max supported version of Play Store to 40.8
  • update Android Gradle plugin to 8.4.0

A full list of changes from the previous release (version 108) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

8
Vanadium version 124.0.6367.113.0 released (github.com)
 

Changes in version 124.0.6367.113.0:

  • update to Chromium 124.0.6367.113

A full list of changes from the previous release (version 124.0.6367.82.2) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

7
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 108 released (github.com)
 

Changes in version 108:

A full list of changes from the previous release (version 107) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

10
GrapheneOS Apps (app repository client) version 23 released (github.com)
 

Notable changes in version 23:

  • request package update ownership by default (our mirrors of Play services and Play Store for sandboxed Google Play have been excluded in our app repository's metadata)
  • drop removed packages from the user interface after repository update rather than on next app restart
  • add a way to mark a dependency being missing as ignored
  • add caching for system feature checks
  • add support for static dependencies on the device model
  • verify shared library declaration during package installation to prevent a compromise of the repository signing key and server from being able to install new packages by adding them as dependencies of other apps
  • use MATCH_ANY_USER flag for getSharedLibraries() when allowed to in order to detect already completed shared library updates on GrapheneOS to avoid conflicts when updating Vanadium browser in one profile and then Vanadium WebView in another profile or vice versa
  • fix search bar chips padding
  • dismiss keyboard when searching
  • update Gradle to 8.7
  • update Android Gradle plugin to 8.3.2
  • update Kotlin Symbol Processing 1.0.20
  • update AndroidX Activity KTX library to 1.9.0
  • update AndroidX Core KTX library to 1.13.0
  • update Bouncy Castle library to 1.78.1
  • work around potentially buggy Android APIs
  • improve code style, robustness and comments

A full list of changes from the previous release (version 22) is available through the Git commit log between the releases.

Apps is the client for the GrapheneOS app repository. It's included in GrapheneOS but can also be used on other Android 12+ operating systems. Our app repository currently provides our standalone apps, out-of-band updates to certain GrapheneOS components and a mirror of the core Google Play apps and Android Auto to make it easy for GrapheneOS users to install sandboxed Google Play with versions of the Google Play apps we've tested with our sandboxed Google Play compatibility layer.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

9
Vanadium version 124.0.6367.82.2 released (github.com)
 

Changes in version 124.0.6367.82.2:

  • revert integration with GrapheneOS dynamic code generation toggle since the current implementation is buggy

A full list of changes from the previous release (version 124.0.6367.82.1) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

15
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 107 released (github.com)
 

Changes in version 107:

  • update max supported version of Play services to 24.16
  • update max supported version of Play Store to 40.7

A full list of changes from the previous release (version 106) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

7
Vanadium version 124.0.6367.82.1 released (github.com)
 

Changes in version 124.0.6367.82.1:

  • enable hybrid post-quantum cryptography support

A full list of changes from the previous release (version 124.0.6367.82.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

11
Vanadium version 124.0.6367.82.0 released (github.com)
 

Changes in version 124.0.6367.54.0:

  • update to Chromium 124.0.6367.82
  • enable CredentialManager flag by default in the browser instead of only via settings the flags via the configuration app
  • support for respecting OS configuration for restricting dynamic code execution
  • clean up our infrastructure for content filter updates

A full list of changes from the previous release (version 124.0.6367.54.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

5
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 106 released (github.com)
 

Changes in version 106:

  • revert feature flag override from the previous release
  • add temporary stub for ActivityManager.getPackageImportance() which requires the usage stats special access permission since a new feature flag depends on it without checking for the permission or handling the SecurityException (this is temporary because we plan to find a way to provide the foreground check it's trying to do for battery usage throttling without giving it any additional data similar to how AppOps foreground access checks work fine already)

A full list of changes from the previous release (version 105) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

4
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 105 released (github.com)
 

Changes in version 105:

  • disable feature flag causing a reported crash due to sandboxed Play services not having the usage stats permission by default (the permission can be revoked on the stock OS so they may revert this change or have it handle the error)

A full list of changes from the previous release (version 104) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

view more: ‹ prev next ›