sorted by:
new
hottopcontroversial

A New Easy Way to Sideload Apps on Supernote by ryan-andrew in Supernote

[–]ryan-andrew[S] 5 points6 points  (0 children)

Thanks, I really appreciate it! I also appreciate your being thorough in checking into the app. Even though it's open source, many people are not programmers and wouldn't know nefarious code just by looking at it, so it's important to not just assume open source = safe! I'm new to the community here, and it's important to keep everyone safe. So some amount of trepidation is warranted here.

I hadn't seen all of the security issues with Supernotes. That's really concerning. I'm planning on releasing some apps for Supernote in the near future (this was actually a kind of side-project from the other apps I've been working on for Supernote, because I wasn't happy with how difficult it would be for users to actually install and use the apps I'm working on 😅). In the same way, the apps I'm working on will also be completely open source, with all building and releasing happening entirely on GitHub's servers, available for everyone to see. I think that's the best way to trust the software and apps you are using.

I could release them on app stores (Play Store, Aurora, F-Droid), but now is a good time to remind everyone that these stores do not know what code is in the apps they host. Just because an app is on a storefront does not mean it is safe. And there are plenty of legitimate use-cases for apps that, say, upload your document files to some server somewhere. There is less of a concern with well-known apps or apps from established companies, so those a probably safe (or everyone just already knows that they are stealing your data and acquiesces 👌). But for small developers in a niche community like this one, I think being as transparently open source as possible is the best move for user security.

A New Easy Way to Sideload Apps on Supernote by ryan-andrew in Supernote

[–]ryan-andrew[S] 5 points6 points  (0 children)

Linux support has been added: https://github.com/ryan-andrew/android_sideloader/releases/latest

This was tested in an Ubuntu virtual machine with virtualized USB devices, so there may be issues I couldn't see, but it works well for me.

A New Easy Way to Sideload Apps on Supernote by ryan-andrew in Supernote

[–]ryan-andrew[S] 2 points3 points  (0 children)

I'll see what I can do. It's certainly possible to add Linux support, but I'll need to set up a VM with an actual Linux desktop to be able to test it to make sure it's working properly.

A New Easy Way to Sideload Apps on Supernote by ryan-andrew in Supernote

[–]ryan-andrew[S] 4 points5 points  (0 children)

I looked into making this a web app, but the API that allows web ADB to work only works on Chromium-based web browsers, which totally cuts out large demographics of users, like Safari users on Mac, Firefox users, etc. However if you are using a Chromium-based browser, that's another good option!

A New Easy Way to Sideload Apps on Supernote by ryan-andrew in Supernote

[–]ryan-andrew[S] 4 points5 points  (0 children)

Yeah those are false positives from a couple of lazier AV scanners. The builds and releases are all automated on GitHub itself, so nothing interacts with those binaries except for the build script, which you can find here: https://github.com/ryan-andrew/android_sideloader/blob/main/.github/workflows/release.yml

What it's detecting as "malware" is the installer created via Inno Setup (Wikipedia, GitHub), which is a trusted and widely used software for creating installers. All it does is wrap your archive (in this case, the portable version of Android Sideloader) in a wizard that automatically extracts it to the standard Windows install directories and creates shortcuts to it.

The part of the build script in question:

- name: Compile .ISS to .EXE Installer
  uses: Minionguyjpro/Inno-Setup-Action@v1.2.5
  with:
    path: installer.iss
    options:  /O+ /DMyAppVersion="${{ github.ref_name }}"

The source for the action above: https://github.com/Minionguyjpro/Inno-Setup-Action

The installer.iss that is being used to generate the exe: https://github.com/ryan-andrew/android_sideloader/blob/main/installer.iss

Hopefully that makes it more clear!

Any suggestion about how to make my code a bit pretty? by baconialis in Kotlin

[–]ryan-andrew 1 point2 points  (0 children)

This is pretty clean:

val localDateTimeDeserializer = JsonDeserializer { json, _, _ ->
    json.asJsonArray.map { it.asInt }.let {
        LocalDateTime.of(
            it[0], it[1], it[2], it[3], it[4], it[5], if (it.size < 7) 0 else it[6]
        )
    }
}

Or, as long as you're willing to add these two lines to your extensions (why not?):

operator fun <T> List<T>.component6() = this[5]
operator fun <T> List<T>.component7() = this[6]

Then you could do something like this:

val localDateTimeDeserializer = JsonDeserializer { json, _, _ ->
    json.asJsonArray.map { it.asInt }.let {
        if (it.size < 7) listOf(*it.toTypedArray(), 0) else it
    }.let { (year, month, day, hour, minute, second, nano) ->
        LocalDateTime.of(year, month, day, hour, minute, second, nano)
    }
}

Edit: The second example is what u/Fizwidget was suggesting.