Comments (7)
That sounds reasonable, actually, I also think that's how it should be.
I made a new issue at #263 to start working on it.
from songtube-app.
Sure,
MANAGE_EXTERNAL_STORAGE is only and exclusively requested when editing a song's artwork or tags, since write permission is required to do this action.
READ_EXTERNAL_STORAGE is used to fetch all songs from the device.
REQUEST_INSTALL_PACKAGES is needed for the in-app updates.
If this clarifies everything feel free to close this issue, otherwise, just let me know.
from songtube-app.
Thanks @Artx-II – added the first two to the allow list. As for the updater: is it opt-in or opt-out? Is explained where the APK is downloaded from? Are the implications clearly presented (e.g. they might bypass the extra screening in my repo¹)?
¹ no offense meant, but none of us is perfect – mistakes happen to the best of us. Wouldn't be the first time my scanner alerted of something that "slipped through" unintentionally.
from songtube-app.
When a new update is detected the app opens up a dialog with information like new version number, changes, etc... and a button to download and install the latest APK. Everything is extracted from this repository latest release and it's optional, you can simply choose to ignore and close it.
As for an explanation from where the update information and APK comes from, is not clarified in the app, I guess I should do that.
Here is the file from where the check happens and the information is extracted:
https://github.com/SongTube/SongTube-App/blob/development/lib/internal/models/update/update_manger.dart
And here is the dialog that pops up when a new update is detected:
https://github.com/SongTube/SongTube-App/blob/development/lib/ui/components/app_update_dialog.dart
That's all, let me know if I missed something!
from songtube-app.
Hm, OK – that would not meet my repo's (or F-Droid's at that) inclusion criteria.
I guess I should do that.
If I might suggest for that:
- have an option in settings whether the app should update itself, initialized with
NULL
. With this option, add the details (where the APK would be fetched from, plus the implications I mentioned above) in its description - on start of the app, if the option is NULL ask if it should be used or not (showing those details for an "informed consent"), then remember the choice
- now the other part can stay as-is, but update check is only performed when enabled
Those having installed from file (e.g. from releases here) can/will then choose to have the app perform the updates, those using e.g. my F-Droid repo can choose not to if they prefer the additional screening over "getting the update a few hours earlier".
That makes the updater checker opt-in, and thus meet the inclusion criteria. Functionality stays available, everyone happy (hopefully).
How does that sound to you? No "ultimatum" here, just trying to find the best way to deal with it.
from songtube-app.
Thanks! I'll add REQUEST_INSTALL_PACKAGES
to the allow-list when that's implemented then.
from songtube-app.
Related Issues (20)
- Video Not Playing HOT 2
- Feature Request: Add Support for SponsorBlock HOT 1
- Country Based Trendings HOT 3
- Enhancements
- Language settings reverting to english on every app restart.
- Tag editor buggy
- Ability to delete locally stored music files.
- an idea for the future of the app on windows and a feature HOT 1
- [Feat] Skip Silence
- app creates a playlist rather letting us read comments. HOT 1
- Download button hard to find HOT 2
- [FR] Create Music Playlist File with Segmented Download - easier to import into music players HOT 2
- [FR] Swipe and Double Tap on Artwork to control Music Player (similar to AIMP) HOT 3
- Cannot delete or modify Music Playlist of .m4a files created with Segmented Downloads [Music Player] HOT 1
- Unoptimized code
- Play/Resume Button for Notification Panel HOT 1
- Building app from source generates "Error running pod install" HOT 1
- Implement opt-in or out app updates HOT 2
- [FR] Resume music play when reconnected to Bluetooth device HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from songtube-app.