Issue
When analyzing an APK, I've found a whole lot of .properties files in the archive's root, indicating the version numbers of Google Play services, Firebase and the Google HTTP client, for example:
version=19.2.0
client=firebase-database
firebase-database_client=19.2.0
These could theoretically be excluded from the package alike:
android {
packagingOptions {
exclude "firebase-*.properties"
exclude "play-services-*.properties"
exclude "google-http-client.version"
}
}
However, this issue suggests it would be the "intended behavior". So is it safe to exclude these seemingly useless files from the package - or are they required by Google Play, in order to expose these version numbers to automated package-content scans? Is the purpose of these version number files documented somewhere?
Here's a screenshot of what I'm talking about:
Solution
The part of the documentation, which answers the question, may have not existed back then:
Source: Dependency information for Play Console:
When building your app using AGP 4.0.0 and higher, the plugin includes metadata that describes the library dependencies that are compiled into your app. When uploading your app, the Play Console inspects this metadata to provide alerts for known issues with SDKs and dependencies your app uses, and, in some cases, provide actionable feedback to resolve those issues.
The data is compressed, encrypted by a Google Play signing key, and stored in the signing block of your release app. We recommend keeping this dependencies file for a safe and positive user experience. However, if you’d rather not share this information, you can opt out by including the following
dependenciesInfoblock in your module’sbuild.gradlefile.
android {
dependenciesInfo {
// Disables dependency metadata when building APKs.
includeInApk = false
// Disables dependency metadata when building Android App Bundles.
includeInBundle = false
}
}
Answered By - Martin Zeitler
