Giters

AndroidVTS / android-vts

Android Vulnerability Test Suite - In the spirit of open data collection, and with the help of the community, let's take a pulse on the state of Android security. NowSecure presents an on-device app to test for recent device vulnerabilities.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Check for update using the github API

SandroMachado opened this issue · comments

commented

Since the application was removed from the Google Play Store, a new method to warn the users that a new version of the application is available should be created.

Using the Github API it is possible to get the releases information and we can use that to query for the latest build and check if the app is already on that build. If not, prompt the user to update to the most updated release.

curl -i https://api.github.com/repos/nowsecure/android-vts/releases/latest

{
  "url": "https://api.github.com/repos/nowsecure/android-vts/releases/2291163",
  "assets_url": "https://api.github.com/repos/nowsecure/android-vts/releases/2291163/assets",
  "upload_url": "https://uploads.github.com/repos/nowsecure/android-vts/releases/2291163/assets{?name,label}",
  "html_url": "https://github.com/nowsecure/android-vts/releases/tag/v.13",
  "id": 2291163,
  "tag_name": "v.13",
  "target_commitish": "master",
  "name": "AndroidVTS v.13",
  "draft": false,
  "author": {
    "login": "Fuzion24",
    "id": 772364,
    "avatar_url": "https://avatars.githubusercontent.com/u/772364?v=3",
    "gravatar_id": "",
    "url": "https://api.github.com/users/Fuzion24",
    "html_url": "https://github.com/Fuzion24",
    "followers_url": "https://api.github.com/users/Fuzion24/followers",
    "following_url": "https://api.github.com/users/Fuzion24/following{/other_user}",
    "gists_url": "https://api.github.com/users/Fuzion24/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/Fuzion24/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/Fuzion24/subscriptions",
    "organizations_url": "https://api.github.com/users/Fuzion24/orgs",
    "repos_url": "https://api.github.com/users/Fuzion24/repos",
    "events_url": "https://api.github.com/users/Fuzion24/events{/privacy}",
    "received_events_url": "https://api.github.com/users/Fuzion24/received_events",
    "type": "User",
    "site_admin": false
  },
  "prerelease": false,
  "created_at": "2015-12-15T15:01:43Z",
  "published_at": "2015-12-15T15:04:55Z",
  "assets": [
    {
      "url": "https://api.github.com/repos/nowsecure/android-vts/releases/assets/1130370",
      "id": 1130370,
      "name": "androidVTS.apk",
      "label": null,
      "uploader": {
        "login": "Fuzion24",
        "id": 772364,
        "avatar_url": "https://avatars.githubusercontent.com/u/772364?v=3",
        "gravatar_id": "",
        "url": "https://api.github.com/users/Fuzion24",
        "html_url": "https://github.com/Fuzion24",
        "followers_url": "https://api.github.com/users/Fuzion24/followers",
        "following_url": "https://api.github.com/users/Fuzion24/following{/other_user}",
        "gists_url": "https://api.github.com/users/Fuzion24/gists{/gist_id}",
        "starred_url": "https://api.github.com/users/Fuzion24/starred{/owner}{/repo}",
        "subscriptions_url": "https://api.github.com/users/Fuzion24/subscriptions",
        "organizations_url": "https://api.github.com/users/Fuzion24/orgs",
        "repos_url": "https://api.github.com/users/Fuzion24/repos",
        "events_url": "https://api.github.com/users/Fuzion24/events{/privacy}",
        "received_events_url": "https://api.github.com/users/Fuzion24/received_events",
        "type": "User",
        "site_admin": false
      },
      "content_type": "application/vnd.android.package-archive",
      "state": "uploaded",
      "size": 2350365,
      "download_count": 2652,
      "created_at": "2015-12-15T15:04:49Z",
      "updated_at": "2015-12-15T15:04:53Z",
      "browser_download_url": "https://github.com/nowsecure/android-vts/releases/download/v.13/androidVTS.apk"
    }
  ],
  "tarball_url": "https://api.github.com/repos/nowsecure/android-vts/tarball/v.13",
  "zipball_url": "https://api.github.com/repos/nowsecure/android-vts/zipball/v.13",
  "body": " - Prioritize vulnerables which were positive on the device\r\n - Add intro/welcome screens\r\n - Add a test for CVE-2015-6616 from the December sec bulletin"
}

@Fuzion24 please let me know what do you think of this.

commented

I really like this idea. I have been (passively) working on a getting a github page up for the project, too. We can use this to allow people to sideload it.

commented

https://f-droid.org/repository/browse/?fdfilter=apktrack&fdid=fr.kwiatkowski.ApkTrack uses several sources (but not GitHub) to find latest versions.

It's also worth looking into adding VTS to F-Droid

#106 referenced above looks good once it's installed

commented

Since the application is only on github and all the development is based on github. Check only for the update on github should be enough. A better improvement to #106 is also introduce that check on a service that runs periodically on the device instead of just wait for the user action to check for updates.

commented

The original url doesn't work anymore: it's https://api.github.com/repositories/40509121/releases/latest now.

commented

@z3ntu, thanks, I will make a PR to update the URL.