Google API

Question

Google API

mark1282 opened this issue 4 years ago · comments

Where can I find the source code for the version of the app that is using the Apple/Google API. Are you guys working on that too?

Terence Eden · Answer 1 · Fri Jun 19 2020 16:12:29 GMT+0800 (China Standard Time)

We are working on it. The source code will be made open as soon as practically possible.

Craig Snowden · Answer 2 · Fri Jun 19 2020 23:56:03 GMT+0800 (China Standard Time)

@edent Any particular reason why the development isn’t being done in the open? Presumably the code is in a git repository already, maybe even a GitHub one, so it should take about the same time to respond to this comment to open it up? Seems a bit odd that this repo is a copy paste of presumably a live one.

Can see that the antibody-web project is being worked on in real time, presumably that’s because the development is NHSx internal?

Mark · Answer 3 · Sat Jun 20 2020 02:37:01 GMT+0800 (China Standard Time)

I'm also interested in this paradigm of having an public and private repo running in tandem. How do you manage keeping both repo's in sync?

Christopher Thomas · Answer 4 · Sat Jun 20 2020 18:13:34 GMT+0800 (China Standard Time)

Yes, I also don't see why this source code is not publicly available today, it takes 5 minutes to create a new repository and the code should already be open. So I don't understand the reasoning why we have to wait?

Andrea · Answer 5 · Sun Jun 21 2020 17:38:05 GMT+0800 (China Standard Time)

What about the backend side?
Will it be open source?

Terence Eden · Answer 6 · Mon Jun 22 2020 18:10:35 GMT+0800 (China Standard Time)

Hi all,
Here's a copy & paste of my answer in another repo ukhsa-collaboration/COVID-19-app-Android-BETA#49 (comment)

The app is still being actively developed in our private GitHub repos. We're learning from all your comments, along with the security issues raised through HackerOne.
At the moment, all of our effort is going into building, refining, and testing the app. The development team is focused solely on that.
Preparing the app for an open source release takes time. We have to make sure that all secrets and keys have been redacted, that all developers' personal details have been removed, that the git history doesn't contain anything untoward, that we haven't accidentally done something to compromise security, that the licence files are correct etc.
Additionally, it's difficult to code in the open on a high-profile project like this. We want to give our developers the space to work safely and effectively.
My job is to make sure that the source code gets released alongside the public binary - and that it is released under a FOSS licence. I'm working as hard as I can to achieve that goal.
Thank you all for holding us to account over this.

In response to your other questions - yes, I want to get the back end open sourced as well.

Terence Eden · Answer 7 · Fri Jun 26 2020 19:04:47 GMT+0800 (China Standard Time)

I'm pasting this message in every active GitHub issue, so you may receive duplicate notifications.

Today, I'm happy to announce that NHSX has released the full git commit history for the Isle of Wight Beta apps.

Android - https://github.com/nhsx/COVID-19-app-Android-BETA
iOS - https://github.com/nhsx/COVID-19-app-iOS-BETA

As discussed, we have redacted API keys, sensitive domain names, and some of the developers' personal details. I am still waiting on final approval to publish the server-side code.

I would like to personally thank the community for your comments, bug reports, and vulnerability disclosures. They all went into helping the development process.

The beta trial of this app has now ended and we've moved to the next phase of app development. It is our intention to publish the source code of future apps as the binaries are released to the public.

Once again, thank you for being part of this.

Terence Eden
Head of Open Technology - NHSX