mardi 16 janvier 2018

Consider this before updating your app in Google Play

Context

There a lot of things happening when you deploy an update of your app on Google Play... One of the bad experiment I had lately was caused by Kaspersky free antivirus, one of the most popular tool for Android.

Looking at comment from people who updated my Bubble Level app, I discovered that Kaspersky free antivirus detected a threat in the latest update...


Kaspersky free antivirus screenshot

Too late, the app was already deployed and the number of bad comments from users were raising...

Uninstall peak after update

So had I to rollback the app version in production.

The problem

You cannot revert an app version in the Google Play console...

The solution(s)

Rebuild the app from the previous version tag from your VCS. But sometimes, it means downloading Gigs of old SDK, build tools, artefacts you don't care anymore... So here is a simple solution.
  1. Download previous apk from your Google Play publisher account
  2. Download apktool
  3. Decompile the app apk using apktool
  4. Update the apktool.yml to increase version code and version number
  5. Recompress the app apk using apktool
  6. Sign it using jarsigner from java distribution
  7. Align it using zipalign from android sdk distribution
  8. Upload your apk in your Google Play publisher account

Lesson learned

Have Kaspersky scan performed before release !
Enjoy !

Update

I oppenned a ticket using the Kaspersky free antivirus app, everything was solve within two days. Kaspersky updated its antivirus database. My app is no longer considered as a false positive...
Fork me on GitHub