Turns out I don't have Proguard activated on a live app that I have published to the Google Play store. It's not the end of the world since I don't have anything sensitive in the app (and I've found that I can decompile apps pretty well even when Proguard is applied).
My question is: If I apply Proguard and then upload a new .apk to Google Play, when my users update are they going to run into a problem?
One reason I ask is because I learned the hard way that changing the LAUNCHER activity in an app can make user-created shortcuts void in an updated version, so I'm trying to prevent causing any more inconvenience to my users.
If I apply Proguard and then upload a new .apk to Google Play, when my users update are they going to run into a problem?
No. You users are getting a compiled version of your application, not the raw sources.
As long as the package name remains the same and you sign the package using the same keystore you won't have any problems.
Related
I'm attempting to upload a build of an Android app to Google Play. I created a new keystore and signed it, but I get this error "You need to use a different package name" when I try to upload it.
I suspect that what happened is that another member of my team did this already but failed to commit their keystore file to version control. The app has never been published before, it is a new app.
I need a quick fix for this -- I won't be able to reach the team member who may have done this for several days. I tried removing the build that had been uploaded, but that didn't help.
Can I delete the entire app from Google Play and start over?
Can I change the package name? I've heard that this will work, but I'm not really sure what it entails. Do I have to actually change the package name of every class in my source code?
Thanks,
Frank
You can delete the application in the following cases
- Published apps or games that haven't been installed on any devices
- Published apps or games that no users are entitled to re-install
from here
also google does not allow uploading an app with a different signature and the same package name. What you can do now is to change the entire package name and this can be done easily in Android studio
More details
https://support.google.com/googleplay/android-developer/answer/9023647
I'm working on a react native project and I generated a keystore and released the signed apk to play store few days ago.
While working I mistakenly copied another keystore into the android/app directory in the project and since then could not return to the older version anymore. Checking version history of the keystore also states it was created today rather than modified today.
How can I get the keystore back when I don't have a Time Machine setup?
If you've lost your keystore, there is no way you can update that application on Google Play. If the app is significant (millions of installs), you might get help from Google Play support.
You can't. Your only option is using software that analyses your hard drive for files that were not overwritten physically yet.
Update: the play store support might be able to help you if you used the key only for uploading with Google Play App Signing
I know it is heartbreaking, but there is no way out!
You will have to unpublish the app and try again with different package name,
If you wish that doesn't happen again you should enable google play app signin, with this you can upload the same app again with a different keystore(the process requires some good work though). But if you haven't done that already there is no help.
The same thing has happened to me, luckily my app was in alpha at that time so there were no inconveniences to my users.
I am developing an Android application and in this application, I am using "In app billing" features.
I uploaded apk on the google console account and set the product id, price and other required things and saved all the data in the draft.(Application is still in draft mode).
I did not publish my app yet.
After a few minutes, I realized that I uploaded old signed apk file and keystore of this apk has already lost.
Now I want to remove this old apk file and want to upload a new one in draft mode.
My problems are :
How to remove the old apk file from the google console account.(In Draft Mode)
How to upload the new signed apk file with new key store (As I have
lost my old key store)
EDIT:
I want to publish the app with the same name and with same package name. I do not want to change my app name atleast.
This can now be done by going to Release management > Artifact library and deleting the APK.
You cannot delete the artifacts anymore.
Here's a part of my chat with Pete through the built-in help & support.
Pete:
Thanks for waiting. You can't remove an apk that you've already
served. Your next Production apk has to be version code 3 or higher.
Me:
So I can't just delete the artifact of that build?
Pete:
That's correct.
(P.S. He mentioned version code 3 because of my specific issue)
You can try KOTIOS's answer.
Delete the aab / apk file from the Google Play Console on the App Bundle Explorer under Release Tab
Then select the apk/aab file you want to delete from the List
Quoting Can we still remove never-published apps from Google Play?:
Well, the answer is that the strategy still works. If you've never
published the app, you can remove all traces of it from Google Play
and another publisher account can then upload an app with the same
package name. All you need to do is deactivate (if necessary) and then
delete all .apk files and the app will disappear from your developer
console.
If the app was ever published, this will not work. You can unpublish
an app, but you cannot delete any .apk files that were ever active
while the app was published. (This behavior is undocumented as far as
I can find.) This is unfortunate; it would be nice to be able to
completely remove all traces of an app that was never downloaded by
anyone. Even better would be a sandbox area that emulated all aspects
of Google Play, including buying your own app (and would support doing
it through the emulator).
I also discovered that the delays involved in propagating changes to
all Google Play servers seems worse than it did a year ago with
Android Market. In one case, when testing license responses I had to
wait two hours after uploading (but not publishing) an app before the
response came back as anything from "NOT_MARKET_MANAGED".
You can do this by upload new apk with upper version
and the old Apk will deactivated automaticly
I've just finished making some updates for a company's Android app, only to realize that they no longer have the private key that was used to sign the original release that went to the Android Market. If I understand correctly, this means that these changes can't be released as an update to the original app. I think the best option is to pull the original app from the market (it doesn't have many downloads or reviews) and re-release the app signed with a new key. However, I'm worried that Android Market might not allow an app to be released which is practically identical to an app that has already been released (e.g. same name, same icon, mostly the same functionality, etc.).
Has anyone been in this situation before? Did google allow you to re-release as a separate app to the Android Market?
You are correct in that you will have to release this as a new application with a different package name. You will have to pull the other app from the Market as it will no longer be updateable and your users will have to redownload the new version of the app.
I don't see any reason why Google would have any issues with this, it's a known issue that some developers/companies can come across when they loose their signing key. Also, as far as I know, Google doesn't closely monitor incoming apps unless they are being flagged.
I've seen some apps that have 10 versions of the same app in the Market, just so that they can have more visibility, which is something that I think Google needs to look out for.
If you just forgot password.
https://code.google.com/archive/p/android-keystore-password-recover/
If you replaced the existing key file.
1.Rename your package name.
2.Generate new signed apk but this time keep copy of the key and never lose it if you want to update your existing app.
I had a similar thing happen, and we had to change the package name even after pulling the original application from the market. I assume this is to protect users from 'accidentally' downloading a malicious update to an application they already have.
As of about August of this year (2011), the Android market has had the capability of uploading multiple APK's for the same package name. You should be able to remove the original APK and substitute a new one with the same package name now using that mechanism.
I haven't tried it yet, but we were able to upload multiple copies of our different applications that targeted specific platforms and it worked like a charm.
I have an app on the Android Market, and recently I was made aware that another publisher had uploaded it under a different name, and was giving it away for free.
I've never uploaded an apk that wasn't signed correctly in the official Google manner. What I'd like to know is, is code signing intended to prevent this kind of thing happening?
Can someone remove the license and add their own? Is this easy to do?
They'd have to do more than just take your APK and upload it under their account. The namespace which you create is unique to your application. So, at a minimum they've reverse engineered some of your code.
As long as somebody is able to pull your apk off of their device and re-package it, nothing can really stop them from uploading it to the market on their own. Report it to Google and you may want to look into using the licensing service.
There is nothing preventing someone from doing this. All code signing does is ensure your application has not been modified from the version you published. i.e. a modified version cannot be installed on top of an unmodified version. If your app has simply been republished without modification, it is no different from your own version. Only the distribution source has changed.
You will need to implement some kind of licensing to prevent piracy. Android code signing is not like iOS code signing (where apps on the store as actually signed by Apple, not just you).