Is Google Play activating StrictMode for prelaunch tests?

731 views Asked by At

I have submitted an app to Google Play and the Play Console prelaunch tests show a number of API policy violations (use of restricted / unsupported APIs):

Google Play console

When I check the stack traces for these events I see that the API policy violation was detected by StrictMode. Here's one example:

StrictMode policy violation: android.os.strictmode.NonSdkApiUsedViolation: Lcom/android/org/conscrypt/ConscryptEngineSocket;->setHostname(Ljava/lang/String;)V
    at android.os.StrictMode.lambda$static$1(StrictMode.java:416)
    at android.os.-$$Lambda$StrictMode$lu9ekkHJ2HMz0jd3F8K8MnhenxQ.accept(Unknown Source:2)
    at java.lang.Class.getDeclaredMethodInternal(Native Method)
    at java.lang.Class.getPublicMethodRecursive(Class.java:2079)
    at java.lang.Class.getMethod(Class.java:2066)
    at java.lang.Class.getMethod(Class.java:1693)
    at e.g0.k.e.b(Unknown Source:1)
    at e.g0.k.e.a(Unknown Source:7)
    at e.g0.k.e.d(Unknown Source:4)
    at e.g0.k.e.e(Unknown Source:0)
    [...]

This puzzles me for a few reasons:

  1. I did not enable StrictMode in my app. Is Google modifying the submitted APK in order to enable StrictMode for the prelaunch tests? I couldn't find any information on this anywhere.

  2. I am ignoring the two warnings related to View and ViewGroup (according to the report, these are known issues related to AndroidX and I don't need to do anything about them). The other four issues are related to Conscrypt restricted APIs which are restricted starting with Android 11 (API level 30). My app targets Android 10 (API level 29) where usage of these APIs should be OK. Why are these reported as warnings / errors? Furthermore, why are 2 of them reported as warnings ("unsupported") and 2 of them reported as errors ("fully restricted")? (all 4 are OK in Android 10 and all 4 are restricted in Android 11)

1

There are 1 answers

6
Pierre On

Re #1, Google does not have to modify your APK to enable StrictMode. I believe it might be possible to enable it device wide.

Re #2, Looking at the restricted APIs for Android 10 in , I see that Lcom/android/org/conscrypt/ConscryptEngineSocket;->setHostname(Ljava/lang/String;) is on the blacklist, which means it should throw an error at runtime. Also, the setAlpnProtocols are on the greylist, not the blacklist, so that explains the difference between the warnings and the errors.