Firebase crashlytics: Non-registered testers sign up - firebase

I am using Firebase Crashlytics in my Android app. At this point, my app is exclusively available as an internal test version which is only visible to 3 known testers (set up within Google Play console). Everything works well and I see my crashs in the console.
However, I keep getting crash resports of totally unknown users who are not registered as testers. I can see these users in the Authentication tab in the Firebase console. Here is a snippet:
I see crash reports of totally unknown devices which definitely do not belong to any of my registered testers. They are definitely not coming from an emulator.
QUESTION: Does anyone have an idea where these users come from and how they can access an app in the internal test track?

OK, if anyone has the same question: I got this answer here:
Google/Android runs some automated bot tests on your app.
Would be great if that were documented somewhere...

Related

Allowing my team members to sign in with Google - Flutter - Firebase

I added an option to sign in with Google but, to my understanding, it only works for me because my SHA-1 signature is in the Firebase settings page so it'll only work for me but not for them.
We're a team of 10 people and I don't want everyone to start adding their own signatures if possible.
Is it at all possible to make this happen in debug mode? We're not in release yet.
P.S if I'm wrong about the reason and it should work fine with only my SHA-1 fingerprint, what is the issue?
I'm not sure if it's different if we deploy the app on play store, but if you've not deployed yet and just downloaded the apk from Android Studio / VS Code then anyone with a valid Gmail account can sign In.
I've also developed google sign in for my app and people are able to login.
Can you share the setup and code it can help us to narrow down the issue.

Firebase Storage Image Not Showing

Firebase Storage Image not showing for 2/3 days. I have some published apps, inside those apps have some Images showing from Firebase Storage and now suddenly it is not showing/viewing. I have also checked those images from Browser > Firebase Console > Storage, but it is not showing image preview and shows: "Error loading preview". But My Firebase Firestore data is showing without any error. I checked Storage Quota, no issue about that. My Firebase Plan is "Blaze" Pay as you go.
Now, what steps should I take to solve the problem? Can anybody help me regarding this issue?
This is not firebase problem, i already contacted with firebase team.
This problem happening from 29th December from Bangladesh.
I think this is an mistake from BTCL, now you can use VPN but this is not solution,
We have to wait or have to communicated with BTCL for solve this issue.
I even couldn't deploy firebase functions using firebase-tools from Bangladesh.
So I contacted firebase team and seems they have nothing to do as this is a country specific problem.
For now I am deploying functions from a headless remote environment.
This issue needs to be sort out either BTRC or google.

Your app contains an Intent Redirection vulnerability

I launched a game to the Google Play store recently and it was going good until now. I just received an email from Google that says that "One or more of your apps contains an Intent Redirection vulnerability that puts user data at risk " and tells me I need to fix it by August 13.
I personally don't collect or demand any user data or info. However, I used Google Admob ads with Facebook mediation and Unity ads in my game which may be the cause of this problem. So, my question is how to overcome this problem? They also said in the email to make changes in the manifest file. If any one has a similar problem and knows the solution for it, your help would be appreciated.
Here is the email:
"One or more of your apps contains an Intent Redirection vulnerability that puts user data at risk. On August 13, 2019, any apps that contain unfixed security vulnerabilities beyond the dates listed on your Play Console alerts will be removed from Google Play.
Action required
Sign in to your Play Console.
Select Alerts to see which apps contain a security vulnerability, and review the guidance on how to resolve the vulnerability.
Update your affected apps to fix the vulnerabilities.
Submit the updated versions of your affected apps.
Upon resubmission, your app will be reviewed again. This process can take several hours. If the app passes review and is published successfully then no further action is required. If the app fails review then the new app version will not be published and you will receive notification via email."
I was having the same issue "intent redirection your app(s) are vulnerable to intent redirection" and I added exported="false" in every activity, but still got rejected, then I realized the problem was in one of the payment libraries I was using, all I had to do is update the library and the new app update got live.
my issue was in RazorPay payment gateway, I updated it from 1.6.3 to 1.6.6 (latest)
implementation 'com.razorpay:checkout:1.6.6'
they already mentioned this issue here, check it out https://github.com/razorpay/razorpay-android-sample-app/issues/202
I have a same issue, actually Latest Unity Add Xiaomi SDK by default which cause this issue.
Simple remove Xiaomi from your Unity it will fix the issue.
We had received a similar email, In the Play Console/Alert tab, we found this
for us, the reason is "com.androidnative.features.social.common.SocialProxyActivity.StartActivity"
which come from Android Native asset[Ultimate Mobile] - Unity3D.
We used that asset for Advertisements, In-app purchase and play game services instead of using the original SDK. So the possible solution is to remove that asset from our game and use the original SDK.
Here is the Screenshot of my alert.
There are several points to keep in mind to resolve that issue:
The most confusing: you must rollout affected application fixed APK/AAB to 100% on all tracks where it had place to be. Important note is that among others you must rollout production track release to 100% in order to Google to reconstruct your issue.
In the new version of Play Console there is no way to find out any specific information about the issue so you should email Google Support to ask for details. As a respone you may possibly get obfuscated method or class signature, so you need to deobfuscate it.
Read carefully through official document to address issues and resolve them. Our application got rejected because SMS BroadcastReceiver did not apply any permission restraints.
Ihsan Ali
The problem is in the UnityChannel.aar file, you need to open it with the help of the archiver and open the AndroidManifest.XML. I in the line android:exported="true" wrote a false as indicated in the article in Google. Now publish the version and if the error will no longer be reported.
I had the same issue. Just remove xiaomi app game centre from your unity>>game build option. Disabling it will surely clear out the issue.

Android Fabric to Firebase migration effects on production app

I have gone through many of the Fabric and Firebase documentation to see what will happen to my production Android app, if I do not migrate or change the Fabric sdk.
If I don't do this, what will be the impact to my app, my users, myself (What Crash information won't I be able to see)
To be more specific:
Will the app be removed from the Play Store (Like what has happened for permission changes - I think this is not a serious problem and the app will not be removed)?
The app will not report any crash logs in Fabric
Is there a way to see the crash logs in Firebase without updating the app?
Any other changes I need to know about?
Kevin from Fabric here!
To answer your questions:
We haven't run into anyone having their app removed for permissions reasons after completing the migration - this shouldn't be an issue.
After setting up the migration, you will be able to see your Crashlytics information flowing to both your Fabric and Firebase dashboards without any further set up required.
The steps are:
-Make sure you're an admin in Fabric and have the "Owner" role in Firebase
-Head to https://fabric.io/firebase_migration
-Drag the desired Fabric apps to their locations in Firebase
-The apps will be linked and crashes will be viewable in both
As long as you continue to update the Crashlytics dependencies as normal you shouldn't see any disruptions to your crash logs in either dashboard as of now.
Check out our roadmap to learn more about migration plans feature rollout.

Migrating to FCM issue adding to console

After having issues with crashes in Android O and also seeing that GCM is fully deprecated we are trying to migrate to FCM. Keep in mind I did zero of the setup on this project, so I'm just trying to follow the migration guide. Our server side team is very busy right now, so I'm trying to make it as easy as I can for them.
So someone gave me owner permissions on the Google APIs dashboard for the project, where I can see that Google Cloud Messaging is enabled. So I gave owner permissions to an account we now use for all of our mobile online accounts and consoles.
Then I logged into the Firebase console, but when I click "add project" I do not have the option to import the existing GCM project, as the docs seem to say I should. It also doesn't show up for my personal work account either, even though it is also an "owner" account. I was really hoping to migrate this way so that we might not have to get new api keys.
However, I do see in the Google APIs dashboard that I can "enable" FCM from there. Will this create the Firebase project for me and if so will it generate new keys or can we use the old ones?
OR is it actually better to just create an entirely new FCM project?

Resources