Releases: davideagostini/android-build-analyzer
Releases · davideagostini/android-build-analyzer
Release list
Release v1.1.0
v1.1.0
Added
- Baseline generation with
generateAnalysisBaseline - Global rule suppression with
suppressedRuleIds - Application ID allowlist support with
applicationIdAllowlistPrefixes - Functional Gradle TestKit coverage for report generation and baseline behavior
- Regression tests for security rule edge cases
Changed
- Reduced
DEBUG_APP_IDfalse positives by switching to segment-based detection - Improved exported component checks to avoid duplicate findings
- Improved unused resource detection across code, XML, and manifest references
- Expanded dependency version checks to support BOMs and version catalogs
- Migrated plugin task wiring to lazy task registration
- Improved report incrementality and task correctness
Fixed
- Custom permission undefined detection logic
- Incorrect HTTPS remediation suggestion for malformed repeated
http://URLs analyzeApktask ordering when invoked together withassembleDebugorassembleRelease
Notes
analyzeApkdoes not build an APK automatically; runassembleDebugorassembleReleasefirst if needed- Dependency checks are best-effort and depend on repository metadata availability
- Android Build Analyzer is intended as a fast build hygiene and reporting layer, not a full SAST replacement
Release v1.0.1
-minor fixes
-add new features
-change plugin ID
Release v1.0.0
Add tags and update plugin version