Checking if Aarogya Setu's Source Code Produces the App from Play Store
Aarogya Setu’s Android source code is supposedly on github. How do we know if it is the real app?
Setup
Get a copy of the APK (either from a device with it installed or from a web service like apkpure)
Clone the source code. git clone https://github.com/nic-delhi/AarogyaSetu_Android. If you have already, update to the latest with git pull
Update keystore.properties as per README.
Use a mock google-services.json. But replace the client_info.client_id and client_info.android_client_info.pakcage_name to the one expected nic.goi.aarogyasetu
Create a keystore (probably using Android Studio (Build -> Generate Signed APK))
Build
Execute the gradle task assembleRelease. Probably using Android Studio