Checking if Aarogya Setu's Source Code Produces the App from Play Store
Aarogya Setu’s Android source code is supposedly on github. How do we know if it is the real app?
- Get a copy of the APK (either from a device with it installed or from a web service like apkpure)
- Clone the source code.
git clone https://github.com/nic-delhi/AarogyaSetu_Android. If you have already, update to the latest with
keystore.propertiesas per README.
- Use a mock google-services.json. But replace the
client_info.android_client_info.pakcage_nameto the one expected
- Create a keystore (probably using Android Studio (Build -> Generate Signed APK))
- Execute the gradle task
assembleRelease. Probably using Android Studio