[stealth 09/11] Add stealth Android manifest filtering#8775
Conversation
There was a problem hiding this comment.
Pull request overview
This PR introduces an opt-in “stealth” Android manifest minimization flow, generating a filtered AndroidManifest.xml for stealth VPN vs no-VPN modes and wiring Gradle to consume the generated manifest when STEALTH_MODE is set.
Changes:
- Added a Python-based manifest filter to remove deeplinks, payment queries, wallet metadata, cleartext traffic, and (for
novpn) VPN-related services/permissions. - Updated
android/app/build.gradleto select a generated manifest when-PSTEALTH_MODEis provided and to generate it via a GradleExectask. - Added developer documentation describing the stealth manifest modes and how to build them.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 6 comments.
| File | Description |
|---|---|
scripts/stealth/android_manifest_filter.py |
New generator that filters the base Android manifest for vpn / novpn stealth modes. |
android/app/build.gradle |
Adds STEALTH_MODE parsing, generated manifest source selection, and a manifest generation task. |
docs/stealth-builds.md |
Documents how to invoke stealth builds and what each mode removes. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@copilot review |
Reviewed the current PR state at 85011ed. All previously flagged issues have been addressed:
|
|
@copilot review |
Fixed the remaining open issue in e834a7d: changed |
|
@copilot review |
|
@copilot review |
Reviewed the current PR state at e834a7d. All previously flagged issues have been resolved:
No new issues found. |
The open issue from the automated reviewer — missing docs for |
|
@copilot review |
63476bf to
19d484d
Compare
Introduces android_manifest_filter.py, a single transform engine that
produces vpn and novpn manifests from the parameterised source manifest.
Key points:
- Filter runs on the AGP-MERGED manifest (post-library-merge +
post-placeholder-substitution), hooked as a doLast on
process{Variant}Manifest. This is the only correct point: Stripe,
Google Play Billing, Firebase/MLKit AARs inject activities/services
that are absent from src/main/AndroidManifest.xml until merge time.
- STEALTH_MODE accepts stealth-vpn or stealth-novpn; the legacy
-PstealthNoVpn=true flag is preserved for backward compat.
- vpn mode strips: app-links, deeplinks, wallet/Stripe/payment
activities, GMS/Firebase services, MLKit providers, boot receiver,
broad-package-visibility and write-settings permissions, cleartext.
- novpn additionally removes: VpnService, BIND_VPN_SERVICE, quick-tile,
TUN/foreground-VPN permissions; injects SyncService (foundation.bridge)
as the neutral-named proxy service entry.
- foundation.bridge.SyncService extends NoVpnLanternService; manifest
declares it under the neutral name.
- MainActivity made open; vpnServiceClass dispatches to NetworkService
for stealth-vpn builds; STEALTH_NO_VPN gates all novpn code paths.
- Makefile: PYTHON ?= python3, stealth-manifest-filter-test target.
- CI: run stealth manifest filter tests before the Android build step.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
03076b1 to
0a082c2
Compare
reflog
left a comment
There was a problem hiding this comment.
Addressed all review comments from the earlier Copilot rounds in the amended commit (0a082c2). Critical fix: dropped ensure_remove_stubs + queries.set(TOOLS_NODE) entirely — remove_matching is the only deletion mechanism. Added 35 per-category absence tests. See inline reply summaries below.
|
Superseded — the 11 per-issue stealth PRs were consolidated into a 6-PR stack for epic getlantern/engineering#3569. This work now lives in #8860. |
Summary
Validation
Gradle was not run locally because this checkout does not include a gradle wrapper and no system gradle is installed.
Closes getlantern/engineering#3578