Skip to content

Publish privacy policy page and strip merged INTERNET permission#22

Merged
MustafaNazeer merged 2 commits into
mainfrom
feat/privacy-policy-page
Jun 7, 2026
Merged

Publish privacy policy page and strip merged INTERNET permission#22
MustafaNazeer merged 2 commits into
mainfrom
feat/privacy-policy-page

Conversation

@MustafaNazeer

Copy link
Copy Markdown
Owner

What

Adds the /privacy-policy route to the web showcase, rendering the full BaselineMS privacy policy at a public URL for the Play Console listing (Step 7 of the setup runbook). The page mirrors the methodology page pattern (static export, prose-doc styling) and is linked from the site footer. Developer location, contact email, and the effective date are filled in.

Why the manifest change rides along

The policy's strongest claim is that the Play listing shows no INTERNET permission. Inspecting the release merged manifest showed that the Play Services base libraries (transitive via the bundled ML Kit face detection dependency from the vision test) merge android.permission.INTERNET and android.permission.ACCESS_NETWORK_STATE into the final APK, which the Play listing would display. The source manifest was always clean; the gap was at the manifest merge level.

Two tools:node="remove" entries strip both permissions from the merge. The bundled ML Kit model performs inference locally and needs no network, so the strip is behaviorally inert. This restores the no network egress guarantee at the OS layer and makes the published policy accurate.

Verification

  • aapt dump permissions against the rebuilt app-release.apk: CAMERA and RECORD_AUDIO are the only runtime permissions; INTERNET and ACCESS_NETWORK_STATE are gone.
  • Unit suite unchanged at 458 passing, 0 failures, 4 skipped.
  • next build succeeds; the exported /privacy-policy page carries the corrected fields and no stale placeholders.
  • Vision test camera gate on a live emulator is deferred to the stacked user driven AVD walkthrough (the strip should be inert there, worth confirming).

Add the /privacy-policy route to the web showcase so the Play Console
listing has its required public privacy policy URL. The page renders the
full policy from the local drafting source with the developer location,
contact email, and effective date filled in, and is linked from the site
footer.

Stripping INTERNET and ACCESS_NETWORK_STATE with tools:node remove fixes
a merged manifest gap: the Play Services base libraries riding on the
bundled ML Kit face detection dependency merged both permissions into the
release APK, which would have surfaced on the Play listing and
contradicted the policy. The bundled model needs no network, so the strip
is behaviorally inert. Verified with aapt dump permissions against the
rebuilt release APK: CAMERA and RECORD_AUDIO remain the only runtime
permissions. Unit suite unchanged at 458 passing, 4 skipped.
The policy stated files/voice-audio/ but both ADR 0006 and the code use
files/audio_traces/. Code review caught the mismatch against the ratified
ADR path; the published page must name the directory the app actually
uses.
@MustafaNazeer MustafaNazeer merged commit 2f91d2c into main Jun 7, 2026
1 check passed
@MustafaNazeer MustafaNazeer deleted the feat/privacy-policy-page branch June 7, 2026 05:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant