zipalignment compare now?
The output of zipalignment is:
Command:
./bin/repro-apk zipalignment /Projekte/AndroidStudioProjects/OpeningHoursManager/app/release/OpeningHoursManager_signed.apk /Projekte/fdroid/my_fdroid_repo/tmp/de.mepi0011.openinghoursmanager_10000.apk
Output:
ile='/Projekte/AndroidStudioProjects/OpeningHoursManager/app/release/OpeningHoursManager_signed.apk'
zipaligned (4-byte alignment) : yes
files with apksigner padding : 132
apksigner alignments from extra fields : 4 16384
most likely uncompressed .so page alignment : 16KiB
file='/Projekte/fdroid/my_fdroid_repo/tmp/de.mepi0011.openinghoursmanager_10000.apk'
zipaligned (4-byte alignment) : yes
files with apksigner padding : 0
apksigner alignments from extra fields : none
most likely uncompressed .so page alignment : 16KiB
I just canāt get it to work the reproducible builds. I donāt understand exactly what the problem is. In the meantime, Iāve spent more time trying to get reproducible builds to work than on the app development itself. Since this is a new topic for me, I need someone to provide me with detailed support. Maybe someone from the community can help me, otherwise Iāll have to give up.
post pictures/code of the errors you see now
then zipalign.py --page-size 16 --pad-like-apksigner --replace de.mepi0011.openinghoursmanager_10000.apk de.mepi0011.openinghoursmanager_10000_fixed.apk
will fix it
see context: GitHub - obfusk/apksigcopier: apksigcopier - copy/extract/patch android apk signatures & compare apks
here the latest output of fdroid build:
BUILD SUCCESSFUL in 2m 34s
53 actionable tasks: 53 executed
2025-09-20 07:06:03,869 INFO: Successfully built version 1.0 of de.mepi0011.openinghoursmanager from 7f3d941792c93116e08606c5a37e6d129ffcbc11
2025-09-20 07:06:03,913 DEBUG: Checking build/de.mepi0011.openinghoursmanager/app/build/outputs/apk/release/app-release-unsigned.apk
2025-09-20 07:06:03,915 INFO: Scanning APK with dexdump for known non-free classes.
2025-09-20 07:06:04,167 DEBUG: > /opt/android-sdk/build-tools/34.0.0/dexdump /tmp/tmpejaxgmdj/classes.dex
2025-09-20 07:06:07,822 DEBUG: > /opt/android-sdk/build-tools/34.0.0/dexdump /tmp/tmpejaxgmdj/classes2.dex
2025-09-20 07:06:10,546 INFO: Scanning APK for extra signing blocks.
2025-09-20 07:06:10,556 WARNING: Requested API level 34 is larger than maximum we have, returning API level 28 instead.
2025-09-20 07:06:10,569 INFO: Created directory for storing developer supplied reference binaries: 'tmp/binaries'
2025-09-20 07:06:10,569 INFO: ...retrieving https://codeberg.org/mepi0011/OpeningHoursManager/releases/download/v1.0/OpeningHoursManager_signed.apk
2025-09-20 07:06:10,571 DEBUG: Starting new HTTPS connection (1): codeberg.org:443
2025-09-20 07:06:11,045 DEBUG: https://codeberg.org:443 "GET /mepi0011/OpeningHoursManager/releases/download/v1.0/OpeningHoursManager_signed.apk HTTP/1.1" 200 7189572
2025-09-20 07:06:12,296 DEBUG: tmp/binaries/de.mepi0011.openinghoursmanager_10000.binary.apk: Verifies
Verified using v1 scheme (JAR signing): false
Verified using v2 scheme (APK Signature Scheme v2): true
Verified using v3 scheme (APK Signature Scheme v3): true
Verified using v4 scheme (APK Signature Scheme v4): false
Verified for SourceStamp: false
Number of signers: 1
DOES NOT VERIFY
ERROR: APK Signature Scheme v3 signer #1: APK integrity check failed. CHUNKED_SHA256 digest mismatch. Expected: <c51b72654f06223e224bf62678baf15aece63a3951c9c7c74f69afec52d6e958>, actual: <1844afa0d0e4dd12604049ce41ec3520659d3129cf95370549aaeb105b8ad4de>
2025-09-20 07:06:12,579 ERROR:
/tmp/tmp5lppp741/sigcp_de.mepi0011.openinghoursmanager_10000.apk:
2025-09-20 07:06:12,579 INFO: ...NOT verified - /tmp/tmp5lppp741/sigcp_de.mepi0011.openinghoursmanager_10000.apk
2025-09-20 07:06:12,800 DEBUG: > diff -r /tmp/tmp5lppp741/tmp_binaries_de.mepi0011.openinghoursmanager_10000.binary /tmp/tmp5lppp741/_tmp_tmp5lppp741_sigcp_de.mepi0011.openinghoursmanager_10000
2025-09-20 07:06:12,902 WARNING: Keeping failed build "tmp/de.mepi0011.openinghoursmanager_10000.apk"
2025-09-20 07:06:12,902 DEBUG: removing tmp/binaries/de.mepi0011.openinghoursmanager_10000.binary.apk
2025-09-20 07:06:12,927 ERROR: Could not build app de.mepi0011.openinghoursmanager: compared built binary to supplied reference binary but failed
==== detail begin ====
verification of APK with copied signature failed
Comparing reference APK to APK with copied signature...
Unexpected diff output:
==== detail end ====
2025-09-20 07:06:12,927 DEBUG: Error encountered, stopping by user request.
Uploading artifacts for failed job 00:02
Uploading artifacts...
repo/: found 3 matching artifact files and directories
unsigned/: found 1 matching artifact files and directories
tmp/: found 3 matching artifact files and directories
Uploading artifacts as "archive" to coordinator... 201 Created correlation_id=21eb48106ac749d3b010e12edc3c3147 id=11427514843 responseStatus=201 Created token=6a_SEXsWY
Cleaning up project directory and file based variables 00:01
ERROR: Job failed: exit code 1
The complete output can be found here.
The file de.mepi0011.openinghoursmanager_10000.apk the the build output of fdroid build -v -t de.mepi0011.openinghoursmanager(local on my PC).
I think it makes no sense when I align this file, because when I build it again and compare it with the reference, the error occurs again.
It makes sense to check if aligning fixes it.
Then we can add the alignement step to the f-droid recipe to match yours 
Where do I add the alignement step? Can I use the F-Droid metadata YAML file postbuild field?
Yes, grep fdroiddata for the same line more or less
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.