Open Source Android Development Tools

I discovered I mistake I had made above, to clarify: android.jar for 14 is contained in sdk-repo-linux-platforms-eng.14.0.0_r3.zip (not sdk-repo-linux-build-tools-eng.14.0.0_r3.zip) and also in android-sdk_eng.14.0.0_r3_linux-x86.zip

The only zip with the EULA I’ve found so far (for SDK 14) is sdk-repo-linux-build-tools-eng.14.0.0_r3.zip, which contains a lot of tools that can be build standalone, and many already packaged by debian (aapt, aapt2, zipalign, apksigner, zipalign). The only important tool there that I’m personally missing from debian is d8, but there are also a few more.

Would it be feasible to look into rebuilding them some other way? Currently this set of archives seem like the only showstopping issue, if we trust the included NOTICE-files at heart.

Good question. I can take a look on Monday. For the NDK I went through each and every prebuilt for the license files and all checked out, but I still need to do the same with the SDK (as this discussion came up after I started building them). So let me run through those and make sure, and see if there are any we can redo.

Have you looked at the NDK yet? It would be good to double check mywork there.

I have not yet uploaded them, as I have been sick since morning.
Will upload them tomorrow once I have downloaded them.

No rush, we still have a lot of testing and building to do. Get better soon!

Awesome. For the SDK, I only think prebuilts/sdk and prebuilts/tools are a problem here. And it seems that EULA doesn’t “contaminate” any of the resulting zips, except the build-tools. Hopefully it’s the easier thing to work around/rebuild. Debian is already building most of them. As for r8 (one of the few parts of build-tools not yet packaged by debian), there even a prebuilts/r8 repo in case it turns out tricky to rebuild.

I too believe the NDK is free from any EULAs or questionable licenses. My only concern there (sorry if I sound like a broken record!) is the default build process doesn’t actually compile anything. But I’ve already said this so many times, you know what I mean. Sorry. Just out of curiosity, I just ran checkbuild.py --no-build-tests --module clang -v on a completely clean NDK checkout. It took only 3 seconds to complete, using only one core, and gave me a directory with a full clang toolchain ready to use. So I am 100% sure it didn’t recompile clang.

Anyway, it’s something to look at eventually, please try prioritize what you think is most important/fun.

And to both you and @vdbhb59: don’t burn yourselves out! I love that people are once again working on this. Just make sure it doesn’t grow too much and affect your time and health.

I hope it’s OK that I double-post… it got to cluttered trying to append this to my previous post:

In case it helps for the build-tools, after running lunch I found one can make individual programs, like make d8 (compiles for both gnu/linux and windows). And also to avoid the cross compile, make out/host/linux-x86/bin/d8. This build process does depend on things like prebuilts/sdk/tools which might explain why the EULA gets included… But these programs can still be built individually (from their own sources) without it, having clean floss/open licenses.

Or maybe we could skip the build-tools package entirely, since debian already provide almost all of the tools? @hans: I know you’re involved with the android packaging efforts in debian, can I ask how likely you think it is the current missing tools (primarily d8) will be packaged eventually?

Great detective work, yes, I also agree that for the NDK, it really is just repackaging everything in one zip.

Question for the group:

If the prebuilt binaries are all open source, and include the open source license, do we need/want to recompile them from source anyways? or is it good enough to trust that they are including the proper license because they were properly built the first time?

I’ll be going through the SDK in a bit, looking at each prebuilt for licensing, and seeing which ones need to be rebuilt from source (if possible).

In case it’s of any help, I’ve used the following to quickly search for the EULA:

find -iname "*NOTICE*" -exec grep "Except to the extent required by applicable third party licenses" {} \+

But I can’t guarantee it will find all of them. It just checks files with “notice” in the name (any case), for a part of the EULA legalese.

And that is a good point regarding recompiling or not. To me, using prebuilt binaries feels… “icky”. But at the same time, I also see no technical or legal issue with it. So, at least for me, I’d say it’s fine if rebuilding them gets tricky. Want? Yes. Need? No. After all, this certainly must have been the case with Beuc’s rebuilt NDK as well.

And this could even offer a shortcut to repackaging the build-tools without the EULA. Just git clone the individual prebuilts repos, copy them out and zip them up.

Today I went through every prebuilt that gets downloaded for the current version of the SDK. I looked at each license file and, unless I missed something (I’m only human), here is what I found:

Android Open Source Project - plain old Apache2.0:
  <project path="prebuilts/abi-dumps/ndk" name="platform/prebuilts/abi-dumps/ndk" groups="pdk-fs" clone-depth="1" />
  <project path="prebuilts/abi-dumps/platform" name="platform/prebuilts/abi-dumps/platform" groups="pdk-fs" clone-depth="1" />
  <project path="prebuilts/abi-dumps/vndk" name="platform/prebuilts/abi-dumps/vndk" groups="pdk-fs" clone-depth="1" />
  <project path="prebuilts/asuite" name="platform/prebuilts/asuite" groups="pdk" clone-depth="1" />
  <project path="prebuilts/bazel/common" name="platform/prebuilts/bazel/common" groups="pdk" clone-depth="1" />
  <project path="prebuilts/bazel/darwin-x86_64" name="platform/prebuilts/bazel/darwin-x86_64" groups="darwin,pdk" clone-depth="1" />
  <project path="prebuilts/bazel/linux-x86_64" name="platform/prebuilts/bazel/linux-x86_64" groups="linux,pdk" clone-depth="1" />
  <project path="prebuilts/bundletool" name="platform/prebuilts/bundletool" groups="pdk" clone-depth="1" />
  <project path="prebuilts/checkcolor" name="platform/prebuilts/checkcolor" groups="pdk" clone-depth="1" />
  <project path="prebuilts/clang-tools" name="platform/prebuilts/clang-tools" groups="pdk" clone-depth="1" />
  <project path="prebuilts/gradle-plugin" name="platform/prebuilts/gradle-plugin" groups="pdk,pdk-cw-fs,pdk-fs" clone-depth="1" />
  <project path="prebuilts/manifest-merger" name="platform/prebuilts/manifest-merger" groups="pdk" clone-depth="1" />
  <project path="prebuilts/maven_repo/bumptech" name="platform/prebuilts/maven_repo/bumptech" groups="pdk-cw-fs,pdk-fs" clone-depth="1" />
  <project path="prebuilts/module_sdk/AdServices" name="platform/prebuilts/module_sdk/AdServices" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/AppSearch" name="platform/prebuilts/module_sdk/AppSearch" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/Bluetooth" name="platform/prebuilts/module_sdk/Bluetooth" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/conscrypt" name="platform/prebuilts/module_sdk/conscrypt" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/ConfigInfrastructure" name="platform/prebuilts/module_sdk/ConfigInfrastructure" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/Connectivity" name="platform/prebuilts/module_sdk/Connectivity" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/DeviceLock" name="platform/prebuilts/module_sdk/DeviceLock" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/HealthFitness" name="platform/prebuilts/module_sdk/HealthFitness" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/IPsec" name="platform/prebuilts/module_sdk/IPsec" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/Media" name="platform/prebuilts/module_sdk/Media" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/MediaProvider" name="platform/prebuilts/module_sdk/MediaProvider" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/OnDevicePersonalization" name="platform/prebuilts/module_sdk/OnDevicePersonalization" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/Permission" name="platform/prebuilts/module_sdk/Permission" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/RemoteKeyProvisioning" name="platform/prebuilts/module_sdk/RemoteKeyProvisioning" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/Scheduling" name="platform/prebuilts/module_sdk/Scheduling" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/SdkExtensions" name="platform/prebuilts/module_sdk/SdkExtensions" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/StatsD" name="platform/prebuilts/module_sdk/StatsD" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/Uwb" name="platform/prebuilts/module_sdk/Uwb" groups="pdk" clone-depth="1" />
  <project path="prebuilts/module_sdk/Wifi" name="platform/prebuilts/module_sdk/Wifi" groups="pdk" clone-depth="1" />


Apache2.0/MIT/GPL/LGPL:
  <project path="prebuilts/android-emulator" name="platform/prebuilts/android-emulator" groups="pdk-fs" clone-depth="1" />
  <project path="prebuilts/cmdline-tools" name="platform/prebuilts/cmdline-tools" groups="pdk-fs" clone-depth="1" />
  <project path="prebuilts/devtools" name="platform/prebuilts/devtools" groups="pdk-fs" clone-depth="1" />
  
GPL2:
  <project path="prebuilts/jdk/jdk17" name="platform/prebuilts/jdk/jdk17" groups="pdk" clone-depth="1" />
  <project path="prebuilts/jdk/jdk11" name="platform/prebuilts/jdk/jdk11" groups="pdk" clone-depth="1" />
  <project path="prebuilts/jdk/jdk8" name="platform/prebuilts/jdk/jdk8" groups="pdk" clone-depth="1" />
  <project path="prebuilts/jdk/jdk9" name="platform/prebuilts/jdk/jdk9" groups="pdk" clone-depth="1" />
  <project path="prebuilts/qemu-kernel" name="platform/prebuilts/qemu-kernel" groups="pdk" clone-depth="1" />
  

GPL3:
  <project path="prebuilts/build-tools" name="platform/prebuilts/build-tools" groups="pdk" clone-depth="1" />
  <project path="prebuilts/checkstyle" name="platform/prebuilts/checkstyle" groups="pdk" clone-depth="1" />
  <project path="prebuilts/gcc/linux-x86/host/x86_64-linux-glibc2.17-4.8" name="platform/prebuilts/gcc/linux-x86/host/x86_64-linux-glibc2.17-4.8" groups="pdk,linux" clone-depth="1" />
  <project path="prebuilts/gcc/linux-x86/host/x86_64-w64-mingw32-4.8" name="platform/prebuilts/gcc/linux-x86/host/x86_64-w64-mingw32-4.8" groups="pdk-fs" clone-depth="1" />
  
MIT:
  <project path="prebuilts/ktlint" name="platform/prebuilts/ktlint" groups="pdk" clone-depth="1" />
  
  

Apache-2.0 with LLVM-exception license
  <project path="prebuilts/clang/host/linux-x86" name="platform/prebuilts/clang/host/linux-x86" groups="pdk" clone-depth="1" />
  <project path="prebuilts/clang/host/darwin-x86" name="platform/prebuilts/clang/host/darwin-x86" groups="pdk,darwin" clone-depth="1" />
  <project path="prebuilts/remoteexecution-client" name="platform/prebuilts/remoteexecution-client" groups="pdk" clone-depth="1" />

BSD-3:
  <project path="prebuilts/go/darwin-x86" name="platform/prebuilts/go/darwin-x86" groups="darwin,pdk,tradefed" clone-depth="1" />
  <project path="prebuilts/go/linux-x86" name="platform/prebuilts/go/linux-x86" groups="linux,pdk,tradefed" clone-depth="1" />



Multi-open source license:
	"SPDX-license-identifier-Apache-2.0",
        "SPDX-license-identifier-Artistic",  // yasm/bitvect.c dual-licensed Artistic OR GPL
        "SPDX-license-identifier-BSD",
        "SPDX-license-identifier-EPL",
        "SPDX-license-identifier-MIT",
        "SPDX-license-identifier-PSF-2.0"
  <project path="prebuilts/misc" name="platform/prebuilts/misc" groups="pdk" clone-depth="1" />

        "SPDX-license-identifier-Apache-2.0",
        "SPDX-license-identifier-BSD",
        "SPDX-license-identifier-CC0-1.0",
        "SPDX-license-identifier-GPL-2.0",
        "SPDX-license-identifier-ISC",
        "SPDX-license-identifier-MIT",
        "SPDX-license-identifier-W3C",
        "SPDX-license-identifier-Zlib",
        "legacy_unencumbered",
  <project path="prebuilts/module_sdk/art" name="platform/prebuilts/module_sdk/art" groups="pdk" clone-depth="1" />
  
  	"SPDX-license-identifier-Apache-2.0",
        "SPDX-license-identifier-BSD",
        "SPDX-license-identifier-ISC",
        "SPDX-license-identifier-MIT",
        "SPDX-license-identifier-NCSA"
  <project path="prebuilts/ndk" name="platform/prebuilts/ndk" groups="pdk" clone-depth="1" />

	"SPDX-license-identifier-Apache-2.0",
        "SPDX-license-identifier-BSD",
        "SPDX-license-identifier-ISC",
        "SPDX-license-identifier-MIT",
        "SPDX-license-identifier-Unicode-DFS", <-- Had to look this up, permissive to do anything.
        "legacy_unencumbered",
  <project path="prebuilts/runtime" name="platform/prebuilts/runtime" groups="pdk" clone-depth="1" />
  
	"SPDX-license-identifier-Apache-2.0",
        "SPDX-license-identifier-MIT",
        "SPDX-license-identifier-NCSA",
        "SPDX-license-identifier-BSD-2-Clause",
        "legacy_notice",
  <project path="prebuilts/rust" name="platform/prebuilts/rust" groups="pdk" clone-depth="1" />

	"SPDX-license-identifier-Apache-2.0",
        "SPDX-license-identifier-BSD",
        "SPDX-license-identifier-GPL",
        "SPDX-license-identifier-MIT",
  <project path="prebuilts/r8" name="platform/prebuilts/r8" groups="pdk" clone-depth="1" />


"SPDX-license-identifier-Apache-2.0",
        "SPDX-license-identifier-BSD",
        "SPDX-license-identifier-EPL",
        "SPDX-license-identifier-ICU",
        "SPDX-license-identifier-ISC",
        "SPDX-license-identifier-LGPL",
        "SPDX-license-identifier-LGPL-2.1",
        "SPDX-license-identifier-LGPL-3.0",
        "SPDX-license-identifier-MIT",
        "SPDX-license-identifier-MPL-1.1",
        "SPDX-license-identifier-NCSA",
        "legacy_by_exception_only", // by exception only
        "legacy_notice",
  <project path="prebuilts/tools" name="platform/prebuilts/tools" groups="pdk,tools" clone-depth="1" />
  
 
 "SPDX-license-identifier-Apache-2.0",
        "SPDX-license-identifier-BSD",
        "SPDX-license-identifier-CC0-1.0",
        "SPDX-license-identifier-FTL",
        "SPDX-license-identifier-GPL",
        "SPDX-license-identifier-GPL-2.0",
        "SPDX-license-identifier-ISC",
        "SPDX-license-identifier-LGPL",
        "SPDX-license-identifier-LGPL-2.1",
        "SPDX-license-identifier-MIT",
        "SPDX-license-identifier-MPL",
        "SPDX-license-identifier-MPL-2.0",
        "SPDX-license-identifier-NCSA",
        "SPDX-license-identifier-OpenSSL",
        "SPDX-license-identifier-Zlib",
        "legacy_permissive",
        "legacy_unencumbered",
  <project path="prebuilts/vndk/v29" name="platform/prebuilts/vndk/v29" groups="pdk" clone-depth="1" />
  <project path="prebuilts/vndk/v30" name="platform/prebuilts/vndk/v30" groups="pdk" clone-depth="1" />
  <project path="prebuilts/vndk/v31" name="platform/prebuilts/vndk/v31" groups="pdk" clone-depth="1" />
  <project path="prebuilts/vndk/v32" name="platform/prebuilts/vndk/v32" groups="pdk" clone-depth="1" />
  <project path="prebuilts/vndk/v33" name="platform/prebuilts/vndk/v33" groups="pdk" clone-depth="1" />
  

The only one that included an EULA, that I found, was this one:

Multi-license, with EULA:
    	"SPDX-license-identifier-Apache-2.0",
        "SPDX-license-identifier-BSD",
        "SPDX-license-identifier-CC0-1.0",
        "SPDX-license-identifier-CPL-1.0",
        "SPDX-license-identifier-MIT",
        "SPDX-license-identifier-NCSA",
        "SPDX-license-identifier-OFL", // by exception only
        "SPDX-license-identifier-Unicode-DFS",
        "SPDX-license-identifier-W3C",
        "legacy_unencumbered",
  <project path="prebuilts/sdk" name="platform/prebuilts/sdk" groups="pdk" clone-depth="1" />
  

So, the only one that included a EULA, was the SDK, which is funny when you are building the SDK.
The license file says that it is all open source licensed, but still includes a NOTICE text file with the EULA from Google.

By the way, you can check SPDX codes here:
https://spdx.org/licenses/

So, I will try to better look into just the one prebuilt: the SDK, and see if we can build the SDK without it. E.g., is this a prebuilt SDK, but not the SDK you build, or why would it take 40 minutes for my server to repackage an already built SDK?

Again, just like the question for the NDK: are the open source prebuilts acceptable?

So far, all we have is: it feels icky. Which is true. But we accept prebuilts from Debian, or other Linux distros, are these prebuilts okay?

We collectively have to decide this before we can continue. If the answer is no, we need to figure out how to build the proper version of each prebuilt.

For clarification, I looked for prebuilts/tools/common/api-versions/NOTICE, but it does not exist in newer versions of the prebuilt folder.

This raises another thought. We would have to check each version we are trying to build to see if it had a EULA tucked away somewhere, because every version could be different.

Great job! I didn’t know about SPDX. Thanks! Are you using a parsing tool to generate these lists?

I was really excited about yourprebuilts/tools findings! True, prebuilts/tools/common/api-versions doesn’t even exist anymore in new versions. However, please have a look at prebuilts/tools/LICENSE. At least when I look at the version in head, I see a 3. SDK License from Google, containing all the classics and my personal “favorite”, 3.3 Except to the extent required by applicable third party licenses, you may not copy (except for backup purposes), modify, adapt, redistribute, decompile, reverse engineer, disassemble, or create derivative works of the SDK or any part of the SDK. I hope I’m wrong here.

As for the topic of prebuilts. When I use debian, I am officially trusting them to not do anything nefarious. Like I trust them not to sneak a self-spreading compiler virus inside gcc. When it comes to google, I do not trust them to “don’t be evil.” Be it intentionally, under governmental pressure, or just plain incompetence, I really don’t trust them the way i trust debian. And trust f-droid, who are also building all apps from source just like debian.

But that is my feeling. I really appreciate that you are listening. And I think what you say is very true, this needs to be decided on by everyone. Hopefully some of the f-droid people can chime in.

I will say this: I think it will be very very hard to avoid the prebuilts in the build process. My understanding is the modern SDK has a circular build dependency on prebuilts. But the NDK maybe not (like rebuilding the clang binaries). BUT: as long as the produced zips don’t contain the EULA, that’s still the most important part. I think. I’m not a lawyer.

Also, I really love the idea of trying to plug the newly built SDK back in as a prebuilts/sdk and maybe break out of the provided license. In case it’s any help, I noticed a update-prebuilts.py inside it. But it might just be copying files out from google’s private build server. Their usual “throw it over the wall” approach. I do have a crazy, but I will wait with saying it yet. It’s silly.

Ah, okay, I see where you get that, when I didn’t!

So, referencing the specific file you are looking at: LICENSE - platform/prebuilts/tools - Git at Google

The LICENSE file seems to be a compilation of all of the licenses used in that repo, but there are three issues:

1. Line 456 delineates that this section applies to “common/api-versions/NOTICE”, but if you look, such a folder and files do not exist. So it is referencing something that is not part of it’s current build.
2. Line 458 says that this license applies to the Android SDK if it is included. Which is funny, because we are building the SDK.
3. All Android file repositories now have an Android.bp file which lists all the licenses for that repository. The Tools repository is found here: Android.bp - platform/prebuilts/tools - Git at Google

Which states that the licenses in use are:

license {
    name: "prebuilts_tools_license",
    visibility: [":__subpackages__"],
    license_kinds: [
        "SPDX-license-identifier-Apache-2.0",
        "SPDX-license-identifier-BSD",
        "SPDX-license-identifier-EPL",
        "SPDX-license-identifier-ICU",
        "SPDX-license-identifier-ISC",
        "SPDX-license-identifier-LGPL",
        "SPDX-license-identifier-LGPL-2.1",
        "SPDX-license-identifier-LGPL-3.0",
        "SPDX-license-identifier-MIT",
        "SPDX-license-identifier-MPL-1.1",
        "SPDX-license-identifier-NCSA",
        "legacy_by_exception_only", // by exception only
        "legacy_notice",
    ],
    license_text: ["LICENSE"],
}

So, it almost seems like something left over from something/time else. This is also why I missed it looking at first by hand, because if you open the LICENSE file, it starts with an open source license, then WAAAAYYY at the bottom is this EULA, followed by more open source licensing. Kind of sneaky.

But I am now confused. Do I believe the Android.bp file, which lists the licenses, or do I believe the LICENSE/NOTICE files?

To clarify, I emailed the four programmers who are listed in the OWNERS file for the Android SDK and just asked them point blank. Hopefully at least one will get back to me, and we can figure this out.

Essentially, what I am getting at is that all of the files are listed under open source licenses, but there happens to be a EULA in there. How can you have an EULA that states you can’t modify the files, when all of the files are open source licensed?

Just attempted to build the SDK without the prebuilt/sdk folder, and it will not build without the prebuilt/sdk folder and tools in it to build the tools you need to have.

Excellent digging into the prebuilts/tools license! Indeed, it seems to be a left over. That is promising! And I hope you get a reply from them about this. Good initiative. “Nothing ventured, nothing gained.”

Also, since the only built zip packages that have an EULA are the sdk-repo-linux-build-tools-alaskalinuxuser.zip ones (I think), do we even know if the EULA gets copied from the SDK prebuilts or the tools prebuilts? Because if it’s the latter, and if that is just an erroneous leftover, we may be close to getting rid of it!

By the way, I did a grep through ALL of the SDK source tree (for version 11 which is what I had at hand), and this is all I found:

...$ grep -r "This is the Android Software Development Kit License Agreement."
packages/apps/Dialer/java/com/android/dialer/about/res/raw/third_party_licenses:This is the Android Software Development Kit License Agreement.
prebuilts/sdk/NOTICE:This is the Android Software Development Kit License Agreement.
prebuilts/tools/common/api-versions/NOTICE:This is the Android Software Development Kit License Agreement.

My point is: I don’t think the EULA gets automatically inserted into the NOTICE.txt by some script. Instead it must have been copied from one of these three. And again, oddly, I only see it inside the build-tools packages (which would be more likely to require the prebuilts/tools and not prebuilts/sdk!). Not even the platforms which contains the android.jar has this EULA.

p.s. yes, removing either of the sdk or tools prebuilts makes the build fail. I already tried. But I can’t blame you for trying.

I’m pretty sure the Android SDK ELUA features some disclaimer to the effect of:

3.5 Use, reproduction and distribution of components of the SDK licensed under an open source software license are governed solely by the terms of that open source software license and not the License Agreement.

Which would appear to apply to the Apache 2.0 android.jar files.

So, not being the sharpest pencil in the box, I am still confused by this. Can you break down what that means?

The android.jar was just a positive example of a important file of the SDK that is distributed without the EULA. My point is almost none of the built packages contain the EULA. Only one of them.

And my hope is that we can trust this (the lack of an EULA): if a built zip package doesn’t contain the EULA, it doesn’t affect the contents, so only the build-tools package remains to solve. I could be wrong. I know Beuc started his rebuilds project explicitly because of the EULA (Rebuilding Android proprietary SDK binaries).

I too would be interested in this. I am not a lawyer. The 3.5 term is very interesting. I don’t think we ourselves should assume we can simply discard/remove the EULA without proper legal research. If it turns out there are parts of that zip that are under a restrictive license, it could constitute fraud. Although unlikely to be the case.

Right now, I am wondering if the one EULA that gets copied to the build-tools is just copied from the tools prebuilt. Because if so, and it doesn’t apply any more (after the api-versions removal), we might actually be close to a solution.

I was going to try inserting some random text into each EULA text, rebuild the SDK, and see which text gets copied to the resulting build-tools zip. But turns out I don’t have enough disk space to build the SDK at the moment.

In the meantime I will remove the builds from my server to avoid any nonsense legal stuff from foogle.

Sure, you should do what makes you feel best. I don’t think you have to worry about any legal issues. If they really do mind, they’ll probably just try to reach out to you first of all. But I’ve seen many mirrors/uploads of the SDK/NDK floating around, including a gigantic mirror still hosted by tencent.

Sorry for double posting, but I’ve now allocated more drive space and tried downloading the latest SDK (15.0.0_r9). But I’m running into a lot of issues with fatal: Not a git repository: "/buildmnt/15/down/.repo/projects/prebuilts/manifest-merger.git" and many others.

@alaskalinuxuser, I think you managed to build this version. Did you have any issues like this? Should I just continue and try building anyway? I was able to download 11.0.0_r27 a while back, but my goal was to try the latest version and see from which prebuilts the EULA gets copied. My hope is it’s from prebuilts/tools (since that EULA might not apply any more).

edit: to be clear, “/buildmnt/15/down/” is just my own directories, within it I am running repo init (succeeds) and repo sync (in which most git repos are downloaded, but some get errors like this)