security: restrict network to system CAs, tighten WebView capabilities; v1.9

- AndroidManifest: add networkSecurityConfig to explicitly trust only system CAs, preventing user-installed CA cert MITM attacks on claude.ai sessions - LoginActivity: set javaScriptCanOpenWindowsAutomatically=false (not needed for claude.ai login) and databaseEnabled=false (deprecated WebSQL) - build.gradle.kts: enable buildConfig generation (required for BuildConfig.DEBUG guards already used in UsageRepository) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-27 20:00:01 +00:00
parent ee68b11ad0
commit 6934017519
4 changed files with 14 additions and 4 deletions
@@ -11,8 +11,8 @@ android {
        applicationId = "me.khodak.claudeusage"
        minSdk = 26
        targetSdk = 34
-        versionCode = 9
-        versionName = "1.8"
+        versionCode = 10
+        versionName = "1.9"
    }

    signingConfigs {
@@ -44,6 +44,7 @@ android {

    buildFeatures {
        viewBinding = true
+        buildConfig = true
    }
 }