Guidelines
MineSec's Package Registry Migration Guide

MineSec's Package Registry

Introduction

From the SDK version 1.10.105.12 onwards, we'll also publish the client-facing packages (SDKs, model classes, utils) via the Github Package Registry. Effectively it's just a private maven.

For client who are using previous version, you might need to provision the project accordingly:

Setup the maven credential

Note that you might want to set the credential in your machine's global gradle.properties instead of the project's gradle.properties and accidentally commit it into git

In your machine's global gradle properties:

# minesec client registry
MINESEC_REGISTRY_LOGIN=minesec-product-support
MINESEC_REGISTRY_TOKEN={token-value}

The token will be managed by our customer support team, if you want to request one please contact us

Then register the MineSec's GPR in dependencyResolutionManagement block in your project's root settings:

./settings.gradle.kts
dependencyResolutionManagement {
    repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
    repositories {
        google()
        mavenCentral()
 
        // if you need to support Huawei devices
        maven { url = uri("https://developer.huawei.com/repo/") }
 
        // MineSec's maven registry
        maven {
            val MINESEC_REGISTRY_LOGIN: String? by settings
            val MINESEC_REGISTRY_TOKEN: String? by settings
 
            requireNotNull(MINESEC_REGISTRY_LOGIN) {
                """
                    Please set your MineSec Github credential in `gradle.properties`.
                    On local machine,
                    ** DO NOT **
                    ** DO NOT **
                    ** DO NOT **
                    Do not put it in the project's file. (and accidentally commit and push)
                    ** DO **
                    Do set it in your machine's global (~/.gradle/gradle.properties)
                """.trimIndent()
            }
            requireNotNull(MINESEC_REGISTRY_TOKEN)
            println("MS GPR: $MINESEC_REGISTRY_LOGIN")
 
            name = "MineSecMavenClientRegistry"
            url = uri("https://maven.pkg.github.com/theminesec/ms-registry-client")
            credentials {
                username = MINESEC_REGISTRY_LOGIN
                password = MINESEC_REGISTRY_TOKEN
            }
        }
    }
}

The previous SDK version might need a bunch of dependencies added in your project. With the maven distribution, all the dependencies required by the SDK is now transitive. So we can safely remove them.

old version: (build.gradle.kts)
android {
    // configurations.all {
    //     exclude(module = "bcprov-jdk15on")
    //     exclude(module = "bcpkix-jdk15on")
    // }
 
    //.. other settings
}
 
dependencies {
    // distributed via `.aar` file, project unable to get the transitive dependencies
    // implementation(files("./libs/MineHades-1.10.105.12-rc-10.aar"))
 
    releaseImplementation("com.theminesec.sdk:minehades:1.10.105.12-rc-10") {
        exclude(group = "org.bouncycastle", module = "bcprov-jdk15on")
        exclude(group = "org.bouncycastle", module = "bcpkix-jdk15on")
    }
    debugImplementation("com.theminesec.sdk:minehades-stage:1.10.105.12-rc-10") {
        exclude(group = "org.bouncycastle", module = "bcprov-jdk15on")
        exclude(group = "org.bouncycastle", module = "bcpkix-jdk15on")
    }
 
    // you can safely discard the below dependencies, that previously need to manually added to your project
    // implementation("androidx.security:security-crypto:1.0.0-rc04")
    // implementation("androidx.security:security-identity-credential:1.0.0-alpha02") {
    //     exclude(group = "org.bouncycastle", module = "bcprov-jdk15on")
    //     exclude(group = "org.bouncycastle", module = "bcpkix-jdk15on")
    // }
    // implementation("com.google.android.gms:play-services-safetynet:18.0.1")
    // implementation("com.google.http-client:google-http-client-jackson2:1.43.3")
    // implementation("org.apache.commons:commons-lang3:3.12.0")
    // implementation("com.google.code.gson:gson:2.8.6")
    // implementation("com.github.megatronking.stringfog:xor:1.1.0")
    // implementation("com.fasterxml.jackson.core:jackson-core:2.14.2")
    // implementation("com.fasterxml.jackson.core:jackson-annotations:2.14.2")
    // implementation("com.fasterxml.jackson.core:jackson-databind:2.14.2")
    // implementation("org.jetbrains.kotlin:kotlin-stdlib-jdk8:1.9.21")
    // implementation("org.jetbrains.kotlinx:kotlinx-coroutines-android:1.7.3")
    // implementation("io.sentry:sentry-android:7.0.0")
    // implementation("com.huawei.agconnect:agconnect-core:1.7.3.302")
    // implementation("com.huawei.hms:safetydetect:6.7.0.301")
    // implementation("org.jetbrains.kotlinx:kotlinx-serialization-json:1.6.2")
    // implementation("org.slf4j:slf4j-api:2.0.9")
    // implementation("com.github.tony19:logback-android:3.0.0")
    // implementation("org.bouncycastle:bcprov-jdk18on:1.77")
    // implementation("org.bouncycastle:bcpkix-jdk18on:1.77")
    // // if you need to support Huawei devices & perform Huawei's SafetyDetect (equivalent of Google's SafetyNet)
    // // For details about the version
    // // see https://developer.huawei.com/consumer/cn/doc/development/Security-Guides/version-change-history-0000001050156329.
    // implementation("com.huawei.agconnect:agconnect-core:1.7.3.302")
    // implementation("com.huawei.hms:safetydetect:6.7.0.301")
}
OverviewIntegrity API Guide