M7: 2016 - Poor Code Quality

Unofficial Content

Actions by GeneXus

  • A debug certificate is used by the application along with the development process and its a requirement to generate a new valid certificate to upload the application to the Play Store on release. The debug certificate is not admitted by the Play Store.
  • The Android's debuggable property is disabled by default.
  • GeneXus updates third-party libraries to avoid dependencies with known vulnerabilities.
  • GeneXus implements the exception handling mechanism.
  • If GAM is used this denies default access to functionalities.
  • Uses ProGuard to obfuscate the code.

Actions by Developers

  • If an extensibility resource is used the developer must control that these products do not have vulnerabilities.
  • Manage application's certificates accordingly.