Skip to content

Releases: GrapheneOS/PdfViewer

20

28 Nov 18:57
20
Compare
Choose a tag to compare

Notable changes in version 20:

  • improve app compatibility by trying to load data with no MIME type passed
  • improve zoom gesture by scrolling during zooming to keep focus in the same place instead of the top left corner
  • simplify zoom gesture by migrating it to using a scale factor
  • hide text layer during scaling to avoid scrollable blank space when zooming out
  • raise minimum Chromium version for the WebView to 119 (will likely be raised much higher in the near future)
  • update pdf.js to 4.8.69
  • replace deprecated pdf.js renderTextLayer API usage with TextLayer
  • remove workaround for pdf.js text layer orientation bug which was fixed
  • set pdf.js isEvalSupported to false as redundant enforcement of our more complete approach of blocking dynamic code execution via Content Security Policy
  • update Android SDK to 35 (Android 15)
  • update target SDK to 35 (Android 15)
  • enable generation of v4 APK signatures
  • update Android build tools to 35.0.0
  • update Kotlin to 2.1.0
  • update Gradle to 8.10.2
  • update Android Gradle plugin to 8.7.2
  • update esbuild to 0.24.0
  • update AndroidX Appcompat library to 1.7.0
  • switch to KTX extension for AndroidX Core

A full list of changes from the previous release (version 19) is available through the Git commit log between the releases.


Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content Security Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.


This app is available through the Play Store with the app.grapheneos.pdfviewer.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.

Releases of the app signed by GrapheneOS with the app.grapheneos.pdfviewer id are published in the GrapheneOS App Store which provides fully automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel. These releases are also bundled as part of GrapheneOS and published on GitHub.

GrapheneOS users must obtain GrapheneOS app updates through our App Store since verified boot metadata is required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

19

08 May 04:19
19
Compare
Choose a tag to compare
19

Notable changes in version 19:

  • avoid crash from unhandled exception in PDF date parsing for displaying metadata (was not a regression in version 18)
  • update eslint to 0.21.1
  • avoid false positive lint checks

A full list of changes from the previous release (version 18) is available through the Git commit log between the releases.


Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.


This app is available through the Play Store with the app.grapheneos.pdfviewer.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.

Releases of the app signed by GrapheneOS with the app.grapheneos.pdfviewer id are published in the GrapheneOS App Store which provides fully automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel. These releases are also bundled as part of GrapheneOS and published on GitHub.

GrapheneOS users must obtain GrapheneOS app updates through our App Store since verified boot metadata is required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

18

07 May 19:53
18
Compare
Choose a tag to compare
18

Notable changes in version 18:

  • update pdf.js to 4.2.67
  • handle backwards incompatible pdf.js changes
  • use esbuild to handle building the viewer code
  • reorganize code, improve code quality and avoid deprecated APIs
  • update eslint to 9.2.0
  • update dependencies of npm dependencies
  • update Gradle to 8.7
  • update Android Gradle plugin to 8.4.0
  • update Android build tools to 34.0.0
  • update SDK to 34 (Android 14)
  • update target API level to 34 (Android 14)
  • update Kotlin to 1.9.24
  • update Material Components library to 1.12.0
  • update AndroidX Core to 1.13.1

A full list of changes from the previous release (version 17) is available through the Git commit log between the releases.


Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.


This app is available through the Play Store with the app.grapheneos.pdfviewer.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.

Releases of the app signed by GrapheneOS with the app.grapheneos.pdfviewer id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

17

04 Jul 00:09
17
Compare
Choose a tag to compare
17

Notable changes in version 17:

  • set zoom ratio to fit document to window size by default
  • decrease minimum zoom ratio to 0.2 from 0.5 (can zoom out much further)
  • replace custom file size parsing with Android implementation
  • avoid uncaught exception when parsing file sizes from certain Storage Access Framework providers
  • new text layer rotation implementation based on CSS transforms
  • update pdf.js to 3.8.162
  • update Material library to 1.9.0
  • update Kotlin to 1.8.22
  • update Gradle to 8.2
  • update Android Gradle plugin to 8.0.2
  • remove legacy roundIcon attribute
  • add Gradle verification metadata
  • add eslint integration
  • improve implementation quality including porting some code to Kotlin

A full list of changes from the previous release (version 16) is available through the Git commit log between the releases.


Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.


This app is available through the Play Store with the app.grapheneos.pdfviewer.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.grapheneos.pdfviewer app id are published in the GrapheneOS app repository and on GitHub. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Beta channel for both the Play Store and our app repository and then get moved to the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

16

05 Dec 09:08
16
Compare
Choose a tag to compare
16

Notable changes in version 16:

  • horizontally and vertically center canvas and text layer along with fixing text layer alignment in some cases
  • set minimum WebView font size to 1px instead of the default 8px to fix text layer alignment issues with tiny fonts
  • fix typo causing page rendering cache misses
  • add handling for exceptions caused by edge cases with PDF metadata
  • add handling for exceptions caused by edge cases with the 'Save as' feature
  • replace deprecated APIs
  • update pdf.js to 3.1.81
  • update Android Gradle plugin to 7.3.1
  • update Kotlin Gradle plugin to 1.7.22

A full list of changes from the previous release (version 15) is available through the Git commit log between the releases.


Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.


This app is available through the Play Store with the app.grapheneos.pdfviewer.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.grapheneos.pdfviewer app id are published in the GrapheneOS app repository and on GitHub. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Beta channel for both the Play Store and our app repository and then get moved to the Stable channel.

15

30 Sep 22:43
15
Compare
Choose a tag to compare
15

Notable changes in version 15:

  • improve password protected PDF UI
  • switch to Material You dynamic theme support
  • improve integration into system UI
  • add Android 13 themed icon support
  • use document activity launch mode to allow viewing multiple documents in separate activities at the same time when opened from another app like the system file manager
  • build with API 33 SDK
  • raise target API level to 33
  • update Android build tools to 33.0.0
  • remove unused and duplicate icons/strings
  • modernize code by replacing deprecated APIs/attributes, fixing lint warnings, etc.
  • update pdf.js library to 2.16.105
  • update Material library to 1.6.1
  • update AndroidX appcompat library to 1.5.1
  • update Gradle to 7.5.1
  • update Android Gradle plugin to 7.3.0
  • update Kotlin Gradle plugin to 1.7.20

A full list of changes from the previous release (version 14) is available through the Git commit log between the releases.


Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.


This app is available through the Play Store with the app.grapheneos.pdfviewer.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.grapheneos.pdfviewer app id are published in the GrapheneOS app repository and on GitHub. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Beta channel for both the Play Store and our app repository and then get moved to the Stable channel.

14

06 May 14:36
14
Compare
Choose a tag to compare
14

Notable changes in version 14:

  • add initial support for password protected encrypted PDFs
  • add support for saving current PDF ("Save as" entry in the menu)
  • move share action lower in the menu
  • remove obsolete zoom in / zoom out menu entries
  • simplify message for errors encountered opening PDFs
  • destroy WebView when activity is destroyed to release resources
  • extend Permissions Policy by disabling new standard feature flags
  • update Gradle to 7.4.2
  • update Android Gradle plugin to 7.1.3
  • update Kotlin Gradle plugin to 1.6.21
  • replace some of the deprecated Android APIs

A full list of changes from the previous release (version 13) is available through the Git commit log between the releases.


Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.


This app is available through the Play Store with the app.grapheneos.pdfviewer.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.grapheneos.pdfviewer app id are published in the GrapheneOS app repository and on GitHub. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Beta channel for both the Play Store and our app repository and then get moved to the Stable channel.

13

20 Mar 09:20
13
Compare
Choose a tag to compare
13

Full list of changes from the previous release (version 12). Notable changes:

  • add share action, which includes the ability to share with the OS printing system (we still plan on offering an internal print option using the internal PDF rendering for better security)
  • update pdf.js to 2.13.216
  • update other dependencies
  • update target API level to 32 (Android 12.1)
  • rename internal package name to app.grapheneos.pdfviewer to match app id
  • drop support for builds with legacy org.grapheneos.pdfviewer app id (GrapheneOS has transparently migrated to app.grapheneos.pdfviewer and the app uses app.grapheneos.pdfviewer.play on the Play Store now, users outside GrapheneOS need to uninstall the old variant of the app if they haven't moved to the new variant yet)

Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.

This app is available through the Play Store with the app.grapheneos.pdfviewer.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. This version has passed review and is available through the Play Store. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.grapheneos.pdfviewer app id are published in the GrapheneOS app repository and on GitHub. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

12

25 Feb 17:34
12
Compare
Choose a tag to compare
12

Full list of changes from the previous release (version 11). Notable changes:

  • detect severely out-of-date WebView (older than Chromium 89) and display an error page asking the user to update the WebView (will raise minimum version over time)
  • add separate release target for new Play Store release with app.grapheneos.pdfviewer.play as the app id (as opposed to the new standalone app.grapheneos.pdfviewer or the legacy org.grapheneos.pdfviewer) and a separate upload signing key for the app bundle

Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.

11

23 Feb 22:21
11
Compare
Choose a tag to compare
11

Full list of changes from the previous release (version 10). Notable changes:

  • improve layout
  • improve theme
  • improve dark theme support
  • improve app icons and use vector icons instead of bitmaps
  • center canvas
  • add edge-to-edge support
  • rename to app.grapheneos.pdfviewer with original-package set to the previous app id to preserve state in GrapheneOS (the rename will be shipped in the next release of GrapheneOS)

Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.