- Add support for incremental OTAs (PR #112)
- Note that generating an incremental OTA is out of scope for Custota (and avbroot). They'll have to be generated using other tools. (avbroot-inc-ota is one such tool, though it is tedious to build and requires compiling AOSP from source.)
- Add new
custota show-csig
subcommand for showing the contents of csig files (PR #109) - Switch to using a proper logging library in
custota-tool
(PR #110) - Add OS security patch level and vbmeta digest to the list of OS information presented in the UI (PR #113)
- Cancel periodic background job entirely when automatic update checks are disabled to avoid waking up the device for a no-op (PR #114)
- Update dependencies (PR #111, PR #115)
- Rebase icon off latest material system update icon (PR #102)
- Update all dependencies (PR #105)
- Only apply the unmetered network and battery level restrictions to the actual OTA installation, not the update check (Issue #104, PR #106)
- This also fixes the post-reboot OTA cleanup monitoring job and the revert update job so that they don't wait for a network connection or sufficient battery before running
- Improve workaround for the Android 15 bug where the periodic update check job is provided with a null
Network
even when a valid network is available (PR #107)- Custota will no longer show the annoying notification about the bug when it is encountered
- Enable predictive back gestures (PR #98)
- Let Magisk/KernelSU handle mounting
/system/etc/selinux/plat_seapp_contexts
(PR #99, PR #101) - Update all dependencies (PR #100)
- Add new
--csig-version
option to custota-tool to allow generating version 1 csig files (Issue #94, PR #95) - Ignore unknown fields in csig files and update JSON files to allow better backwards compatibility in the future (Issue #94, PR #96)
- Use the vbmeta digest in addition to the fingerprint to determine if the OS is update to date (Issue #38, PR #92)
- This means Custota will now report that an update is available if the OTA's contents changed, even if the OS version remains the same. OTAs where only Magisk/KernelSU/etc. is updated will now be properly detected as updates.
- This feature bumps the
.csig
file format version from 1 to 2. Older versions of Custota cannot read new version 2 files, but newer versions of Custota can read old version 1 files.
- Fix Cursor resource leak (PR #90)
- Minor notification code cleanup (PR #91)
- Update all dependencies (PR #93)
- Fix compatibility when installed alongside other modules that modify
plat_seapp_contexts
with upcoming versions of Magisk (PR #89)
- Fix custom CA certificates being mounted incorrectly (Issue #87, PR #88)
- If you use custom CA certificates, you will need to regenerate and flash the
system-ca-certs
module
- If you use custom CA certificates, you will need to regenerate and flash the
- Target API 35 (PR #82)
- Add support for local directory installation on older devices that use sdcardfs, like the Pixel 4a (Issue #83, PR #84)
- Fix "OS is already up to date" notification showing after a reboot (PR #81)
- Show notification for OTA cleanup phase following the reboot after an OTA is installed (PR #78)
- Fix the initializing OTA updater notification message being shown longer than expected (PR #78)
- Fix the pause, resume, and cancel buttons being shown during phases where they cannot work (PR #78)
- Show an indeterminate progress bar until the progress reaches 1% because the finalization and cleanup phases don't report any progress (PR #80)
- Fix incorrect gradle inputs causing Rust source code to not be rebuilt (PR #70)
- Use Material 3 switches for switch preferences (PR #71)
- Update dependencies (PR #73)
- custota-selinux: Prevent updating the modification timestamp of
/sys/fs/selinux/load
(Issue #72, PR #74)- Please note there are no plans to implement further ways of evading detection by apps. This workaround just happened to be easy enough to implement.
- Work around Android builds where the job scheduler implementation implementation is broken and returns a null
Network
instance (Issue #68, PR #69)- This appears to happen to some folks on the Android 15 beta. If this Android bug occurs, Custota will show a notification saying the
Require Unmetered Network
option must be disabled. This is required to work around the bug.
- This appears to happen to some folks on the Android 15 beta. If this Android bug occurs, Custota will show a notification saying the
- custota-selinux: Move workaround for broken linking on x86_64 from sepatch to cargo-android (PR #65)
- post-fs-data: Mount
plat_seapp_contexts
directly for better compatibility with other modules also need to modify the file (PR #66) - Update checksum for
tensorflow-lite-metadata-0.1.0-rc2.pom
dependency (PR #67)
- Log boot script output to logcat (PR #62)
- Replace custota-selinux with a new implementation based on the sepatch library (PR #63)
- Update all dependencies (PR #64)
- Update all dependencies (PR #59)
- Add prebuilt custota-tool binary for Android (aarch64) (Issue #60, PR #61)
- Build universal binary for macOS (PR #57)
- Fix
update_engine
failing with9/DOWNLOAD_TRANSFER_ERROR
on newer Android versions (PR #56)
- Add debug option for installing custom csig validation certs (Issue #47, PR #48)
- Update Kotlin and Rust dependencies (PR #49)
- Work around Android builds that lie about the security patch release in
Build.VERSION.SECURITY_PATCH
(Issue #51, PR #52) - Show a notification instead of hard crashing when Custota's
/system/etc/sysconfig/
is being ignored by Android (Issue #51, PR #53) - Work around crashes due to Android not invalidating the package manager cache when a device has the wrong system time during boot (Issue #51, PR #54)
This release has no changes for most folks, but does have a breaking change for those using custom CA certificates:
- Custota used to automatically copy all user CA certificates from Android's settings into
update_engine
's trust store. However, as of Android 14 QPR2,update_engine
has been changed to use the regular system trust store. Instead of adapting the feature to copy user CA certificates into the system trust store, the feature has been removed because it would impact the entire system instead of justupdate_engine
. - The custom CA certificate use case is still fully supported. The certificate just needs to be explicitly installed now. Please see this section of the documentation for details on how to do so.
Changes:
- Replace automatic installation of user CA certificates with a certificate module zip generator (Issue #42, PR #43)
- Switch to modifying
/system/etc/selinux/plat_seapp_contexts
(Issue #40, PR #41)- Fixes
ServiceNotFoundException
when connecting toupdate_engine
on Android 14 QPR2 (2024 March security update)
- Fixes
Happy New Year! avbroot 3.0.0 was also released today, which added support for patching the system partition's otacerts.zip
. With that change, Custota's customotacerts
module is no longer needed.
After updating to an OTA that was patched by avbroot 3.0.0 or newer, the customotacerts
module can be safely uninstalled.
Changes:
- Update all dependencies (PR #31)
- Build precompiled
custota-tool
executables as statically linked executables (PR #32, PR #35) - Fix minor clippy warning (PR #33)
- Remove
customotacerts
module (PR #34)
- Update all dependencies (PR #26)
- Add support for installing from a local directory (Issue #25, PR #27)
- Check for Content-Range in HTTP responses instead of Accept-Ranges (Issue #29, PR #30)
- Fixes compatibility with nginx
It's Android 14 release day! Any version of Custota can be used to initially upgrade to Android 14, but Custota 2.2 or newer is needed for future OTAs to be installed.
Changes:
- Update dependencies (PR #17, PR #20, PR #21)
- Fix non-UTF-8 paths not being accepted by custota-tool's
--cert
option on Linux (PR #18)
- Fix crash when showing error notification if the app cannot connect to
update_engine
(Issue #11, PR #12) - Explicitly create
/dev/selinux
during boot to fix SELinux patches on Android 14 (Issue #11, PR #14) - Refactor custota-tool to use code from avbroot (PR #13)
- Add Vietnamese translations (PR #6)
- Fix crash on initial app launch after installation (Issue #7, PR #8)
- Add hint text for OTA server URL text box (Issue #5, PR #9)
- Document how periodic update checks work (Issue #5, PR #10)
- Add support for signed OTA metadata (PR #2)
- This is a breaking change. A new
.csig
file needs to be generated for each OTA. See the documentation for instructions.
- This is a breaking change. A new
- Add section for bootloader unlock status (PR #1)
- Initial release