[stealth 4/4] static leakage checks, CI gates & release/QA policy#8864
Draft
reflog wants to merge 1 commit into
Draft
[stealth 4/4] static leakage checks, CI gates & release/QA policy#8864reflog wants to merge 1 commit into
reflog wants to merge 1 commit into
Conversation
reflog
changed the title
This was referenced Jun 15, 2026
reflog
force-pushed
the
stealth/pr5-denylist-novpn
branch
from
32ed08d to
8c26ff5
Compare
reflog
force-pushed
the
stealth/pr6-leakage-policy
branch
from
6e5642d to
8d5bf20
Compare
reflog
force-pushed
the
stealth/pr5-denylist-novpn
branch
from
8c26ff5 to
00c9df6
Compare
reflog
force-pushed
the
stealth/pr6-leakage-policy
branch
2 times, most recently
from
2d3acae to
792afaf
Compare
reflog
changed the title
reflog
changed the base branch from
stealth/pr5-denylist-novpn
to
stealth/pr3-feature-logging
reflog
force-pushed
the
stealth/pr3-feature-logging
branch
from
b460d86 to
c672ff5
Compare
reflog
force-pushed
the
stealth/pr6-leakage-policy
branch
from
792afaf to
4385762
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds a set of “stealth” Android build post-processing and verification utilities: an artifact sanitizer, a static token leakage scanner with configurable modes, and a Flutter build wrapper for de-branding content, plus tests and documentation describing the intended QA/release policy.
Changes:
- Add
check_leakage.py+ JSON policy config to scan APK/AAB/ZIP artifacts (including nested archives/metadata) for forbidden identifiers, with unit tests. - Add
sanitize_android_artifact.pyto strip selected bundle metadata, scrub brand-only strings fromlibgojni.so, and optionally re-sign mutated APK/AAB artifacts, with unit tests. - Add
run_flutter_build.pywrapper to de-brand locale.pocontent, Dart string literals/i18n keys, and brand-named image assets during Flutter builds (restoring sources afterward), plus policy docs.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/stealth/sanitize_android_artifact.py | Implements archive mutation + native brand-string scrubbing and optional APK/AAB re-signing. |
| scripts/stealth/sanitize_android_artifact_test.py | Adds unit coverage for metadata stripping, scrubbing behavior, and signing invocation behavior. |
| scripts/stealth/run_flutter_build.py | Adds pre-build de-branding wrapper for locales, Dart literals/keys, and asset renames/replacements. |
| scripts/stealth/forbidden_tokens.json | Defines forbidden-token categories and scanning modes (stealth / stealth-vpn / stealth-novpn). |
| scripts/stealth/check_leakage.py | Implements recursive leakage scanning across directories and zip-like archives (incl. metadata/non-entry bytes). |
| scripts/stealth/check_leakage_test.py | Adds unit tests validating scanner behavior, allowlists, and error handling. |
| docs/stealth-leakage-checks.md | Documents how to run leakage checks and what each mode is intended to cover. |
| docs/stealth-builds.md | Documents stealth build QA and release policy, including complementary checks and acceptance criteria. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
reflog
force-pushed
the
stealth/pr6-leakage-policy
branch
from
4385762 to
63a0080
Compare
reflog
force-pushed
the
stealth/pr3-feature-logging
branch
from
c672ff5 to
d665771
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Part of epic getlantern/engineering#3569 — stacked PR 4/4, targets
stealth/pr3-feature-logging.Post-processing + static leakage checks (forbidden tokens, native symbols, manifest entries), APK/AAB sanitizer, CI gates, and the release/QA detection matrix + policy docs.
Implements #3628.
🤖 Generated with Claude Code