Search code examples
androidgoogle-playandroid-app-bundlebundletool

Code verification error when uploading AAB: "Files added after transparency metadata generation"

We have a problem with uploading the next version of the application. We use code transparency for bundle and when we try to upload to Google Store it returns an error:

An error occurred while running bundletool build-apks on your uploaded App Bundle. Ensure that your App Bundle is valid by running bundletool build-apks locally and try again. Learn more. Error: Verification failed because code was modified after transparency metadata generation. Files deleted after transparency metadata generation: [] Files added after transparency metadata generation: [/com/android/tools/build/bundletool/archive/dex/1_8_2/classes.dex] Files modified after transparency metadata generation: []

It took the previous (and first) version normally. At first I thought it was due to obfuscation, see documentation:

Known limitations Apps using anti-tamper protection or any other service that makes code changes after the code transparency file is generated will cause the code transparency verification to fail.

So I tried turning it off, but it didn't help. I tried to generate APKS locally, that was no problem, as well as the local code-transparency verification went fine. Unfortunately, I couldn't find any mention of this problem anywhere at all.

Solution

  • TL;DR: You can either: upgrade the bundletool that generates your app bundle to 1.13.1, OR (since upgrading wasn't possible in my case) follow these steps to disable the storeArchive feature in your app project, and then regenerate the .aab file.

    I had this exact same issue. This is an issue with bundletool version 1.13.1, and not the app bundle (.aab) or its code transparency file. The Google Play Console must have updated to 1.13.1 recently and that's why it's failing.

    I went through the source code and here's why this is happening:

    1. The .aab and code transparency file of your app correctly match. The .aab does not have a file at 1_8_2/classes.dex, and thus the code transparency file says there is no file at 1_8_2/classes.dex. The code transparency files list is empty.
    2. When bundletool 1.13.1 validates the code transparency file, it creates a the list of files in the bundle, and then artificially adds 1_8_2/classes.dex to this list. This did not happen in version 1.11.0.
    3. bundletool checks the bundle file's list it created in Step 2 against the code transparency file in Step 1. The code transparency file is empty, eg. it has no record of 1_8_2/classes.dex. However the list from Step 2 contains this file, and only because the tool added it. So it spits out the error message saying that someone added that file to your bundle after the transparency file was generated.

    According to the source code, you can keep Step 2 from happening by disabling the storeArchive feature. There are multiple ways to do this, but I simply added res/xml/com_android_vending_archive_opt_out.xml to my app:

    <?xml version="1.0" encoding="utf-8"?>
<optOut />

    Then I regenerated my app bundle and was able to upload successfully to the Google Play Console.