Shipfast Api Protection Versions Save

Learn practical Mobile and API security techniques: API Key, Static and Dynamic HMAC, Dynamic Certificate Pinning, and Mobile App Attestation.

2.2.0

3 years ago

ShipFast Mobile App

  • New build flavor to implement certificate pinning via the network security config file.
  • The Action bar on the top of the home screen shows now the demo stage and the API url being used to allow for more transparent demo.
  • Updated the Approov Service to support the latest Approov Sdk(2.6) when setting the pins.
  • Bugs fixed:
    • fixed last known location being null in the first launch on a brand new emulator.
      • defaults now to use the Google headquarters coordinates for Palo Alto.
    • only initiate the Approov service when in the Approov demo stage

NOTE: The Approov SDK included in the app-approov-release.apk release is under a proprietary license, not under the MIT license of this repo.

Docker Stack

  • Bugs fixed:
    • fixed the apk bash script for listing usb devices with whitespaces in the name
    • fixed and improved the apk bash script for parsing the device brand for when more then one result is found.
    • fixed missing directory when starting the project from scratch

Security

  • Updated NodeJS packages for ShipFast API and ShipRaider web interface.

2.1.0

3 years ago

ShipFast App

  • Fixed last known location being occasionally null.
  • Removed default location based on the driver coordinates.

NOTE: The Approov SDK included in the app-approov-release.apk release is under a proprietary license, not under the MIT license of this repo.

ShipRaider

  • Improved search for shipments to display them as they arrive from the backend.
  • Fixed displaying an alert error popup for each API call done when searching for shipments.
  • Added missing dependency.

Docker Stack

  • Fixed auto restart of the Android editor on close.

Security

  • Updated NodeJS packages for ShipFast API and ShipRaider web interface.

2.0.0

3 years ago

This release is the first compatible with the new advanced features in Approov 2, like dynamic certificate pinning.

Also makes use of the new Approov CLI Tool to simplify all your interactions with Approov during development, releases and production.

The ShipFast blogs series has now a pre-built APK for each demo stage as per the link in each blog to the specif APK on this releases page.

An online ShipFast API is also provided by us for each APK so that you can follow the blog posts without the need to deploy one.

The evil ShipRaider is also provided by us for each demo stage as per the link in each blog post.

NOTE: The Approov SDK included in the app-approov-release.apk release is under a proprietary license, not under the MIT license of this repo.

1.0.0

3 years ago

Compatible with Approov 1. For Approov 2 check releases 2.*.