{"id":13614024,"url":"https://github.com/wireapp/wire-android","last_synced_at":"2026-02-10T18:23:42.990Z","repository":{"id":36958858,"uuid":"269319743","full_name":"wireapp/wire-android","owner":"wireapp","description":"🤖 The new Wire client for Android","archived":false,"fork":false,"pushed_at":"2025-10-06T10:14:22.000Z","size":77783,"stargazers_count":201,"open_issues_count":10,"forks_count":43,"subscribers_count":13,"default_branch":"develop","last_synced_at":"2025-10-06T10:26:44.787Z","etag":null,"topics":["android","chat-application","e2ee","kotlin","mobile"],"latest_commit_sha":null,"homepage":"https://wire.com/en/download","language":"Kotlin","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wireapp.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-06-04T09:44:05.000Z","updated_at":"2025-10-06T09:35:18.000Z","dependencies_parsed_at":"2024-01-17T19:19:44.362Z","dependency_job_id":"3b39ae6f-b85b-4036-910f-eb5488224730","html_url":"https://github.com/wireapp/wire-android","commit_stats":null,"previous_names":["wireapp/wire-android","wireapp/wire-android-reloaded"],"tags_count":131,"template":false,"template_full_name":null,"purl":"pkg:github/wireapp/wire-android","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wireapp%2Fwire-android","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wireapp%2Fwire-android/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wireapp%2Fwire-android/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wireapp%2Fwire-android/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wireapp","download_url":"https://codeload.github.com/wireapp/wire-android/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wireapp%2Fwire-android/sbom","scorecard":{"id":571155,"data":{"date":"2025-07-21","repo":{"name":"github.com/wireapp/wire-android","commit":"44b64f066f9411324d700c9f54b2d713975d6535"},"scorecard":{"version":"v5.2.1-24-gc29a04d4","commit":"c29a04d46d1570393e94662bc34e9906398e1bfa"},"score":5.5,"checks":[{"name":"Code-Review","score":4,"reason":"Found 12/29 approved changesets -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU General Public License v3.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#license"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: jobLevel 'checks' permission set to 'write': .github/workflows/publish-test-results.yml:27","Info: jobLevel 'actions' permission set to 'read': .github/workflows/publish-test-results.yml:32","Info: topLevel 'contents' permission set to 'read': .github/workflows/build-develop-pr.yml:13","Info: topLevel 'actions' permission set to 'read': .github/workflows/build-develop-pr.yml:14","Info: topLevel 'actions' permission set to 'read': .github/workflows/build-develop-push.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/build-develop-push.yml:9","Info: topLevel 'contents' permission set to 'read': .github/workflows/build-main-pr.yml:10","Info: topLevel 'actions' permission set to 'read': .github/workflows/build-main-pr.yml:11","Info: topLevel 'contents' permission set to 'read': .github/workflows/build-main-push.yml:9","Info: topLevel 'actions' permission set to 'read': .github/workflows/build-main-push.yml:10","Info: topLevel 'actions' permission set to 'read': .github/workflows/build-production.yml:9","Info: topLevel 'contents' permission set to 'read': .github/workflows/build-production.yml:8","Info: topLevel 'contents' permission set to 'read': .github/workflows/build-release-candidate-pr.yml:13","Info: topLevel 'actions' permission set to 'read': .github/workflows/build-release-candidate-pr.yml:14","Info: topLevel 'contents' permission set to 'read': .github/workflows/build-release-candidate-push.yml:9","Info: topLevel 'actions' permission set to 'read': .github/workflows/build-release-candidate-push.yml:10","Info: topLevel 'contents' permission set to 'read': .github/workflows/build-unified.yml:17","Info: topLevel 'actions' permission set to 'read': .github/workflows/build-unified.yml:18","Info: topLevel 'contents' permission set to 'read': .github/workflows/check-kalium-commitish.yml:10","Warn: topLevel 'contents' permission set to 'write': .github/workflows/cherry-pick-pr-to-newer-release-cycle.yml:29","Info: topLevel 'contents' permission set to 'read': .github/workflows/code-analysis.yml:6","Warn: no topLevel permission defined: .github/workflows/crowdin-source-updater.yml:1","Warn: topLevel 'contents' permission set to 'write': .github/workflows/crowdin-translations-updater.yml:28","Warn: topLevel 'contents' permission set to 'write': .github/workflows/deploy-adr-docs.yml:11","Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy.yml:33","Info: topLevel 'actions' permission set to 'read': .github/workflows/deploy.yml:34","Warn: topLevel 'contents' permission set to 'write': .github/workflows/generate-changelog.yml:16","Warn: topLevel 'contents' permission set to 'write': .github/workflows/generate-screenshots.yml:7","Info: topLevel 'contents' permission set to 'read': .github/workflows/gradle-run-ui-tests.yml:7","Info: topLevel 'contents' permission set to 'read': .github/workflows/gradle-run-unit-tests.yml:6","Info: topLevel 'contents' permission set to 'read': .github/workflows/jira-lint-and-link.yml:8","Info: topLevel 'contents' permission set to 'read': .github/workflows/pr-author-assigner.yml:7","Info: found token with 'none' permissions: .github/workflows/publish-test-results.yml:1","Info: topLevel 'contents' permission set to 'read': .github/workflows/semantic-commit-lint.yml:8"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#token-permissions"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#vulnerabilities"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#security-policy"}},{"name":"Branch-Protection","score":8,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'develop'","Info: 'force pushes' disabled on branch 'develop'","Info: required approving review count is 2 on branch 'develop'","Warn: codeowners review is not required on branch 'develop'","Info: status check found to merge onto on branch 'develop'","Info: PRs are required in order to make changes on branch 'develop'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v4.14.0 not signed: https://api.github.com/repos/wireapp/wire-android/releases/232825579","Warn: release artifact v4.13.1 not signed: https://api.github.com/repos/wireapp/wire-android/releases/220696589","Warn: release artifact v4.13.0 not signed: https://api.github.com/repos/wireapp/wire-android/releases/218587021","Warn: release artifact v4.12.2 not signed: https://api.github.com/repos/wireapp/wire-android/releases/214831528","Warn: release artifact v4.12.1 not signed: https://api.github.com/repos/wireapp/wire-android/releases/213144075","Warn: release artifact v4.14.0 does not have provenance: https://api.github.com/repos/wireapp/wire-android/releases/232825579","Warn: release artifact v4.13.1 does not have provenance: https://api.github.com/repos/wireapp/wire-android/releases/220696589","Warn: release artifact v4.13.0 does not have provenance: https://api.github.com/repos/wireapp/wire-android/releases/218587021","Warn: release artifact v4.12.2 does not have provenance: https://api.github.com/repos/wireapp/wire-android/releases/214831528","Warn: release artifact v4.12.1 does not have provenance: https://api.github.com/repos/wireapp/wire-android/releases/213144075"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-unified.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/build-unified.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-unified.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/build-unified.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-unified.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/build-unified.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-unified.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/build-unified.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-unified.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/build-unified.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-unified.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/build-unified.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-unified.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/build-unified.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-unified.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/build-unified.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-unified.yml:231: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/build-unified.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-kalium-commitish.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/check-kalium-commitish.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cherry-pick-pr-to-newer-release-cycle.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/cherry-pick-pr-to-newer-release-cycle.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/cherry-pick-pr-to-newer-release-cycle.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/cherry-pick-pr-to-newer-release-cycle.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-analysis.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/code-analysis.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/code-analysis.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/code-analysis.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/code-analysis.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/code-analysis.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/code-analysis.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/code-analysis.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/code-analysis.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/code-analysis.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/code-analysis.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/crowdin-source-updater.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/crowdin-source-updater.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/crowdin-source-updater.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/crowdin-source-updater.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/crowdin-translations-updater.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/crowdin-translations-updater.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/crowdin-translations-updater.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/crowdin-translations-updater.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-adr-docs.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/deploy-adr-docs.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy-adr-docs.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/deploy-adr-docs.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/deploy.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/deploy.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/deploy.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/deploy.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-changelog.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/generate-changelog.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/generate-changelog.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/generate-changelog.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-screenshots.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/generate-screenshots.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/generate-screenshots.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/generate-screenshots.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/generate-screenshots.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/generate-screenshots.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/generate-screenshots.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/generate-screenshots.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-screenshots.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/generate-screenshots.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gradle-run-ui-tests.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-ui-tests.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gradle-run-ui-tests.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-ui-tests.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gradle-run-ui-tests.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-ui-tests.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gradle-run-ui-tests.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-ui-tests.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gradle-run-ui-tests.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-ui-tests.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gradle-run-ui-tests.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-ui-tests.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gradle-run-ui-tests.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-ui-tests.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gradle-run-unit-tests.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-unit-tests.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gradle-run-unit-tests.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-unit-tests.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/gradle-run-unit-tests.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-unit-tests.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gradle-run-unit-tests.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-unit-tests.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gradle-run-unit-tests.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-unit-tests.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gradle-run-unit-tests.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-unit-tests.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gradle-run-unit-tests.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/gradle-run-unit-tests.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/jira-lint-and-link.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/jira-lint-and-link.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-author-assigner.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/pr-author-assigner.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-test-results.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/publish-test-results.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-test-results.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/publish-test-results.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-test-results.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/publish-test-results.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-test-results.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/publish-test-results.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-test-results.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/publish-test-results.yml/develop?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/semantic-commit-lint.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/semantic-commit-lint.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/semantic-commit-lint.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/semantic-commit-lint.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale-issues-and-pr.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/wireapp/wire-android/stale-issues-and-pr.yml/develop?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/deploy-adr-docs.yml:28","Warn: npmCommand not pinned by hash: .github/workflows/publish-test-results.yml:73","Info:   0 out of  27 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of  33 third-party GitHubAction dependencies pinned","Info:   0 out of   1 npmCommand dependencies pinned","Info:   0 out of   1 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":9,"reason":"binaries present in source code","details":["Warn: binary detected: gradle/wrapper/gradle-wrapper.jar:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":10,"reason":"SAST tool is run on all commits","details":["Info: all commits (13) are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-20T16:23:31.925Z","repository_id":36958858,"created_at":"2025-08-20T16:23:31.926Z","updated_at":"2025-08-20T16:23:31.926Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279010951,"owners_count":26084841,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-12T02:00:06.719Z","response_time":53,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","chat-application","e2ee","kotlin","mobile"],"created_at":"2024-08-01T20:00:55.951Z","updated_at":"2025-10-12T09:58:36.533Z","avatar_url":"https://github.com/wireapp.png","language":"Kotlin","funding_links":[],"categories":[":shamrock:  **Categories**","Flutter Apps","Scala","Android Kotlin Project Showcase","App / Demo"],"sub_categories":[":iphone: Communication","Flutter Communication"],"readme":"# Wire™\n[![codecov](https://codecov.io/gh/wireapp/wire-android/branch/develop/graph/badge.svg?token=9ELBEPM793)](https://codecov.io/gh/wireapp/wire-android)\n[![Crowdin](https://badges.crowdin.net/wire-android-reloaded/localized.svg)](https://crowdin.com/project/wire-android-reloaded)\n\n[![Wire logo](https://github.com/wireapp/wire/blob/master/assets/header-small.png?raw=true)](https://wire.com/jobs/)\n\nThis repository is part of the source code of Wire. You can find more information at [wire.com](https://wire.com) or by contacting opensource@wire.com.\n\nYou can find the published source code at [github.com/wireapp/wire](https://github.com/wireapp/wire), and the apk of the latest release at [https://wire.com/en/download/](https://wire.com/en/download/).\n\nFor licensing information, see the attached LICENSE file and the list of third-party licenses at [wire.com/legal/licenses/](https://wire.com/legal/licenses/).\n\nIf you compile the open source software that we make available from time to time to develop your own mobile, desktop or web application, and cause that application to connect to our servers for any purposes, we refer to that resulting application as an “Open Source App”.  All Open Source Apps are subject to, and may only be used and/or commercialized in accordance with, the Terms of Use applicable to the Wire Application, which can be found at https://wire.com/legal/#terms.  Additionally, if you choose to build an Open Source App, certain restrictions apply, as follows:\n\na. You agree not to change the way the Open Source App connects and interacts with our servers; b. You agree not to weaken any of the security features of the Open Source App; c. You agree not to use our servers to store data for purposes other than the intended and original functionality of the Open Source App; d. You acknowledge that you are solely responsible for any and all updates to your Open Source App.\n\nFor clarity, if you compile the open source software that we make available from time to time to develop your own mobile, desktop or web application, and do not cause that application to connect to our servers for any purposes, then that application will not be deemed an Open Source App and the foregoing will not apply to that application.\n\nNo license is granted to the Wire trademark and its associated logos, all of which will continue to be owned exclusively by Wire Swiss GmbH. Any use of the Wire trademark and/or its associated logos is expressly prohibited without the express prior written consent of Wire Swiss GmbH.\n\n# Wire Android\n\n## What is included in the open source client\n\nThe project in this repository contains the Wire for Android client project. You can build the project yourself. However, there are some differences with the binary Wire client available on the Play Store.\nThese differences are:\n\n- the open source project does not include the API keys of 3rd party services.\n- the open source project links against the open source Wire audio-video-signaling (AVS) library. The binary Play Store client links against an AVS version that contains proprietary improvements for the call quality.\n\n## Required software\n\nIn order to build Wire for Android locally, it is necessary to have the following tools installed:\n\n- JDK 21\n- Android SDK\n- Android NDK\n\n## Gradle\n\nThese are the available `gradle` tasks via command line:\n\n - ```./gradlew compileApp```: Compiles the Wire Android Client\n - ```./gradlew assembleApp```: Assembles the Wire Android Client\n - ```./gradlew runApp```: Assembles and runs the Wire Android Client in the connected device.\n - ```./gradlew runUnitTests```: Runs all Unit Tests.\n - ```./gradlew runAcceptanceTests```: Runs all Acceptance Tests in the connected device.\n - ```./gradlew testCoverage```: Generates a report for test code coverage \n - ```./gradlew staticCodeAnalysis```: Runs static code analysis on the Wire Android codebase\n\n\n## Android Studio\n\nImport the project as a gradle project by browsing to the root path of the ```build.gradle.kts``` file of your project's directory.\n\n\n## Typical build issues\n\nIt might be that after cloning the Android project, some build issues appear on your IDE (IntelliJ or Android studio). To avoid most of these, make sure that:\n- After cloning the Android project, you have run `git submodule update --init --recursive` (to init any needed configuration within the embedded Kalium submodule project)\n- There is a valid SDK path on your `local.properties` AND `kalium/local.properties` files pointing to the Android SDK folder. In Mac, that folder can be usually found under `sdk.dir=/Users/YOUR_USER_FOLDER/Library/Android/sdk`. The IDE **will not** create `kalium/local.properties` automatically, so you might want to copy/paste the one in the project root\n- When you've already started working on the project adding some commits, it might occur that your local build breaks, if that is the case, make sure you've updated the `kalium` submodule reference by running: `git submodule update --remote --merge`\n\n# App flavours\n\nWe have a few different app flavours with different intended usages. Each app flavour has a different icon background colour to enable easier distinction.\nTo see how they are customised in details, check [the flavour configuration file](./default.json).\n\n\u003e [!NOTE]  \n\u003e For custom builds, we overwrite some of the flags, strings, and icons. Check the [CUSTOMIZATION.md](./CUSTOMIZATION.md) for details.\n\n| Name     | Icon background colour | Description / Intended Usage                                                                                                                                                                      | Logging Enabled | Default Backend |\n|----------|------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------|-----------------|\n| Dev      | 🔴 (Red)               | For developing new features. Bleeding edge. Unstable. Staging Backend. Eats experimental features for breakfast and drinks developers tears as dessert.                                           | ✅               | Wire Staging    |\n| Staging  | 🟡 (Orange)            | Mainly for QA to test a release-like app with a staging backend. Imitates the Production/Release application, having features flags following the Prod/White app below, but with extra dev tools. | ✅               | Wire Staging    |\n| Internal | 🟢 (Green)             | Currently unused (?). It was used in the past and _probably_ should be deleted any time soon.                                                                                                     | ✅               | Wire Prod       |\n| Beta     | 🔵 (Blue)              | Used by internal users within the company as dogfood. Some features that are not yet ready for the general public might be tested here first.                                                     | ✅               | Wire Prod       |\n| Prod     | ⚪ (White)             | The production app available to the general public.                                                                                                                                               | ✖️              | Wire Prod       |\n| F-Droid  | ⚪ (White)             | Also a production app available to the general public. Published on the F-Droid store, but without any closed-source software.                                                                    | ✖️              | Wire Prod       |\n\n## Logging\n\u003e [!IMPORTANT]\n\u003e Logs on all builds except Prod and F-Droid will be uploaded to a third party service for developer analysis.\n\u003e \n\u003e Logs on Prod and F-Droid can be enabled within the application, but they are **NOT** uploaded anywhere. Users can export and read the log files manually from the application.\n\u003e \n\u003e We do not log sensitive content (such as content of messages, encryption keys, etc.) in any way whatsoever. And things like unique identifiers are obfuscated.\n\n## Build Types\n\nThe apps can be built for release or debugging. Debug versions might have extra debugging tools, are not minified, and can be profiled if needed. In general, debug builds _run slower_ due to the lack of minimisation. \n\n## Contributing\n\nIf you want to contribute to Wire for Android, please refer to the [CONTRIBUTING.md](./CONTRIBUTING.md) file for more information.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwireapp%2Fwire-android","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwireapp%2Fwire-android","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwireapp%2Fwire-android/lists"}