未签名的版本APK未安装

Question

Just asking if it's the intended way or a "bug": On Android Studio 3.3 I've generated an APK with release flavour, from

Build -> Build Bundle(s)/APK -> Build APK

then i clicked "locate" and drag and drop the apk (the name is clearly saying that is unsigned) on the emulator (API level PIE). The installation fails with "app not installed". Is there a way to install a unsigned release version? Many thanks.

Answer 1

First of all, it's not a bug. Not allowing unsigned apks to install is one of security features. And unsigned apks have some use cases.

It's confusing but correct way ,for most of android app developers, to build a relase build, for public release, is Build -> Generate Signed Bundle / APK... .

Build -> Build Bundle(s) / APK(s) is for developpers and if signing setting is not set, it will generate unsigned apk. Signing setting can be set from File -> Project Structure... -> Modules/app -> Signing tab and Build Types tab -> release -> Signing Config.

Unsigned apk can also be signed with tools other than Android Studio. Publishers like Google, Amazon etc also do like this. They sign (wrap) apks with signatures other than the signatures which developpers have signed. "When to sign" is separated from build process, but it doesn't mean allowing unsigned apks to install on devices.

There are developper tools like apksigner , and it's one of tools. Developpers have rights to select signing tools. Unsigned apks are for them, I think.

Just for knowledge:
Some guys seems to find a way to temporally disable such security features like this .