ongov / openverify Goto Github PK
View Code? Open in Web Editor NEWThe open source Verify app by the Government of Ontario
License: Apache License 2.0
openverify's People
Contributors
Stargazers
Watchers
Forkers
67-6f-64 123chess456 willius95 kowalej kevan-y taselwyn pirateroberts98 interlocksystems dylex-suan murrfect juharris mindrages dbajar sneville-sourced frigyes06 sprgroup timsutton manouchehri roguesupport-scott jeffreyyuen alexbolods kotl grahammackay bpappin snax4a ti-sanchit erhiesfeka emadshihab alexkovalevich patrickking briansutelus maatticlabs scottjw ahebbdelopenverify's Issues
OpenSans font lacks licensing information
In /src/assets/fonts, the .ttf files for OpenSans have been included. However, no licensing information has been included in the font metadata for OpenSans.ttf or OpenSans-Italic.ttf, while incomplete information has been included for OpenSans-Bold.ttf.
To address this problem, consider downloading the OpenSans font files directly from Google's website:
https://fonts.google.com/specimen/Open+Sans
The "static" versions of the font (in the zip that you get when you click "download family") are both newer versions of OpenSans and include proper licensing information in the font metadata.
Update requested
Hello,
I am not able to create this update however was hoping that someone in the community can.
Starting Jan 28th, 2022, for the congregate care setting sector (Long Term Care, Seniors Residences etc). All staff and persons visiting will need to have 3 doses IF they were eligible for their 3rd dose by Dec 31, 2021.
A formula for this would be Dose 2 + 84 days is less than Dec 31, 2021 AND Has 3rd dose = PASS ; Dose 2 + 84 days is less than Dec 31, 2021 AND No 3rd Dose = FAIL ; Dose 2 + 84 days is greater than Dec 31, 2021 = PASS.
Is there any way this can be added?
Passport / Driver’s License Integration?
Is there any plans to integrate validating a Canadian passport, Ontario Driver's License, and/or OHIP card?
If this has already been discussed internally, I'd be curious to know what the decision was. (I'm considering forking this to add passport validation, unless there's some compelling UX reasons not to.)
Why would you open source?
isn’t that leaving a vulnerability to hackers to reverse the decryption and encrypt their own strings to make a QR code?
Anyone can use: https://github.com/EiNSTeiN-/chosen-plaintext
Could you *not* crush Git history?
Jumbo commits like 76c8ad3 are extremely annoying for outsiders.
I'm assuming this is done for privacy of the development team. Squashing multiple commits into a single commit really isn't needed for that...
If you want privacy for the dev team, look at something like: https://github.com/EMPRI-DEVOPS/git-privacy (or write your own little bash script, not that hard).
Document details of data collection practices and risks
Huge congrats to everyone at the Ontario Digital Service on this release! It's so great to see government resources going to creating quality open-sourced code like this (though would love even more if we could see all your hard work by also developing in the open from the get-go!)
Given the sensitive nature of a government-sponsored app dealing with plenty of personally identifiable information ("PII"), it seems important to be extremely transparent about exactly what data is collected, where, by whom, how, and how it is/will be used.
I'll share what I gleaned from my review of the code, but it would be great if others (preferably the original developers) could confirm what I've found, and add anything I'm missing. Ideally there would also be official documentation published with this sort of information, a discussion of the tradeoffs considered (thanks for some of that in #6 @spncrd !), and an official 3rd party analysis.
Short version
Overall the app seems well composed, and adequately documented. The app does have a brief summary of data collection and privacy practices, and a longer, app-specific privacy policy, which gives a reasonable overview of what information is collected. Both these documents, however, are (rightly) aimed at a fairly general (ie non-technical/privacy expert) audience. I'm not sure if a comprehensive privacy review was done internally, but I haven't found any further technical documentation, or the type of Privacy Impact Assessments called for by the Privacy Commissioner of Canada explaining the specifics (though certainly possible I missed it somewhere).
I found no major contradictions of the claims made in the privacy policy (though there were a few omissions). Most importantly, I found no indication that any PII related to the content of individuals' vaccine certificates is retained (ether on device, or by being sent to a server). The one piece of information collected by the core scanning code, is a signal sent to count when a passing, failing or invalid scan occurs, but no further info from the scanned certificate is included.
I have a few questions and recommendations of additional info that should either be covered in/linked from the privacy policy and/or added as docs to this repo:
-
It would be good to have a full list of the analytics events collected, and info about what additional data is sent with each event (see below for some of this information)
-
I didn't see any mention of the type of "device info" that is collected along with analytics events: https://firebase.google.com/docs/reference/functions/providers_analytics_.deviceinfo
-
What other info is reported from the iOS and Google app stores?
-
Explain what info is collected by web servers
The covid-19.ontario.ca site seems to be running a Drupal CMS, on an NGINX server, on Amazon infrastructure. Each of those layers collects data (IP, user agent, session cookies, etag cache info etc) by default -
The app's privacy policy page itself performs data collection through Google Tag Manager (ie for advertising, a separate product from Google Analytics), which, ironically, isn't mentioned either in the text of the privacy policy, or the site-wide privacy statement
-
The app itself only displays limited data from the certificate, but what is the risk if further certificate info is disclosed?
- What is all the info contained in the certificate?
- What is the patient identifier, and where else is it used? (ie is it an OHIP number, or linked to an OHIP number in a database somewhere? is it tied to other medical records or PII? etc)
- Are there legal protections to discourage such a disclosure if info is captured with a custom app?
-
It's not totally clear whether the web pages linked from the within the app are supposed to be covered by the site-wide privacy statement, the Verify app privacy policy, or both. But given the mention of "first-party cookies" (which are only used for tracking on web pages, not in apps) in the app privacy policy, it seems this is meant to apply to something beyond just the installed application. So would be good to clarify what is collected via Google web analytics on the Verify-related pages on covid-19.ontario.ca vs what is collected in-app
Longer version
I see two main parties who each may have a few types of potential privacy concerns
- Sharing of certificate-holder info
1.1 with the government
1.2 with the scanner operator
1.3 with third parties - Sharing of scanner-operator info
2.1 with the government
2.2 with third parties
For each of these, there are three main channels of data collection within the app that I looked in to:
- analytics collected using Google's Firebase Analytics service 1
- data collected via explicit requests to remote servers
- data stored on-device (only really relevant to sharing of certificate-holder info with the scanner operator)
There is also information collected:
- when the app is installed (and potentially uninstalled2) by the platforms' app stores
- when visiting web links provided by the app to get more info
Certificate-holder info
Info shared with the government and third parties
As mentioned above, there seems to be no certificate-holder PII sent off the device during scanning, only a record that some certificate was scanned, and the result of that scan as "passing", "failing", or an error
Info shared with the scanner operator
When a certificate is valid, 3 pieces of information from the certificate are shown to the operator:
- Full name
- Date of birth
- Status of the certificate as "Valid"
The operator is then supposed to check a photo ID. That ID of course contains further PII, but generally this info wouldn't be recorded.
When a certificate is invalid, the operator is simply told:
- "This certificate can not be used to enter"
- to ask for a newer certificate
- to direct the certificate holder to the info page or phone number (1-833-943-3900) which explains the results
If the certificate holder then visits that page or calls the phone number, it is safe to assume that there is some info recorded via Google Analytics and server logs for the web, or in a separate database for calls (as is the case for any web visit or phone call). But since both of these are general info channels, there isn't a significant risk of these being used as a way of identifying certificate holders with failing scans (apparently that phone number is the general line for the Provincial Vaccine Contact Centre)
I found no case where specific information about the vaccine (dose dates, brands, etc.) is shown to the operator.
I found no places where information related to individuals' vaccine certificates is retained on the device (scan results are cleared from the screen after being displayed for 30 seconds)
The biggest risk I see of certificate-holder information leakage to the scanner operator is the potential use of unofficial scanning applications, with extra functionality that extracts or retains more info than the official app. I haven't looked deeply into all the data contained within the certificate's QR code, but there is at least some additional info that shouldn't be shared/recorded without consent3. This includes birth date, info about which types of vaccine doses were received when, and some sort of patient reference identifier (not sure if this is tied to health card number or other records somewhere?). I don't immediately see an obvious commercially-motivated reason for businesses to collect the medical info, but just the basic biographical info could, for example, facilitate keeping a record of visitors for marketing purposes.4
Scanner-operator info
While more of the public discourse has centered on privacy concerns about certificate-holder data, there is also significant information shared from the scanner operator.
- In order to install the app, the operator likely visits the app website, where they are tracked by server logs and Google Analytics
- When the app is installed on the device, some device info is tracked by the app store and shared with the app publisher
- Whenever the app is started (and at least every 24 hours) the app downloads configuration data and checks the minimum acceptable app version. This allows tracking of usage, and collection of data about location tied to IP address
- While in use, the app uses Google's Firebase Analytics service to collect data about both every screen viewed in the app, and when specific actions are performed or events occur (more details below)
- There are a number of web links from within the app (listed below). Users clicking on any of those will be tracked.
- It is also possible to track if/when the app is uninstalled 2
While Firebase analytics collection initially appeared to be disabled, it turns out to be enabled immediately after the app is loaded (in non-development mode), with no option to opt out.
All of this data is also shared with Google, except the files.ontario.ca web access logs, which appears to be hosted (and therefore tracked) by Amazon' in their us-east-1 data center.
Firebase Analytics Events
The specific Firebase Analytics usage events are :
VACCINE_SCAN
CONNECTION_PROMPT
FLASHLIGHT_CLICK
VERSION_UPDATE_PROMPT
VERSION_UPDATE_CLICK
SCANNER_TIMEOUT
VERIFIED_TIMEOUT
LINK_CLICK
These events are sent to Firebase Analytics by the trackLogEvent() function (which also allows sending extra data, in addition to the even name).
That function is used in 20 different places, across 8 files:
OpenVerify/src/containers/home/Scanner.tsx
Line 160 in 3f60e99
OpenVerify/src/containers/home/Scanner.tsx
Line 167 in 3f60e99
OpenVerify/src/containers/home/Scanner.tsx
Line 179 in 3f60e99
OpenVerify/src/containers/home/Scanner.tsx
Line 183 in 3f60e99
OpenVerify/src/containers/home/Scanner.tsx
Line 204 in 3f60e99
OpenVerify/src/containers/home/Scanner.tsx
Line 268 in 3f60e99
In-App Webpage Links
The relevant in-app webpage links I found5 in the source code:
https://stage.files.ontariogovernment.ca/apps/verify/
https://www.ontario.ca/aide-preuve-vaccination
https://www.ontario.ca/getproof
https://www.ontario.ca/obtenirpreuve
https://www.ontario.ca/vaccine-proof-help
https://www.ontario.ca/verif
https://www.ontario.ca/verif-accessibilite
https://www.ontario.ca/verif-commentaires
https://www.ontario.ca/verif-conditions-utilisation
https://www.ontario.ca/verif-confidentialite
https://www.ontario.ca/verif-contact
https://www.ontario.ca/verif-divulgation-vulnerabilite
https://www.ontario.ca/verif-droits-dauteur
https://www.ontario.ca/verif-resultats
https://www.ontario.ca/verify
https://www.ontario.ca/verify-accessibility
https://www.ontario.ca/verify-contact
https://www.ontario.ca/verify-copyright
https://www.ontario.ca/verify-feedback
https://www.ontario.ca/verify-privacy
https://www.ontario.ca/verify-results
https://www.ontario.ca/verify-terms-of-use
https://www.ontario.ca/verify-vulnerability-disclosure
Footnotes
-
What is referred to in the privacy policy as "Google Analytics" seems to cover elements of both Google Analytics for Web, as well as Googles's (Firebase) Analytics for Apps. Confusingly "Google Analytics" was originally a completely different product from Google's Firebase Analytics. They've (kind of, partially) merged over time, but still collect different data from different sources. Google fully admits it's confusing, and tries to explain here: https://medium.com/firebase-developers/google-analytics-vs-firebase-analytics-vs-google-analytics-97ca645a8aff ↩
-
Neither Apple nor Google automatically track app uninstalls, but both make it possible for developers to do so via their push message notification services (Google Cloud Messaging and Apple Push Notification service respectively). Details: https://clevertap.com/blog/track-app-uninstalls-effectively/ ↩ ↩2
-
The app's terms of use do mention that the app shouldn't be used to collect any of this info, but there isn't really a practical way to enforce this, and a custom/modified app could just remove this term. I'm not sure what other legal prohibitions there are against recording this data? ↩
-
Because names, birth dates and addresses are also included on the licenses that most people will be using as photo ID, the risk here is more about the ease of collecting that data digitally without consent than it is about disclosing it at all in the first place ↩
-
found with
grep -r http src/ | grep -v apache.org | grep -v w3.org | grep -v __mocks | rev | cut -d" " -f1 | rev | sed 's/["'\'',]//g' | grep ontario | sort | uniq↩
Add A Security Policy To This Repository
For the sake of completeness, add a security policy to this repository using the information from https://covid-19.ontario.ca/verify-vulnerability-disclosure
Windows 8 Phone Support
Yes Hello, I was wondering if you will be supporting Windows 8 phones?
Apple Wallet integration
I know it seems the OpenVerify app is for businesses only.
I was just wondering if there will be a version of this app to allow end users to easily add their QR code to Apple Wallet.
Pull requests
Thank you so much to those who have submitted pull requests.
We are working through the policy and process challenges with accepting pull requests from the community. I will report back with updates as we move things along.
Patience is appreciated as this is a new frontier for us even in the Ontario Digital Service.
App crashes in local simulator
Hello, I tried to run the app locally.
I did:
yarn run update:pods
cp .env.template .env
after running yarn run ios app is opened in the simulator, splash screen pops up for 2 seconds, and then the app closes with the system problem report about unexpected app stop.
My IOS simulator version is: 13.1
My OS is macOS Monterey 12.0.1
The metro terminal is not displaying any error so I have no idea what may be wrong
Is Ontario joining the CommonTrust Network?
First of all, thank you for open sourcing this! I think you should link to the repository somewhere in the App Store description, it's quite nice to see things appear to have been done properly.
Does Ontario plan to join the CommonTrust Network? I live in a region where we already use the exact same SMART® Health Card QR codes, but Ontario's aren't recognized. (I personally already have a Cayman and Ontario enhanced vaccine certificate, but I'm thinking about others who travel and don't.)
Adding new health authority public keys to OpenVerify?
What is the procedure for non-Ontario health departments to have their public keys included? Having an open source app for others to build off of is a great start.
It would also be handy if there was an easy way to toggle in the UI which certificates are recognized, for smaller regions that don't have the technical capability to manage an app (but still want to retain some control over PKI). (I would expect this to be disabled in "official" apps like Verify Ontario, since it's a large region where you already have a huge enough IT department to manage an app.)
(Splitting this off from #4, as that ended up being mostly focused on having Ontario join the CommonTrust Network, rather than this actual app.)
Gradle error on importing Android project
I am getting Gradle error on Android project when I import to my android studio
Android Studio Arctic Fox | 2020.3.1 Patch 2
Build #AI-203.7717.56.2031.7678000, built on August 26, 2021
Runtime version: 11.0.10+0-b96-7249189 amd64
VM: OpenJDK 64-Bit Server VM by Oracle Corporation
Windows 10 10.0
GC: G1 Young Generation, G1 Old Generation
Memory: 1280M
Cores: 12
Registry: external.system.auto.import.disabled=true
Non-Bundled Plugins: com.thoughtworks.gauge, org.jetbrains.kotlin, org.intellij.plugins.markdown
ERROR
Settings file 'C:\Users\arpit\Downloads\OpenVerify-main\OpenVerify-main\android\settings.gradle' line: 2
A problem occurred evaluating settings 'OpenVerify'.
> Could not read script 'C:\Users\arpit\Downloads\OpenVerify-main\OpenVerify-main\node_modules\@react-native-community\cli-platform-android\native_modules.gradle' as it does not exist.
* Try:
Run with --info or --debug option to get more log output. Run with --scan to get full insights.
* Exception is:
org.gradle.api.GradleScriptException: A problem occurred evaluating settings 'OpenVerify'.
at org.gradle.groovy.scripts.internal.DefaultScriptRunnerFactory$ScriptRunnerImpl.run(DefaultScriptRunnerFactory.java:93)
at org.gradle.configuration.DefaultScriptPluginFactory$ScriptPluginImpl.lambda$apply$0(DefaultScriptPluginFactory.java:133)
at org.gradle.configuration.DefaultScriptTarget.addConfiguration(DefaultScriptTarget.java:74)
at org.gradle.configuration.DefaultScriptPluginFactory$ScriptPluginImpl.apply(DefaultScriptPluginFactory.java:136)
at org.gradle.configuration.BuildOperationScriptPlugin$1.run(BuildOperationScriptPlugin.java:65)
at org.gradle.internal.operations.DefaultBuildOperationRunner$1.execute(DefaultBuildOperationRunner.java:29)
at org.gradle.internal.operations.DefaultBuildOperationRunner$1.execute(DefaultBuildOperationRunner.java:26)
at org.gradle.internal.operations.DefaultBuildOperationRunner$3.execute(DefaultBuildOperationRunner.java:75)
at org.gradle.internal.operations.DefaultBuildOperationRunner$3.execute(DefaultBuildOperationRunner.java:68)
at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:153)
at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:68)
at org.gradle.internal.operations.DefaultBuildOperationRunner.run(DefaultBuildOperationRunner.java:56)
at org.gradle.internal.operations.DefaultBuildOperationExecutor.lambda$run$1(DefaultBuildOperationExecutor.java:71)
at org.gradle.internal.operations.UnmanagedBuildOperationWrapper.runWithUnmanagedSupport(UnmanagedBuildOperationWrapper.java:45)
at org.gradle.internal.operations.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:71)
at org.gradle.configuration.BuildOperationScriptPlugin.lambda$apply$0(BuildOperationScriptPlugin.java:62)
at org.gradle.configuration.internal.DefaultUserCodeApplicationContext.apply(DefaultUserCodeApplicationContext.java:43)
at org.gradle.configuration.BuildOperationScriptPlugin.apply(BuildOperationScriptPlugin.java:62)
at org.gradle.initialization.ScriptEvaluatingSettingsProcessor.applySettingsScript(ScriptEvaluatingSettingsProcessor.java:74)
at org.gradle.initialization.ScriptEvaluatingSettingsProcessor.process(ScriptEvaluatingSettingsProcessor.java:67)
at org.gradle.initialization.SettingsEvaluatedCallbackFiringSettingsProcessor.process(SettingsEvaluatedCallbackFiringSettingsProcessor.java:34)
at org.gradle.initialization.RootBuildCacheControllerSettingsProcessor.process(RootBuildCacheControllerSettingsProcessor.java:47)
at org.gradle.initialization.BuildOperationSettingsProcessor$2.call(BuildOperationSettingsProcessor.java:50)
at org.gradle.initialization.BuildOperationSettingsProcessor$2.call(BuildOperationSettingsProcessor.java:47)
at org.gradle.internal.operations.DefaultBuildOperationRunner$CallableBuildOperationWorker.execute(DefaultBuildOperationRunner.java:200)
at org.gradle.internal.operations.DefaultBuildOperationRunner$CallableBuildOperationWorker.execute(DefaultBuildOperationRunner.java:195)
at org.gradle.internal.operations.DefaultBuildOperationRunner$3.execute(DefaultBuildOperationRunner.java:75)
at org.gradle.internal.operations.DefaultBuildOperationRunner$3.execute(DefaultBuildOperationRunner.java:68)
at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:153)
at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:68)
at org.gradle.internal.operations.DefaultBuildOperationRunner.call(DefaultBuildOperationRunner.java:62)
at org.gradle.internal.operations.DefaultBuildOperationExecutor.lambda$call$2(DefaultBuildOperationExecutor.java:76)
at org.gradle.internal.operations.UnmanagedBuildOperationWrapper.callWithUnmanagedSupport(UnmanagedBuildOperationWrapper.java:54)
at org.gradle.internal.operations.DefaultBuildOperationExecutor.call(DefaultBuildOperationExecutor.java:76)
at org.gradle.initialization.BuildOperationSettingsProcessor.process(BuildOperationSettingsProcessor.java:47)
at org.gradle.initialization.DefaultSettingsLoader.findSettingsAndLoadIfAppropriate(DefaultSettingsLoader.java:127)
at org.gradle.initialization.DefaultSettingsLoader.findAndLoadSettings(DefaultSettingsLoader.java:65)
at org.gradle.initialization.SettingsAttachingSettingsLoader.findAndLoadSettings(SettingsAttachingSettingsLoader.java:35)
at org.gradle.internal.composite.CommandLineIncludedBuildSettingsLoader.findAndLoadSettings(CommandLineIncludedBuildSettingsLoader.java:34)
at org.gradle.internal.composite.ChildBuildRegisteringSettingsLoader.findAndLoadSettings(ChildBuildRegisteringSettingsLoader.java:53)
at org.gradle.internal.composite.CompositeBuildSettingsLoader.findAndLoadSettings(CompositeBuildSettingsLoader.java:35)
at org.gradle.initialization.DefaultSettingsPreparer.prepareSettings(DefaultSettingsPreparer.java:36)
at org.gradle.initialization.BuildOperationFiringSettingsPreparer$LoadBuild.doLoadBuild(BuildOperationFiringSettingsPreparer.java:62)
at org.gradle.initialization.BuildOperationFiringSettingsPreparer$LoadBuild.run(BuildOperationFiringSettingsPreparer.java:57)
at org.gradle.internal.operations.DefaultBuildOperationRunner$1.execute(DefaultBuildOperationRunner.java:29)
at org.gradle.internal.operations.DefaultBuildOperationRunner$1.execute(DefaultBuildOperationRunner.java:26)
at org.gradle.internal.operations.DefaultBuildOperationRunner$3.execute(DefaultBuildOperationRunner.java:75)
at org.gradle.internal.operations.DefaultBuildOperationRunner$3.execute(DefaultBuildOperationRunner.java:68)
at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:153)
at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:68)
at org.gradle.internal.operations.DefaultBuildOperationRunner.run(DefaultBuildOperationRunner.java:56)
at org.gradle.internal.operations.DefaultBuildOperationExecutor.lambda$run$1(DefaultBuildOperationExecutor.java:71)
at org.gradle.internal.operations.UnmanagedBuildOperationWrapper.runWithUnmanagedSupport(UnmanagedBuildOperationWrapper.java:45)
at org.gradle.internal.operations.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:71)
at org.gradle.initialization.BuildOperationFiringSettingsPreparer.prepareSettings(BuildOperationFiringSettingsPreparer.java:45)
at org.gradle.initialization.DefaultGradleLauncher.prepareSettings(DefaultGradleLauncher.java:218)
at org.gradle.initialization.DefaultGradleLauncher.doClassicBuildStages(DefaultGradleLauncher.java:159)
at org.gradle.initialization.DefaultGradleLauncher.doBuildStages(DefaultGradleLauncher.java:148)
at org.gradle.initialization.DefaultGradleLauncher.executeTasks(DefaultGradleLauncher.java:124)
at org.gradle.internal.invocation.GradleBuildController$1.create(GradleBuildController.java:72)
at org.gradle.internal.invocation.GradleBuildController$1.create(GradleBuildController.java:67)
at org.gradle.internal.work.DefaultWorkerLeaseService.withLocks(DefaultWorkerLeaseService.java:213)
at org.gradle.internal.invocation.GradleBuildController.doBuild(GradleBuildController.java:67)
at org.gradle.internal.invocation.GradleBuildController.run(GradleBuildController.java:56)
at org.gradle.tooling.internal.provider.runner.AbstractClientProvidedBuildActionRunner.runClientAction(AbstractClientProvidedBuildActionRunner.java:53)
at org.gradle.tooling.internal.provider.runner.ClientProvidedPhasedActionRunner.run(ClientProvidedPhasedActionRunner.java:47)
at org.gradle.launcher.exec.ChainingBuildActionRunner.run(ChainingBuildActionRunner.java:35)
at org.gradle.launcher.exec.ChainingBuildActionRunner.run(ChainingBuildActionRunner.java:35)
at org.gradle.launcher.exec.BuildOutcomeReportingBuildActionRunner.run(BuildOutcomeReportingBuildActionRunner.java:63)
at org.gradle.tooling.internal.provider.ValidatingBuildActionRunner.run(ValidatingBuildActionRunner.java:32)
at org.gradle.tooling.internal.provider.FileSystemWatchingBuildActionRunner.run(FileSystemWatchingBuildActionRunner.java:77)
at org.gradle.launcher.exec.BuildCompletionNotifyingBuildActionRunner.run(BuildCompletionNotifyingBuildActionRunner.java:41)
at org.gradle.launcher.exec.RunAsBuildOperationBuildActionRunner$3.call(RunAsBuildOperationBuildActionRunner.java:49)
at org.gradle.launcher.exec.RunAsBuildOperationBuildActionRunner$3.call(RunAsBuildOperationBuildActionRunner.java:44)
at org.gradle.internal.operations.DefaultBuildOperationRunner$CallableBuildOperationWorker.execute(DefaultBuildOperationRunner.java:200)
at org.gradle.internal.operations.DefaultBuildOperationRunner$CallableBuildOperationWorker.execute(DefaultBuildOperationRunner.java:195)
at org.gradle.internal.operations.DefaultBuildOperationRunner$3.execute(DefaultBuildOperationRunner.java:75)
at org.gradle.internal.operations.DefaultBuildOperationRunner$3.execute(DefaultBuildOperationRunner.java:68)
at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:153)
at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:68)
at org.gradle.internal.operations.DefaultBuildOperationRunner.call(DefaultBuildOperationRunner.java:62)
at org.gradle.internal.operations.DefaultBuildOperationExecutor.lambda$call$2(DefaultBuildOperationExecutor.java:76)
at org.gradle.internal.operations.UnmanagedBuildOperationWrapper.callWithUnmanagedSupport(UnmanagedBuildOperationWrapper.java:54)
at org.gradle.internal.operations.DefaultBuildOperationExecutor.call(DefaultBuildOperationExecutor.java:76)
at org.gradle.launcher.exec.RunAsBuildOperationBuildActionRunner.run(RunAsBuildOperationBuildActionRunner.java:44)
at org.gradle.launcher.exec.InProcessBuildActionExecuter.lambda$execute$0(InProcessBuildActionExecuter.java:59)
at org.gradle.composite.internal.DefaultRootBuildState.run(DefaultRootBuildState.java:86)
at org.gradle.launcher.exec.InProcessBuildActionExecuter.execute(InProcessBuildActionExecuter.java:58)
at org.gradle.launcher.exec.InProcessBuildActionExecuter.execute(InProcessBuildActionExecuter.java:30)
at org.gradle.launcher.exec.BuildTreeScopeLifecycleBuildActionExecuter.lambda$execute$0(BuildTreeScopeLifecycleBuildActionExecuter.java:33)
at org.gradle.internal.buildtree.BuildTreeState.run(BuildTreeState.java:53)
at org.gradle.launcher.exec.BuildTreeScopeLifecycleBuildActionExecuter.execute(BuildTreeScopeLifecycleBuildActionExecuter.java:32)
at org.gradle.launcher.exec.BuildTreeScopeLifecycleBuildActionExecuter.execute(BuildTreeScopeLifecycleBuildActionExecuter.java:27)
at org.gradle.tooling.internal.provider.ContinuousBuildActionExecuter.execute(ContinuousBuildActionExecuter.java:104)
at org.gradle.tooling.internal.provider.ContinuousBuildActionExecuter.execute(ContinuousBuildActionExecuter.java:55)
at org.gradle.tooling.internal.provider.SubscribableBuildActionExecuter.execute(SubscribableBuildActionExecuter.java:64)
at org.gradle.tooling.internal.provider.SubscribableBuildActionExecuter.execute(SubscribableBuildActionExecuter.java:37)
at org.gradle.tooling.internal.provider.SessionScopeLifecycleBuildActionExecuter.lambda$execute$0(SessionScopeLifecycleBuildActionExecuter.java:54)
at org.gradle.internal.session.BuildSessionState.run(BuildSessionState.java:67)
at org.gradle.tooling.internal.provider.SessionScopeLifecycleBuildActionExecuter.execute(SessionScopeLifecycleBuildActionExecuter.java:50)
at org.gradle.tooling.internal.provider.SessionScopeLifecycleBuildActionExecuter.execute(SessionScopeLifecycleBuildActionExecuter.java:36)
at org.gradle.tooling.internal.provider.GradleThreadBuildActionExecuter.execute(GradleThreadBuildActionExecuter.java:36)
at org.gradle.tooling.internal.provider.GradleThreadBuildActionExecuter.execute(GradleThreadBuildActionExecuter.java:25)
at org.gradle.tooling.internal.provider.StartParamsValidatingActionExecuter.execute(StartParamsValidatingActionExecuter.java:59)
at org.gradle.tooling.internal.provider.StartParamsValidatingActionExecuter.execute(StartParamsValidatingActionExecuter.java:31)
at org.gradle.tooling.internal.provider.SessionFailureReportingActionExecuter.execute(SessionFailureReportingActionExecuter.java:55)
at org.gradle.tooling.internal.provider.SessionFailureReportingActionExecuter.execute(SessionFailureReportingActionExecuter.java:41)
at org.gradle.tooling.internal.provider.SetupLoggingActionExecuter.execute(SetupLoggingActionExecuter.java:47)
at org.gradle.tooling.internal.provider.SetupLoggingActionExecuter.execute(SetupLoggingActionExecuter.java:31)
at org.gradle.launcher.daemon.server.exec.ExecuteBuild.doBuild(ExecuteBuild.java:65)
at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:37)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
at org.gradle.launcher.daemon.server.exec.WatchForDisconnection.execute(WatchForDisconnection.java:39)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
at org.gradle.launcher.daemon.server.exec.ResetDeprecationLogger.execute(ResetDeprecationLogger.java:29)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
at org.gradle.launcher.daemon.server.exec.RequestStopIfSingleUsedDaemon.execute(RequestStopIfSingleUsedDaemon.java:35)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
at org.gradle.launcher.daemon.server.exec.ForwardClientInput$2.create(ForwardClientInput.java:78)
at org.gradle.launcher.daemon.server.exec.ForwardClientInput$2.create(ForwardClientInput.java:75)
at org.gradle.util.Swapper.swap(Swapper.java:38)
at org.gradle.launcher.daemon.server.exec.ForwardClientInput.execute(ForwardClientInput.java:75)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
at org.gradle.launcher.daemon.server.exec.LogAndCheckHealth.execute(LogAndCheckHealth.java:55)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
at org.gradle.launcher.daemon.server.exec.LogToClient.doBuild(LogToClient.java:63)
at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:37)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
at org.gradle.launcher.daemon.server.exec.EstablishBuildEnvironment.doBuild(EstablishBuildEnvironment.java:84)
at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:37)
at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
at org.gradle.launcher.daemon.server.exec.StartBuildOrRespondWithBusy$1.run(StartBuildOrRespondWithBusy.java:52)
at org.gradle.launcher.daemon.server.DaemonStateCoordinator$1.run(DaemonStateCoordinator.java:297)
at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:64)
at org.gradle.internal.concurrent.ManagedExecutorImpl$1.run(ManagedExecutorImpl.java:48)
at org.gradle.internal.concurrent.ThreadFactoryImpl$ManagedThreadRunnable.run(ThreadFactoryImpl.java:56)
Caused by: org.gradle.api.resources.MissingResourceException: Could not read script 'C:\Users\arpit\Downloads\OpenVerify-main\OpenVerify-main\node_modules\@react-native-community\cli-platform-android\native_modules.gradle' as it does not exist.
at org.gradle.internal.resource.UriTextResource.getText(UriTextResource.java:147)
at org.gradle.internal.resource.CachingTextResource.maybeFetch(CachingTextResource.java:112)
at org.gradle.internal.resource.CachingTextResource.getContentHash(CachingTextResource.java:100)
at org.gradle.groovy.scripts.internal.CrossBuildInMemoryCachingScriptClassCache.getOrCompile(CrossBuildInMemoryCachingScriptClassCache.java:43)
at org.gradle.groovy.scripts.internal.BuildScopeInMemoryCachingScriptClassCompiler.compile(BuildScopeInMemoryCachingScriptClassCompiler.java:50)
at org.gradle.groovy.scripts.DefaultScriptCompilerFactory$ScriptCompilerImpl.compile(DefaultScriptCompilerFactory.java:49)
at org.gradle.configuration.DefaultScriptPluginFactory$ScriptPluginImpl.apply(DefaultScriptPluginFactory.java:110)
at org.gradle.configuration.BuildOperationScriptPlugin$1.run(BuildOperationScriptPlugin.java:65)
at org.gradle.internal.operations.DefaultBuildOperationRunner$1.execute(DefaultBuildOperationRunner.java:29)
at org.gradle.internal.operations.DefaultBuildOperationRunner$1.execute(DefaultBuildOperationRunner.java:26)
at org.gradle.internal.operations.DefaultBuildOperationRunner$3.execute(DefaultBuildOperationRunner.java:75)
at org.gradle.internal.operations.DefaultBuildOperationRunner$3.execute(DefaultBuildOperationRunner.java:68)
at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:153)
at org.gradle.internal.operations.DefaultBuildOperationRunner.execute(DefaultBuildOperationRunner.java:68)
at org.gradle.internal.operations.DefaultBuildOperationRunner.run(DefaultBuildOperationRunner.java:56)
at org.gradle.internal.operations.DefaultBuildOperationExecutor.lambda$run$1(DefaultBuildOperationExecutor.java:71)
at org.gradle.internal.operations.UnmanagedBuildOperationWrapper.runWithUnmanagedSupport(UnmanagedBuildOperationWrapper.java:45)
at org.gradle.internal.operations.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:71)
at org.gradle.configuration.BuildOperationScriptPlugin.lambda$apply$0(BuildOperationScriptPlugin.java:62)
at org.gradle.configuration.internal.DefaultUserCodeApplicationContext.apply(DefaultUserCodeApplicationContext.java:43)
at org.gradle.configuration.BuildOperationScriptPlugin.apply(BuildOperationScriptPlugin.java:62)
at org.gradle.api.internal.plugins.DefaultObjectConfigurationAction.applyScript(DefaultObjectConfigurationAction.java:149)
at org.gradle.api.internal.plugins.DefaultObjectConfigurationAction.access$000(DefaultObjectConfigurationAction.java:42)
at org.gradle.api.internal.plugins.DefaultObjectConfigurationAction$1.run(DefaultObjectConfigurationAction.java:75)
at org.gradle.api.internal.plugins.DefaultObjectConfigurationAction.execute(DefaultObjectConfigurationAction.java:183)
at org.gradle.groovy.scripts.DefaultScript.apply(DefaultScript.java:128)
at org.gradle.api.Script$apply.callCurrent(Unknown Source)
at settings_7fnmuphhkv5k9p4lmem9xf2k3.run(C:\Users\arpit\Downloads\OpenVerify-main\OpenVerify-main\android\settings.gradle:2)
at org.gradle.groovy.scripts.internal.DefaultScriptRunnerFactory$ScriptRunnerImpl.run(DefaultScriptRunnerFactory.java:91)
... 135 more
Ontario Health name data error and Apple Wallet name display error
Sometime roughly after April 2021 the Ontario COVID-19 Proof of Vaccination data developed an error:
for some people, it has name as Firstname Middlename MIDDLENAME Lastname.
That is, it has added a second middlename in uppercase after the second.
If I were James Tiberius Kirk, the vaccine certificate would now show James Tiberius TIBERIUS Kirk.
It should be easy to do a database search to find these errors.
--
When the Verify Ontario app scans the QR code, it shows Firstname Middlename MIDDLENAME Lastname,
so clearly the name data error is reproduced within the QR. (It's still a valid record, it shows a green Verified screen.)
--
Separately, Apple Wallet vaccination QR code display seems to be confused by middle names.
In iOS 15.1 it looks like it shows name as Firstname Middlename (or in my case Firstname Middlename MIDDLENAME), rather than Firstname Lastname.
I thought this might just be me, but I checked a friend's phone and he has the same Middlename MIDDLENAME display issue in Apple Wallet.
--
I know this may be out of scope but this seems a reasonable place to report it.
Security concern
Displaying the verifiee’s name and d.o.b. on the verifier’s device poses a basic privacy breach risk. Name and birth is nontrivial personal data.
Verifier’s device is effectively any reasonably up to date iOS or android device. Screen capture and remote malware loggers can scrape user info.
App Extremely Slow on CAT Android Phones
Hi there
We recently purchased some CAT branded Android phones.
The app takes a considerably long time to load (over 20 seconds on the launch screen) and scanning takes almost 10 seconds compared to the iOS version. Other apps on the phone are not slow at all.
Is there any information I can collect (logs, etc) on why it would be so slow? This is Android 10 and I am attempting to upgrade to 11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.