I honestly have no idea what is going on. Lots of broken things in what's supposed to be front products for Google and other "high name" brands. I don't get it: Where is everybody? Is there no one there? Are these companies really dead inside?
Everything I do for macOS/iOS is already without Xcode but it's a pain in the ass to keep up with changes, and there are things I haven't figured out yet (like AUv3).
Wow. Thanks for this update. It streamlined a lot of tasks.
Apart from this, next step will be to add suport for building android apps on the android phones itself. No desktop needed.Building on the laptop with agents and installing the build in the phone and testing doea not seem AI native. If everything can run on my android phone, development cycle will speed up.
you already could! just install Termux, npm install your favourite agent harness (pi for one has explicit Termux support, but its AGENTS.md works just fine with Claude Code for example - https://github.com/badlogic/pi-mono/blob/main/packages/codin...), and say you want an android app. It problem solves for a bit, then spits out an apk out to your Downloads folder.
Let me try this. Last year this was a dream. Can't belive we are so close to automate all of this.
My major issue last time was providing the feedback to the agent by running the apk on phone i.e, pass the debug log from the apk back to agent so it can iterate on it without me providing any input.
Also coding agents will happily compile android applications (of maximum complexity) via Github Actions where you can just pick them up with Obtainium. No PC needed
>Google collects usage data for the Android CLI, such as commands, sub-commands, and flags used. This data does not include custom parameters or identifiable information. This information helps improve the tool and is collected in accordance with Google's Privacy Policy.
> How would Google have enough data about a brand new product without collecting that data?
They wouldn't. But on the other hand, they probably have a large amount of in-house Android app developers on whom they can conduct such metrics collection. I wouldn't expect outsiders to have vastly different workflows, because when you get out of the happy path with Android all you get is pain.
You could export BASH_ENV to have Bash processes source a given file at startup.
Zsh has .zshenv, and Fish just has config.fish for everything with the ability to guard certain things within it to login only or non-interactive only.
This is a good step forward, but keep in mind the claimed gains are about "project and environment setup", not the tasks you deal with on a daily basis in an existing project.
Taking screenshots, optionally with component borders highlighted, and operating the UI with element names like "button1" instead of tap 200,30 looks useful. If I could get it to work.
Let's see if even mid/big companies with tons of resources, with AI and the right tooling will continue to write webview-apps or, even worse, use some kind of multi target wrapper.
This is great. We also need a tool to expose source jars to agents so they don’t need to compress. There’s a lot of Compose overloads that Claude just guesses at. I built something internally but it needs polish and Claude really struggled with the deep Gradle integration.
great! now let me know when your official app store transparently alerts users when an app they were using was sold to a third-party adtech surveillance company, please :)
You're forgetting the installation ("sideloading", what everyone else calls installation) restrictions they are about to deploy. It will be a significant hassle to install anything without Google's approval. Many F-droid apps are showing warning notices about this upcoming change.
Good, it shouldn't be two clicks for elderly people to install trojans on their phone that then drain their bank account. There should be some explicit confirmation that the user knows what they are doing and they are not being scammed. It is long overdue.
> Good, it shouldn't be two clicks for elderly people to install trojans on their phone that then drain their bank account.
And what makes you think that most scams involve fancy zero days/CVEs/hijacking the OS, and not simple social engineering?
You do not require a malicious apk to receive 2FA codes, or for the gullible user to read them aloud to the scammer. All phones come with an SMS and phone app.
You do not require a malicious apk to send transactions in banking apps (eg tricking people selling their product to send the money.)
You do not require a malicious apk to engage in a pig butchering scam, or to buy gift cards.
> There should be some explicit confirmation that the user knows what they are doing and they are not being scammed. It is long overdue.
I agree. Social engineering counters should have awareness raised by the governments. But blocking 3rd party apps for this is like using a cannon to shoot a mosquito. I'm not sure it makes the slightest of sense.
"This APK cannot be scanned and its safety cannot be verified. Learn more/go back" and "learn more" has a link that looks like nothing but is actually a button to actually install the app.
I can think of some easier things, for example popping up a dialog, pressing "install" and having my all actually be installed after that.
You're saying it should look like those damned browser certificate failure sites, with option to open the damn site hidden under button that looks like an unassuming link?
I expected something useful for application development. All it offers is some wrapper around the basic Android setup command that LLMs are already good at. What, initial empty project creation now takes 5 minutes instead of 10? Big deal, who cares?
I had another hope awakening that at least skills might be useful. But except for a few migration recipes, there's nothing of value for day to day Android development.
Facit: I'll skip installing another Google app whose only purpose is more spying on me and keep developing Android apps the way I already do.
this has been my sort of big tent alignment with AI people. If I'm getting good CLI tooling that _actually works_ (or fixes to existing ones that have been busted forever) then I'm pretty happy.
Things that make systems more understandable to the LLMs ... usually make things more understandable for humans as well. Usually.
The biggest issue I've found is that vibed up tooling tends to be pretty bad at having the right kind of "sense" for what makes good CLI UX. So you still have awkward argument structures or naming. Better than nothing though
It never made sense to me why cars and pedestrians need to share the same spaces. Why can't we have more efficient walking routes that are away from cars?
if you have roads shared with pedestrians and cars (and bikes!) you can build denser cities.
I lived real downtown in Tokyo and my street was like "1.5" lanes wide (if cars were coming in both directions one basically needs to pull over and stop). I could just walk in the middle of the street. There was no sidewalk. No street parking of course. Cars would drive down at 15km/h or whatever, and slow to a crawl if people were in the street.
Straight lines are efficient walking routes, and ... well... that might involve just crossing the street directly! Every layer of grade separation gets in the way of that.
End result of all of this is less pavement to maintain, slower drivers (-> safer!), good walking and cycling conditions, etc etc etc.
I've been thinking the same thing lately. It's sorta frustrating that it required bots to force tech companies to make clean simple cli driven development workflows.
It's wild that it took AI to get half the companies on the planet to actually add reasonably priced APIs to their products so I don't have to puppeteer every damn thing with a flakey harness.
> Agents will allow human programmers to get what they've been begging for decades now: proper requirements and flexible, logical, tooling.
...and once this goal is finally reached the programmer will breathe a sigh of relief and then promptly be fired since now the machine can do the job as well as they could.
> Just wait until there are entire classes of vulnerabilities related to LLM usage
This is a valid concern.
There are going to be a new class of vulnerabilities which an LLM is involved which are going to be discovered and it will make it possible to cause catastrophic damage to a company; very easily.
This won't be surprising since we have companies building casual remote code execution tools for "agents" waiting to be hijacked.
I understand that. What about that relates specifically to the Android CLI? That was rafram's question, and mine, and as far as I can tell still hasn't been answered.
I mean, I guess if you're going to say "don't use LLMs", then you also don't want to let agents use the Android CLI, but it seems like raising an awfully general concern in a discussion about a very specific article.
Not even close. Flutter has been engineered from the ground up with excellent tooling, unlike Android’s mess of organically evolved crap held together by a duct tape.
Because the real bottleneck is really the velocity of development, right next to keeping the codebase small - right guys?
`curl -fsSL https://dl.google.com/android/cli/latest/windows_x86_64/inst... | bash`
The URL shown for individual OSs work, but the script errors for me.
`curl.exe -fsSL https://dl.google.com/android/cli/latest/windows_x86_64/inst... -o "%TEMP%\i.cmd" && "%TEMP%\i.cmd"`
I manually downloaded the exe, but it say socket error. vibe coding is going strong!
<pre>
> android skills list
Picked up JAVA_TOOL_OPTIONS: -Djava.net.useSystemProxies=true
</pre>
Everything I do for macOS/iOS is already without Xcode but it's a pain in the ass to keep up with changes, and there are things I haven't figured out yet (like AUv3).
I haven't used an IDE since December.
Apart from this, next step will be to add suport for building android apps on the android phones itself. No desktop needed.Building on the laptop with agents and installing the build in the phone and testing doea not seem AI native. If everything can run on my android phone, development cycle will speed up.
My major issue last time was providing the feedback to the agent by running the apk on phone i.e, pass the debug log from the apk back to agent so it can iterate on it without me providing any input.
>https://policies.google.com/privacy
>Disable Android CLI metrics collection by using the --no-metrics flag.
No thanks, is there no env variable for this? Doesn't Google have enough data already?
How would Google have enough data about a brand new product without collecting that data?
They wouldn't. But on the other hand, they probably have a large amount of in-house Android app developers on whom they can conduct such metrics collection. I wouldn't expect outsiders to have vastly different workflows, because when you get out of the happy path with Android all you get is pain.
Zsh has .zshenv, and Fish just has config.fish for everything with the ability to guard certain things within it to login only or non-interactive only.
F you google. Me too. Why didn't we get a sane way to build android apps before you had to please chatbots?
Is there any step by step process or guidance on it?
There's a link to a repo or you can use the CLI tool to init the skills
And what makes you think that most scams involve fancy zero days/CVEs/hijacking the OS, and not simple social engineering?
You do not require a malicious apk to receive 2FA codes, or for the gullible user to read them aloud to the scammer. All phones come with an SMS and phone app.
You do not require a malicious apk to send transactions in banking apps (eg tricking people selling their product to send the money.)
You do not require a malicious apk to engage in a pig butchering scam, or to buy gift cards.
> There should be some explicit confirmation that the user knows what they are doing and they are not being scammed. It is long overdue.
I agree. Social engineering counters should have awareness raised by the governments. But blocking 3rd party apps for this is like using a cannon to shoot a mosquito. I'm not sure it makes the slightest of sense.
I can think of some easier things, for example popping up a dialog, pressing "install" and having my all actually be installed after that.
I expected something useful for application development. All it offers is some wrapper around the basic Android setup command that LLMs are already good at. What, initial empty project creation now takes 5 minutes instead of 10? Big deal, who cares?
I had another hope awakening that at least skills might be useful. But except for a few migration recipes, there's nothing of value for day to day Android development.
Facit: I'll skip installing another Google app whose only purpose is more spying on me and keep developing Android apps the way I already do.
TLDR: Nothing to see here. Move on.
Things that make systems more understandable to the LLMs ... usually make things more understandable for humans as well. Usually.
The biggest issue I've found is that vibed up tooling tends to be pretty bad at having the right kind of "sense" for what makes good CLI UX. So you still have awkward argument structures or naming. Better than nothing though
I lived real downtown in Tokyo and my street was like "1.5" lanes wide (if cars were coming in both directions one basically needs to pull over and stop). I could just walk in the middle of the street. There was no sidewalk. No street parking of course. Cars would drive down at 15km/h or whatever, and slow to a crawl if people were in the street.
Straight lines are efficient walking routes, and ... well... that might involve just crossing the street directly! Every layer of grade separation gets in the way of that.
End result of all of this is less pavement to maintain, slower drivers (-> safer!), good walking and cycling conditions, etc etc etc.
Hopefully when petrol hits $10 a gallon in the next few months more of the world will think about banning cars from high density areas.
What's that you say? Drivers are a major and rich political force and they will block such decisions?
The Programmers Brain book was my go to
http://www.robertames.com/blog.cgi/entries/the-unix-way-comm...
TLDR: standard list of long options <https://www.gnu.org/prep/standards/standards.html#Option-Tab...> and short options from -a to -z <http://www.catb.org/~esr/writings/taoup/html/ch10s05.html>.
...and once this goal is finally reached the programmer will breathe a sigh of relief and then promptly be fired since now the machine can do the job as well as they could.
> Just wait until there are entire classes of vulnerabilities related to LLM usage
This is a valid concern.
There are going to be a new class of vulnerabilities which an LLM is involved which are going to be discovered and it will make it possible to cause catastrophic damage to a company; very easily.
This won't be surprising since we have companies building casual remote code execution tools for "agents" waiting to be hijacked.
I mean, I guess if you're going to say "don't use LLMs", then you also don't want to let agents use the Android CLI, but it seems like raising an awfully general concern in a discussion about a very specific article.