Chrome Beta for Android Update

Hi everyone! We've just released Chrome Beta 74 (74.0.3729.25) for Android: it's now available on Google Play.

You can see a partial list of the changes in the Git log. For details on new features, check out the Chromium blog, and for details on web platform updates, check here.

If you find a new issue, please let us know by filing a bug.

Krishna Govind
Google Chrome

The latest Android App Bundle updates including the additional languages API

Posted by Wojtek Kaliciński, Developer Advocate, Android

Last year, we launched Android App Bundles and Google Play's Dynamic Delivery to introduce modular development, reduce app size and streamline the release process. Since then, we've seen developers quickly adopt this new app model in over 60,000 production apps. We've been excited to see developers experience significant app size savings and reductions in the time needed to manage each release, and have documented these benefits in case studies with Duolingo and redBus.

Thank you to everyone who took the time to give us feedback on our initial launch. We're always open to new ideas, and today, we're happy to announce some new improvements based on your suggestions:

  • A new additional languages install API, which supports in-app language pickers
  • A streamlined publishing process for instant-enabled app bundles
  • A new enrollment option for app signing by Google Play
  • The ability to permanently uninstall dynamic feature modules that are included in your app's initial install


Additional languages API

When you adopt the Android App Bundle as the publishing format for your app, Google Play is able to optimize the installation by delivering only the language resources that match the device's system locales. If a user changes the system locale after the app is installed, Play automatically downloads the required resources.

Some developers choose to decouple the app's display language from the system locale by adding an in-app language switcher. With the latest release of the Play Core library (version 1.4.0), we're introducing a new additional languages API that makes it possible to build in-app language pickers while retaining the full benefits of smaller installs provided by using app bundles.

With the additional languages API, apps can now request the Play Store to install resources for a new language configuration on demand and immediately start using it.

Get a list of installed languages

The app can get a list of languages that are already installed using the SplitInstallManager#getInstalledLanguages() method.

val splitInstallManager = SplitInstallManagerFactory.create(context)
val langs: Set<String> = splitInstallManager.installedLanguages

Requesting additional languages

Requesting an additional language is similar to requesting an on demand module. You can do this by specifying a language in the request through SplitInstallRequest.Builder#addLanguage(java.util.Locale).

val installRequestBuilder = SplitInstallRequest.newBuilder()
installRequestBuilder.addLanguage(Locale.forLanguageTag("pl"))
splitInstallManager.startInstall(installRequestBuilder.build())

The app can also monitor install success with callbacks and monitor the download state with a listener, just like when requesting an on demand module.

Remember to handle the SplitInstallSessionStatus.REQUIRES_USER_CONFIRMATION state. Please note that there was an API change in a recent Play Core release, which means you should use the new SplitInstallManager#startConfirmationDialogForResult() together with Activity#onActivityResult(). The previous method of using SplitInstallSessionState#resolutionIntent() with startIntentSender() has been deprecated.

Check out the updated Play Core Library documentation for more information on how to access the newly installed language resources in your activity.

We've also updated our dynamic features sample on GitHub with the additional languages API, including how to store the user's language preference and apply it to your activities at startup.

Please note that while the additional languages API is now available to all developers, on demand modules are in a closed beta for the time being. You can experiment with on demand modules in your internal, open, and closed test tracks, while we work with our partners to make sure this feature is ready for production apps.

Instant-enabled App Bundle

In Android Studio 3.3, we introduced a way to build app bundles that contain both the regular, installed version of your app as well as a Google Play Instant experience for modules marked with the dist:instant="true" attribute in their AndroidManifest.xml:

<manifest ... xmlns:dist="http://schemas.android.com/apk/distribution">
    <dist:module dist:instant="true" />
    ...
</manifest>

Even though you could use a single project to generate the installed and instant versions of your app, up until now, developers were still required to use product flavors in order to build two separate app bundles and upload both to Play.

We're happy to announce that we have now removed this restriction. It's now possible to upload a single, unified app bundle artifact, containing modules enabled for the instant experience. This functionality is now available for everyone.

After you build an instant-enabled app bundle, upload it to any track on the Play Console, and you'll be able to select it when creating a new instant app release. This also means that the installed and instant versions of your app no longer need different version codes, which will simplify the release workflow.

Opt in to app signing by Google Play

You need to enable app signing by Google Play to publish your app using an Android App Bundle and automatically benefit from Dynamic Delivery optimizations. It is also a more secure way to manage your signing key, which we recommend to everyone, even if you want to keep publishing regular APKs for now.

Based on your feedback, we've revamped the sign-up flow for new apps to make it easier to initialize the key you want to use for signing your app.

Now developers can explicitly choose to upload their existing key without needing to upload a self-signed artifact first. You can also choose to start with a key generated by Google Play, so that the key used to locally sign your app bundle can become your upload key.

Read more about the new flow.

Permanent uninstallation of install time modules

We have now added the ability to permanently uninstall dynamic feature modules that are included in your app's initial install.

This is a behavior change, which means you can now call the existing SplitInstallManager#deferredUninstall() API on modules that set onDemand="false". The module will be permanently uninstalled, even when the app is updated.

This opens up new possibilities for developers to further reduce the installed app size. For example, you can now uninstall a heavy sign-up module or any other onboarding content once the user completes it. If the user navigates to a section of your app that has been uninstalled, you can reinstall it using the standard on demand modules install API.

We hope you enjoy these improvements and test them out in your apps. Continue to share your feedback as we work to make these features even more useful for you!

How useful did you find this blog post?

New Hangouts Meet peripheral issue alerts and improved connectivity alerts

What’s changing

To provide admins better tools to improve the overall performance of their Hangouts Meet devices, we’ve introduced a new set of actionable alerts when issues with peripherals are detected. We’ve also made the alerts for detected connectivity/network issues actionable with richer information and direct access to the device information page. New information in the alerts include:


  • Device name
  • Location
  • Alert id (identical for open and close alerts)
  • Issue type (Connectivity or Peripheral)
  • Issue (Offline, Missing microphone, Missing camera, etc)
  • Issue opened timestamp
  • Issue closed timestamp (if closed)
  • Asset location (from the assigned calendar)
  • Annotated location (if set for the device)
  • Asset id (if set for the device)
  • Serial number
  • Direct link to the device page in Google Admin console


Example alerts — email
Open alert



Close alert



Example alert — text message
Open alert


For text message, alerting is only sent out when an issue is detected, not on close.

Who’s impacted

Admins only

Why you’d use it

The improved alerts provide additional information to help admins proactively manage their network and devices for improved availability and end-user experience.

How to get started


  • Admins: To enable the Hangouts Meet hardware alerts:
  1. In the Admin console, go to Devices > Google meeting room hardware > Settings and policies
  2. Select the organization for which you want to change the settings for alerts
  3. Enter contact details — email(s) and/or mobile phone number(s)
  4. Select delivery methods for connectivity status alerts and peripheral alerts: Click Save to apply the settings
  • End users: No action required

Additional information

Both alert types are optional and delivery can be enabled individually by email and/or text message (SMS) (US/Canada numbers only). The email format is intended for easy integration with automated ticketing systems.

Helpful links



Availability


G Suite editions

  • Available to all G Suite Editions.

On/off by default?

  • This feature will be OFF by default.

Stay up to date with G Suite launches

This year in Search Spam – Webspam report 2018

Google aims to provide the highest quality results for any search. As part of this, we take action to prevent what we call “webspam” from degrading the search experience, content and behaviors that violate our webmaster guidelines. Our efforts help ensure that well under 1 percent of results visited by users are for spammy pages. Here’s more about how we fought webspam in 2018.



Google webspam trends and how we fought webspam in 2018



Of the types of spam we fought in 2018, three continue to stand out:


Spam on hacked websites: We reported in 2017 that we had seen a substantial reduction of spam from hacked websites in search results. This trend continued in 2018, with faster discovery of hacked web pages before they affect search results or put someone in harm’s way.   While we reduced how spam on hacked sites affects search, hacked websites remain a major security problem affecting the safety of the web. Even though we can’t prevent a website hack from happening, we’re committed to helping webmasters whose websites have been compromised by offering resources to help them recover from a hacked website. 


User-generated spam: A particular type of spam known as User-generated spam has been a continued focus for us. User-generated spam includes spammy posts on forums, as well as spammy accounts on free blogs and platforms, none of which are meant to be consumed by human beings, and all of which disrupt conversations while adding no value to users. In 2018, we were able to reduce the impact on search users from this type of spam by more than 80%. While we can’t prevent websites from being exploited, we do want to make it easier for website owners to learn how to protect themselves, which is why we provide resources on how to prevent abuse of your site’s public areas.


Link spam: We continued to protect the value of authoritative and relevant links as an important ranking signal for Search. We continued to deal swiftly with egregious link spam, and made a number of bad linking practices less effective for manipulating ranking. Above all, we continued to engage with webmasters and SEOs to chip away at the many myths that have emerged over the years relating to linking practices. We continued to remind website owners that if you simply stay away from building links mainly as an attempt to rank better and focus on creating great content, you should not have to worry about any of the myths or realities. We think that one of the best ways of fighting spam of all types is by encouraging website owners to just create great quality content. Resources such as the SEO starter-guide highlight best practices and bust some common myths and misconceptions related to what it takes to appear well in Google Search results. Reporting link spam is also a great way to assist us in fighting against this type of abuse and to help preserve fairness in Search ranking.



Working with users, webmasters and developers for a better web

Everyday users continue to help us find spam, malware and other issues in Search that escape our filters and processes by reporting spam on search, reporting phishing or  reporting malware. We received over 180,000 search spam user reports and we were able to take action on 64% of the reports we processed. These reports truly make a difference and we’d like to thank all of you who submitted them. 


We think it’s important to let website owners known when we detect something wrong with their website. In 2018, we generated over 186 million messages to website owners calling out potential improvements, issues and problems that could affect their site’s appearance on Search results. We can only deliver these notifications to site owners that verified their sites in Search Console, and we successfully delivered 96 million of those messages. The rest of the messages will be kept linked with the website for as long as they are relevant, so they can be seen when a webmaster successfully registers their site in Search Console. The majority of these messages were welcoming new users to Search Console, and the second largest group was informing registered Search Console users when Mobile-First Indexing became available. Of all messages, slightly over 2%—about 4 million—were related to manual actions resulting from violations of our Webmaster Guidelines. 


High quality content keeps spam off of search results, and we continued to improve the tools and reports we offer for webmasters that create that content. The Google Search Console was completely rebuilt from the ground up to provide both new and improved reports (Performance, Index Coverage, Links, Mobile Usability report), as well as brand new features (URL Inspection Tool and Site and User management). This improved Search Console graduated out of beta in 2018 and is now available generally to all registered website owners.


We didn’t forget the front-end developers who make the modern web work, and focused on helping them make their sites great for users and also search-friendly regardless of whether they are on a CMS, roll their own CSS and JS, or build on top of a web framework. With the new SEO audit capability in Lighthouse, the open-source and automated auditing tool for improving the quality of web pages, developers and webmasters can now run actionable SEO health-checks on their pages and quickly identify areas for improvement.


We also engage directly with website owners to provide help with thorny issues. Our dedicated team members meet with webmasters around the world regularly, both online and in-person. We delivered more than 190 online office hours, online events and offline events in more than 76 cities, to audiences totaling over 170,000 including SEOs, developers and online marketers. We hosted four search events in Tokyo, Singapore, Zurich and Osaka as well as an 11-city Search Conference in India. In 2018, we started live office hours in Spanish on top of English, French, German, Hindi and Japanese, where Webmasters can find help, tips and useful discussion on our Google Webmaster YouTube channel. Product experts continued to help webmasters find solutions through our official support forums in over a dozen languages. 


We look forward to continuing our work to deliver a spam-free Search experience to all in 2019!


Posted by Juan Felipe Rincón, Webmaster Outreach, Dublin

Dev Channel Update for Chrome OS

The Dev channel has been updated to 74.0.3729.0 (Platform version: 11895.21.0) for most Chrome OS devices. This build contains a number of bug fixes, security updates and feature enhancements. A list of changes can be found here.


If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using ‘Report an issue...’ in the Chrome menu (3 vertical dots in the upper right corner of the browser).

Daniel Gagnon
Google Chrome

Managed Google Play earns key certifications for security and privacy


Posted by Mike Burr, Android Enterprise Platform Specialist

[Cross-posted from the Android Enterprise Keyword Blog]



With managed Google Play, organizations can build a customized and secure mobile application storefront for their teams, featuring public and private applications. Organizations' employees can take advantage of the familiarity of a mobile app store to browse and download company-approved apps.
As with any enterprise-grade platform, it's critical that the managed Google Play Store operates with the highest standards of privacy and security. Managed Google Play has been awarded three important industry designations that are marks of meeting the strict requirements for information security management practices.
Granted by the International Organization for Standardization, achieving ISO 27001 certification demonstrates that a company meets stringent privacy and security standards when operating an Information Security Management System (ISMS). Additionally, managed Google Play received SOC 2 and 3 reports, which are benchmarks of strict data management and privacy controls. These designations and auditing procedures are developed by the American Institute of Certified Public Accountants (AICPA).
Meeting a high bar of security management standards
To earn the ISO 27001 certification, auditors from Ernst and Young performed a thorough audit of managed Google Play based on established privacy principles. The entire methodology of documentation and procedures for managing other companies' data are reviewed during an audit, and must be made available for regular compliance review. Companies that use managed Google Play are assured their data is managed in compliance with this industry standard. Additionally, ISO 27001 certification is in line with GDPR compliance.
Secure data management
With SOC 2 and SOC 3 reports, the focus is on controls relevant to data security, availability, processing integrity, confidentiality and privacy, which are verified through auditing reports. In managed Google Play, the data and private applications that enter Google's systems are administered according to strict protocols, including determinations for who can view them and under what conditions. Enterprises require and receive the assurance that their information is handled with the utmost confidentiality and that the integrity of their data is preserved. For many companies, the presence of an SOC 2 and 3 report is a requirement when selecting a specific service. These reports prove that a service company has met and is abiding by best practices set forth by AICPA to ensure data security.
Our ongoing commitment to enterprise security
With managed Google Play, companies' private apps for internal use are protected with a set of verified information security management processes and policies to ensure intellectual property is secure. This framework includes managed Google Play accounts that are used by enterprise mobility management (EMM) partners to manage devices.
Our commitment is that Android will continue to be a leader in enterprise security. As your team works across devices and shares mission-critical data through applications hosted in managed Google Play, you have the assurance of a commitment to providing your enterprise the highest standards of security and privacy.

Build your next iOS and Android app with Flutter

Mobile development is full of compromises. When you’re building a new app, you’re often forced into a difficult choice: do you build the same app twice—once for iOS, once for Android—so that you have a high quality experience for both platforms? Or do you create one app from a shared codebase that works across both platforms, but doesn't have the performance or user experience you were hoping for? Flutter offers a third way: enabling high-quality user experiences with excellent performance, along with letting you express your designers’ intent and share a common codebase.

Whether you're an entrepreneur with a new app idea, a developer who’s frustrated by the edit-compile-debug cycle of building an app, or a designer who wants to be able to iterate on new design concepts, here are a few reasons why you should consider creating your next app with Flutter.

Beautifully-designed apps on each platform

Creating app designs can involve trade-offs between the creative intent of a designer and the reality of what actually goes into production. Mobile designers and developers often work in different worlds, separated by a hard boundary between the different tools that they use and challenges with iterating on a design during the development process. Sometimes the designer’s vision is compromised by limitations in the APIs or framework the developer uses; sometimes, visual polish gets deferred until “later” because of other development work (and “later” often means “never” in practice).

Two mobile phone screens showing the differences between what was designed, and what was sent into production.

With Flutter, you have control over every pixel on the screen from the beginning, including a full set of widgets that deliver pixel-perfect experiences on both iOS and Android. Designers are using Flutter to create attractive experiences like Reflectly, the number one journaling app on the Apple app store:

The user interface of Reflectly, a journaling app.

There are also some design tools made for Flutter—like 2Dimensions Flare, which you can use to build animations and incorporate them into any app with a single line of code. Here’s an example of a custom animation built with Flare that interactively follows your typing at login:

A mobile log-in screen displaying a bear who follows your cursor as it moves across the screen.

You can find more details about this example here.

And Supernova, a design-to-code tool, recently announced support for exporting Sketch designs directly to Flutter, allowing users of this popular design and wire-framing tool to turn their ideas directly into code.

Fast apps on each platform

Rather than introducing a layer of abstraction between your code and the underlying operating system, Flutter apps are native apps—meaning they compile directly to both iOS and Android devices.

Flutter’s programming language, Dart, is designed around the needs of apps that are created for global audiences. It’s easy to learn, contains a comprehensive set of libraries and packages that reduce the amount of code you have to write and is built for developer performance. When you’re ready to release your app, you can compile your code directly to the ARM machine code of your phone—meaning what you write is exactly what appears on the device—so you can harness the full power of your phone, rather than using a language like JavaScript that needs a separate engine to run.

A side-by-side comparison of two mobile screens showing Flutter rendering animations on the phone in real-time.

Flutter rendering animations on the phone in real-time.

Flutter isn’t a games engine, but it brings games-level performance to your application. Every pixel in Flutter is drawn with the Skia graphics engine: the same hardware-accelerated engine that powers Android and Chrome. This combination enables fast, glitch-free performance for apps—meaning that apps can operate on a phone's screen at 60 frames per second—which will never feel sluggish, even on a slower device.

Productive app creation on each platform

If you’re a mobile app developer, you might feel like you spend more time waiting than coding. When you make a change to your code, you have to recompile it, deploy it to a mobile phone and then bring the app back into the same state it was in before you made the change to see the results. By contrast, Flutter introduces a new capability called Stateful Hot Reload, which transforms this development cycle, letting you implement changes in milliseconds—not minutes. Stateful Hot Reload also allows better collaboration between developers and designers when they want to improve the app design and immediately see the effects.

Two side-by-side screens show how an app’s user interface and logic are updated in the app without the need for recompilation.

Changes to an app’s user interface and logic are updated in the app without the need for recompilation.

Teams using Stateful Hot Reload report major gains to their productivity when making apps. Combining the quick turnaround on changes with the ability to ship for both iOS and Android, we’ve seen apps from brands like Abbey Road Studios, Hamilton and Reflectly go from writing their first line of code to a published app in just weeks.

Get started today

We just launched version 1.2 of Flutter at Mobile World Congress 2019. We encourage you to try Flutter by visiting flutter.dev. You’ll find all the resources you need to get started including videos, codelabs, case studies, documentation and community links.

Managed Google Play earns key certifications for security and privacy

With managed Google Play, organizations can build a customized and secure mobile application storefront for their teams, featuring public and private applications. Organizations’ employees can take advantage of the familiarity of a mobile app store to browse and download company-approved apps.

As with any enterprise-grade platform, it’s critical that the managed Google Play Store operates with the highest standards of privacy and security. Managed Google Play has been awarded three important industry designations that are marks of meeting the strict requirements for information security management practices.

Granted by the International Organization for Standardization, achieving ISO 27001 certification demonstrates that a company meets stringent privacy and security standards when operating an Information Security Management System (ISMS). Additionally, managed Google Play received SOC 2 and 3 reports, which are benchmarks of strict data management and privacy controls. These designations and auditing procedures are developed by the American Institute of Certified Public Accountants (AICPA).

Meeting a high bar of security management standards

To earn the ISO 27001 certification, auditors from Ernst & Young performed a thorough audit of managed Google Play based on established privacy principles. The entire methodology of documentation and procedures for managing other companies’ data are reviewed during an audit, and must be made available for regular compliance review. Companies that use managed Google Play are assured their data is managed in compliance with this industry standard. Additionally, ISO 27001 certification is in line with GDPR compliance.

Secure data management

With SOC 2 and SOC 3 reports, the focus is on controls relevant to data security, availability, processing integrity, confidentiality and privacy, which are verified through auditing reports. In managed Google Play, the data and private applications that enter Google’s systems are administered according to strict protocols, including determinations for who can view them and under what conditions. Enterprises require and receive the assurance that their information is handled with the utmost confidentiality and that the integrity of their data is preserved. For many companies, the presence of an SOC 2 and 3 report is a requirement when selecting a specific service. These reports prove that a service company has met and is abiding by best practices set forth by AICPA to ensure data security.

Our ongoing commitment to enterprise security

With managed Google Play, companies’ private apps for internal use are protected with a set of verified information security management processes and policies to ensure intellectual property is secure. This framework includes managed Google Play accounts that are used by enterprise mobility management (EMM) partners to manage devices.

Our commitment is that Android will continue to be a leader in enterprise security. As your team works across devices and shares mission-critical data through applications hosted in managed Google Play, you have the assurance of a commitment to providing your enterprise the highest standards of security and privacy.

How El País used AI to make their comments section less toxic

At El País, our vision for the perfect comments section was a place where readers would provide input, insight and tips on an investigative story, add knowledge about niche topics, double check facts and elevate the conversation to a different level. While the internet has brought amazing benefits, it didn’t deliver the utopia we—and others—had hoped for within the comments section. Around 2015, trolls, toxic comments, spam, insults and even threats took over, causing publishers to re-evaluate investing in this section of the online paper. No one seemed able to fix this broken system and several several sites either limited the amount of articles opened to comment, or shut them down completely.

We also thought about closing down comments at El País, but ultimately let them be. That was until last year, when the Google News Initiative contacted us to talk about Perspective API,  a free tool developed by Jigsaw that uses a machine learning model trained by human-generated comments labeled as toxic by human moderators. At that point Perspective API was available in English, but the aim was to use the more than 300,000 comments our readers write every month to train the model in Spanish. Earlier this year, we  partnered with Jigsaw to analyze our vast trove of public comments to understand how to spot toxicity in Spanish. We worked closely with the Jigsaw team to test the models and provided feedback in order to improve overall accuracy of the tool.

Now, when someone tries to post a toxic comment on our site we’ll show them a message in real time suggesting they make changes or rewrite it so that it’ll pass our moderation system. Since we put this system in place, the average toxicity of the comments has gone down seven percent and the number of comments has gone up 19%—leading us to suspect that the comments section is a nicer place and one our readers want to engage in. We’ve also improved the moderation process by sending the more toxic comments to experienced moderators and the less toxic to the less experienced ones.

A message on El Pais' site popping up in response to a toxic comment.

When someone posts a comment that may be perceived as toxic on El País’ site, we show a message in real time suggesting they make changes or re-write it.

Additionally, we’re including the toxicity of the articles in our data warehouse (a system we use for data analysis).Alongside the sentiment of the articles, we can now check if certain authors are associated with toxic comments, if the sentiment of the articles influences toxicity, or if some commenters always have high toxicity across all their comments. With this data, we aim to improve the conversation by not running certain articles we know won’t generate positive comments, developing a new badges system, highlighting top comments of the week in new products like a newsletter and even having journalists engage in certain conversations to help raise the level of debate.

Perspective API has rekindled our faith in the comments section and demonstrated a real value to our publication and our readers. This initial Spanish version of Perspective is available to anyone today and will continue to be developed so that any Spanish publisher can use Perspective in Spanish, for free.


Structured Data Files v4.2 now available in the DoubleClick Bid Manager API

Today we're announcing the general availability of Structured Data Files (SDF) v4.2 in the DoubleClick Bid Manager API. Highlights of this release include:
  • Support for TrueView connected TV bid adjustments
  • Ability to inherit Insertion Order start and end dates at the Line Item level
  • Renaming changes to better align SDF with the Display & Video 360 UI
All SDF users are encouraged to begin requesting v4.2 files to take advantage of these new features. To do so, simply pass 4.2 as the value of version when calling Sdf.download. For users with workflows that are dependent on older SDF formats, details of the file format changes between versions can be found in the release notes.