mullvad · albin-mullvad · Feb 19, 2025 · Feb 19, 2025 · Feb 19, 2025 · Feb 19, 2025
diff --git a/.github/workflows/android-audit.yml b/.github/workflows/android-audit.yml
@@ -6,6 +6,11 @@ on:
       - .github/workflows/android-audit.yml
       - android/gradle/verification-metadata.xml
       - android/scripts/update-lockfile.sh
+      # libs.versions.toml and *.kts are necessary to ensure that the verification-metadata.xml is up-to-date
+      # with our dependency usage due to the dependency verification not working as expected when keys are
+      # specified for dependencies (DROID-1425).
+      - android/gradle/libs.versions.toml
+      - android/**/*.kts
   schedule:
     # At 06:20 UTC every day.
     # Notifications for scheduled workflows are sent to the user who last modified the cron

diff --git a/android/gradle/libs.versions.toml b/android/gradle/libs.versions.toml
@@ -41,7 +41,8 @@ koin = "4.0.2"
 koin-compose = "4.0.2"
 
 # Ktor
-ktor = "3.1.0"
+# Bumping to 3.1.0 causes an AbstractMethodError in the serialization logic (DROID-1820).
+ktor = "3.0.3"
 
 # Kotlin
 # Bump kotlin and kotlin-ksp together, find matching release here: