What is ".lifecycle-trojan" in my AndroidManifest.xml

Question

I am using the implementation 'android.arch.lifecycle:extensions:1.1.1' in my project.

When I build the release or debug apk and open AndroidManifest.xml from within the apk,

I see this line.

<provider android:authorities="com.myapp.crashlyticsinitprovider" android:exported="false" android:initOrder="90" android:name="com.crashlytics.android.CrashlyticsInitProvider"/>
<provider android:authorities="com.myapp.testapp.lifecycle-trojan" android:exported="false" android:multiprocess="true" android:name="android.arch.lifecycle.ProcessLifecycleOwnerInitializer"/>

Should I be worried?

I also see this in the build->intermediates->instant_app_manifest_debug->AndroidManifest.xml

I cannot find any information about lifecycle-trojan. – dcanh121 May 06 '19 at 20:42 — dcanh121, May 06 '19 at 20:42

score 3 · Accepted Answer · answered May 07 '19 at 00:46

Should I be worried?

No you shouldn't. It's used by the ProcessLifecycleOwner, and it is not a malware.

Further proofs

As you can see from the aosp-mirror, the file get merged from here, and after few months from the release they have changed the file to this version.

Solution

Migrating to androidx should solve it. Now they have renamed the name from lifecycle-trojan to lifecycle-process.

You can find more information here

What is ".lifecycle-trojan" in my AndroidManifest.xml

1 Answers1