first commit - 1.0.0

Author: iampedii

.github/workflows/release.yml

@@ -0,0 +1,158 @@
+name: Official Release
+
+# Required repository secrets:
+# - ANDROID_SIGNING_KEYSTORE_BASE64
+# - ANDROID_SIGNING_STORE_PASSWORD
+# - ANDROID_SIGNING_KEY_ALIAS
+# - ANDROID_SIGNING_KEY_PASSWORD
+#
+on:
+  push:
+    tags:
+      - "*"
+
+permissions:
+  contents: write
+
+env:
+  ANDROID_API: "26"
+  GRADLE_ANDROID_NDK_VERSION: "26.3.11579264"
+  STORMDNS_ANDROID_NDK_VERSION: "29.0.14206865"
+
+jobs:
+  release:
+    name: Build, sign, and publish release APKs
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout WhiteDNS
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+
+      - name: Set up JDK
+        uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: "17"
+          cache: gradle
+
+      - name: Install Android SDK packages
+        run: |
+          set -euo pipefail
+          yes | sdkmanager --licenses >/dev/null
+          sdkmanager \
+            "platforms;android-36" \
+            "build-tools;36.0.0" \
+            "ndk;${GRADLE_ANDROID_NDK_VERSION}" \
+            "ndk;${STORMDNS_ANDROID_NDK_VERSION}"
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: third_party/StormDNS/go.mod
+          cache-dependency-path: third_party/StormDNS/go.sum
+
+      - name: Build StormDNS native clients
+        run: |
+          set -euo pipefail
+          make stormdns \
+            NDK_HOST=linux-x86_64 \
+            NDK_ROOT="${ANDROID_HOME}/ndk/${STORMDNS_ANDROID_NDK_VERSION}"
+
+      - name: Run unit tests
+        run: ./gradlew testDebugUnitTest
+
+      - name: Build unsigned release APKs
+        run: |
+          set -euo pipefail
+          TAG_NAME="${GITHUB_REF_NAME}"
+          VERSION_NAME="${TAG_NAME#v}"
+          ./gradlew :app:assembleRelease \
+            -PWHITE_DNS_VERSION_NAME="${VERSION_NAME}" \
+            -PWHITE_DNS_VERSION_CODE="${GITHUB_RUN_NUMBER}"
+
+      - name: Sign release APKs
+        env:
+          ANDROID_SIGNING_KEYSTORE_BASE64: ${{ secrets.ANDROID_SIGNING_KEYSTORE_BASE64 }}
+          ANDROID_SIGNING_STORE_PASSWORD: ${{ secrets.ANDROID_SIGNING_STORE_PASSWORD }}
+          ANDROID_SIGNING_KEY_ALIAS: ${{ secrets.ANDROID_SIGNING_KEY_ALIAS }}
+          ANDROID_SIGNING_KEY_PASSWORD: ${{ secrets.ANDROID_SIGNING_KEY_PASSWORD }}
+        run: |
+          set -euo pipefail
+          for secret_name in \
+            ANDROID_SIGNING_KEYSTORE_BASE64 \
+            ANDROID_SIGNING_STORE_PASSWORD \
+            ANDROID_SIGNING_KEY_ALIAS \
+            ANDROID_SIGNING_KEY_PASSWORD
+          do
+            if [[ -z "${!secret_name:-}" ]]; then
+              echo "::error::Missing GitHub secret: ${secret_name}"
+              exit 1
+            fi
+          done
+
+          TAG_NAME="${GITHUB_REF_NAME}"
+          KEYSTORE_PATH="${RUNNER_TEMP}/whitedns-release.keystore"
+          echo "${ANDROID_SIGNING_KEYSTORE_BASE64}" | base64 --decode > "${KEYSTORE_PATH}"
+
+          BUILD_TOOLS_DIR="$(find "${ANDROID_HOME}/build-tools" -mindepth 1 -maxdepth 1 -type d | sort -V | tail -n 1)"
+          mkdir -p dist
+
+          shopt -s nullglob
+          unsigned_apks=(app/build/outputs/apk/release/*-release-unsigned.apk)
+          if (( ${#unsigned_apks[@]} == 0 )); then
+            echo "::error::No unsigned release APKs found."
+            exit 1
+          fi
+
+          for unsigned_apk in "${unsigned_apks[@]}"; do
+            base_name="$(basename "${unsigned_apk}" -release-unsigned.apk)"
+            abi_name="${base_name#app-}"
+            aligned_apk="${RUNNER_TEMP}/${base_name}-aligned.apk"
+            signed_apk="dist/WhiteDNS-${TAG_NAME}-${abi_name}.apk"
+
+            "${BUILD_TOOLS_DIR}/zipalign" -f -p 4 "${unsigned_apk}" "${aligned_apk}"
+            "${BUILD_TOOLS_DIR}/apksigner" sign \
+              --ks "${KEYSTORE_PATH}" \
+              --ks-pass "pass:${ANDROID_SIGNING_STORE_PASSWORD}" \
+              --ks-key-alias "${ANDROID_SIGNING_KEY_ALIAS}" \
+              --key-pass "pass:${ANDROID_SIGNING_KEY_PASSWORD}" \
+              --out "${signed_apk}" \
+              "${aligned_apk}"
+            "${BUILD_TOOLS_DIR}/apksigner" verify --verbose "${signed_apk}"
+          done
+
+          cp THIRD_PARTY_NOTICES.md "dist/WhiteDNS-${TAG_NAME}-THIRD_PARTY_NOTICES.md"
+          (cd dist && shasum -a 256 * > SHA256SUMS.txt)
+
+      - name: Publish GitHub Release
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          set -euo pipefail
+          TAG_NAME="${GITHUB_REF_NAME}"
+          RELEASE_TITLE="WhiteDNS ${TAG_NAME}"
+          NOTES_FILE="${RUNNER_TEMP}/release-notes.md"
+
+          cat > "${NOTES_FILE}" <<EOF
+          Official WhiteDNS release for ${TAG_NAME}.
+
+          WhiteDNS is not published on Google Play. APKs attached to this GitHub release are the official release artifacts for this tag.
+
+          See LICENSE.MD, CONTRIBUTING.md, CLA.md, and TRADEMARK.MD before using or contributing to this project.
+          EOF
+
+          release_flags=()
+          if [[ "${TAG_NAME}" =~ (alpha|beta|rc) ]]; then
+            release_flags+=(--prerelease)
+          fi
+
+          if gh release view "${TAG_NAME}" >/dev/null 2>&1; then
+            gh release upload "${TAG_NAME}" dist/* --clobber
+          else
+            gh release create "${TAG_NAME}" dist/* \
+              --title "${RELEASE_TITLE}" \
+              --notes-file "${NOTES_FILE}" \
+              "${release_flags[@]}"
+          fi

.gitignore

@@ -0,0 +1,22 @@
+.gradle/
+.gradle-home/
+.idea/
+.DS_Store
+.kotlin/
+build/
+app/build/
+local.properties
+captures/
+*.iml
+*.apk
+*.aab
+*.jks
+*.keystore
+*.p12
+*.pem
+id_ed25519*
+id_rsa*
+nemigam*
+
+/storm-dns/
+/StormDNS/

.gitmodules

@@ -0,0 +1,4 @@
+[submodule "third_party/StormDNS"]
+	path = third_party/StormDNS
+	url = https://github.com/iampedii/StormDNS.git
+	branch = feat/whitedns-android-client

CLA.md

@@ -0,0 +1,30 @@
+# WhiteDNS Contributor License Agreement
+
+By submitting code, documentation, translations, designs, bug fixes, patches, or other contributions to WhiteDNS, you agree to the following terms:
+
+## 1. Contribution Rights
+
+You confirm that:
+
+- the contribution is your original work; or
+- you have the necessary rights and permissions to submit it.
+
+## 2. License to WhiteDNS
+
+You grant WhiteDNS and its maintainers a perpetual, worldwide, royalty-free, irrevocable license to use, copy, modify, publish, distribute, sublicense, and include your contribution in the WhiteDNS project and related products.
+
+## 3. No Ownership Transfer of WhiteDNS
+
+Submitting a contribution does not give you ownership, control, revenue share, trademark rights, publishing rights, or distribution rights over WhiteDNS.
+
+## 4. No Right to Fork or Redistribute
+
+Submitting a contribution does not give you permission to fork, redistribute, repackage, re-sign, sell, clone, or create a derivative app based on WhiteDNS.
+
+## 5. No Warranty
+
+You provide your contribution without warranty of any kind.
+
+## 6. Agreement
+
+By opening a pull request, submitting a patch, or contributing to WhiteDNS, you agree to this Contributor License Agreement.

CONTRIBUTING.md

@@ -0,0 +1,45 @@
+# Contributing to WhiteDNS
+
+Thank you for your interest in contributing to WhiteDNS.
+
+WhiteDNS is a source-available project. Community contributions are welcome, but the project is not open-source.
+
+## What You Can Do
+
+You may:
+
+- report bugs;
+- suggest features;
+- submit pull requests to the official repository;
+- improve documentation;
+- improve translations;
+- review code for security issues;
+- help test official builds.
+
+## What You Cannot Do
+
+You may not:
+
+- fork WhiteDNS to create another app;
+- publish modified builds;
+- redistribute APK files;
+- re-sign or repackage the app;
+- sell the app or any modified version;
+- use the WhiteDNS name, logo, icon, design, or brand in another project;
+- create a clone, competing product, or derivative app based on this code.
+
+## Pull Requests
+
+By submitting a pull request, you agree that your contribution may be used, modified, distributed, and included in the official WhiteDNS app.
+
+You also confirm that your contribution is your own work or that you have the legal right to submit it.
+
+## Security Issues
+
+Please do not publicly disclose security vulnerabilities before giving the WhiteDNS team time to review and fix them.
+
+Report security issues privately through the official contact channel.
+
+## License
+
+By contributing, you agree to the WhiteDNS Source-Available Proprietary License.

LICENSE.MD

@@ -0,0 +1,55 @@
+WhiteDNS Source-Available Proprietary License
+
+Copyright (c) 2026 WhiteDNS / Pedram Marandi. All rights reserved.
+
+This software is source-available, not open-source.
+
+1. Permission to View and Contribute
+
+You may view the source code for transparency, security review, learning, and contribution to the official WhiteDNS project.
+
+You may submit issues, bug reports, pull requests, patches, translations, documentation improvements, and other contributions to the official WhiteDNS repository.
+
+2. No Redistribution or Forked Apps
+
+You may not copy, redistribute, publish, mirror, sell, rent, lease, sublicense, repackage, re-sign, upload, or distribute this software, in whole or in part, without prior written permission.
+
+You may not use this software, source code, UI, APK, assets, configuration format, or related materials to create, publish, distribute, or operate another app, fork, clone, modified version, competing service, or derivative product.
+
+3. No Rebranding
+
+You may not use the WhiteDNS name, logo, icon, brand, design, screenshots, Telegram identity, domain names, package identity, or confusingly similar names or branding without prior written permission.
+
+4. Contributions
+
+By submitting a contribution to the official WhiteDNS project, you agree that your contribution may be used, modified, distributed, sublicensed, and included in WhiteDNS by the project maintainers.
+
+You confirm that your contribution is your original work or that you have the necessary rights to submit it.
+
+You do not receive ownership, control, revenue share, or distribution rights over the WhiteDNS project by submitting a contribution.
+
+5. Official Distribution Only
+
+Only APKs and releases published by the official WhiteDNS team are authorized.
+
+Modified, re-signed, repackaged, redistributed, or unofficial APKs are not permitted and may be unsafe.
+
+6. Reverse Engineering and Security Research
+
+Security research is allowed only for responsible disclosure to the official WhiteDNS team.
+
+You may not publicly distribute exploit code, modified builds, bypass tools, malware-injected versions, or instructions that enable abuse of WhiteDNS users.
+
+7. No Warranty
+
+This software is provided "as is", without warranty of any kind.
+
+The copyright holder is not responsible for damages, data loss, security issues, misuse, service interruption, or other consequences arising from use of the software.
+
+8. Termination
+
+Your permission to view or use this software ends automatically if you violate this license.
+
+9. Permission Requests
+
+For commercial use, redistribution, partnerships, or special permissions, contact the official WhiteDNS team.

Makefile

@@ -0,0 +1,64 @@
+SHELL := /bin/bash
+
+SDK_ROOT ?= $(HOME)/Library/Android/sdk
+NDK_VERSION ?= 29.0.14206865
+NDK_ROOT ?= $(SDK_ROOT)/ndk/$(NDK_VERSION)
+NDK_HOST ?= darwin-x86_64
+NDK_BIN := $(NDK_ROOT)/toolchains/llvm/prebuilt/$(NDK_HOST)/bin
+ANDROID_API ?= 26
+
+GO ?= go
+GRADLE ?= ./gradlew
+STORMDNS_DIR := third_party/StormDNS
+STORMDNS_CMD := ./cmd/client
+STORMDNS_BUILD_DIR := $(STORMDNS_DIR)/build/android
+JNI_LIBS_DIR := app/src/main/jniLibs
+GO_CACHE := $(STORMDNS_DIR)/.gocache
+STORMDNS_LDFLAGS := -s -w -linkmode external -extldflags "-Wl,-z,max-page-size=16384 -Wl,-z,common-page-size=16384"
+
+.PHONY: all debug stormdns stormdns-arm64 stormdns-armv7 stormdns-x86_64 stormdns-x86 clean clean-stormdns clean-app check-ndk debug-outputs
+
+all: debug
+
+debug: stormdns
+	$(GRADLE) :app:assembleDebug
+
+stormdns: stormdns-arm64 stormdns-armv7 stormdns-x86_64 stormdns-x86
+
+check-ndk:
+	@test -x "$(NDK_BIN)/aarch64-linux-android$(ANDROID_API)-clang" || (echo "Android NDK not found at $(NDK_ROOT). Install NDK $(NDK_VERSION) or set NDK_ROOT=/path/to/ndk."; exit 1)
+
+stormdns-arm64: check-ndk
+	@mkdir -p "$(STORMDNS_BUILD_DIR)/arm64-v8a" "$(JNI_LIBS_DIR)/arm64-v8a" "$(GO_CACHE)"
+	cd "$(STORMDNS_DIR)" && GOCACHE="$$PWD/.gocache" CGO_ENABLED=1 CC="$(NDK_BIN)/aarch64-linux-android$(ANDROID_API)-clang" GOOS=android GOARCH=arm64 $(GO) build -trimpath -ldflags='$(STORMDNS_LDFLAGS)' -o "build/android/arm64-v8a/stormdns-client" "$(STORMDNS_CMD)"
+	cp "$(STORMDNS_BUILD_DIR)/arm64-v8a/stormdns-client" "$(JNI_LIBS_DIR)/arm64-v8a/libstormdns_client.so"
+	chmod 755 "$(STORMDNS_BUILD_DIR)/arm64-v8a/stormdns-client" "$(JNI_LIBS_DIR)/arm64-v8a/libstormdns_client.so"
+
+stormdns-armv7: check-ndk
+	@mkdir -p "$(STORMDNS_BUILD_DIR)/armeabi-v7a" "$(JNI_LIBS_DIR)/armeabi-v7a" "$(GO_CACHE)"
+	cd "$(STORMDNS_DIR)" && GOCACHE="$$PWD/.gocache" CGO_ENABLED=1 CC="$(NDK_BIN)/armv7a-linux-androideabi$(ANDROID_API)-clang" GOOS=android GOARCH=arm GOARM=7 $(GO) build -trimpath -ldflags='$(STORMDNS_LDFLAGS)' -o "build/android/armeabi-v7a/stormdns-client" "$(STORMDNS_CMD)"
+	cp "$(STORMDNS_BUILD_DIR)/armeabi-v7a/stormdns-client" "$(JNI_LIBS_DIR)/armeabi-v7a/libstormdns_client.so"
+	chmod 755 "$(STORMDNS_BUILD_DIR)/armeabi-v7a/stormdns-client" "$(JNI_LIBS_DIR)/armeabi-v7a/libstormdns_client.so"
+
+stormdns-x86_64: check-ndk
+	@mkdir -p "$(STORMDNS_BUILD_DIR)/x86_64" "$(JNI_LIBS_DIR)/x86_64" "$(GO_CACHE)"
+	cd "$(STORMDNS_DIR)" && GOCACHE="$$PWD/.gocache" CGO_ENABLED=1 CC="$(NDK_BIN)/x86_64-linux-android$(ANDROID_API)-clang" GOOS=android GOARCH=amd64 $(GO) build -trimpath -ldflags='$(STORMDNS_LDFLAGS)' -o "build/android/x86_64/stormdns-client" "$(STORMDNS_CMD)"
+	cp "$(STORMDNS_BUILD_DIR)/x86_64/stormdns-client" "$(JNI_LIBS_DIR)/x86_64/libstormdns_client.so"
+	chmod 755 "$(STORMDNS_BUILD_DIR)/x86_64/stormdns-client" "$(JNI_LIBS_DIR)/x86_64/libstormdns_client.so"
+
+stormdns-x86: check-ndk
+	@mkdir -p "$(STORMDNS_BUILD_DIR)/x86" "$(JNI_LIBS_DIR)/x86" "$(GO_CACHE)"
+	cd "$(STORMDNS_DIR)" && GOCACHE="$$PWD/.gocache" CGO_ENABLED=1 CC="$(NDK_BIN)/i686-linux-android$(ANDROID_API)-clang" GOOS=android GOARCH=386 $(GO) build -trimpath -ldflags='$(STORMDNS_LDFLAGS)' -o "build/android/x86/stormdns-client" "$(STORMDNS_CMD)"
+	cp "$(STORMDNS_BUILD_DIR)/x86/stormdns-client" "$(JNI_LIBS_DIR)/x86/libstormdns_client.so"
+	chmod 755 "$(STORMDNS_BUILD_DIR)/x86/stormdns-client" "$(JNI_LIBS_DIR)/x86/libstormdns_client.so"
+
+debug-outputs:
+	@find app/build/outputs/apk/debug -type f -name '*.apk' -print | sort
+
+clean: clean-app clean-stormdns
+
+clean-app:
+	$(GRADLE) :app:clean
+
+clean-stormdns:
+	rm -rf "$(STORMDNS_BUILD_DIR)" "$(GO_CACHE)"