How do I check an APK before it goes live?

Install it on a test device, read the permissions against what the app claims to do, decode the manifest with aapt or apkanalyzer, inspect the code with apktool/jadx, and verify the signature with apksigner. Full checklist.

Related questions

• What is the “live and transfer” model?
• Is app transfer an official Google feature?
• Will my reviews and installs survive a transfer?
• Should I ask for the AAB and APK?

← All Play Console questions