APK/ZIP compression level differences hidden

We ran into an issue where the only differences diffoscope showed were the APK signature files.

The problem turned out to be a different compression level for 1 single file.

Even without the signature files, the zipinfo diff is not empty, so it won't use zipinfo -v (which doesn't show compression level, but does show compressed size).

├── zipinfo {}
│ @@ -998,8 +998,8 @@
│  -rw----     2.0 fat      939 b- defN 81-Jan-01 01:01 kotlin/internal/internal.kotlin_builtins
│  -rw----     2.0 fat    14256 b- defN 81-Jan-01 01:01 kotlin/kotlin.kotlin_builtins
│  -rw----     2.0 fat     2301 b- defN 81-Jan-01 01:01 kotlin/ranges/ranges.kotlin_builtins
│  -rw----     2.0 fat     2338 b- defN 81-Jan-01 01:01 kotlin/reflect/reflect.kotlin_builtins
│  -rw-r--r--  0.0 unx    92988 b- defN 81-Jan-01 01:01 META-INF/CERT.SF
│  -rw-r--r--  0.0 unx     1292 b- defN 81-Jan-01 01:01 META-INF/CERT.RSA
│  -rw-r--r--  0.0 unx    92914 b- defN 81-Jan-01 01:01 META-INF/MANIFEST.MF
│ -1003 files, 11874558 bytes uncompressed, 6805936 bytes compressed:  42.7%
│ +1003 files, 11874558 bytes uncompressed, 6805937 bytes compressed:  42.7%

I'm not sure how this should be handled tbh.

It might make sense to use zipinfo -v if the only difference in zipinfo output is in that last line.

But that wasn't the case for the original diff between a signed and unsigned APK, so it would not have helped there.

FWIW, I wrote scripts to detect and fix compression levels; I'll probably add them to reproducible-apk-tools.