this post was submitted on 01 Oct 2024
88 points (96.8% liked)

Open Source

30679 readers
99 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
88
On the importance of F-Droid, an Android app store (rocket9labs.com)
submitted 1 week ago by [email protected] to c/[email protected]
14 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 1 week ago (8 children)

Oh man I see so much criticism of F-Droid's policies incoming...

[–] [email protected] 7 points 1 week ago (7 children)

Is there anything controversial about them?

[–] [email protected] 13 points 1 week ago (5 children)

There are those who believe that F-Droid's role as a "middle man" vetting and building packages from source instead of blindly shipping builds provided by upstream makes it a security risk, because you're trusting F-Droid in addition to (some say instead of) the upstream developer. Perhaps telling is that none of these critics can offer an alternative solution.

Before anyone mentions Obtainium and Accrescent, these are not alternatives to F-Droid, they solve completely different problems.

[–] [email protected] 6 points 1 week ago (1 children)

I personally like F-Droid's vetting process. It's true that updates always arrive a few days later, but you can be sure they don't contain any malicious code. Furthermore, they specify all of the antifeatures a program has, which makes it easier to avoid them. If you want faster updates, you can always download a program through Obtanium.

[–] [email protected] 1 points 1 week ago* (last edited 1 week ago) (1 children)

I am not an F-Droid maintainer, but as far as I know the code is not vetted by F-Droid after the initial app submission process. Updates are pulled in, built and distributed automatically. The long delay is just because there are a lot of apps to build, and F-Droid is a volunteer-run operation.

[–] [email protected] 5 points 1 week ago* (last edited 1 week ago)

I had no idea. Thanks for telling me! In that case, im going to try to use the ones from IzzyOnDroid if avaliable

Edit: According to their docs, they do take some special security measures and I couldn't find a case of an app offered on FDroid which had malware.

load more comments (3 replies)
load more comments (4 replies)
load more comments (4 replies)