Email or username:

Password:

Forgot your password?
Top-level
Sylvia

@SamantazFox @fdroidorg in F-Droid reproducible builds the developers provide an .apk file and F-Droid builds an .apk file from the source code and they get compared.

If they match, the .apk file from the developer is used.

One side effect is that in-app updaters because possible. F-Droid has decided that in-app updaters are okay as long as they're opt-in and clearly explain to the user they're changing their primary source of trust.

For more details, see f-droid.org/en/2023/01/15/towa

4 comments
Sylvia

@SamantazFox @fdroidorg But you're right that Google doesn't allow this.

The official Mastodon app actually has a special flavour for Google without in-app updater, but the Mastodon team was unwilling to provide .apk files for it (stating that it was too much work to supply that on top of the .aab they build for Google).

And thus, F-Droid was left without an .apk file that was compliant with F-Droid policy. And after a lot of difficulty it was decided to drop reproducible builds, sadly.

Samantaz Fox

@SylvieLorxu @fdroidorg
That sucks :/
Thanks for the detailed answer, though ^^

always tired (moved to chaos)

@SylvieLorxu @SamantazFox @fdroidorg I don't like that. In app updates in more and more apps means yet more redundant code bloat. Let dedicated package managers / app stores do what they're there for

Adam Honse

@project1enigma @SylvieLorxu @SamantazFox @fdroidorg Seriously, in-app updaters are stupid. Let the package manager do its job. Built-in updaters is the shitty outdated Windows way of doing things. If I download a version from your website I want it to stay that way, otherwise I would've downloaded it from a repository with a package manager.

Go Up