Do our Android recommendations have to be in the official F-Droid repository? #1201
Comments
|
First of all, we would need to decide whether this only cover the official f-droid repo, or being installable from any fdroid all repo. In any case though, while I would see being on fdroid is a big bonus, I would not make it a requirement, as it would have the potentional to exclude some really good apps just for not being on fdroid. |
|
Judging by the three 👍 to the previous comment, I guess our policy which just needs committing, is:
@privacytoolsIO/editorial further thoughts? |
|
F-Droid is a distribution mechanism.
Technically it isn't centralized. There are f-droid mirrors. The advantage of being in the official F-droid repository is that it must be open source and able to be built from that source. In addition to that there is some tracking on anti-features, which may not be the case in a third party repository. Then there is the reproducible builds initiative. It is more desirable for the software to be in F-Droid and reproducible than in a third party repository and not be reproducible. You can see the recent builds from their wiki.
Also note that with Google Play, Google can push updates to you, whenever they want. Could select targets get a certain update that nobody else gets? Sure, you've got a set of login credentials attached to that software distribution center. |
This concern was rised in #1132 where I commented:
This issue also affects #1187 (& #1200) which aren't in the official F-Droid repository, but has its own repository. I think we also list Bitwarden that is in the same situation.
See also: #338.
The text was updated successfully, but these errors were encountered: