Basically title. I waited on installing F droid for a long time because my phone threw many scary warnings when I tried a long time ago. But now I have it, and I got some fossify apps, but since there is no “Editor’s Picks” on F- droid I dont really know where to go from here.
What apps do you recommend I install first to remove my dependence on closed ecosystems?
What is my vulnerability surface ie, which sort of apps should I watch out for?
Are there any bad faith companies in the open source sphere?
Important note: app developers don’t publish their apps on the official F-Droid repository. Other people (maintainers) download source code and compiling these apps. Therefore, updates are delayed by a week. You cannot update the app from other source because F-Droid version signed by a different key, so you must reinstall the app, deleting all the data.
I started using Obtainium to get updates directly from GitHub. It also has support for F-Droid and many other sources. I use F-Droid website mostly to discover apps.
Oh wait so its going to be lesser hassle the sooner I move to Obtainium?
Depends on whether you’re going to install apps from the official F-Droid repository or not. Third party F-droid repos (like IzzyOnDroid) are not affected by this.
Suppose you have some app (a hypothetical Lemmy app) installed from the official F-Droid repo. You logged in an account, changed some settings. Then the developer announces an update: new features, bug and security fixes. It is published on GitHub and Google Play. F-Droid version will come after a few days, when the maintainer builds the app from source and publishes that update.
You may don’t want to wait till update comes to F-droid. But you can’t install it from GitHub or Google Play, because it is signed by a different key. You’ll have to reinstall the app, which will erase your settings and require logging in again.
This is the hassle you probably may encounter in the future. If you want to avoid it, install official packages from the developers (from GitHub or Google Play). Obtainium can check for updates on GitHub, official and third-party F-Droid repos, and more.
Thanks for the detailed answer. It seems prudent to install from Obtainium.
I’ll offer a counterpoint to all the Obtainium fans here: F-Droid is good and “middlemen” aren’t always pointless.
F-Droid enforces their own inclusion standards on every app they build. This mainly ensures that all apps are built from source and are 100% free (libre) software. When you “go outside the middleman” and “go directly to the source” you lose that assurance.
I don’t think it’s worth it for slightly faster updates. I enjoy knowing that I have the four freedoms with every app I install.
Tell me more about these four freedoms
- What is Free Software? - The GNU Project
Thanks for the explanation.
For some it’s a trust issue since they F-droid is a middleman however with reproducible builds I don’t have that worry. Feels like a good thing to have the code verified twice. I have obtainium as well but had issues with some beta apps I wanted to use like organic maps. Obtainium only works if it is the way it’s setup. Organic maps did not follow obtainiums way
Also to use obtainium you actually need to know the app exist, I have a lot of stuff from F-droid I would not have found without it
If your new, just install and use Droidify (is a lot faster than F-droid).
Now I use:
Isn’t FFUpdater redundant when you can just put browsers’ repository links in Obtainium?
Your right, now I did remove FFUpdater, I’ve got Mull updated adding DivestOS Official repo to Droidify (included, but you need to enable), and Cromite from GitHub.
Because Mull from default repo is 1 version and 2 weeks behind.
I use Obtanium too, but I can’t figure out how to install apps that are hosted on GitLab.
What do you have to change in Obtanium?
Here’s Mull, for example: https://gitlab.com/divested-mobile/mull-fenix
That specific repository has no releases so it won’t work AFAIK. You need a repository with releases, that have apk attached. (Typically the developer would set up a CI workflow to build and attach apk for every release)
Edit: For example AuroraStore has releases with apks. So you can just enter gitlab repo for AuroraStore into Obtainium and it will install it and keep it updated.
Any benefit over just downloading the APK directly without managing it through Obtanium? I ask cause I’m guessing that for Mull, since there are no releases on its GitLab repo, it’ll just have to be downloaded directly.
Obtainium will check regularly for new versions and update automatically. So that’s definitely a benefit if you’d like to keep the apps updated.
As for Mull, you could add its f-droid link into Obtainium if you’d like to have all updates via a single app.
I feel very dumb but I just installed it and I don’t get the logic: do I have to enter every app into Obtainium to make it happen or is there some kind of auto discovery / import that I can use?
It supports importing apps from the URL list, but not from installed yet.
Thanks for your answer that’s what I was afraid of, that’s too much of a chore to hunt for every source and put it in the app, I’ll pass for now and keep getting (more or less) delayed updates as usual