this post was submitted on 11 Aug 2023
79 points (92.5% liked)

Open Source

31111 readers
310 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

I've come to realize that a lot of foss android apps are pretty outdated and usually abandoned. Is that even safe to use? Like even the fdroid archive repository, are those safe to use? I'm still rather new to the foss world, but in my mind it seems a very outdated app is probably not safe or am I missing something here?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 7 points 1 year ago (6 children)

For any app that isn't network-facing and that works with protocols that haven't been changed in a long time, there is no point worrying over how "active" the development is on an app. If nothing has been broken, then nothing needs fixing. My music player has had all the features it needs for a decade, and continues to work to this day. Why change a good thing?

[–] borzthewolf 1 points 1 year ago (4 children)

Gotcha. But what's stopping cyber criminals from seeing these abandoned repos and possibly taking over and implement malware or what not

[–] [email protected] 3 points 1 year ago (3 children)

Have you ever used Github? People can't just push code to the main repo.

And all submissions to F-Droid are checked for this kind of thing.

[–] borzthewolf 1 points 1 year ago (1 children)

I mean yes I use github for reference and sometimes downloading but I don't actually know a whole lot about it like push and pull requests and what not, as I haven't found a need to learn it yet. So what you're saying is to basically download apps from github instead of fdroid to ensure you get the latest?

[–] [email protected] 3 points 1 year ago (1 children)

No, I'm not. I'm saying that downloading from F-Droid is perfectly safe, as they verify all updates before putting them on the repo.

[–] borzthewolf 2 points 1 year ago

Ohhh I understand, thanks

load more comments (1 replies)
load more comments (1 replies)
load more comments (2 replies)