this post was submitted on 24 Jan 2024
167 points (92.8% liked)

Open Source

31665 readers
377 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

Basically title. I waited on installing F droid for a long time because my phone threw many scary warnings when I tried a long time ago. But now I have it, and I got some fossify apps, but since there is no "Editor's Picks" on F- droid I dont really know where to go from here.

What apps do you recommend I install first to remove my dependence on closed ecosystems?

What is my vulnerability surface ie, which sort of apps should I watch out for?

Are there any bad faith companies in the open source sphere?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 10 months ago (3 children)

Important note: app developers don't publish their apps on the official F-Droid repository. Other people (maintainers) download source code and compiling these apps. Therefore, updates are delayed by a week. You cannot update the app from other source because F-Droid version signed by a different key, so you must reinstall the app, deleting all the data.

I started using Obtainium to get updates directly from GitHub. It also has support for F-Droid and many other sources. I use F-Droid website mostly to discover apps.

[–] Tangent5280 1 points 10 months ago (2 children)

Oh wait so its going to be lesser hassle the sooner I move to Obtainium?

[–] [email protected] 3 points 10 months ago (1 children)

Depends on whether you're going to install apps from the official F-Droid repository or not. Third party F-droid repos (like IzzyOnDroid) are not affected by this.

Suppose you have some app (a hypothetical Lemmy app) installed from the official F-Droid repo. You logged in an account, changed some settings. Then the developer announces an update: new features, bug and security fixes. It is published on GitHub and Google Play. F-Droid version will come after a few days, when the maintainer builds the app from source and publishes that update.

You may don't want to wait till update comes to F-droid. But you can't install it from GitHub or Google Play, because it is signed by a different key. You'll have to reinstall the app, which will erase your settings and require logging in again.

This is the hassle you probably may encounter in the future. If you want to avoid it, install official packages from the developers (from GitHub or Google Play). Obtainium can check for updates on GitHub, official and third-party F-Droid repos, and more.

[–] Tangent5280 3 points 10 months ago (2 children)

Thanks for the detailed answer. It seems prudent to install from Obtainium.

[–] [email protected] 3 points 10 months ago (1 children)

I'll offer a counterpoint to all the Obtainium fans here: F-Droid is good and "middlemen" aren't always pointless.

F-Droid enforces their own inclusion standards on every app they build. This mainly ensures that all apps are built from source and are 100% free (libre) software. When you "go outside the middleman" and "go directly to the source" you lose that assurance.

I don't think it's worth it for slightly faster updates. I enjoy knowing that I have the four freedoms with every app I install.

[–] Tangent5280 2 points 10 months ago (1 children)

Tell me more about these four freedoms

[–] [email protected] 2 points 10 months ago* (last edited 10 months ago) (1 children)

A program is free software if the program's users have the four essential freedoms:

  • The freedom to run the program as you wish, for any purpose (freedom 0).
  • The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
  • The freedom to redistribute copies so you can help others (freedom 2).
  • The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

- What is Free Software? - The GNU Project

[–] Tangent5280 2 points 10 months ago

Thanks for the explanation.

[–] [email protected] 2 points 10 months ago* (last edited 10 months ago)

For some it's a trust issue since they F-droid is a middleman however with reproducible builds I don't have that worry. Feels like a good thing to have the code verified twice. I have obtainium as well but had issues with some beta apps I wanted to use like organic maps. Obtainium only works if it is the way it's setup. Organic maps did not follow obtainiums way

Also to use obtainium you actually need to know the app exist, I have a lot of stuff from F-droid I would not have found without it

[–] [email protected] 1 points 10 months ago* (last edited 10 months ago) (1 children)

If your new, just install and use Droidify (is a lot faster than F-droid).

Now I use:

  • Obtanium 4 things that aren't in F-droid or prefer faster update (like Newpipe).
[–] [email protected] 3 points 10 months ago (1 children)

Isn't FFUpdater redundant when you can just put browsers' repository links in Obtainium?

[–] [email protected] 1 points 10 months ago* (last edited 10 months ago)

Your right, now I did remove FFUpdater, I've got Mull updated adding DivestOS Official repo to Droidify (included, but you need to enable), and Cromite from GitHub.

Because Mull from default repo is 1 version and 2 weeks behind.

[–] [email protected] 1 points 10 months ago (1 children)

I feel very dumb but I just installed it and I don't get the logic: do I have to enter every app into Obtainium to make it happen or is there some kind of auto discovery / import that I can use?

[–] [email protected] 2 points 10 months ago (1 children)

It supports importing apps from the URL list, but not from installed yet.

[–] [email protected] 1 points 10 months ago

Thanks for your answer that's what I was afraid of, that's too much of a chore to hunt for every source and put it in the app, I'll pass for now and keep getting (more or less) delayed updates as usual

[–] hiramfromthechi 1 points 10 months ago (1 children)

I use Obtanium too, but I can't figure out how to install apps that are hosted on GitLab.

What do you have to change in Obtanium?

Here's Mull, for example: https://gitlab.com/divested-mobile/mull-fenix

[–] mea_rah 1 points 10 months ago* (last edited 10 months ago) (1 children)

That specific repository has no releases so it won't work AFAIK. You need a repository with releases, that have apk attached. (Typically the developer would set up a CI workflow to build and attach apk for every release)

Edit: For example AuroraStore has releases with apks. So you can just enter gitlab repo for AuroraStore into Obtainium and it will install it and keep it updated.

[–] hiramfromthechi 1 points 10 months ago (1 children)

Any benefit over just downloading the APK directly without managing it through Obtanium? I ask cause I'm guessing that for Mull, since there are no releases on its GitLab repo, it'll just have to be downloaded directly.

[–] mea_rah 2 points 10 months ago

Obtainium will check regularly for new versions and update automatically. So that's definitely a benefit if you'd like to keep the apps updated.

As for Mull, you could add its f-droid link into Obtainium if you'd like to have all updates via a single app.