🩵 A free, open-source app store for developers' releases on GitHub, Codeberg & Forgejo — browse, discover, and install apps with one click. Formerly GitHub Store. - kurikomi-labs/komi-store
FDroid’s official repository includes fairly strict requirements for apps they allow, meaning you get a level of confidence that those apps meet those requirements. You can add custom repos in the app, but it’s not the default flow. To use a recent example, it’s like comparing the Arch official repos to AUR.
Not that there isn’t value in a tool that can download apps for you from GitHub, but it’s not really fair to compare that to F-Droid. You’re generally safer on F-Droid’s official repo than with random projects off GitHub, and potentially even safer than downloading official releases of apps on F-Droid directly from the releases page.
In that case, both FDroid and the browser are intermediaries and potential attack vectors. You go through the same number of middlemen. One just verifies the packages for you.
If you have tunnel vision, then sure. In fact, it’s just as comparable as downloading from realappmirror.ru where you have the same number of intermediaries.
FDroid’s official repository includes fairly strict requirements for apps they allow, meaning you get a level of confidence that those apps meet those requirements. You can add custom repos in the app, but it’s not the default flow. To use a recent example, it’s like comparing the Arch official repos to AUR.
Not that there isn’t value in a tool that can download apps for you from GitHub, but it’s not really fair to compare that to F-Droid. You’re generally safer on F-Droid’s official repo than with random projects off GitHub, and potentially even safer than downloading official releases of apps on F-Droid directly from the releases page.
It’s completely fair to compare on the qualities which were specified.
The qualities that were specified were security. Do you plan to actually explain how both FDroid and random GitHub downloads are equally insecure?
The qualities that were specified was the ability to install the apps through the browser without the “attack vector” of an app installer.
In that case, both FDroid and the browser are intermediaries and potential attack vectors. You go through the same number of middlemen. One just verifies the packages for you.
So you agree that they’re comparable?
If you have tunnel vision, then sure. In fact, it’s just as comparable as downloading from
realappmirror.ruwhere you have the same number of intermediaries.I don’t have “tunnel vision” and I don’t know what that thing is. Perhaps you’d like to continue trying to explain how they’re incomparable?
I already did.
If you have nothing of value to add, then I’m done discussing this.