What is the rationale for preferring F-Droid, if I may ask? It is a third party, whereas via the web you are trusting our domain name and server. You can verify certificate and blob hash if you want to be 100% sure.
Yes, we want to put Zapstore on F-Droid. But we do not want F-Droid to build a non-reproduceable APK, that would be regarded.
When we get to reproduceable builds, we then will go through the F-Droid bureaucracy, no problem.
Verifying the blob hash is an extra step, and I don't know how, on my phone at least. Fdroid does all that stuff for you. That's why people like it.
And how did you verify that you have the right F-Droid?
People like Zapstore because it does all that stuff for them, too 😉
I know, but the fewer sources you trust the better.
This is just a suggestion. I think you'll get more downloads if you're on fdroid. And even more if you're on Google Play store. It's up to you.
Absolutely, I agree with you. However F-Droid is a tricky one. They build AND host packages themselves, and they had security issues. Way too much trust placed in them. The only way that makes sense to use F-Droid is with reproduceable builds.
All the open source projects are on both stores. Just saying.
