Why should I trust the published version of signal that I see in zap.store?
https://github.com/tw-hx/Signal-Android
This branch is 4783 commits behind signalapp/Signal-Android:main
📣 Introducing zap.store 0.1.0
For months I have been dreaming of a better app store, frustrated by big tech's permissioned bs, GPG's complexities, and Obtainium's reliance on centralized services and poor UX.
Here's the first (very alpha) iteration of zap.store, a permissionless app store leveraging the nostr social graph.
✔ Android only (for now! Desktop coming soon)
✔ Obtainium drop-in replacement (smaller catalog but growing)
✔ App releases are signed/curated by this account, as developers start self-signing
✔ Web of trust check before installing an app
Get it at https://zap.store or https://github.com/zapstore/zapstore
(SHA-256 hash of the APK version 0.1.0 is 8540bd492064c17d83bcdc6d2a463c2aea46f13c2b0d13b8a96023df95bd0c9d)
Feedback more than welcome, it's also possible to send directly from the ⚙️ screen in the app
s/o to nostr legends nostr:npub149p5act9a5qm9p47elp8w8h3wpwn2d7s2xecw2ygnrxqp4wgsklq9g722q and nostr:npub1zafcms4xya5ap9zr7xxr0jlrtrattwlesytn2s42030lzu0dwlzqpd26k5 for their invaluable help
Discussion
Good catch, this is why we show the repo URL. It was a mistake and that app was removed from the relay.
If you no longer want to see it please clear the storage for the app. In the next version there will be an easier way to do it.