nostr:nprofile1qqs83nn04fezvsu89p8xg7axjwye2u67errat3dx2um725fs7qnrqlgzqtdq0 has absorbed every FOSS app (and a few others) on my phone. Except one. 👀
Discussion
I went this path too. And just recently started using https://github.com/imranr98/obtainium
Maby I will start to install every opensource app directly from the source. Since nostr:nprofile1qqs83nn04fezvsu89p8xg7axjwye2u67errat3dx2um725fs7qnrqlgzqtdq0 still is mostly signed by the zapstore account.
Hmmm, your last paragraph is a misconception. Third time I hear it, I must be doing something wrong.
You are conflating APK signatures with nostr signatures:
- Obtainium: original dev signed APK
- Zapstore: original dev signed APK + nostr signature
In both places you install the same developers APK. Both pull from Github or whatever original source.
Zapstore in addition links them to a nostr profile which allows for web of trust verification and more.
Obtainium is in no way more secure than Zapstore. It does have more apps, yes, for now.
Thanks for the explanation. So do I understand right? Then the zapstore signature is only a recommendation? But updatecycles should have no difference at all compared with Obtainium?
You're welcome. It will be more clear in the new UI.
With Obtainium you use Github search, here you use relays on apps that are indexed.
Two improvements coming:
- Add any app to indexer from the Zapstore app
- Background update checking and silent installs
Almost there 💪