After the news cycle recently exploded with the announcement that Google would require every single Android app to be from a registered and verified developer, while killing third-party app stores …
That’s only if the apps distributed are unverified. Mind, the EU already requires app stores to document the identities of devs, but there are loopholes for Small enterprises. In 2027, manufacturers need to document the identities of their suppliers. There are still exceptions for non-profit open source projects, but that’s not what Google is. Surely, no one here wants Google to avoid regulations by investing in open source.
I believe F-Droid signs the packages it distributes so that creates a painful choke point. Revoke F-Droid’s key and it will break all of F-Droid instantaneously. The only exception for F-Droid’s signing is if the build is reproducible, which is a high bar for a lot of projects, and then F-Droid will use the upstream signature.
Installing the third party stores would be way harder than it is right now if they do that though. No way the devs of e.g. f-droid are getting a verification on an app that bypasses Google’s new ‘safety measures’
So now 3rd party app stores need an ADB loopback to work around that.
Not hard to do, but uselessly annoying.
That’s only if the apps distributed are unverified. Mind, the EU already requires app stores to document the identities of devs, but there are loopholes for Small enterprises. In 2027, manufacturers need to document the identities of their suppliers. There are still exceptions for non-profit open source projects, but that’s not what Google is. Surely, no one here wants Google to avoid regulations by investing in open source.
I believe F-Droid signs the packages it distributes so that creates a painful choke point. Revoke F-Droid’s key and it will break all of F-Droid instantaneously. The only exception for F-Droid’s signing is if the build is reproducible, which is a high bar for a lot of projects, and then F-Droid will use the upstream signature.
Also, they’re trying to close the ADB loophole.
I think you can already do that with shizuku and dome fdroid clients. It also makes using 3rd party appstores more convenient just in general.
Installing the third party stores would be way harder than it is right now if they do that though. No way the devs of e.g. f-droid are getting a verification on an app that bypasses Google’s new ‘safety measures’
I could imagine something like Sidequest happening on Android.