this post was submitted on 13 Aug 2023
6 points (100.0% liked)

F-Droid

8069 readers
23 users here now

F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.

Website | GitLab | Mastodon

Matrix space | forum | IRC

founded 3 years ago
MODERATORS
 

I use neo store as my f Droid client but when I install an app on Google Play store neo store also starts installing that app, is it actually installing a second app?

top 9 comments
sorted by: hot top controversial new old
[–] limerod@reddthat.com 3 points 1 year ago (1 children)

If an app is present in the izzydroid repo, it can be updated from the fdroid and play store because the signatures match. You can add those them to a list of non-updatable apps

[–] NENathaniel@lemmy.ca 1 points 1 year ago (1 children)

Is there any downside to leaving them out of the non-updatable list?

[–] limerod@reddthat.com 1 points 1 year ago (1 children)

It won't be updated from fdroid, that's all. If you mistakenly add fdroid signed apps to the list, you could miss some updates. But that's reversible. No permanent downside as far as I know.

[–] NENathaniel@lemmy.ca 1 points 1 year ago (1 children)

I mean the inverse. I don’t add anything to the list, will both stores attempting to update the app cause any problems?

[–] limerod@reddthat.com 1 points 1 year ago

No, only one store can update the app at the time. If even one is available in both apps

[–] Grangle1@lemm.ee 1 points 1 year ago (1 children)

I see something similar with updates on vanilla f-droid, the Play Store and F-Droid will install updates essentially when the same update releases to either store. From what I can tell, I don't think it's anything to worry about. If Android is like any other system, I don't believe it would allow for installing the same app twice.

[–] basxto@discuss.tchncs.de 2 points 1 year ago* (last edited 1 year ago)

Apps have unique IDs like com.liftoffapp.liftoff and f-droid/play store don’t know who installed an app. They just show you all installed apps that are in their repos and look for updates for them. If they wouldn’t handle it like that, you wouldn’t get any updates if you installed an .apk manually. If an .apk gets installed and there is already an app with that ID, it replaces it and that’s how updates work. So if they both do an update, the first update will replace the old version and the second update will replace the first.

In the past apps from play store and from official f-droid repo wouldn’t replace each other without further user confirmation and deletion of user data. I don’t know if it’s still handled like that. F-Droid builds and signs packages on it’s own, which results in a signature key mismatch. It’s different for repos like IzzyOnDroid which just distribute official builds and therefore are signed with the same key. Though IzzyOnDroid has a key mismatch with F-Droid.

Usually a different key means that somebody modified the app and you don’t want an malicious app to be blindly installed or have access to the app’s user data. But F-Droid have no other choice when they build the packages themselves.

[–] Philo@lemm.ee -1 points 1 year ago (1 children)

I don't understand. Are you saying Neo-store is installing anon FOSS app?

[–] Lime66@lemmy.world 1 points 1 year ago

No it's only when an app is on both fdroid and play store