Closed SecUpwN closed 9 years ago
tobykurien
commented
10 years ago Good suggestion and actually fairly easy to implement using GitHub API. This call: https://api.github.com/repos/SecUpwN/Android-IMSI-Catcher-Detector/releases?page=1&per_page=1 will retrieve the latest release, and the app can then send that off to the Android download manager if the user wants to update. All of this is moot if you're going to put it on F-Droid though.
E3V3A
commented
10 years ago I prefer we use GitHub as our primary source for distribution, and all other channels as second hand. I really don't think we should spend time or effort maintaining other distribution channels, unless it will really benefit the application in any way. And updates should always be manual since, the user may not be able to get to it, or may even be tracked getting it.
Diapolo
commented
10 years ago @E3V3A I strongly disagree on that one, GitHub is NOT for "normal" users! IMHO F-Droid repo contains good, free and open-source software for users that know what they are doing with their Android phone. How hard can it be to upload releases to the F-Droid repo and write a summary and drop in a link there to a changelog (which could reside here anyway)? Think about it again, more users means more testing base, more feedback and such. Most of the work could perhaps be scripted, I think you overestimate the work that is needed to push it to F-Droid.
tobykurien
commented
10 years ago Actually F-Droid can be configured to automatically build and upload a new release as soon as you tag it in GitHub. I have 2 apps on F-Droid, both update automatically, all I do is tag a release.
[EDIT by SecUpwN for better view]
E3V3A
commented
10 years ago Well then I'm all for it. (See I only need a little bit of convincing. )
SecUpwN
commented
10 years ago @Diapolo, thanks for revamping the F-Droid discussion. As soon as we are ready to release WIP-Release 0.1.24-alpha I will also open up our official APTOIDE and F-DROID stores to the public.
E3V3A
commented
9 years ago Well, from what I see there will be no automatic updates. Updates, if wanted/needed, should be manual. This is also aligning with the F-Droid inclusion policy (#156) .
SecUpwN
commented
9 years ago Just for my own clarification: Our App is NOT permitted to automatically pull the latest WIP-Release from our Releases-Page in order to comply with the F-Droid Inclusion Policy. Did I get this right, @E3V3A?
E3V3A
commented
9 years ago I don't know, you a wrote it. But I think the keyword there is "automatic".
SecUpwN
commented
9 years ago Maybe we could add a button to pull the latest release when pushed, @tobykurien?
tobykurien
commented
9 years ago Manual updates will also be a problem for F-Droid. Apart from encouraging the user to download a potentially tainted binary build, it would also have the wrong signature, since F-Droid builds from source and signs with their own key.
SecUpwN
commented
9 years ago Thanks for clarifying, @tobykurien. This finally solves this Issue for good. Updates can be done either via GitHub, Aptoide, F-Droid or by navigating to the About-Page for grabbing it from GitHub. Closed.
E3V3A
commented
9 years ago @SecUpwN Not sure you understood what @tobykurien just said. He said F-droid signs their own builds, which means that F-droid doesn't allow you to download updates from other locations than their own. This is a definite show stopper for using F-droid, unless you can convince them to allow our app an exception or other workaround. I'd hate to see us have to implement and maintain new hacks to allow for different signature keys (One from us and one from them.) That would be absurd.
tobykurien
commented
9 years ago @E3V3A I dont' see the need for any hacks. If you install the app from F-Droid, you will continue to get updates from F-Droid. If you install the app manually from Github, you will need to manually download new releases from Github. If you get the app from Aptoide, you will continue to get updates via Aptiode. No need to worry abtout the signature or for any hacks. If you got the app from F-Droid, but want to install a newer release from Github (assuming it's not in F-Droid yet), then you will need to uninstall the F-Droid version and install the Github version. This is how it is for all F-Droid apps, and most users understand that (it's one of the attraction points of F-Droid).
E3V3A
commented
9 years ago Ok, that is really great then. So I'm good for using any channel not Google and not us or user having to pay for.
Good evening, everyone!
Through our internal discussions we figured it would be great if AIMSICD could automatically check and fetch the latest WIP-Release when pressing a button in the upper right corner. Hitting it prompts:
a) "A new version XXXX of this app is available. Do you want to download?" b) "Congrats! You're running the latest version XXXX."
If a new version exists, AIMSICD should display the the name of the WIP-Release and ask if it shall be downloaded. Not sure if we can query the MD5 and SHA1 from GitHub to check if it matches. Also, automatic update checks should be possible to enable within the Preferences (default: off).
To avoid a huge discussion here: We are still not really convinced about using F-Droid as discussed in #3 since publishing non-working highly alpha Apps there is probably not the best idea.