F-Droid inclusion

[shuvashish76]

Would you consider publishing this app on F-Droid please?

[vipulyaara]

I can look into it but so far I don't see the advantages of maintaining F-Droid releases. Play Store serves a lot more users with the same release effort. Let me know if there are specific use cases you are looking for.

[shuvashish76]

There are lot of users like me who degoogled their device. Besides that F-Droid stands for FOSS apps which is good for users privacy. RFP: https://gitlab.com/fdroid/rfp/-/issues/2456

[vipulyaara]

Got it. I am not opposed to hosting it but will need to spend some time to understand the process and effort. Contributions are welcomed.

I can start including an apk on GitHub releases for the short term. Release automation is also on the roadmap.

[shuvashish76]

No worries, take your time :) Since F-Droid store mainly focused for users' privacy, as mentioned there maintaining a FOSS flavor would be nice. Comment on their rfp issue tracker for more info.

[shuvashish76]

not planned

Is there any specific reason not to include in F-Droid?

[vipulyaara]

I have a busy roadmap for Kafka and cannot take this at this time. It increases maintenance cost which is crucial for a project with a single contributor. We can re-open it if someone is planning to work on it.

[IzzySoft]

Maybe it could be put on the roadmap "further down" then, with a "lower prio" and a "help-wanted" label? If so, be very welcome to reach out to us again "when the time has come". Until then: All the best for you and your project. We might not be happy we cannot have the app at F-Droid – but we have full understanding that you cannot do all of it at the same time, single-handed.

[shuvashish76]

I can start including an apk on GitHub releases for the short term. Release automation is also on the roadmap.

Please attach the apk on GitHub at least users can download them using Obtanium :) And for now users can block the trackers (AppManager) & use them.

[vipulyaara]

I have attached the apk to the release. It should be available on Obtanium now.

[IzzySoft]

Thanks! But there are several show-stoppers for F-Droid:

Offending libs:
---------------
* Crashlytics (/com/crashlytics): NonFreeComp,Tracking
* Google Ads (/com/google/ads): Ads,NonFreeComp
* Firebase Data Transport (/com/google/android/datatransport): NonFreeNet
* Google Cloud Messaging (/com/google/android/gms/cloudmessaging): NonFreeComp,NonFreeNet
* Google Mobile Services (/com/google/android/gms): NonFreeComp
* Google Play Core (/com/google/android/play/core): NonFreeNet,NonFreeComp
* Firebase (/com/google/firebase): NonFreeNet,NonFreeComp
* Firebase Analytics (/com/google/firebase/analytics): NonFreeComp,Tracking
* firebase-firestore (/com/google/firebase/firestore): NonFreeDep,NonFreeNet
* Firebase Installations (/com/google/firebase/installations): NonFreeNet

10 offenders.

Dangerous flags:
----------------
* usesCleartextTraffic

SigningBlock blobs:
-------------------
0x504b4453 (DEPENDENCY_INFO_BLOCK; GOOGLE)

For my repo, in addition the APK size is too big (per-app limit here is 30 MB), which could be salvaged via per-ABI builds – but then, 8 NonFreeComp (non-free components) are too much here as well.

Not sure why you need usesCleartextTraffic here – but the DEPENDENCY_INFO_BLOCK can easily be avoided:

android {
    dependenciesInfo {
        // Disables dependency metadata when building APKs.
        includeInApk = false
        // Disables dependency metadata when building Android App Bundles.
        includeInBundle = false
    }
}

For some background: that BLOB is supposed to be just a binary representation of your app's dependency tree. But as it's encrypted with a public key belonging to Google, only Google can read it – and nobody else can even verify what it really contains.