Fdroid

[ghost]

Describe your suggested feature

Please submit it to fdroid

Some useful links

1. https://f-droid.org/en/docs/Inclusion_Policy/
2. https://f-droid.org/en/contribute/#submit-applications

Other details

No response

Acknowledgements

• [X] I have searched the existing issues and this is a new ticket, NOT a duplicate or related to another open issue.
• [X] I have written a short but informative title.
• [X] I will fill out all of the requested information in this form.

[Bnyro]

1. I thought that an app needs to be at least 3 months old to become included into F-Droid.
2. In my opinion, there are no real advantages of having the app on F-Droid instead of IzzyOnDroid: F-Droid is very slow in updating apps, it often takes up to a week while Izzy's repo syncs daily!

[TalOrenshtein]

1. I thought that an app needs to be at least 3 months old to become included into F-Droid.

   2. In my opinion, there are no real advantages of having the app on F-Droid instead of IzzyOnDroid: F-Droid is very slow in updating apps, it often takes up to a week while Izzy's repo syncs daily!

I think F-droid scans every update for anti features and that's why it takes longer. I might be wrong though.

[Bnyro]

Yeah, think so too, but there's still no reason to switch over to F-Droid then currently :)

[Bnyro]

One other point: As there are now multiple versions of the app, F-Droid would probably not add both of them to their repo (at least it would be sort of trouble).

[Bnyro]

both are visible and downloadable from F-droid via Izzy's repo:

Yeah, we should just stick with Izzy as our tech support :)

[Ilithy]

Yeah, we should just stick with Izzy as our tech support :)

I think so too, updates for example are taken into account much faster

[serrq]

You can upload TY in both sides. F-droid is reachable from Exodus (permissions analyzer) so your app can get also a kind of security certificate.

Example

For this fdroid URL https://f-droid.org/packages/com.svenjacobs.app.leon/

Its developer can get this privacy report:

https://reports.exodus-privacy.eu.org/it/reports/302863/

The Izzy repo is not reached from Exodus engine.

[Bnyro]

You can upload TY in both sides. F-droid is reachable from Exodus (permissions analyzer) so your app can get also a kind of security certificate.

Fair, but what would be the benefits of having a privacy report? Wouldn't that only cover the requested permissions which you can just see by having a look at the AndroidManifest.xml?

[serrq]

The report also provides tracers (found on code or calls to remote servers).

[Bnyro]

The report also provides tracers (found on code or calls to remote servers).

I just figured out that Izzy does something similar as well, when clicking malware passed here https://apt.izzysoft.de/fdroid/index/apk/com.bnyro.translate you get redirected to https://www.virustotal.com/gui/file/019eb1ee7cf0683b7c406869d2b81e6c7261f3bfadc2ffb690de3ac4afffc06d/detection/f-019eb1ee7cf0683b7c406869d2b81e6c7261f3bfadc2ffb690de3ac4afffc06d-1665941225. No idea how accurate these reports are but at least there are some as well :)

[serrq]

Tracers are not malware, maybe worse.

Take a look into this report:

https://reports.exodus-privacy.eu.org/it/reports/243516/

[parcelcat]

IzzyOnDroid does great work by expanding the number of apps that can be accessed through F-Droid clients. However, the official F-Droid repository carries a higher level of trust because all apps in the official F-Droid repo must meet its inclusion policy and pass its application review process.

If there were two functionally similar apps and the first app was available through the official F-Droid repo while the second app was not, I would pick the first one. It would be great to see Translate You in the official F-Droid repo.

[Bnyro]

I agree that the app now should be stable and matured enough to be ready for being published to F-Droid too. It'd be awesome if @IzzySoft could help us with that as I've no idea how to add both, the libre and the normal version to F-Droid.

[IzzySoft]

Don't they have different applicationIds? Just open an RFP for each and specify the flavor (i.e. in the comment, specify which flavor to pick). With both being processed in parallel we do not even run the risk of the bot permanently closing the issue, thinking the app would already be there.

metadata/com.bnyro.translate.yml:

Categories:
  - Science & Education
License: GPL-3.0-only
AuthorName: Bnyro
AuthorWebSite: https://bnyro.is-a.dev/
SourceCode: https://github.com/Bnyro/TranslateYou
IssueTracker: https://github.com/Bnyro/TranslateYou/issues
Changelog: https://github.com/Bnyro/TranslateYou/releases

AutoName: Translate You

RepoType: git
Repo: https://github.com/Bnyro/TranslateYou

Builds:
  - versionName: '3.7'
    versionCode: 25
    commit: v3.7
    subdir: app
    gradle:
      - libre

AutoUpdateMode: Version
UpdateCheckMode: Tags
CurrentVersion: '3.7'
CurrentVersionCode: 25

Should work out-of-the-box I assume (hopefully). For the non-free, replace libre by standard and name the file accordingly. Once merged I need to know whether you want me to keep your app in my repo still, so I mark it accordingly. I hope we can go for "reproducible builds", but cannot say anything on that topic before I had a chance to compare :wink:

PS: Yuck. Are you using a pre-release gradle version? Those are not foss.

Found 8.0-rc-1 via distributionUrl
No hash for gradle version 8.0-rc-1! Exiting...

No "RC gradles", please! We can try again once you have a "proper release" in place :wink: Apart from build, all other pipelines passed fine.

[IzzySoft]

PS: No need to open an RFP for that anymore, I skipped that stage and went straight for the MR. Once we got the libre flavor built, we can copy our results for the standard one; no need to duplicate all our failures on the way, right? :see_no_evil:

[Bnyro]

Don't they have different applicationIds? Just open an RFP for each and specify the flavor (i.e. in the comment, specify which flavor to pick). With both being processed in parallel we do not even run the risk of the bot permanently closing the issue, thinking the app would already be there.

Oh, makes sense, I thought you treated it as one app inside your repo and somehow specified that it has two different flavors available. No "RC gradles", please! We can try again once you have a "proper release" in place :wink: Apart from build, all other pipelines passed fine.

I've decreased the version of gradle now and created a new release now which should hopefully pass the tests :)

Thanks for already submitting a PR to the F-Droid data repo!

[IzzySoft]

I've decreased the version of gradle now and created a new release now which should hopefully pass the tests :)

Pipelines are running again – let's keep our :crossed_fingers: then!

Thanks for already submitting a PR to the F-Droid data repo!

Gladly! Once that succeeded and is merged, I can prepare the other one. And you then need to tell me whether to keep both in my repo :wink:

[Bnyro]

Gladly! Once that succeeded and is merged, I can prepare the other one. And you then need to tell me whether to keep both in my repo :wink:

Well, I'd better want to leave that up to you :stuck_out_tongue_winking_eye: Since the app takes quite some space on your repo, it'd probably be a good thing to keep it on F-Droid only then to create space for new awesome apps (by other authors) to be added. So unless you think that there are disk space issues by no chance, I think I could live with the app being available at F-Droid only since I need to test the updates anyways before releasing it so I'm always on the latest version. Apart from that the app should be stable enough to not require any hot fixes in comparison to how it's been in the beginnings :joy:

[IzzySoft]

Yuck, build failed again:

Task :app:kaptGenerateStubsLibreReleaseKotlin
'compileLibreReleaseJavaWithJavac' task (current target is 17) and 'kaptGenerateStubsLibreReleaseKotlin' task (current target is 1.8) jvm target compatibility should be set to the same Java version.

So what shall it be? Java-8 or Java-17? IIRC, F-Droid uses 11 by default :see_no_evil: I can override that in the build recipe. But I have to decide for one version.

[Bnyro]

So what shall it be? Java-8 or Java-17? IIRC, F-Droid uses 11 by default see_no_evil I can override that in the build recipe. But I have to decide for one version.

I think I had to bump it to Java 17 because some dependency needed it or something :thinking: At least building with Java 11 brought me some errors and it worked fine with Java 17. I'll try to figure out how I can get it back working with Java 11 then.

[IzzySoft]

Since the app takes quite some space on your repo, it'd probably be a good thing to keep it on F-Droid only then to create space for new awesome apps (by other authors) to be added.

Yupp, that's the default action. I didn't check how much your app has been growing (checking: 14.5 MB per APK) – OK, point taken. So if both get into F-Droid, I'll give them a decent overlap here (about 14d usually) before removing. Should one not make it, it's welcome to stay.

the app should be stable enough to not require any hot fixes in comparison to how it's been in the beginnings :joy:

:smile:

I think I had to bump it to Java 17 because some dependency needed it or something :thinking:

Should be no prob, I can try setting it to 17. But something complained about some Java-8 being targeted?

[Bnyro]

Yupp, that's the default action. I didn't check how much your app has been growing (checking: 14.5 MB per APK) – OK, point taken. So if both get into F-Droid, I'll give them a decent overlap here (about 14d usually) before removing. Should one not make it, it's welcome to stay.

Alright, then it may be that way! :) Should be no prob, I can try setting it to 17. But something complained about some Java-8 being targeted?

Seems to work now with Java 11, maybe that's been an issue with a previous version of any Android core dependency. Do we require a new release now?

[IzzySoft]

Yupp, I could set it to 17:

    sudo:
      - apt-get update
      - apt-get install -y openjdk-17-jdk-headless
      - update-alternatives --auto java

Shall I go with that or shall we try with 11 again? In the latter case, for now it suffices to name the commit hash (we're still in try-and-error mode :wink:)

[Bnyro]

Shall I go with that or shall we try with 11 again? In the latter case, for now it suffices to name the commit hash (we're still in try-and-error mode :wink:

If Java 11 is the default version I think it's best to keep it with Java 11, it built successfully for me with the latest commit (using Java 11).

[IzzySoft]

OK, then I'll give it another try with that commit (460627c3f2b4ed47541d2fa3e7ee1c962c69429c). We can still switch to 17 later if needed.

[IzzySoft]

Pipelines running again. Apart from the build itself, results look excellent already: all other pipelines (except build and mobsf, which depends on the APK from the build) all signal green, and issuebot report looks fine as well. Let's see how far we get this time…

[IzzySoft]

:partying_face: Build succeeded! Now waiting for the final pipeline: SAST/mobsf. Let's see what the fine-print has :wink:

[Bnyro]

Yayyy, awesome!

[IzzySoft]

SAST is finished. Starting drum-roll for its results to show up… Takes too long. Just calling it up directly. Anything you want to tackle before we continue? If not, can you provide me an APK built from the very same commit, so I see how far we from the "supreme discipline" of reaching reproducible builds?

[Bnyro]

Anything you want to tackle before we continue?

Not from my side. If not, can you provide me an APK built from the very same commit, so I see how far we from the "supreme discipline" of reaching reproducible builds?

I assume the libre flavor only for now?

app-release-libre.zip

[IzzySoft]

WOW! Straight flash!

$ rbtest app-libre-release.apk com.bnyro.translate_26.apk 
RB confirmed.

Ready to party? Can you please put that APK at the release (replacing the existing one), so I can add

Binaries: https://github.com/Bnyro/TranslateYou/releases/download/v%v/app-libre-release.apk

to the YAML?

[Bnyro]

WOW! Straight flash!

Incredible! :)

Ready to party? Can you please put that APK at the release (replacing the existing one), so I can add

Sorry, I've been away for a sec, done now!

[IzzySoft]

Thanks! Final round started :crossed_fingers: :crossed_flags: :children_crossing:

[IzzySoft]

Pre-warning: Pithus shows "moderate risk" (first time I see that). Please check the "APK analysis" tab and scroll down to "Manifest analysis". No stopper from what I can see, but maybe something to consider for future releases.

[IzzySoft]

PS: RECORD_AUDIO? Voice input?

[Bnyro]

PS: RECORD_AUDIO? Voice input?

Yes, exactly. But it's only available on devices having a STT service inbuilt (so with Google services), so I don't know if it actually works, lol

[IzzySoft]

Yes, exactly. But it's only available on devices having a STT service inbuilt

Ah, thanks – that's why I didn't see any mike.

so with Google services

Not necessarily. At F-Droid there's e.g. Konele for that. But out-of-the-box that only works for a single Baltic language.

OK, thanks to your fast responses I can complete the review now. Welcome aboard I say! With some luck, the next build cycle will pick it up. Please take a look at Pithus, though. Decision I leave to you then: if you say all is fine, I trust it will be. But maybe there's a thing or two you might wish to consider for a future release.

PS: Will prepare the non-free flavor later.

[IzzySoft]

so I don't know if it actually works, lol

:rofl: You could try Kõnele to find out. Should work fine if you speak Estonian – otherwise the recognized text might make you laugh. But nevermind, you'd at least know whether voice input works at all :wink:

[IzzySoft]

PPS: review here, merged, final pipelines running.

[Bnyro]

PPS: review here, merged, final pipelines running.

Great, thank you! <3

[Bnyro]

so I don't know if it actually works, lol

rofl You could try Kõnele to find out. Should work fine if you speak Estonian – otherwise the recognized text might make you laugh. But nevermind, you'd at least know whether voice input works at all wink

Interesting idea, I'll try whether anything will happen at least. Thanks!

[Bnyro]

Pre-warning: Pithus shows "moderate risk" (first time I see that). Please check the "APK analysis" tab and scroll down to "Manifest analysis". No stopper from what I can see, but maybe something to consider for future releases.

I'll be trying to address them with future updates, though the issues found don't look too tragic I guess.

[IzzySoft]

No. Would I think they're tragic I wouldn't have hit the merge button :smile:

[IzzySoft]

If you want to follow up: https://gitlab.com/fdroid/fdroiddata/-/merge_requests/12723 is the MR for the standard flavor.

[IzzySoft]

Ever seen a very straight hit? Commit => Push => Success! :partying_face: That's why I wanted to have the "easier one" (with less dependencies due to less services) completed first. Was a good decision :grin: Waiting for SAST to complete and issuebot show up, then a shorter review (most parts already covered) and (I expect) a straight merge.

[IzzySoft]

Ready. Waiting for the opinion of my team members whether we really need NonFreeNet: the additional engines are all disabled by default, so I do not see a real reason to keep it.

[Bnyro]

Ready. Waiting for the opinion of my team members whether we really need NonFreeNet: the additional engines are all disabled by default, so I do not see a real reason to keep it.

If everyone agrees that we don't need the non free net anti feature anymore, couldn't we just get rid of the two different flavors and rename "Translate You Libre" to "Translate You"? Since the only reason for having two different flavors was the anti feature, but if that's not a thing anymore it might just be easier to drop one of the flavors :)

[IzzySoft]

Good point! I did not yet merge the NF. So maybe I simply close the MR, you drop the NF and integrate all into the libre flavor with the next release (as that's merged already to fdroiddata)?

I've just marked the MR as draft and left a note, so it doesn't get merged accidentally by someone else. Please let me know if libre (the one already merged) will be what is continued, then I simply close that MR and the next libre becomes the "full flavor".

Important note: should you intend to rename the flavor or drop flavors altogether, we'll need to update the already merged YAML for the next release or build will fail. I'd suggest to simply keep it a flavor – which leaves you the flexibility adding another one in the future should it be needed (err, the flavor I mean – of course "the future" is needed :see_no_evil:).

[Bnyro]

Good point! I did not yet merge the NF. So maybe I simply close the MR, you drop the NF and integrate all into the libre flavor with the next release (as that's merged already to fdroiddata)?

Sounds like a plan, we'll do it like so! :) I've just marked the MR as draft and left a note, so it doesn't get merged accidentally by someone else. Please let me know if libre (the one already merged) will be what is continued, then I simply close that MR and the next libre becomes the "full flavor".

Yes, the libre one will be the one to continue, also because its appId is com.bnyro.translate without the nf as suffix! So I'm just going to be releasing the libre version only with the next update including support for all the "non-free" translation services too. Important note: should you intend to rename the flavor or drop flavors altogether, we'll need to update the already merged YAML for the next release or build will fail. I'd suggest to simply keep it a flavor – which leaves you the flexibility adding another one in the future should it be needed (err, the flavor I mean – of course "the future" is needed :see_no_evil:).

That's find with me, no need to get us some extra work :)

So that should finally be the end of our trip to get Translate You to F-Droid, thank you for taking me that burden off! <3

[Bnyro]

I've also updated the screenshots and the fastlane metadata (short_description.txt, ...) now in order to reflect that all features are included to the libre version of the app now. Will these automatically be updated at the F-Droid repo then?