F-Droid Build Status was updated to 5.6.4 and no one will get this update. Why? Well, the app is now built reproducibly so if you have it installed you need to uninstall it and then reinstall it. (Yes, we wish this switch to be easier to perform, but the UI is not there yet)
I don’t understand why “the app is now built reproducibly” implies “you need to uninstall it and then reinstall”. What am I missing?
android uses digital signatures as kind of a security measure. a digital signature is basically supposed to confirm that the apk was actually built by the developer, and most of the files in it were not tampered with.
besides being able to make permissions depend on it, you cannot install an app update that was signed with a different key to what you have already installed, because that basically means you are replacing it with a version that was built by someone else.all apps are digitally signed. when an app becomes reproducibly built, from that point the app will be built by f-droid with their own digital signature.
also note that since google play has forced all developers to hand over their signing keys, when making app bundle based publishing mandatory, the security of this signature has been… less useful
Has there been any previous apps we need to install and uninstall?
I think the fdroid app will let you know if you need to do so when you try to update the app manually
Why should I care to install another app? Fdroid updates apps if needed.
The update is for f-droid itself. It wont auto update itself to the new version.
Edit: ignore this. I was confused
If i read it correctly the uninstall/install part is for the F-Droid Build Status App and not for F-droid itself.
Ahh. I misunderstood.
