7
Still seeing posts from Lemmy about how @fdroidorg doesn't have in sync.
(mastodon.online)
Website : https://newpipe.net
Blog : https://newpipe.net/blog/
Github : https://github.com/TeamNewPipe/NewPipe
Donate : https://newpipe.net/donate/
@NeatNit
The other problem is trusting a centralized service implicitly. That's how people keep getting their login information exposed from Fakebook.
gotta trust someone at some point
@NeatNit
Yeah, why not make it the people it comes from?
In the general case: because placing all your trust in one place leaves no one else to check their work. You have to place some trust in the app developer (this is always true) but having a middleman can have benefits. For example, if an app starts using proprietary blobs - either deliberately or without realising - then F-Droid's pipeline and/or maintainers would likely catch it and have it resolved. If there's no one else to check such nitty-gritty details, that leaves more room for error.
In the specific case of Newpipe: it's probably fine, but I'd prefer not to make a habit of it.
@NeatNit
Another benefit to having the official repo is that you can toggle it off if Newpipe ever goes down the same path as, say, Simple Mobile Tools (sells to an adtech company).
This is just another benefit of a centralised repo: I can't keep track of all the news about all the companies whose apps I use. A strong community of repo maintainers will do a much better job of blocking updates or removing apps entirely when they go rogue than each user fending for themselves could ever do.