7
submitted 10 months ago* (last edited 10 months ago) by drakenblackknight@mastodon.online to c/newpipe@lemmy.ml

Still seeing posts from Lemmy about how @fdroidorg doesn't have @newpipe in sync.

They have an official repo. That will fix the problem.

top 9 comments
sorted by: hot top controversial new old
[-] testman@lemmy.ml 2 points 10 months ago

NeoStore comes with NewPipe repo enabled by default.
https://github.com/NeoApplications/Neo-Store

[-] nikos@social.nikos410.de 1 points 10 months ago

@drakenblackknight @fdroidorg @newpipe

Even the official repository seems to update a day or so late. Most of the time the in-app updater notifies me about a new version, then I go check fdroid and the update is not yet available there.

[-] NeatNit@discuss.tchncs.de 1 points 9 months ago* (last edited 9 months ago)

They have an official repo. That will fix the problem.

Correct me if this is wrong, but from my understanding switching to their repo means no longer being behind F-Droid's source code match guarantee, or seeing anti-features and all that stuff. Granted, I already gave that up for Bitwarden so I admit it's a bit hypocritical, but much of the value of a centralized F-Droid is the main repo's curation process - circumventing it is a workaround, not a solution.

Edit: I also worry about the possibility - however remote - of downloading new apps thinking they're from the F-Droid repository, when they are in fact from some alternate repository I'm using. I already worry about this with Bitwarden, and each repo I add is another potential vector for this. Perhaps I'm overthinking this, but I'm thinking if too many popular apps make their own F-Droid repos, this might become a real threat.

[-] drakenblackknight@mastodon.online 0 points 9 months ago

@NeatNit
The other problem is trusting a centralized service implicitly. That's how people keep getting their login information exposed from Fakebook.

[-] NeatNit@discuss.tchncs.de 1 points 9 months ago

gotta trust someone at some point

[-] drakenblackknight@mastodon.online 0 points 9 months ago

@NeatNit
Yeah, why not make it the people it comes from?

[-] NeatNit@discuss.tchncs.de 1 points 9 months ago

In the general case: because placing all your trust in one place leaves no one else to check their work. You have to place some trust in the app developer (this is always true) but having a middleman can have benefits. For example, if an app starts using proprietary blobs - either deliberately or without realising - then F-Droid's pipeline and/or maintainers would likely catch it and have it resolved. If there's no one else to check such nitty-gritty details, that leaves more room for error.

In the specific case of Newpipe: it's probably fine, but I'd prefer not to make a habit of it.

[-] drakenblackknight@mastodon.online 0 points 9 months ago

@NeatNit
Another benefit to having the official repo is that you can toggle it off if Newpipe ever goes down the same path as, say, Simple Mobile Tools (sells to an adtech company).

[-] NeatNit@discuss.tchncs.de 1 points 9 months ago

This is just another benefit of a centralised repo: I can't keep track of all the news about all the companies whose apps I use. A strong community of repo maintainers will do a much better job of blocking updates or removing apps entirely when they go rogue than each user fending for themselves could ever do.

this post was submitted on 14 Jan 2024
7 points (81.8% liked)

Newpipe

7 readers
4 users here now

Website : https://newpipe.net

Blog : https://newpipe.net/blog/

Github : https://github.com/TeamNewPipe/NewPipe

Donate : https://newpipe.net/donate/

founded 3 years ago
MODERATORS