157

Asking because of the latest issues with the maintainer.

you are viewing a single comment's thread
view the rest of the comments
[-] ilmagico@lemmy.world 3 points 4 months ago

Yes, I understand the situation is shady and f-droid maybe didn't handle it the best way on a human level, and that is important when evaluating trustworthiness.

What I was focusing on was more on the technical side: As long as I can:

  • trust f-droid to actually build from source and only publish something guaranteed to match the source, and
  • read the source code myself, or trust an independent researcher to study it, and confirm there's no malware,

then I don't need to trust the maintainer of the project at all, and I can ignore all the drama, being assured with a high degree of certainty there is no malware

I can also ignore any drama involving f-droid as long as I still trust them to build from source. This can also be verified by independent researchers by buulding themselves ans comparing, once again filtering out the drama and noise, though most people probably won't go this far.

this post was submitted on 07 Feb 2026
157 points (98.8% liked)

Selfhosted

60482 readers
1228 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS