Data issueshttps://staging.gitlab.com/fdroid/fdroiddata/-/issues2017-08-02T17:54:19Zhttps://staging.gitlab.com/fdroid/fdroiddata/-/issues/614Navit auto update2017-08-02T17:54:19Zusername-removed-794334Navit auto updateHello F-Droid Team,
the Navit project is interested at enable the auto detect and auto building for new versions.
I hope I am right here.
I think the the lines in the meta file would
```Auto Update Mode: Version %v
Update Check Mod...Hello F-Droid Team,
the Navit project is interested at enable the auto detect and auto building for new versions.
I hope I am right here.
I think the the lines in the meta file would
```Auto Update Mode: Version %v
Update Check Mode: RepoManifest/Android-release```
But then my question is how we could define how navit will be built. Did the bot only copy the commands from the last time or how we could define this?
Also we probably want to change things like donation url later but this seems to be easy in the top lines of the meta file.
Jkoanhttps://staging.gitlab.com/fdroid/fdroiddata/-/issues/599outdated app: geopaparazzi2017-06-19T15:03:55Zusername-removed-861306outdated app: geopaparazzigeopaparazzi version on F-Droid is 3.3.0, but current upstream version is 5.2.0. It would be great to have an updated app!geopaparazzi version on F-Droid is 3.3.0, but current upstream version is 5.2.0. It would be great to have an updated app!https://staging.gitlab.com/fdroid/fdroiddata/-/issues/591Zxing Barcode Scanner 4.7.6 available2017-10-02T08:20:25Zusername-removed-41349Zxing Barcode Scanner 4.7.6 availableZxing Barcode Scanner / `com.google.zxing.client.android` is out of date.
- Current version: `4.7.6`
- Latest F-Droid version: `4.7.3`
https://github.com/zxing/zxingZxing Barcode Scanner / `com.google.zxing.client.android` is out of date.
- Current version: `4.7.6`
- Latest F-Droid version: `4.7.3`
https://github.com/zxing/zxingusername-removed-357829michel@lebihan.plusername-removed-357829michel@lebihan.plhttps://staging.gitlab.com/fdroid/fdroiddata/-/issues/588Linphone out of date2017-10-04T07:41:17Zusername-removed-974460Linphone out of dateLinphone 3.2.4 has been released:
https://github.com/BelledonneCommunications/linphone-android/releasesLinphone 3.2.4 has been released:
https://github.com/BelledonneCommunications/linphone-android/releaseshttps://staging.gitlab.com/fdroid/fdroiddata/-/issues/559Smart Receipts Pro - out of date2017-09-22T07:52:14Zusername-removed-867985Smart Receipts Pro - out of dateI don't know if it's intentional or not but the app Smart Receipts Pro on the F-Droid repo is version 3.3.3 while there is a new version 3.3.4 available here since April: https://github.com/wbaumann/SmartReceiptsLibrary/releases. It fixe...I don't know if it's intentional or not but the app Smart Receipts Pro on the F-Droid repo is version 3.3.3 while there is a new version 3.3.4 available here since April: https://github.com/wbaumann/SmartReceiptsLibrary/releases. It fixes an annoying bug which prevents to export data to csv.
I don't really know how to help more since I didn't ever built an app on android.
Thanks for the priceless project that F-Droid is.https://staging.gitlab.com/fdroid/fdroiddata/-/issues/531Please keep QDict in the Archive for the time being2017-06-19T15:03:55Zusername-removed-108563Please keep QDict in the Archive for the time beingAlthough the library `libqdicteng.so` has been removed from the upstream sources, it's still required by one of the classes. Therefore, the application crashes at the start.
I'm trying to get in touch with the developer and resolve it. ...Although the library `libqdicteng.so` has been removed from the upstream sources, it's still required by one of the classes. Therefore, the application crashes at the start.
I'm trying to get in touch with the developer and resolve it. For the time being, please keep QDict in the archive.
For reference: https://github.com/madmanteam/QDict/issues/6https://staging.gitlab.com/fdroid/fdroiddata/-/issues/514Pi Locker is outdated2017-06-19T15:03:55Zusername-removed-89929Pi Locker is outdatedhttps://github.com/Pi-Developers/Pi-Locker is currently in the fdroid repo at version 3.0 (com.pilockerstable)
The repository has moved on to release 6.01 by now and it would be terriffic to update the app. I have not found an issue w...https://github.com/Pi-Developers/Pi-Locker is currently in the fdroid repo at version 3.0 (com.pilockerstable)
The repository has moved on to release 6.01 by now and it would be terriffic to update the app. I have not found an issue why it could not be updated, so this is my request. Thanks in advance for considering.https://staging.gitlab.com/fdroid/fdroiddata/-/issues/407Orbot version appears to be outdated2017-06-19T15:03:55Zusername-removed-45652Orbot version appears to be outdatedThe latest version of org.torproject.android shipped by F-Droid is 15.0.1-RC-3-PIE (added on 2015-07-16) but according to the official repository at https://gitweb.torproject.org/orbot.git the latest tagged version is 15.1.2 from 3 days ...The latest version of org.torproject.android shipped by F-Droid is 15.0.1-RC-3-PIE (added on 2015-07-16) but according to the official repository at https://gitweb.torproject.org/orbot.git the latest tagged version is 15.1.2 from 3 days ago.
While the Guardian Project have their own F-Droid repository including Orbot, I suppose it would be ideal to have the current version in F-Droid as well. Importantly, the new version seemingly includes VPN support (making transparent proxying possible without needing root).https://staging.gitlab.com/fdroid/fdroiddata/-/issues/387cSploit downloads 3rd party "core" -- can find no information about this!2017-10-04T16:40:50Zusername-removed-101166cSploit downloads 3rd party "core" -- can find no information about this!Upon installing and running cSploit (org.csploit.android), I am told:
> Core version 1.0.11 is available, do you want to upgrade?
Then, when selecting "Yes", the download of `core.tar.xz` begins.
I have no idea what is being dow...Upon installing and running cSploit (org.csploit.android), I am told:
> Core version 1.0.11 is available, do you want to upgrade?
Then, when selecting "Yes", the download of `core.tar.xz` begins.
I have no idea what is being downloaded here. A quick check on the gateway would appear to show it coming from github; i.e., a 3rd-party source, outside of the control of f-droid. The cSpoit page [in the repo](https://f-droid.org/repository/browse/?fdid=org.csploit.android) does not mention this behaviour, nor does the [wiki page](https://f-droid.org/wiki/page/org.csploit.android).
It seems to me that what is going on here is inherently unsafe. Unless I am mistaken (and I hope that I am), it seems that an f-droid app, upon first execution, downloads 3rd-party content which may contain executable code, and it may execute it.
I was not under the impression that this was permissible. In particular, that an app
* could, as a prerequisite of its operation, download, install and/or execute 3rd-party content,
* could offer to upgrade from a 3rd party source
At the *very least*, there should be some mention of this on the app page, along with an explanation as to why -- if it is -- this behaviour is acceptable from the point-of-view of security and trust.
If I have misunderstood the situation, then I apologise for the noise.