7e27edc9b5
Check permissions for unattended installer This PR introduces the class ``ApkVerifier`` which checks the permissions of the downloaded apk file against the expected permissions from the F-Droid listing (``Apk`` class). * I removed ``AndroidXMLDecompress`` because everything which it has been used for can also be done with ``PackageManager.getPackageArchiveInfo()``, to the best of my knowledge. I even asked in at a similar project why ``PackageManager.getPackageArchiveInfo()``may not be enough: https://github.com/jaredrummler/APKParser/issues/3 It turns out in our case it should do everything we need. * The code responsible for sanitizing the local apk file and making it world readable has also been moved into ``ApkVerifier`` for now. This can change in a later PR when I introduce the FileProvider for downloaded apks. We still need to check the target sdk version (see TODO in ``ApkVerifier``). This depends on https://gitlab.com/fdroid/fdroidclient/merge_requests/323 See merge request !322
F-Droid Client
Client for F-Droid, the Free Software repository system for Android.
Building with Gradle
./gradlew assembleRelease
Direct download
You can download the application directly from our site or browse it in the repo.
Contributing
See our Contributing doc for information on how to report issues, translate the app into your language or help with development.
IRC
We are on #fdroid and #fdroid-dev on Freenode. We hold weekly dev meetings
on #fdroid-dev on Tuesdays at 20h UTC, which usually last half an hour.
FAQ
- Why does F-Droid require "Unknown Sources" to install apps by default?
Because a regular Android app cannot act as a package manager on its own. To do so, it would require system privileges (see below), similar to what Google Play does.
- Can I avoid enabling "Unknown Sources" by installing F-Droid as a privileged system app?
This used to be the case, but no longer is. Now the Privileged Extension is the one that should be placed in the system. It can be bundled with a ROM or installed via a zip, or alternatively F-Droid can install it as a system app using root.
License
This program is Free Software: You can use, study share and improve it at your will. Specifically you can redistribute and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
Some icons are made by Picol, Icomoon or Dave Gandy from Flaticon or by Google and are licensed by Creative Commons BY 3.0.
Other icons are from the Material Design Icon set released under an Attribution 4.0 International license.