• Martin@feddit.nu
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    If the signature matches, Google probably won’t care where they are installed from. I suspect that the KDE Connect in fdroid is signed with a different certificate than on google play, causing it to be flagged as an impostor. This could probably be easily prevented by using the same cert or different app identifiers (to cause them to be treated as different apps).

    • leinardi@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      All F-Droid apks are signed with a different key than the play store one: you do not upload your key when you publish on F-Droid and all the apps are built from source by the F-Droid build servers.