Progress has been made on the next update to Shattered Pixel Dungeon, and it’s time for me to start showing things off!
v3.0.0 will feature the game’s second new hero: The Cleric! This blog will go over some of my design thoughts and early implementation work.
The problem with doing that is that Accrescent is a security-focused app store with a GrapheneOS-like perspective on security. For that reason alone, they would probably want an official person making the app for Accrescent.
Also, they say that F-Droid’s practice of compiling their own builds is poor security, since it delays when the app is updated on the store, which means that patching security vulnerabilities is delayed. From that perspective, an unofficial maintainer for an Accrescent app would have to be very prompt with updates to the Accrescent package in order to be accepted into the store. They also do not like that F-Droid signs their packages with their own key, because that adds F-Droid as another developer that the user has to trust, in addition to the official maintainer.
So I do not think an unofficial maintainer would meet Accrescent’s security standards or GrapheneOS’s security standards. They would say that it is safer to either use their sandboxed Google Play or use Obtainium to download updates directly from Github instead. I personally use Obtainium. It is perfectly fine for me to do it that way. I just notice that the Accrescent app list is very small and needs more apps. And your game would probably be noticeable on there, due to the small app list. But it is fine; the GrapheneOS community is probably very small anyways.
Is there no way to set up a hands-off package that simply tracks Evan’s official releases on GitHub, grabs the release notes from there, fetches the APK from GitHub, and then verifies that the release been pushed by Evan using the keys he always uses to commit changes?