Pierre-Yves Lapersonne @ pylapp @programming.dev

Software crafter and digital punker keen on open source, iOS and Android ap

---

Read more

Posts

140

Comments

94

Joined

2 yr. ago

Moderating

---

Title yes, but not tag.

You can delete a release. But you can’t change the associated tag and the attached artefacts.

Do you have some comparison documentation or benchmark to share comparing for example GitHub, GitLab, SourceHut and Codeberg?

I did not succeed in finding something comparing these forges about: -CI/CD

• runners
• issues
• project management
• wiki
• releases management
• third-party tools

I am used to GirHub and GitLab but not Codebeg 🤔

That’s vibe coding.

What about Bitchat?

Yup, I meant Mozilla Public License

Yes indeed the Apple App Store is not compatible with GNU GPL v3 licence. Maybe MOL MPLcan suits your needs.

However plenty of open source apps under GPL v3 or AGPL v3 are available on the App Store and Apple does not care.

For example:

• https://github.com/Dimillian/IceCubesApp (Mastodon client)
• https://github.com/mlemgroup/mlem (Lemmy client)
• https://github.com/CovidTrackerFr/vitemadose-ios (COVID vaccines app)

We should support our fediverse admins and instances 💪 Support by sending money (for people who can), moderating content, submitting issues or helping the team and project ✌️

It is complicated. He says true. And maybe your need to use GrapheneOS is relevant. If you have a smartphone without cellular connection, for a daily usage, FMPOV it is a non-sense in case of emergency. It is a risk you will have to take, I can’t disagree your dad. And what about your solution but with a SIM card with very few data and SMS available, through a SIM card you can keep aside your phone and insert when needed?

Did you have a look on ethical licenses? For example, Coraline Ada Hemke who created the Contributor Covenant (famous code of conduct) started few years ago the Organisation for Ethical Source promoting “ethical” licenses defined by seven principles.

So in fact this third family of licenses is not open source nor free (as defined by OSI and FSF), nevertheless I feel some needs or willings in your side to go, let’s say, “one step further”.

In ethical licenses you can find for example 999 ICU, ACAB, Anti-Capitalist, Peer Production, Hippocratic or some BSD 3-Clause variants about nuclear topics.

You can also have a look on that slidedeck (in French, sorry).

Anticipate technical debt and follow what Google recommends. In few words, use Kotlin and Compose.

However you should really have a look on Google guidelines. In more worlds:

• by default Kotlin and Compose
• if some logic to share between other projects in other environments: Kotlin Multi Platform (KMP)
• if shared UI: Flutter (but Google reduced Flutter teams and KMP is being better and better, so we can suppose Flutter will join the Google Graveyard

An app? Nope. For notifications, there is open source alternatives to Google and Apple services but it is used in the apps side, not users side. Have a look on microG and Open GApps to flash in your Android device; it might help you.

It seems the “radical” organisations like the FSF or the OES were right and more legitimate in the end.

If you are worried about your privacy, yes, you must get rid of Google Play Services. However a majors part of your apps may be broken as too much rely on this services and only in those services.

If you want apps to based on this layer of Google mess, have a look on some open spruce alternatives of your favorite apps. Maybe some of them won’t embed Google Play Services. But keep in mind you may lose some features like notifications from Google devices or fine tunes location.

You can have a look on microG or Open GApps for alternatives. However you may need to hack your device to flash them.

What you can do, for example:

• check if you can flash alternatives (possible to root and before unlock the boot loader)
• maybe check if you can flash another ROM ; projects list the compatible devices. Have a look on LineageOS, GrapheneOS or also /e/OS

Yep, it seems it is, but it can manage KDBX files. Just wanted to share 😄

Edit: sorry, didn’t see this thread is in Android community, my comment is not relevant for this platform.

You can use also for example Strongbox (https://github.com/strongbox-password-safe)

Edit: sorry, didn’t see this thread is in Android community, my comment is not relevant for this platform. For Android I am used to Keepass2Android (https://github.com/PhilippC/keepass2android). Simple, still maintained, under libre licence GPL 3.0.

It is always the same issues in fact. You should consider your threat model before all. Then, consider the Signal app, then your iPhone supposed to be updated, trusted, with ADP enabled, biometric lock with erasure after 10 failures, etc. Then consider your ISP, then your country. Etc, etc. You should also compare the contexts. Is an iPhone “better” than a low or middle ranges Android-powered smartphones? For sure, yes. Is it better than high-range expansive smartphones with Android ? Or Pixel ones? Not that sure. And compared to GrapheneOS or /e/? Pretty sure not that much. You can also compare messaging solutions. Is Signal better than WhatApp? Of course yes. But what about XMPP and Matrix for example?

And what are your use cases? Remember your threat model. If you are an activist, a journalist or a whistleblower your needs may be different than a “commons citizen worried about its privacy.

In few words, the only pain point I see is the fact than iOS is proprietary and runs non libre source code and Apple devices than APN. But Android devices are not so much different. It does not mean the solution is not private or efficient, if we succeed in defining a definition of “private or efficient”.

In a nutshell, it could be considered as good. But not perfect.

Any ideas for E2E encrypted storage alternatives?

Not sure of that, maybe we need some case law or update on existing copyleft licenses. Source code generated with GenAI tool, even if their model have been trained with corpora of copyleft sources, are not (yet) considered as derivative works. What a pitty.

Could be interesting. Non-free and current GenAI tools violate copyright, we may consider some evolutions of copyfarleft licenses to forbid such use of source code in these types of tools.