Update F-Droid minimum supported API

With latest GrapheneOS update i got a warning at F-Droid start, that the minimum supported Android API is too low, which can make problems and is nearly deprecated.

raise minimum supported API level to 28 from 23, producing a warning for apps targeting API < 28 (the Play Store disallows uploading new apps or app updates targeting API < 28 so this isn’t an aggressive warning)

So i hope that F-Droid will update the used API or at least provide a version for newer devices or better: make the change and provide a version for old devices

1 Like

Thanks for the heads up. F-Droid is currently targeting API 25, it will require some work and probably a lot of testing to bump that to 28.

2 Likes

ummm

Those two quotes speak about different things.

And this concerns F-Droid how exactly?

Maybe raise an issue for your Android distro and ask them to NOT warn if app was NOT installed by Play store or smth.

2 Likes

No. The topic here is the low minimum API F-Droid support.

This is not how security works.
F-Droid shouldn’t take look away or it will stay behind in terms of security and maybe even get banned on secure systems and/ or by Google.
Why take the risk if a easy fix is enough?

1 Like

From my ignorant perspective, I think that increasing the minimum API and providing a Legacy alternative is a good idea.
But I don’t know how complicated it would be to implement this in every aspect.

2 Likes

There is a difference between “minimum” and “target” api. Its not really clear whats being discussed here. Its also the first I’m hearing about a minimum being too low (usually its the target api).

For most projects the minimum is dictated by the support libraries, which incidentally dropped support for anything under api14. IIRC that change happened with api26, so the only way to continue supporting devices older than that is to stick with target api25.

Just bumping the target api is hardly an “easy fix”. It implies releasing and maintaining a second app just for legacy devices (or dropping support entirely, which would be a shame). Maybe that’s what the future holds (but lets not act like its not a ton of work).

If there are security concerns they need to be explicitly identified based on the libraries used. IMHO that you now receive a blanket warning from your OS hardly qualifies. My opinion is that these warnings have less to do with security, and more to do with throwing away perfectly good devices (so as to purchase another one).

3 Likes

That quote was about “Play store does this or that” not about security, can you explain your post?

1 Like

The topic is still about the minimum api, not the target api.

1 Like

This is not how security works.

Please explain how it “works”. What are the security risks of having minimal API of 14? Note that F-Droid client does not include any native libraries.

The topic is still about the minimum api, not the target api

I think you’re still confusing min API and target API.

1 Like

Did you read my first post?:

raise minimum supported API level to 28 from 23, producing a warning for apps targeting API < 28 (the Play Store disallows uploading new apps or app updates targeting API < 28 so this isn’t an aggressive warning)
https://grapheneos.org/releases#2020.05.23.12

The Play warning is about “targetSDK” …so mixing min and target makes no sense.

1 Like

You contradict yourself, you say “raise minimum” but the OS quoted message says “target”.

Are we lost in translation?

1 Like

That GrapheneOS link helps me understand. The quoted text is a changelog entry (to be understood in the context of that project). They say minimum but they are actually referring to target api. The change is that they are now displaying the “ancient android” warning for all apps that fail to target api28+ (where previously that warning was only displayed for apps that failed to target api23+).

Since the F-Droid client still targets api25, GrapheneOS users are now confronted with some alarming looking warning message during installation.

3 Likes

Makes sense now, thanks for the explanation. Did they provide any motivation behind this change?

1 Like

Yes. (as now posted two times):

(the Play Store disallows uploading new apps or app updates targeting API < 28 so this isn’t an aggressive warning)

forrest thanks. Looks like i got confused too

1 Like

It’s not playstore warning, it’s the android distribution. And copperhead graphene has now bumped that to sdk28 here.

Play store upload restrictions are largely unrelated to this.

1 Like

Yes, but they use the Play store requirements as a reason…

1 Like

That is not really the reason. The reason is that apps with a higher targetsdk get less of the legacy android platform behaviour and more of the new security restrictions. So they are forced to do things the right way instead of old hacky ways continuing to work.

2 Likes

Rarely the targetSDK bump was used by devs to access new good features, it mostly ended up as a way for Google to force them to implement restrictions (permissions, SAF, SMS, background services, storage again)

1 Like

So how is now the decision here?

1 Like