Re: grapheneOS app store - how to get a list of available apps ?

Theo,

Hmm, some of the apps in the F-droid catalogue are very old.
I wonder if that's a problem?

Most likely, yes.  I sometimes see messages (from my OS) saying as much.

Do the apps say they are built for a recent Android?

Thats part of the "find an app" problem, they mostly don't.  After
downloading I can inspect the apps manifest and see names like
"minSdkVersion" and "targetSdkVersion", but I have no idea how those map to
the different android phones and/or OS versions.

A number of banking/ecommerce apps don't like being installed via
an alternative way, or insist on having a Google account on the
phone before they will start.

If an app doesn't explain what the problem is with the first it gets
trash-binned.

If an app demands a Google account and I can see it in the manifest it
doesn't even get installed.  If it refuses to work after installing because
it demands mothership access it gets binned too.

If you use an app like Droid-ify it combines the repos of
F-droid, IzzyOnDroid and some others.

I only thought of using the GrapheneOS appstore because it was build in.
For all other apps I use my desktops webbrowser and "side-loading" (the
phone/OS recognises a connected thumbdrive, which I use for backup backup
and transport apps to it).

There is some controversy with F-droid building their own apps,
because they sign them with F-droid keys not the developers' keys.

It does mean that if a developers key is withdrawn (for whatever reason,
including a "we don't like you anymore") their old apps can still be
installed.

This means you can't upgrade from F-droid built apps to developer-built
ones or vice versa,

I dislike self-updating programs as the "update" could be poisonned (ask MS
how that works :-) ) - as has already happened a few times.

and there are some supply chain security concerns in case somebody
got access to the F-droid build servers they could tamper with a
lot of apps.

:-) The same kind of thing is true for Googles app store.

Furthermore, Googles app store is known to still offer malware laden
versions of popular apps.  They can't(?) seem to get rid of them.

And they still do not have a method to prohibit the sale of a developers app
together with their personal developers-key - allowing malversants to buy
both and create malware-laden "updates" that get automatically installed.

An alternative client like Droid-ify doesn't suffer from that.

I have to see if I can find them using a webbrowser.  On the other hand, my
Pixel6 is "old" too ...

So when somebody recommends an app you can install and keep it
updated directly from the developer, rather than having to go
via any catalogue or store.

Thats good when you have already found the app(s URL).  Finding such URLs
would not be all that easy.  :-|

Regards,
Rudy Wieser