this post was submitted on 17 Nov 2025
422 points (99.5% liked)

Selfhosted

60426 readers
237 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Detailed Rules Post

  1. Be civil.

  2. No spam.

  3. Posts are to be related to self-hosting.

  4. Don't duplicate the full text of your blog or readme if you're providing a link.

  5. Submission headline should match the article title.

  6. No trolling.

  7. Promotion posts require active participation, with an account that is at least 30 days old. F/LOSS without a paywall has exceptions, with requirements. See the rules link for details.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
 

Overview here

https://forum.syncthing.net/t/does-anyone-know-why-syncthing-fork-is-no-longer-available-on-github/25661/39

The new owner of the repo has a fresh github account and apparently has the signing keys from Catfriend1 too.

Time will tell if they are trustworthy, but for the extra paranoid it might make sense to pause updates for a while.

you are viewing a single comment's thread
view the rest of the comments
[–] Pika@sh.itjust.works 25 points 7 months ago* (last edited 7 months ago) (1 children)

this entire thing has made me really rethink whether I want to swap to the new repo or not.

Why was there no communication about it. The gplay repo maintainer wasn't informed of anything, no public notice to anyone was given, just a transfer of the repo and a status issue here explaining it.

Obviously the act is genuine as they were able to keep the original keys but like, this entire system seemed really sketchy.

I'm also not happy with the fact that it seems the first thing they added was removing checksums, but that might be a temp thing.

I also just noticed that it looks like they removed the entire public key for it, which if they had the original private keys using the existing public keys shouldn't be an issue right?

[–] tgxn@lemmy.tgxn.net 15 points 7 months ago* (last edited 7 months ago) (1 children)

It's likely because the app will no longer be distributed on Google. They likely removed the Google play signing keys and configuration, which is completely fine. I'll have a look over their changes when I get home, but I doubt it's anything nefarious.

I also ditched this stuff when Google decided to start asking for my drivers license and will no longer distribute my apps within their closed marketplace.

[–] Wispy2891@lemmy.world 11 points 7 months ago (1 children)

Google decided to start asking for my drivers license

I wish it was only the drivers license, I had to give up my Android dev account too because having my private home address + phone number + email publicly available on the dev profile page is completely unacceptable

[–] tgxn@lemmy.tgxn.net 1 points 7 months ago

Yeah exactly, where does it end? next they will be asking for more. I'll just distribute APKs elsewhere.