pin HTTPS certificates for repos that are included by default and added by the user
Currently, f-droid.org and guardianproject.info repos are included by default in the FDroid app. The HTTPS certificate should also be pinned to prevent bad Certificate Authorities (CA) from issuing valid certificates for these domains.
By the same measure, if another repo is added and it has a valid CA-signature, then there should automatically be a pin that maps that new repo's hostname to that CA's signing key.
The guts of this idea is being sketched out here: https://dev.guardianproject.info/projects/bazaar/wiki/Chained_TLS_Cert_Verification
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information