"repo failed to verify" on apk install if the repo URL still contains ?fingerprint query string

• Device OS and version: LineageOS 17.1 (unofficial)
• Device model/manufacturer: Xiaomi Mi5s
• F-Droid version (in the About screen): 1.9
• F-Droid privileged extension version (if installed): 1.9

What did you do? (clear steps if possible)

• Open FDroid client "Repositories" and click "+" to add new repository, opening the empty "Add Repo" prompt
• Switch to a different app (like a web browser) and copy the URL of the repository that includes the fingerprint as a query param (for example https://microg.org/fdroid.html has repo URL https://microg.org/fdroid/repo?fingerprint=9BD06727E62796C0130EB6DAB39B73157451582CBD138E86C468ACC395D14165)
• Paste the full URL into the URL field
• Copy and paste the fingerprint value from the web page into the fingerprint field
• Add the repository (Note: the URL field in FDroid still has the unmodified ?fingerprint= query param in this case).
• Note the repo is shown as "Unverified" at this point (expected).
• Update
• Note the repo no longer "Unverified" at this point.
• Install/update a signed apk from this repo

What did you expect to see?

Either:

• The repo would not update correctly if the URL is invalid OR
• Able to install/update app from this repo

What did you see instead?

• APK install fails with "repo failed to verify"

Notes

• If the repo URL is already on the clipboard when pressing + then the fingerprint is automatically split out of the URL by the client and it pre-fills the URL and Fingerprint fields correctly. (Nice feature!)
• This is a duplicate of #1787 (closed), which was closed by the issue reporter some time ago

I don't think this is a very serious issue at all, but it seems to pop up in a few places online, and the behaviour is quite confusing because the error doesn't appear when you'd expect (adding/verifying the repository) but later on when you try to install an APK.