remove Guardian Project repo as a default
The requirements for the Guardian Project fdroid repo have changed in the recent years, meaning they can no longer promise to only include verified free software releases. Guardian Project still 100% supports F-Droid and free software, and will continue to produce only free software. The key question here is binaries that include proprietary dependencies. For example:
-
Tor Browser containts WebAuthn proprietary lib https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41161 guardianproject/fdroid-metadata#3
-
ProofMode requires things like Google SafetyNet
-
They would like to ship well known binaries which include proprietary libs, like releases from Mozilla, Signal, etc.
Other deliberate and inadvertent issues: guardianproject/fdroid-metadata#4
The Guardian Project repo will still mark all known Anti-Features, including non-free issues.
Since #2557 (closed) is implemented, this means that the Guardian Project repo will still have a built-in trust relationship.
closes #2556 (closed)