Add dev.digitalgrease.signet (Signet)

digital greaserequested to merge
digitalgrease/fdroiddata:add-signet into master

Add dev.digitalgrease.signet (Signet) — cryptographic verification primitive
for human relationships, defending against voice/video deepfake vishing.

I am the upstream author (digital-grease, same as com.fauxx.full).

Built and tagged at v0.3.1 (commit dff4a678321ca722be12fa6a6f44025db3c7bf64).
v0.3.0 was prepared but never opened as an MR — it was blocked by the check apk scanner finding 157 com/google/(gms|mlkit|barhopper) classes
embedded by mobile_scanner's bundled Google ML Kit + Play Services.
v0.3.1 swaps mobile_scanner for flutter_zxing (MIT, ZXing C++ via FFI);
local fdroid build produces a 64 MB APK with zero proprietary Google
classes (verified via dex strings scan).

Required

  • The app complies with the inclusion criteria
  • The original app author has been notified (I am the author)
  • All related fdroiddata and RFP issues have been referenced in this merge request (none — author submission, no prior RFP)
  • Builds with fdroid build and all pipelines pass — verified locally with fdroid build dev.digitalgrease.signet:30001 (clean build, 64.2 MB APK from commit dff4a67, zero com/google/(gms|mlkit|barhopper) classes); same recipe pushed to GitLab CI for parity
  • There is an issue tracker and contact info of the author so that we can report bugs and contact the author

Strongly Recommended

  • The upstream app source code repo contains the app metadata in a Fastlane or Triple-T folder structure — fastlane/metadata/android/en-US/ populated with title, full_description, short_description, changelogs, and images (icon, featureGraphic, 8 phoneScreenshots)
  • Releases are tagged and auto update is enabled — AutoUpdateMode: Version + UpdateCheckMode: Tags + UpdateCheckData: pubspec.yaml|... (matches the working pattern from agersant.polaris)

Suggested

  • External repos are added as git submodules instead of srclibs — Flutter SDK is consumed via flutter@3.41.6 srclib; matches the pattern used by every other Flutter app in fdroiddata (e.g. com.nextcloud_cookbook_flutter, de.wger.flutter)
  • Enable Reproducible Builds — No, I don't want this. Reasoning: Play Store and F-Droid populations are intentionally separate for this app; cross-channel migration is handled by the in-app BackupBundle export/import, which is more robust than a
    shared signing key for an app whose data is paired-relationship secrets. F-Droid signing the F-Droid APK is the simplest model.
  • Multiple apks for native code — universal APK (~64 MB) for v0.3.1; ABI splits queued as a future optimization

/label New App

Edited by digital grease

Merge request reports