Switching from F-Droid to Obtainium

F-Droid rebuilds every app from source and signs it with their own keys. This means the APK signature differs from the developer's original release. Sounds like a security feature, right? In practice, it causes headaches.

If you ever want to switch from F-Droid to the developer's direct release (or vice versa), you have to uninstall and reinstall. All your app data? Gone. This isn't a minor annoyance when you're dealing with apps that store local data or have complex configurations.

Because F-Droid rebuilds everything, updates can be delayed by days or even weeks. When there's a security fix in an app you rely on, waiting for F-Droid's build pipeline isn't ideal. The developers push a fix, but you're stuck on the vulnerable version until F-Droid gets around to building it.

This one frustrated me the most. There have been cases where F-Droid maintainers made questionable editorial decisions about what belongs in the repository. At one point, religious apps were being flagged as inappropriate content. Whether you're religious or not, that's an odd stance for what should be a neutral software repository.

I won't lie, setting up Obtainium takes effort. For each app, you need to:

1. Find the source URL (usually the GitHub/GitLab releases page)
2. Add it to Obtainium
3. Configure any filters if the project has multiple release variants

For your first ten apps, this feels tedious compared to just searching F-Droid. But once you're through the initial setup, the benefits start showing.

Fortunately, there's a community-maintained app configurations site that makes adding apps much easier. You can browse pre-configured apps and add them with a single click. Hopefully in the future there will be some sort of app store integration again, not for the sake of centralization, but so that if a source URL changes, the fix would be instantly available as an update.

Apps update as soon as the developer releases them. No waiting for a third party to rebuild. No signature mismatches. The APK you get is the exact same one the developer published.

Obtainium supports multiple sources:

• GitHub Releases
• GitLab Releases
• F-Droid (yes, you can still pull from there if you want)
• Direct APK URLs
• And more

This means you can grab apps that aren't in F-Droid at all. That niche tool with only 50 GitHub stars? You can track it.

Your app list can be exported and imported. Setting up a new phone becomes: install Obtainium, import your config, let it download everything. Much cleaner than manually hunting through F-Droid or remembering what you had installed.

If a developer moves their repository from GitHub to somewhere else, you'll need to update the source URL manually. I'm not aware of any automatic notification for this. Then again, this is a problem with most software distribution, it's just more visible here.

With F-Droid, you trust F-Droid's build process. With Obtainium, you trust each individual developer's release process. For popular projects with proper release signing, this is arguably better. For random projects? You're trusting that their GitHub account hasn't been compromised.

F-Droid's curation has downsides (see the editorial issues above), but it does mean someone has at least glanced at what's in the repository. With Obtainium, you're on your own for vetting apps.