Hans-Christoph Steiner @eighthave@librem.one

#fdroid client is configured with two #Maven repos: Maven Central and the Google one. Yet running `./gradlew buildEnvironment --scan` downloads `org.gradle:gradle-enterprise-gradle-plugin:3.10.2`, which is not available on those two repositories. It seems that #Gradle is adding repositories automatically, that seems sketchy to me. I confirmed this by running `gradle --write-verification-metadata sha256 buildEnvironment --scan`

@SomaFMrusty Some artists still post albums to their own websites, I buy there when I can. Then there is always #BitTorrent then buy merch directly from the band to send them cash.

@cryptax v3.4.1 has passed all the tests, in less than 10 days, it should be part of Debian/bookworm https://tracker.debian.org/pkg/droidlysis

FYI, I patched back in the #androguard support since androguard is part of #Debian and easy to support there. I work with massive collections of #Android APKs, so I appreciate having androguard support there to parse those few APKs that the others cannot.

@debian nice, I was just looking at this format, since it makes it a lot easier to manage third party repositories. For example, it makes it easier to specify a signing key for that specific repository.

@cryptax if you post a droidlysis v3.4.1 ASAP, I can probably get it into the upcoming Debian/bookworm release. Also, I found a bug when using newer libmagic: https://github.com/cryptax/droidlysis/pull/10

@rene_mobile @matthew_d_green Totally. I have lots of experience with US and EU banking, in both directions, e.g. while living in the US and the EU. The US system is really messed up. Another symptom is all those funny payment startups in the US trying to make payment easier. In the EU, we just do all that stuff with a plain old, cheap bank account. No extra apps, middlemen, fees, etc.

Just uploaded to #Debian the key #Android inspection tools #apktool 2.7.0 and the latest #smali from git, ahead of 2.5.2. All sorts of tools like #droidlysis #fdroid #kalilinux and more rely on these for inspecting Android APK files.

@profcarroll I'm a #EU and #US citizen and lived in both. Things like "identity theft" are common in the US, it happened to me, but are basically not possible in the EU. Personal data belongs to the person. In the US, the data collectors have rights to collect whatever they want and sell it to whoever, and opening credit in someone's name is too easy. In the EU, you mostly need to do that in person still or maybe over the phone. Some may call that bureaucracy, but it works better overall.

Software deployments with many active engineers can work effectively by constantly deploying iterative changes and watching for feedback. That is a pattern used by many large software companies and startups alike. But that's not the only effective model of software development. Many #FreeSoftware projects still use stable releases since they allow progress without requiring constant attention. Once a stable release is deployed, it can be effectively maintained with a drastically smaller effort.

@jxf oh my god, sadly so accurate in so many cases. It turns out that grumpy stubborn people are the ones willing to keep on slogging to keep the thing alive, which also contributes to the grumpiness. This brings to mind the tension between the #volunteer-driven nature so many great #FreeSoftware projects, and the need to earn a living in order to do a good job of maintenance. This is a key point where projects should be funded by orgs like Linux Foundation, OTF, https://sovereigntechfund.de, etc