No one talking about how this could completely annihilate open source .apk development? First off the lead dev has to get identity verified to get a key, which will reduce the number of devs willing to push through friction to start a project. Then when the key is issued and it is posted to the repository, what keeps anyone from grabbing it and using it for another repo? We’ll they have an official app registration of some kind, ok, what about version control? Does every new version have to be registered before it can be loaded and tested? Same for forks?
This is about to be a terrible mess, Google is assassinating FOSS with this.
No one talking about how this could completely annihilate open source .apk development? First off the lead dev has to get identity verified to get a key, which will reduce the number of devs willing to push through friction to start a project. Then when the key is issued and it is posted to the repository, what keeps anyone from grabbing it and using it for another repo? We’ll they have an official app registration of some kind, ok, what about version control? Does every new version have to be registered before it can be loaded and tested? Same for forks?
This is about to be a terrible mess, Google is assassinating FOSS with this.
You distribute the code without your key and a built package that is signed. This isn’t exactly rocket science.
Anyone who forks the code will have to use their own key to install a package they built.
It’s just unnecessary red tape.