[politelemon]

App developer's perspective. I have a few apps on all major places, including F-Droid. The 'no user accounts' thing makes developing and distributing on F-Droid a freeing experience, as compared to the G/A 'jails'. There is no pressure to meet arbitrary undocumented restrictions, you are not subject to the whims of dehumanizing AI routines, there are no ratings and reviews (the feedback is direct). The build and deployment process is not really my problem, as part of their Reproducible Builds, even that aspect is taken care of. https://f-droid.org/en/docs/Reproducible_Builds/

[sneak]

I find the distributor-does-the-building-and-signing to be problematic from a security point of view. I would much prefer that each developer does a build, signs it, and a notarization of some kind is added by the distributor.

It seems to me that if you can compromise the f-droid infrastructure you can compromise millions of handsets.

[progval]

F-Droid already supports this. From GP's link:

> This means that F-Droid can verify that an app is 100% free software while still using the original developer’s APK signatures