this post was submitted on 17 Nov 2025
422 points (99.1% liked)

Selfhosted

59939 readers
320 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
422
PSA syncthing-fork has changed owners (lemmy.world)
submitted 7 months ago by ueiqkkwhuwjw@lemmy.world to c/selfhosted@lemmy.world
67 comments fedilink hide all child comments
 

Overview here

https://forum.syncthing.net/t/does-anyone-know-why-syncthing-fork-is-no-longer-available-on-github/25661/39

The new owner of the repo has a fresh github account and apparently has the signing keys from Catfriend1 too.

Time will tell if they are trustworthy, but for the extra paranoid it might make sense to pause updates for a while.

you are viewing a single comment's thread
view the rest of the comments
[–] Pika@sh.itjust.works 25 points 7 months ago* (last edited 7 months ago) (1 children)

this entire thing has made me really rethink whether I want to swap to the new repo or not.

Why was there no communication about it. The gplay repo maintainer wasn't informed of anything, no public notice to anyone was given, just a transfer of the repo and a status issue here explaining it.

Obviously the act is genuine as they were able to keep the original keys but like, this entire system seemed really sketchy.

I'm also not happy with the fact that it seems the first thing they added was removing checksums, but that might be a temp thing.

I also just noticed that it looks like they removed the entire public key for it, which if they had the original private keys using the existing public keys shouldn't be an issue right?

[–] tgxn@lemmy.tgxn.net 14 points 7 months ago* (last edited 7 months ago) (1 children)

It's likely because the app will no longer be distributed on Google. They likely removed the Google play signing keys and configuration, which is completely fine. I'll have a look over their changes when I get home, but I doubt it's anything nefarious.

I also ditched this stuff when Google decided to start asking for my drivers license and will no longer distribute my apps within their closed marketplace.

[–] Wispy2891@lemmy.world 10 points 7 months ago (1 children)

Google decided to start asking for my drivers license

I wish it was only the drivers license, I had to give up my Android dev account too because having my private home address + phone number + email publicly available on the dev profile page is completely unacceptable

[–] tgxn@lemmy.tgxn.net 1 points 7 months ago

Yeah exactly, where does it end? next they will be asking for more. I'll just distribute APKs elsewhere.