[lucifer_morninstar]

But this is an Android app.

Yea it is an android app then what should I do???
Should I wrap the apk into bar file then upload???

Posted Via Blackberry Passport

[conite]

Yea it is an android app then what should I do???
Should I wrap the apk into bar file then upload???

Posted Via Blackberry Passport

We are only interested in native apps. There are plenty of other repositories for Android apps.

At least that's my take with my list:

https://docs.google.com/spreadsheets...htmlview#gid=0

Perhaps the OP is going a different route though. But to me that's wasted effort.

[XcrazyS]

How is the reliability of apps in the store checked? Anyone can post applications with malicious code and all this will be signed, for example, what is this from me?
I have not published my assemblies to the store, but they are there somehow. Even the description didn't bother to make normal.
I disclaim any responsibility for the content of applications in the store, allegedly made by me. My assemblies are only on my Yandex Disk cloud.
I think that the security issue has not been properly worked out.

[conite]

How is the reliability of apps in the store checked? Anyone can post applications with malicious code and all this will be signed, for example, what is this from me?
I have not published my assemblies to the store, but they are there somehow. Even the description didn't bother to make normal.
I disclaim any responsibility for the content of applications in the store, allegedly made by me. My assemblies are only on my Yandex Disk cloud.
I think that the security issue has not been properly worked out.

That's another reason to stick with native apps in this store. At least the fruit hangs a little higher with bar files.

[PwrSurge]

How is the reliability of apps in the store checked? Anyone can post applications with malicious code and all this will be signed, for example, what is this from me?

You have a point. Developer accounts should be implemented and only logged in validated users should be able to upload. At the very least, the email address of the user uploading the app should first be validated by sending a special link with token to the email address being used. The email address of the person that uploaded the app also needs to be displayed publicly on each app's profile page.

Dthis way, at least we know the email address of the user who uploaded the app so if there are ever any malicious apps posted, the email address could easily be banned and all apps under that email address / account get taken down.

Posted via CB10

[XcrazyS]

@qnxdev,
Please remove all my assemblies from the store and do not download them again until a normal identity verification system appears on the resource. Who and why publishes them in the store is not clear. Those who post them cannot even make an elementary normal description to understand what has been done and how to use it.
When your data is massively leaked, there will be no one to blame.

Also, people post native applications, compiled on their own. Again, it is not clear - who compiled, what changed, if changed. And if in the case of Android applications, you can decompile and view the code, in native applications it is impossible, so you can only trust the direct product developers, or the git in which the code can be viewed.

The idea is very interesting, but security issues cannot be ignored.

[anon(10693562)]

Apart from the security aspects discussed lately, which is indeed a good move to look in to,... well I would very much appreciated a category separation in the BB-shop for "native BB10" and "ported Android" app's would make it much easier to choice the right side worth to download and ignore the other side instead of soup all app's together in one large bowl, which would come even more apparent once the BB-store growing...

Just a simple category separation would do, something BBW sadly failed to do from the beginning. BB-store should lernen from that error and make it better.

 Classic  Passport  OS10.3.3.3216

[Chuck Finley69]

Apart from the security aspects discussed lately, which is indeed a good move to look in to,... well I would very much appreciated a category separation in the BB-shop for "native BB10" and "ported Android" app's would make it much easier to choice the right side worth to download and ignore the other side instead of soup all app's together in one large bowl, which would come even more apparent once the BB-store growing...

Just a simple category separation would do, something BBW sadly failed to do from the beginning. BB-store should lernen from that error and make it better.

 Classic  Passport  OS10.3.3.3216

Actually, in the beginning, Native and ported Android were differentiated in BBW somehow but I don’t remember how. I remember I could limit my Q10 app downloads to native somehow.

[anon(10693562)]

Actually, in the beginning, Native and ported Android were differentiated in BBW somehow but I don’t remember how. I remember I could limit my Q10 app downloads to native somehow.

At the beginning BBW didn't really made it clear in 2013 what app where native or port, but yes later after people complaint and the ammount of app's started to grow, BlackBerry actually did put a special BlackBerry icon attached into the description as indication for native app and sort of quality certificate to identify native app's, but never had a separate category for native BlackBerry App's or build for BlackBerry app's only, that was only done by mentioning, still yep because people wanted an easy indication to find native app's among the many fast ported Android apps flooding BBW at the time to cash in on them, and BlackBerry was desperate to get as many app's in to BBW as possible but that was a poisoning move as we know...

 Classic  Passport  OS10.3.3.3216

[Dunt Dunt Dunt]

At the beginning BBW didn't really made it clear in 2013 what app where native or port, but yes later after people complaint and the ammount of app's started to grow, BlackBerry actually did put a special BlackBerry icon attached into the description as indication for native app and sort of quality certificate to identify native app's, but never had a separate category for native BlackBerry App's or build for BlackBerry app's only, that was only done by mentioning, still yep because people wanted an easy indication to find native app's among the many fast ported Android apps flooding BBW at the time to cash in on them, and BlackBerry was desperate to get as many app's in to BBW as possible but that was a poisoning move as we know...

 Classic  Passport  OS10.3.3.3216

The fact that thousands of "apps" were just web wrappers didn't help either. Or that most the big apps people wanted were just apps for apps, and not really THE apps.

In the end standards have to be set....

[anon(10693562)]

In the end standards have to be set....

That's the trouble... one standard is the lowest point for all.. "soup it all up" and everyone gets a large spoon full.. everyone has to fish around in hope may to find the tasty lumps but in most cases only stumbled over the scrap and leftovers that makes up most of it.. that's a classic and well known fact too

 Classic  Passport  OS10.3.3.3216

[anon(10693562)]

Double erase

[lxmx]

+1 for the native / Android separation.

Security wise all it needs is a user registration feature. There is a good example of a public-run repository which has been a success - https://openrepos.net/ for Sailfish / Meego. There is a lot of interaction between the publishers and the users, and the trust develops implicitly as more and more users download, rate and comment on the apps. Some of which are not even fully open source.

For now, even if it's just user registration, we would be able to see that it is XcrazyS who uploaded his own apps and not someone else. That's good enough.

Same applies to the apps built from source by the non-original authors. Or closed source apps uploaded by someone else. You either trust the uploader or you don't.

Ultimately it should be either be a single person curating the whole catalog (like conite currently maintaining his list or XcrazyS his own) - or the community self regulating it through feedback.

[Chuck Finley69]

+1 for the native / Android separation.

Security wise all it needs is a user registration feature. There is a good example of a public-run repository which has been a success - https://openrepos.net/ for Sailfish / Meego. There is a lot of interaction between the publishers and the users, and the trust develops implicitly as more and more users download, rate and comment on the apps. Some of which are not even fully open source.

For now, even if it's just user registration, we would be able to see that it is XcrazyS who uploaded his own apps and not someone else. That's good enough.

Same applies to the apps built from source by the non-original authors. Or closed source apps uploaded by someone else. You either trust the uploader or you don't.

Ultimately it should be either be a single person curating the whole catalog (like conite currently maintaining his list or XcrazyS his own) - or the community self regulating it through feedback.

Perhaps the contributors like XcrazyS need to be further consulted

[qnxdev]

@qnxdev,
Please remove all my assemblies from the store and do not download them again until a normal identity verification system appears on the resource. Who and why publishes them in the store is not clear. Those who post them cannot even make an elementary normal description to understand what has been done and how to use it.
When your data is massively leaked, there will be no one to blame.

Also, people post native applications, compiled on their own. Again, it is not clear - who compiled, what changed, if changed. And if in the case of Android applications, you can decompile and view the code, in native applications it is impossible, so you can only trust the direct product developers, or the git in which the code can be viewed.

The idea is very interesting, but security issues cannot be ignored.

Sorry for the inconvenience caused. 2 Apps, Kiwi Browser and Discord, named after XcrasyS are disabled from AppStore. I understand that there is a security vulnerability. I made it completely open because until then no one actually seemed to be interested in uploading apps to Github repo directly. Again I will think about username-passkey based verification.

Let me know if you have any more concerns related to this. You can either pm me or post it here.
Sorry for the late response.

[qnxdev]

+1 for the native / Android separation.

I will be working on that. The app page will show if it's BAR / APK / ZIP .

[XcrazyS]

Telegram X,
Spotify,
Kate Mobile [VKontakte] (bar),
AppOps,
these applications too.

[qnxdev]

Telegram X,
Spotify,
Kate Mobile [VKontakte] (bar),
AppOps,
these applications too.

Are all these yer builds?

[qnxdev]

Developer accounts should be implemented and only logged in validated users should be able to upload.

Well the code is open source. Anyone can send a PR

[XcrazyS]

@qnxdev,
Yes.

[lucifer_morninstar]

Hey @qnxdev the link bbstore.vercel.app is seems to down I can't acess the store...
And bb.sz7.me is also not working have you changed the url???

Posted Via Blackberry Passport

[Dunt Dunt Dunt]

Hey @qnxdev the link bbstore.vercel.app is seems to down I can't acess the store...
And bb.sz7.me is also not working have you changed the url???

Posted Via Blackberry Passport

I clicked the links in his first post and they are still up...

[lucifer_morninstar]

I clicked the links in his first post and they are still up...

Which browser you are using??
Android Browser or the Native Blackberry Browser??


Posted Via Blackberry Passport

[lucifer_morninstar]

I clicked the links in his first post and they are still up...

I think issue is with the Native Blackberry Browser
I opened those links in BEOL Browser (Which is An Android Browser) all links are working..i guess I shoulda checked those link on android browser too.
Thanks and Sorry for asking.



Posted Via Blackberry Passport

[conite]

Hey @qnxdev the link bbstore.vercel.app is seems to down I can't acess the store...
And bb.sz7.me is also not working have you changed the url???

Posted Via Blackberry Passport

https://docs.google.com/spreadsheets...htmlview#gid=0