The top four requests that our users provided in the feedback screen:
- Loading issues, greyed out placeholders. There was a race condition in relay client initialization that seems to fix it
- Listing all available apps for discovery. This is coming in the next release! I will be implementing in the next few days
- Updating apps issues. Showing the error reason more prominently on screen now
And lastly, background updates. This is planned for a release of the next milestone, likely by end of year.
Thank you all for your feedback, it's really helpful 🫂
Love Spring but it seems development has stopped? nostr:nprofile1qqsrx4k7vxeev3unrn5ty9qt9w4cxlsgzrqw752mh6fduqjgqs9chhgppemhxue69uhkummn9ekx7mp0qy2hwumn8ghj7un9d3shjtnyv9kh2uewd9hj7qg3waehxw309ahx7um5wgh8w6twv5hsxct838
GM!
Heads up android users, I'm working to get a new zap.store app release this week (if all goes well).
Lots of plumbing work to fix most errors users have been experiencing in the past months. And maybe one or two features too. Stay tuned!
Good question! Each APK needs to be added manually and so it's vetted. With updates to the UI we'll start making these things more clear. And next year integrating DVMs to help with these checks.
The idea is to bring many more FOSS apps that are not as releases on Github.
In reality this doesn't change much from the current practice of ingesting Github releases. Some of those could theoretically be compromised.
The status quo in app distribution:
"AntennaPod is officially published only in [Play Store and F-Droid] because we don’t have the time to support more."
"All other stores listing AntennaPod copied the app without our explicit permission. We are not responsible for updating those or making sure they work correctly."
"F-Droid usually takes a few days until updates become available. If an update is still not available more than a week after its release, feel free to let us know"
Now imagine all app releases signed on nostr by developers. As soon as they publish the event, updates get instantly pushed to the users. Secure*. Social. No third parties required. Permissionless. Directly monetizable. Unstoppable.
We are going to make it happen.
We had an issue due to the size of the Fountain APK but it's fixed now.
nostr:nprofile1qqsx2wyjt6lmvc05rrvv05r5hm3w3t7h0pcpmkyswrpd4ymd2u09tscpz3mhxue69uhhyetvv9ujuerpd46hxtnfduq3kamnwvaz7tmwdaehgu339e682mnwv4k8xct5wvhxxmmdqywhwumn8ghj7mn0wd68yttsw43zuam9d3kx7unyv4ezumn9wscn3xgh nostr:nprofile1qqswfa547pdmqkerzf2uen3agudc67wxffjmenqpge3dylc006fppyspzemhxue69uhhyetvv9ujumn0wd68ytnzv9hxgqghwaehxw309aex2mrp0yhxvmm4de6xz6tw9enx6qgkwaehxw309aex2mrp0yh8qunfd4skctnwv46qj40rct you can use the zapstore-cli tool (0.1.0)!
If you had it installed, to update just do: zapstore install zapstore
🚀 zap.store cli 0.1.0 released
Developers:
- you can now pass icon and images for your app
- the "artifacts" yaml attribute is no longer needed if you don't pull from github (and use the -a argument)
- identifier also no longer needed
- updated docs in the repo README
🏋️ Those trying to upload bigger APKs, this is now fixed as well.
To update run: zapstore install zapstore
(or install from the release on github)
By the way, nostr:nprofile1qqsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgspr3mhxue69uhksmmyd33x7epwvdhhyctrd3jjuar0dak8xtcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszxmhwden5te0wfjkccte9emk2um5v4exucn5vvhxxmmd9umdntf8, I tested with the following snippet and it did work for me:
Just run it like: zapstore publish coracle (that will pull from github)
coracle:
android:
repository: https://github.com/coracle-social/coracle
artifacts:
- app-release-signed.apk
Thanks for trying out zap.store! If you trust our account you can go ahead and install. The NIP-05 is not necessary, but better when you want to have extra assurance
Would be so cool. The current categories are "list of apps" events (kind 30267), we could allow devs to push these to the relay as well. Needs more thought, though
nostr:nprofile1qqsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgspr3mhxue69uhksmmyd33x7epwvdhhyctrd3jjuar0dak8xtcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszxmhwden5te0wfjkccte9emk2um5v4exucn5vvhxxmmd9umdntf8 would you mind updating (zapstore install zapstore, or pull from latest) and let me know if it works now? 🤞
An issue where the button reads "Sorry release is incompatible with your device" has just been fixed.
If you keep experiencing it, go to Settings (⚙️) and tap on Delete cache.
It was a data issue where the latest release events were invalid (numbers instead of strings in nostr tags). These releases (around 30) were removed from the relay.
Since we are transitioning to zapstore-cli to power our indexer, which always generates valid events, the problem is fixed but it will take a few days to deploy. So no updates for a few days.
Developer signed releases are not affected.
nostr:nevent1qqs8y978pu5vxemd058sayw3a5fy87tnnr7vp9m0ymlkezh2c3f9jgqprpmhxue69uhkummnw3ezuendwsh8w6t69e3xj730qgsv0ccqav0zjlznx8840tsnqj6gukk7adtvfyke73gyjjeea98tuwqrqsqqqqqpy34tvd
Also working on the Android app where bugs have been fixed. I don't think it's a LineageOS specific issue. A little more patience and we'll have 0.1.4 released (or you can try building from source!)
An issue where the button reads "Sorry release is incompatible with your device" has just been fixed.
If you keep experiencing it, go to Settings (⚙️) and tap on Delete cache.
It was a data issue where the latest release events were invalid (numbers instead of strings in nostr tags). These releases (around 30) were removed from the relay.
Since we are transitioning to zapstore-cli to power our indexer, which always generates valid events, the problem is fixed but it will take a few days to deploy. So no updates for a few days.
Developer signed releases are not affected.
nostr:nevent1qqs8y978pu5vxemd058sayw3a5fy87tnnr7vp9m0ymlkezh2c3f9jgqprpmhxue69uhkummnw3ezuendwsh8w6t69e3xj730qgsv0ccqav0zjlznx8840tsnqj6gukk7adtvfyke73gyjjeea98tuwqrqsqqqqqpy34tvd
One of my dreams come true, nostr:nprofile1qqs24yz8xftq8kkdf7q5yzf4v7tn2ek78v0zp2y427mj3sa7f34ggjcpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcppemhxue69uhkummn9ekx7mp0qyg8wumn8ghj7mn0wd68ytnddakj703s8dt by nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcppemhxue69uhkummn9ekx7mp0qyghwumn8ghj7mn0wd68ytnhd9hx2tcewvzaw is now self-signed in zap.store!
(If you see the old signer, pull to refresh)
https://image.nostr.build/223c442dfeb91ab622f088df78e8056a8b0ee29296e5ee2b8826cfda5511443e.jpg
nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcppemhxue69uhkummn9ekx7mp0qyghwumn8ghj7mn0wd68ytnhd9hx2tcewvzaw if you'd like to display images and a longer description you can pull extra metadata from the Play Store (use --overwrite-app)
One of zap.store goals is to finish what PGP never could.
I share your concern and to bridge the PGP-nostr gap we have NIP-39 cryptographic identities that soon will be integrated into zapstore-cli.
https://github.com/nostr-protocol/nips/pull/1335
Other tools could be built to leverage these events and feed them into Openkeychain for example.
That said, you mention "updates" and a phone which I suppose is Android. Keep in mind that the OS handles this verification for you, so no worries except on first install.
nostr:nevent1qqs0jls3pxsvs792443sdlg8f673f237hx4gfe3f5gl9fq3uv2a0zngpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsyg8dk3czwy5h43dxrunh70x3fhj5celttnxjpmcdnhefhcvxskasqspsgqqqqqqsmtjg7h
zap.store does this for you, but you are right that for verifying zap.store itself you need to either trust the domain or verify the hash.
This is why we publish hashes in our nostr profile.
If you already have AppVerifier, that's one way. Or you could do it in the computer. Would be nice to have tutorials for both
I'm not against it but you need to trust the website host then.
Ideally we want multiple websites pulling these events. https://zap.store eventually will show this info, and then something like an app in nostrudel "more" could work too
One of zap.store goals is to finish what PGP never could.
I share your concern and to bridge the PGP-nostr gap we have NIP-39 cryptographic identities that soon will be integrated into zapstore-cli.
https://github.com/nostr-protocol/nips/pull/1335
Other tools could be built to leverage these events and feed them into Openkeychain for example.
That said, you mention "updates" and a phone which I suppose is Android. Keep in mind that the OS handles this verification for you, so no worries except on first install.
nostr:nevent1qqs0jls3pxsvs792443sdlg8f673f237hx4gfe3f5gl9fq3uv2a0zngpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsyg8dk3czwy5h43dxrunh70x3fhj5celttnxjpmcdnhefhcvxskasqspsgqqqqqqsmtjg7h
nostr:nprofile1qqszw70nm86zcl0wzlcwd0xulzdgl82e95v78vdm6fl0rnlarfle35gpzfmhxue69uhhqatjwpkx2urpvuhx2ucpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgqg4waehxw309ajkgetw9ehx7um5wghxcctwvsv0rdp9 nostr:nprofile1qqsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgspr3mhxue69uhksmmyd33x7epwvdhhyctrd3jjuar0dak8xtcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszxnhwden5te0wpuhyctdd9jzuenfv96x5ctx9e3k7mf0ss9zgs this should fix it for you!
Actually zap.store fetches most apps from Github. But with additional security guards (checking hashes signed by the dev), web of trust display and better discovery. And soon zaps. Obviously Github directly has way more apps, but we're getting there.
Very interesting, and exactly what we seek to fix.
Beyond curated relays and web of trust, there definitely are plans to incorporate external services reports for malware, reproducible attestations and much more - likely through a DVM open market.
Some planned: https://github.com/zapstore/zapstore/milestone/3
nostr:nevent1qqs9up4jeehzxhxkdd269ygsyk7j3xu2fpcg2n64vvkhdkzqmzp9hacpr4mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmp0qgs072l6htl2n4wrkq87dg59zwfrjqfxsreuhap6c4fj4pek490cquqrqsqqqqqp6tymtn
Awesome nostr:nprofile1qqs2hr9cpe0y9fwytl8s5mpf0e6ckyf6sld22q5tzzezhzkl2w2a2qspzamhxue69uhky6t5vdhkjmn9wgh8xmmrd9skctcpp4mhxue69uhkummn9ekx7mqpr3mhxue69uhkummnw3ezucnfw33k76twv4ezuum0vd5kzmq32ahfv ! We did have some similar by nostr:nprofile1qqs2js6wu9j76qdjs6lvlsnhrmchqhf4xlg9rvu89zyf3nqq6hygt0spz9mhxue69uhkummnw3ezuamfdejj7qghwaehxw309aex2mrp0yhxummnw3ezucnpdejz7qgmwaehxw309a6xsetxdaex2um59ehx7um5wgcjucm0d5hscwu9av but need to find where they are
Correction, Ser: it's also available as CLI (even though we have like 5 packages there😆)
The app currently mostly runs on MacOS but we need to rework the installer for different OSes. It's not a huge amount of work to get on MacOS and Linux.
That paired with the new zapstore-cli tool (for devs and as crawler) which supports basically any platform (OS/architecture) to be available as nostr events.
Citrine has been signed and published by nostr:nprofile1qqs827g8dkd07zjvlhh60csytujgd3l9mz7x807xk3fewge7rwlukxgpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszrnhwden5te0dehhxtnvdakz7qgswaehxw309ahx7um5wghx6mmd9usjfpck , just sayin' 🤩
It's available now!
nostr:nprofile1qqsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgspr3mhxue69uhksmmyd33x7epwvdhhyctrd3jjuar0dak8xtcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszxnhwden5te0wpuhyctdd9jzuenfv96x5ctx9e3k7mf0ss9zgs if at any point you'd like to self-publish just let us know.
nostr:nevent1qqspmfevqmg9uh23e52xfypdcwfpglvdcryxcqaflfxafddfnduganspz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygqh2wxu9f38d8gfgsl33smuhc6cl26mh7vpzu6592nutlchrmthcspsgqqqqqqs2jdtc4
Yes🙏 It's early days so nsec only. Promise we don't rug, but otherwise you can build from souce. I also need to add your npub to our relay whitelist. If it sounds good lmk!
It's available now!
nostr:nprofile1qqsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgspr3mhxue69uhksmmyd33x7epwvdhhyctrd3jjuar0dak8xtcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszxnhwden5te0wpuhyctdd9jzuenfv96x5ctx9e3k7mf0ss9zgs if at any point you'd like to self-publish just let us know.
nostr:nevent1qqspmfevqmg9uh23e52xfypdcwfpglvdcryxcqaflfxafddfnduganspz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygqh2wxu9f38d8gfgsl33smuhc6cl26mh7vpzu6592nutlchrmthcspsgqqqqqqs2jdtc4
Great question! Zapping releases is coming soon.
Currently focused on bringing more developers to self publish, and ironing out the last bugs around those tools. Then, entering the zap milestone.
I'll make zap.store live up to its name⚡😄
nostr:nevent1qqs2rkuta5pyf9tckz0k5jqfhkvlw5askwstwfyfktka8czxr47834gpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygqmcu9qzj9n7vtd5vl78jyly037wxkyl7vcqflvwy4eqhxjfa4yzypsgqqqqqqs4phx0n
Great question! Zapping releases is coming soon.
Currently focused on bringing more developers to self publish, and ironing out the last bugs around those tools. Then, entering the zap milestone.
I'll make zap.store live up to its name⚡😄
nostr:nevent1qqs2rkuta5pyf9tckz0k5jqfhkvlw5askwstwfyfktka8czxr47834gpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygqmcu9qzj9n7vtd5vl78jyly037wxkyl7vcqflvwy4eqhxjfa4yzypsgqqqqqqs4phx0n
Hmm interesting. What happens when you tap on Update?
It might be an issue on their side, as most APK versions resolve via versionCode and not versionName (the one you are seeing)
Oddbean new post about login | logout
Notes by Zapstore | export
By the way, nostr:nprofile1qqsf03c2gsmx5ef4c9zmxvlew04gdh7u94afnknp33qvv3c94kvwxgspr3mhxue69uhksmmyd33x7epwvdhhyctrd3jjuar0dak8xtcpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszxmhwden5te0wfjkccte9emk2um5v4exucn5vvhxxmmd9umdntf8, I tested with the following snippet and it did work for me: Just run it like: zapstore publish coracle (that will pull from github) coracle: android: repository: https://github.com/coracle-social/coracle artifacts: - app-release-signed.apk