Reloaded: Android - getting passbolt without Play Store

mmichalek · September 26, 2025, 1:27pm

Q1. What is the problem that you are trying to solve? Explain with a short paragraph what are you trying to solve with this change request or new feature. Focus on the problem: how would you measure if the problem is solved or the situation is better than before?

Some users cannot install the app without the Play Store, either for privacy reasons or because their devices don’t have the Google Play Services.

Our primary distribution target has always been the Google Play Store. Because of that, the app integrates with several Google-provided proprietary libraries: Play In-App Review, Play In-App Update, and Google ML Kit for QR code recognition. These dependencies make the app more user-friendly on Play, but they also mean it may be harder to distribute the app outside the Play Store.

Additionally, with Play Store App Signing, it’s easier and more secure to manage the application signing keys.

Q2 - Who is impacted? How many people are affected by this issue, or how many would benefit from this new feature? Is this for everyone or a specific group?

This mainly affects privacy-focused users, people using Android distributions without Google apps. While it’s not the majority, this group can be significant in our security-focused community and would clearly benefit from having an alternative installation method.

Q3 - Why is it important and/or urgent? Is it strategic? Does it help us achieve your own community objectives? Is it linked to another project that can have a big impact?

Providing an installation method outside the Play Store supports digital freedom, strengthens trust among privacy-conscious users, and makes the app accessible to a wider audience. It aligns with community goals of being privacy- and security-first, as well as increasing inclusivity by supporting less popular Android distributions.

Q4 - What is your proposed solution? Use this section to be describe how you would solve this problem if you have a preference or ideas on how to move forward.

In the proposed solutions, we can consider keeping the libraries and making sure the app still works without the Play Services backend on the device.

F-droid official repository - we would have to remove the libraries from the app or prepare an app variant without them (increases maintenance and makes the release process more complex)
F-droid private repository - we could host the repository and use the app with the libraries, first making sure everything works as expected
GitHub releases - recently mentioned https://github.com/passbolt/mobile-passbolt-android/issues/21 - it’s possible to release the application on GitHub and use projects like Obtanium (https://github.com/ImranR98/Obtainium) to detect and install the updates

How important is this for you, and which solution suits you best? Do you propose any other distribution channels?

Q5. Community support
People can vote for this idea to show traction:

Must have: this is critical for me to have this
Should have: this is important for me to have this
Could have: this could be nice to have
Won’t have: we should not schedule this (explain why)

0 voters

elias-jk · September 26, 2025, 2:03pm

Personally I’d prefer Github releases since I use Obtainium for updates. Really looking forward to this, since that’s the only reason I haven’t fully switched to passbolt yet.

mannp · September 26, 2025, 4:21pm

For me the first step is a GitHub release, which can easily be kept up to date with Obtainium and others.

F-droid builds with a private repo would be great, but perhaps a good bit more effort than a straight GitHub release from your sources for a start.

kater · October 19, 2025, 9:47am

I use passbolt since few years now and loving it. I just switched back to android (from iOS to GrapheneOS), a Github release would be great indeed !

kater · December 23, 2025, 2:12pm

Any update on this ?

remy · December 23, 2025, 2:21pm

@mmichalek has been working on a proposal to publish APK on Github. This work should get scheduled next year.

Q1. What is the problem that we are trying to solve?
Some users cannot install Passbolt Android without the Play Store due to privacy concerns or because their devices lack Google Play Services. The current app depends on Play-specific libraries (In-App Review, In-App Update, ML Kit) that complicate distribution outside Google’s ecosystem. Additionally, Play Store App Signing simplifies key management, which isn’t available when distributing APKs independently. The problem will be solved when these users can install and update the app reliably through a non-Play channel without functional regressions.

Q2 - Who is impacted?
The affected group includes privacy-focused users, individuals using Android distributions without Google apps (e.g., GrapheneOS, LineageOS), and users in restricted environments where Play is not available. While not the majority, this group is relevant in the Passbolt community due to its security-conscious profile. Enabling an alternative distribution path directly benefits this subset by giving access to the official app through a Passbolt-controlled channel.

Q3 - Why is it important and/or urgent?
Providing a non-Play distribution method aligns with Passbolt’s privacy and security principles. It increases accessibility, builds trust within the open-source community, and avoids excluding users with strict security models. Strategically, it expands adoption on devices used by security professionals, self-hosters, and organizations using hardened Android builds. This also reduces the perception that Passbolt Android is “locked in” to Google tooling.

Q4 - What is your proposed solution?
The optimal approach is to distribute signed APKs directly through GitHub Releases. This avoids modifying the codebase or maintaining multiple build variants while still reaching users outside Google Play. Tools like Obtainium can automatically track GitHub releases and provide update notifications.