fdroid pulls the public source code and build it themselves. So if you trust fdroid, it avoids the threat that developer secretly inject code that is not in the public codebase while compiling apps.
However, this does not prevent fdroid person injecting code into the build. So there are a lot of arguments online about which one is more secure.
fdroid pulls the public source code and build it themselves. So if you trust fdroid, it avoids the threat that developer secretly inject code that is not in the public codebase while compiling apps.
However, this does not prevent fdroid person injecting code into the build. So there are a lot of arguments online about which one is more secure.