Android in-place updates require the new APK to be signed with the same certificate as the installed app. The current public GitHub release assets for v1.0.0 and v1.1.0 do not share the same signing certificate, so users who installed the earlier release cannot update in place and must uninstall first.\n\nVerified:\n- v1.0.0 signer SHA-256: 10e3439a555c81a49e1bdb03149336a8161ca9e842cef08b060f5546ef1c7dc1\n- v1.1.0 signer SHA-256: 90ec9c532ab8269b14195ec0d908ef30aad2985267814a002a6988c550c7474f\n\nImpact:\n- Android update flow breaks between public releases\n- uninstalling clears local app state\n- this weakens trust in GitHub release distribution\n\nFix direction:\n- confirm which keystore should be the stable public release identity\n- keep that keystore constant for all future tagged releases\n- document the migration path for any users already on mismatched historical builds\n- optionally add a release-time signer fingerprint check against the previous public release\n
Android in-place updates require the new APK to be signed with the same certificate as the installed app. The current public GitHub release assets for v1.0.0 and v1.1.0 do not share the same signing certificate, so users who installed the earlier release cannot update in place and must uninstall first.\n\nVerified:\n- v1.0.0 signer SHA-256: 10e3439a555c81a49e1bdb03149336a8161ca9e842cef08b060f5546ef1c7dc1\n- v1.1.0 signer SHA-256: 90ec9c532ab8269b14195ec0d908ef30aad2985267814a002a6988c550c7474f\n\nImpact:\n- Android update flow breaks between public releases\n- uninstalling clears local app state\n- this weakens trust in GitHub release distribution\n\nFix direction:\n- confirm which keystore should be the stable public release identity\n- keep that keystore constant for all future tagged releases\n- document the migration path for any users already on mismatched historical builds\n- optionally add a release-time signer fingerprint check against the previous public release\n