Version Guide: Which Version to Download?

May 25, 2026 · View on GitHub

Caution

We changed the signing key since version 2.0.0. See Signing key rotation and replacement for detail.

TL;DR: If you are a user of Android 7~10, use Legacy; If not, use Modern. Besides, Fdroid is exactly identical with apk on Fdroid; ignore it.

Currently, we have three channel (Stable Channel, Preview Channel, and Fdroid Channel that is identical on F-droid), and two distinct Variants:

  • Modern
  • Legacy

We make this distinction mostly for bypassing Scope Storage for Android 10.

Modern (for mainstream android device user)

It targets on the latest SDK, and declares hasFragileUserData true (supporting uninstalling without removing data).

Legacy (for legacy android device user)

Target on SDK 28 (Android 9), to bypass Scope Storage introduced in Android 10 (especially helpful for Android 10 users since Scope Storage could not be escaped in this version). Also, it declares hasFragileUserData false, to solve the problem of difficulty uninstalling1, due to installer(uninstaller) crashing on Android 10 with physical SD card.



See also Development Guide $ Build Variants

Signing key rotation and replacement

TL;DR: For Android 9 and higher, install apk containig IntermediateRelease to transit smoothly; Otherwise, you have to uninstall first before upgrading to v2.0.

Due to various reasons2, since v2.0.0, it is decided to replace the old signing key with new one:

SerialFingerprint SHA-256
Old signing key0x3BEE71AB01654EB9348B2C802FCBF21282DE0CDCA2A226337B9A2FA201E3AC376B0CE76C
New signing key0x00FFE5FCD512F9C8355DACA926C8E9BB628FFEF98B7A228C6564CCC29ED5031695A030E15120271AB7

Hence, typically, you may have to uninstall first before upgrading to v2.0.

However, for users Android 9 and higher, we prepare a special variant IntermediateRelease. This variant is signed with rotated key, which uses both old and new keys with rotation lineage; this means users can install it directly to transit to new key smoothly without uninstall first. But this is a feature available for Android 9 and higher (APK signature scheme v3), users with legacy devices still have to uninstall first before installing.

About Devices with Play Protect

Android Developer Verification

Starting in 2027 worldwide (or September 2026 for some countries), Android applications from developers without verification centrally through Google Play or the Android Developer Console, may no longer be installed easily on certified Android devices.

In simple terms, APKs signed by unregistered signing keys, where developers refuse to upload their personal identification (governmental ID etc.) and their app information (package names and signing key fingerprints etc.) to Google, may not install easily on devices with Google Mobile Services (GMS) where Play Protect is enforced.

Impact on us

Apps distributed outside Google Play, just like Phonograph Plus, are severely affected. Although an “advanced flow” may exist, the " sideloading" would be much more difficult for most users. And Google is determined without any sign of regret for now.

Details and updates can be found here (offical) and here (3rd-party).

Future plan

As a response to this policy, after April 1st 2027 (or August 10th 2027), APK artifacts will no longer be provided in releases but only source code. Please compile and build Phonograph Plus yourself.

If Android becomes further closed and restricted, Phonograph Plus may be really and eventually discontinued in 2028, depending on Google's policies next.

Footnotes

  1. See related FAQ

  2. The old key is too "personal" (it is used for other personal projects), and its certificate has been expired (but typically system do not verify it).