Android 16 QPR1 is being pushed to the Android Open Source Project

Original Article ↗ Hacker News Discussion ↗

What this AOSP release actually is

  • Android 16 QPR1 source is finally landing in AOSP, ~2+ months after the binaries shipped to Google‑approved phones.
  • Until now, custom ROMs (LineageOS, GrapheneOS, etc.) had to stick to Android 16 QPR0 (June release); they can now start proper 16.1/QPR1 bring‑ups.
  • This also unblocks support for newer devices like Pixel 10 in ROMs such as GrapheneOS.
  • Kernel (GPL) sources were reportedly released on time; the delay concerns primarily userspace AOSP components, where Google has no legal obligation to publish quickly.
  • Android Code Search is highlighted as the web UI for browsing this code; Gerrit is still used for code review.

Criticism and defense of Google’s behavior

  • Some see the slow source drop as emblematic of Google’s shift from “doing the right thing” to tightening control, especially given Android’s role in a mobile duopoly and Chrome’s near‑monopoly on the web.
  • Others argue Google funds and builds Android and has no duty—legal or moral—to serve custom ROM needs, especially for non‑paying end‑users who buy hardware from OEMs.
  • Counter‑argument: users still have every right to criticize changes to infrastructure they depend on, especially when alternatives (non‑Android/non‑iOS) are shrinking.

Licensing debate: GPL vs MIT/Apache

  • One camp argues permissive licenses were heavily promoted by corporations to “harvest free labor” and avoid copyleft obligations; they point to Android custom ROMs’ dependence on GPL’d kernel code as an example of copyleft’s public benefit.
  • Others choose MIT/Apache for simplicity, legal predictability, and the belief that “true freedom” includes letting downstream users relicense or close derivatives.
  • Discussions cover GPL complexities (derivative works, linking, GPLv3 anti‑tivoization), corporate aversion to GPL libraries, and examples like FreeBSD‑based products (iOS, PlayStation) not releasing kernel/userland source.
  • There is disagreement on whether fears around GPL are legitimate risk management or FUD‑driven “brainwashing”.

EU regulation and delayed updates

  • One participant ties the delay to new EU rules on smartphone update support: security updates must be delivered within 4 months, feature updates within 6 months of source or binary release.
  • Theory: by embargoing patches and delaying AOSP drops, Google controls when the legal “clock” starts for OEMs, effectively stretching real‑world patch latency (GrapheneOS is cited as already shipping future security fixes under NDA’d blobs).
  • Others contest this interpretation, arguing the law targets OEMs, not source publication timing, and that any resulting security degradation is a corporate choice and exploitation of loopholes, not inherent to the regulation.