To start things off i want to make sure we are talking about the same ReVanced. If not please let me know what project you are refering to. I was un aware that the ReVanced team had expanded their patch offerings out from just youtube.
I think there are two issues at play with regard to ReVanced.
- Potential Legal issues, the linked article applies to the original YT Vanced. Although i believe some of these issues might linger.
Mainly i remember YT Vanced didn’t actually distribute Vanced as an APK. Instead the user needed to install the “Vanced app manager” i believe it was called. This app manager did two things, Install Microg, and morph the official Youtube app into YT Vanced. I do not know the legal or security implications for this case; however this approach always rubbed me the wrong way.
All of that was to say that it appears that ReVanced is “patching” apps in the same way the original YT Vanced was doing.
- Requiring the extension of trust to a third party app developer, as @gregandcin mentioned could problematic depending on your threat model.
Personally i have kind of given up on front ends for this reason; an extension of trust is required and the privacy benifit is often negligable when compared to the first party front end. The exception to this for me is tools like rss, or GrayJay/NewPipe were the “front end” provides a unified user interface for content from multipe platforms.