K8y It said there was a problem with parsing the package.
This sounds like either the APK was broken while being transmitted to your device, or was broken on the server. Did you try downloading again? If it still fails, try clearing the cache for Aurora Store to force it to redownload rather than reusing the broken APK.
Please note that Aurora Store has issues (including security issues). You can look for explanations that other people have already written about its issues if you're interested.
K8y Then another I downloaded from google play didn't update, the blue update button didn't work.
Can you please explain a bit further what happened? Was the blue update button available and tapping it failed to update, or was there no blue update button at all? Was there any error message? For what it's worth, I sometimes get an error when trying to download an app in Google Play Store, and just immediately retrying once or twice fixes it for me, I don't even have to wait a few seconds to retry.
K8y What's the recommended way to update apps on graphene?
Security-wise, the recommendation is to use a well-regarded app store (not F-Droid, not Aurora Store, not Obtainium, etc.) for the initial installation of apps, and then whatever is most convenient to you to update them. However, I recommend only updating Google Play from either Google Play Store (broken since a November 2024 update to GrapheneOS with no way to change it for now) or the built-in GrapheneOS App Store. The built-in GrapheneOS App Store is special because it's part of the OS and verified using verified boot, and thus if you install Accrescent or Google Play Store from it then they're verified by the GrapheneOS App Store which is, in turn, verified by verified boot. And then any apps you install from these app stores are verified by these app stores, which are verified by the GrapheneOS App Store, which is verified by verified boot. This provides strong trust because you're relying on something you're already trusting (GrapheneOS), that has been programmed to recognize the correct thing it should trust (the built-in App Store, which recognizes the correct Accrescent and Google Play Store, which recognize the correct apps).