I want to install FairEmail and Tor Browser, I spot Google Play provides some delayed updates, But I don't know if FFUpdater is as safe as Google Play.

For safety it is
Gos appstore -> accrescent -> google play store

This is usually the "recommended" order.
If you dont want to have google, or need faster updates (mullvad for example has/had a newer version in github than in play store), then you should either download directly from github.

Or use obtainium. (which will just download it from a source you tell it)

Tor browser is not that easy to get like that, and if you dont want to use the goolge play store version, you can just downloas it on their website directly.
(There is a thread here that explains how to get tor browser over obtainium tho)

If you download apps outside of the first three sources, like with obtainium, then you should definitly use appverfier (in accrescent app store) to verify that it is the real app

(Also be aware that if you have the goolge service active in a profile, installing an app from another source, outside of playstore, is useless if you want to hide it from google, as they can see which other apps are installed)

    dhhdjbd As far as I know, FFUpdater verifies the hash value of the downloaded file, so will it be as secure as Google Play, or at least as secure as Obtainium+Appverifier?

        freedomNothingnessAlike
        sry i dont know a lot and i might be wrong but i did not really hear about FFupdater before. I personally would not trust it and wait for others opinions on this.

        I would tho confidently recommend to use appverifier to verifie the apks and not trust that your source also verifies itself.