Does anyone know how they handle spoofed malware? I can never figure out whether I can trust the packages from flathub. I always have to check the official website of the particular software first.
Linux
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
Flathub verifies you have permission from upstream before accepting it. Other than that, sandbox.
Ambivalent. I like the consistency between distros and the idea of sandboxing, in practice sandboxing is a pain in the ass and Flatpaks use up an inordinate amount of space for different library versions. However, if I have to use a proprietary application I do appreciate the sandboxing and Flatpak is my preferred install method.
I'll always prefer the repositories, but Flatpak comes in handy for applications with weird dependencies where you need to compile everything needed on your own - or outdated 32 bits software.
Haven’t had issues, elementary uses them for system apps
I really like them. They give us a reliable application that doesn't depend the distro building a version for specific platform. For example if the newest versions are compiled for Ubuntu 24.04 but you're on 22.04 it might take a while to get the update.
It does come at a cost though, it'll have to package all the dependencies for 24.04 in a layer of the package so it'll take a long time to start up and take a lot more memory than necessary.
This is mitigated by flatpaks using same base for their application (like Ubuntu with Electron) but it still isn't the same as just starting up a proper apt program.
I really like it since we can have a modern version of a program for small distros and in general the barrier to entry so much lower so companies can't just say "oh we can't support all Linux distros, not feasible".
Aur you compile yourself for your own distro instead of it being done already by apt and the like.
Nix is a super cool since you can just setup and configure pretty much everything so that you just press "install" and you'll have your Gimp, VPN and whatever apps all done for you. You'll have to do some heavy configuration so programming knowledge is not necessary but really helps.
I usually install Debian Linux on old Chromebooks that have only 16 GB SSD, and then gift them to my cousins or their kids. Flatpacks are out of the question, since pretty much every app I checked is between 500 and 1 GB of size. I only have 7.5 GB of free space in there after the base XFce Debian installation is done, plus 2 GB of swap. I find flatpacks to be space eaters, and I avoid them even on my normal, higher SSD size laptops.
Mostly positive. My encoding utility Aviator can be shipped with a custom community-backed SVT-AV1 fork in the background without anyone noticing any issues like they would if I linked to system SVT-AV1. Flatpak makes this kind of thing easy, and users don't have to think about it.
A lot of people seem to complain about them, but I really like them. I've even started using them over the AUR for some things now. I like that they keep certain things like Steam a lot tidier, and I like being able to see and control permissions and settings for everything all in Flatseal. The main downside I guess is that they use up more space by downloading dependencies for each app individually which is kind of redundant, but for me I've got a pretty big SSD in my laptop so it's never caused me any trouble. I could see how it could be a problem for someone with limited space on their system though.
Generally I tend to go Flatpak/AUR as a first choice, Appimage if I really need to, and Snaps never lol.
The problem with Flatpak is that for me I would only use it to sandbox propietary apps, and most of these are not officially supported, so there is almost always something broken, like screen sharing, etc.
AUR is similar to flathub in that most packages aren't thoroughly checked. Except for the packaging guidelines which usually have to be followed. I'm not sure how in depth nixpkgs or other distros check the source of packages of new maintainers.
Flatpak runs on all distros and supports sandboxing, which makes it a great addition to all distro repos. AUR can cause issues with dependencies and unmaintained packages, and the make file should be read since it's run with root privileges. Additionally the AUR only works on Arch Linux. Breakage isn't a risk with Nix and it's seamless rollback, but has to be installed deeply into the system (/nix)
My personally preferred package manager for most GUI apps is flatpak. Nix is great because it allows to install packages declaratively.
Edit: NixOS -> Nix
Doesn't work properly, apps are bigger and don't always apply GTK themes. I also can't easily edit the desktop file to edit the icons. I therefore only use it as a backup when I can't find an app on the AUR or office repositories, which is very rare.
"Dont ask yourself if it works, but how it works"
For editing desktop entries, copy it fron this strange directory ~/.local/share/flatpak/exports/share/applications/ to your normal ~/.local/share/applications which will always override the others.
I wish more apps where officially supported, instead of saying it supports Linux and providing a .deb. Good thing the community provides unofficial flatpaks at least.
Flatpaks are great. I install my core os and gui with the base package management. All my user side packages are Flatpaks. I then use Flatseal to lock down and modify Flatpaks as needed. What's great is running programs like wine without installing a ton of dependencies and then locking the install from parts of my computer I don't want it to have access to.
Get Job done but remember don't use it for Browser and Text Editor. It will make you suffer.
On the one hand I like the basic idea, on the other hand I think that some fundamental problems aren't fully solved yet. There big use case are passkeys and direct password manager integration – neither mesh well with the idea of software that isn't allowed to talk to most of the system.
I'm certain that this will be resolved at some point but for now I don't think Flatpak and its brethren are quite there yet.
Flatpak is why i moved to Debian, Running a Stable OS with the latest packages have made my Linux Desktop a full replacement for Windows, MacOS and Rolling releases.

It is awesome
The sandbox can be very cumbersome when there is not a way to break out. I'm thinking specifically of command line tools for developers. You can poke holes in the sandbox to access the filesystem, but the moment you want to run an executable it won't let you.
Flathub doesn't accept CLI tools (unlike the Snap store)
Regarding modifying Sandboxes, try Flatseal