Half the time I look for software, the author’s download page says something to the effect of “we’re aware there’s a flatpak floating around, but we have nothing to do with it and don’t know what’s on it.” Relying on flatpaks seems like a bad idea.
Doesn’t the same hold for distributions repackaging software? Surely most developers don’t maintain their own Debian packages, Fedora rpms, Arch whatever-their-name-is’s, etc?
This comment is super dumb, just because there are unofficial flatpaks lying around that does not make flatpak a bad format you can configure bazaar to only search for verified apps IIRC so flatpak is linked to the source code or website.
Flatpak has long established itself as the distribution-agnostic standard for software delivery on Linux. Some immutable Linux distributions even rely on it exclusively, given the nature of their design.
A more reasonable take might be: don’t install flatpaks willy-nilly without first verifying that they’re maintained by the original developers (or an authorized third party, which is sometimes the case). The same way I wouldn’t run apt install <package> without first checking the package info to ensure I’m installing a legit package (if I’m not already familiar with the specific package I’m installing).
Half the time I look for software, the author’s download page says something to the effect of “we’re aware there’s a flatpak floating around, but we have nothing to do with it and don’t know what’s on it.” Relying on flatpaks seems like a bad idea.
Doesn’t the same hold for distributions repackaging software? Surely most developers don’t maintain their own Debian packages, Fedora rpms, Arch whatever-their-name-is’s, etc?
This comment is super dumb, just because there are unofficial flatpaks lying around that does not make flatpak a bad format you can configure bazaar to only search for verified apps IIRC so flatpak is linked to the source code or website.
Literally the first paragraph of the article:
Does that put my comment in context for you?
A more reasonable take might be: don’t install flatpaks willy-nilly without first verifying that they’re maintained by the original developers (or an authorized third party, which is sometimes the case). The same way I wouldn’t run
apt install <package>without first checking the package info to ensure I’m installing a legit package (if I’m not already familiar with the specific package I’m installing).