|26 days ago||4 days ago|
|Apache License 2.0||GNU Lesser General Public License v3.0 only|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Oxidise Your Life
4 projects | /r/rust | 24 Feb 2023
pastel: A command-line tool to generate, analyze, convert and manipulate colors.
The culmination of several months of work by dozens of people, Flatpak 1.14.0 is now out!
8 projects | /r/linux | 22 Aug 2022
I'm a fan of standalone binaries statically linked to musl for small command line applications. One such CLI app that releases this way is Pastel, a comprehensive color utility.
fd is looking for contributors
8 projects | /r/rust | 8 Aug 2021
fd is my very first Rust project. In fact, if you go back in (Git) history, the project was originally written in C++. I have created various other Rust command-line tools since then, but I love coming back to fd, as I personally use it the most.
Colin - Cute color information tool.
4 projects | /r/rust | 8 Apr 2021
How does this compare to pastel?
FLaNK Stack Weekly for 20 Nov 2023
37 projects | dev.to | 20 Nov 2023
Flathub – The Linux App Store
9 projects | news.ycombinator.com | 16 Nov 2023
> CLI tools do not implement auto-complete themselves. What you are seeing are auto-complete scripts for your shell that make network connections.
nit: This is incorrect. Robust auto-complete scripts call the actual program to provide completions.
That is what Flatpak does. It is Flatpak itself that makes the network connections.
Not that it would make any differencen if it was implemented in Bash seeing as the Bash script is also provided by Flatpak.
Meduza co-founder's phone infected with Pegasus
3 projects | news.ycombinator.com | 13 Sep 2023
Not really. Even with modern technologies, the Linux desktop technology stack is very, very far behind when it comes to security.
The Linux kernel itself is a very weak foundation security-wise, the only way Android and ChromeOS get away with it is by using a very small feature set and restricting everything else as much as possible with seccomp, SELinux and heavy sandboxing.
The Linux desktop userland doesn't have meaningful hardening features compared to other platforms (even Windows is ahead, sadly). For example, practically all distros use glibc's memory allocator which has both poor performance and security  and their toolchain is based on gcc, with no support for modern compiler security features such as CFI (with the sole exception of Chimera Linux). Not to mention the permission model is completely outdated, like in that xkcd cartoon. Flatpak only mitigates this partially, because the Flatpak sandbox is very weak. The people working on Flatpak are doing their best, but from reading some GitHub issues, it's clear they are badly overworked and not experts on security at all. The person responsible for Flatpak's seccomp sandbox has admitted it isn't even his main responsibility and he doesn't have much knowledge about seccomp and is learning along the way . The Flatpak seccomp filter is based on denylist instead of allowlist, and many dangerous syscalls can't be blocked because many applications rely on it (e.g. Firefox needs ptrace for the crash reporter). You also have to be very careful and use Flatseal (which is not officially supported) to deny permissions such as /home filesystem access, because it lets Flatpak apps override their own permissions by design . And dangerous kernel components like io_uring are exposed , while Google disables them on their systems for their exploitation potential.
Here is a more detailed article examining the lack of security of Linux phones in case you're interested: https://madaidans-insecurities.github.io/linux-phones.html
If you want a FOSS-based secure phone, GrapheneOS is the best option.
 Check this comment by GrapheneOS founder for some technical details and how it compares to hardened allocators such as Android's Scudo or Graphene's hardened_malloc: https://github.com/NixOS/nixpkgs/issues/90147#issuecomment-6...
The technical merits of Wayland are mostly irrelevant
3 projects | news.ycombinator.com | 1 Sep 2023
Sensitive features like screenshots, input methods, screen locking and whatnot are behind extensions (or portals). I'm not familiar with the state of GNOME/KDE/Flatpak, but at least on the wlroots side of things it is true that currently these extensions are enabled and accessible by any process that can talk to the Wayland socket (breaking those security benefits, as you say). This is changing with protocols such as security-context that allow a sandbox engine like Flatpak (or your custom scripts) to restrict what features apps can use. (so your browser can't register an input method, or some random app can't lock the screen)
Modern CSV version 2 is now available
6 projects | news.ycombinator.com | 15 Aug 2023
It shouldn't be too complicated to create a package from the provided tarball.
Flutter 3 on Devuan 4: 始め方
10 projects | dev.to | 4 Aug 2023
Flutter 3 on Devuan 4: Getting started
10 projects | dev.to | 2 Aug 2023
Besides, there may be other ways to install them, although there doesn't seem no such Flatpak packages in Flathub. For example, some senerio to use some release channel or Docker / Podman. Additionally, when you use a different Linux distro where systemd is adopted and therefore can do Snaps (Snapd), you have another possibility.
Android Studio on Devuan 4: インストール
7 projects | dev.to | 31 Jul 2023
Android Studio on Devuan 4: Install
7 projects | dev.to | 31 Jul 2023
Besides, there is another way to install Android Studio on Devuan: Flatpak. They have the package. Moreover, when you use a different Linux distro and can use Snaps, there is also the package.
Work to make a custom linux desktop experience that benefits from group knowledge and experience (Part 2)
3 projects | /r/ScientificComputing | 2 Jul 2023
- start using flatpaks from flathub, appimages and/or snaps, for GUI apps. You can start doing this from your own distro, you don't have to move yet.
What are some alternatives?
firejail - Linux namespaces and seccomp-bpf sandbox
steam-runtime - A runtime environment for Steam applications
Autodesk-Fusion-360-for-Linux - This is a project, where I give you a way to use Autodesk Fusion 360 on Linux!
distrobox - Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at: https://gitlab.com/89luca89/distrobox
nix-gui - Use NixOS Without Coding
protontricks - A wrapper that does winetricks things for Proton enabled games, requires Winetricks.
bubblewrap - Low-level unprivileged sandboxing tool used by Flatpak and similar projects
nix - Nix, the purely functional package manager
flathub - Pull requests for new applications to be added
Proton - Compatibility tool for Steam Play based on Wine and additional components
steam-for-linux - Issue tracking for the Steam for Linux beta client