Why should I trust Flathub updates?

This page summarizes the projects mentioned and recommended in the original post on /r/flatpak
C Flatpak C++ flathub live-streaming

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • com.google.Chrome

    • Every app has its own github page where you can see every how the flatpak is being built, where it is sourcing from, and every update made to it. I sometimes check these pages just to be sure myself because I don't fully trust the security model either.

  • flathub

    Issue tracker and new submissions

    • Reading Flathub's App Submission guide, it looks like new app submissions are managed with pull requests that are reviewed by Flathub admins, however...

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • com.brave.Browser

    • Examples: Chrome, Brave. Both examples currently have a disclaimer that the package is not verified by, affiliated with, or supported upstream.

  • com.obsproject.Studio

    Discontinued This repository is no longer used to build OBS. Issues should be reported at https://github.com/obsproject/obs-studio

    • With official packages, I have even more questions. Example: OBS Studio. The publisher link points to this repo, which is currently archived, with the message "This repository is no longer used to build OBS. Issues should be reported at https://github.com/obsproject/obs-studio". After some digging, I found they're using Github Actions to automatically publish to Flathub on release, which is fine (and pretty cool), but I would still prefer that Flathub provide some kind of records on their end. What assurances do I have that the package installed on my machine from Flathub is the one that was built by upstream? Maybe they have something and I'm not looking in the right place.

  • obs-studio

    OBS Studio - Free and open source software for live streaming and screen recording

    • With official packages, I have even more questions. Example: OBS Studio. The publisher link points to this repo, which is currently archived, with the message "This repository is no longer used to build OBS. Issues should be reported at https://github.com/obsproject/obs-studio". After some digging, I found they're using Github Actions to automatically publish to Flathub on release, which is fine (and pretty cool), but I would still prefer that Flathub provide some kind of records on their end. What assurances do I have that the package installed on my machine from Flathub is the one that was built by upstream? Maybe they have something and I'm not looking in the right place.

  • io

    • Here an (very simple) example manifest from something i patched together: https://github.com/flathub/io.github.igorlogius.scr2ppm/blob/master/io.github.igorlogius.scr2ppm.yml

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts