How does it stack up against traditional package management and others like AUR and Nix?

  • Lemmchen@feddit.de
    link
    fedilink
    arrow-up
    6
    ·
    9 months ago

    Does anyone know how they handle spoofed malware? I can never figure out whether I can trust the packages from flathub. I always have to check the official website of the particular software first.

    • Canary9341@lemmy.ml
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      9 months ago

      Flathub maintainers do not upload anything, they just write a manifest pointing to the official source and flathub does the rest. They also cannot modify it freely, approval is required.

    • OsrsNeedsF2P@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      9 months ago

      Flathub verifies you have permission from upstream before accepting it. Other than that, sandbox.