Linux

54869 readers

378 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Debian: Are apps in Discover store all Flatpaks by default? (sh.itjust.works)

submitted 6 days ago by unicornBro@sh.itjust.works to c/linux@lemmy.ml

5 comments fedilink hide all child comments

I just installed Debian with the KDE desktop and I'm looking to see what kind of packages are available in the Discover store by default as they are not labeled i.e., Snaps/Flatpak. Should I install Flatpak? Thanks I don't to break anything

you are viewing a single comment's thread
view the rest of the comments

[–] unicornBro@sh.itjust.works 0 points 6 days ago (1 children)

Okay thanks. I'm thinking of sticking with deb packages also at the moment because a lot of apps on the flathub website say "Unverified"

[–] duckiegobrrr@kbin.earth 0 points 6 days ago (1 children)

a lot of apps on the flathub website say "Unverified"

Those are usually either wrappers for proprietary stuff, for example the Chrome flatpak is unverified because it's not from Google themselves but rather somebody grabbing the official deb/rpm and rebuilding it into a flatpak (this is also how a lot of e.g. AUR packages on Arch work, basically), or open source stuff for which the dev/packager simply didn't care enough to do the verification stuff that Flathub wants you to do (doesn't actually seem that hard, but one might simply not have been aware of it or something).

Don't recall people particularly complaining about the unverified badges before Mint started hiding unverified flatpaks by default, though; suddenly after that "everybody" started noticing them.

[–] BananaTrifleViolin@lemmy.world 1 points 6 days ago* (last edited 6 days ago)

Yeah true, but if you're choosing Debian then I can see why there is caution about "unverified" flatpaks.

Ultimately if they're not verified then you're taking it on trust that they've been repackaged by a good actor and not a bad actor. We have no reason to believe there are malicious flatpaks are on flathub and verified only really meansnit was packaged by the originating project itself. But it is still a separate chain of packaging and security from the official one in a distro.

And Flathub doesnt need to be the repo used. Fedora for example created its own repo so it could verify its own flatpaks in the same way as its other system repos. Other distros do not seem to be following that path.

Personally I take the risk on flatpaks in the same way I will take risks on the opensuse OBS (or AUR in arch) - if i need/want the software and it's not in the main repos for my distro I will generally take it off flathub rather than add an OBS source I dont know well. (If its small software I might build from source myself).