• inspxtr@lemmy.world
    link
    fedilink
    arrow-up
    31
    arrow-down
    1
    ·
    1 year ago

    As much as I despise snap, this instance bring some questions into how other popular cross-linux platform app stores like flathub and nix-channels/packages provide guardrails against malwares.

    I’m aware flathub has a “verified” checks for packages from the same maintainers/developers, but I’m unsure about nix-channels. Even then, flathub packages are not reviewed by anyone, are they?

    • 2xsaiko@discuss.tchncs.de
      link
      fedilink
      arrow-up
      14
      ·
      edit-2
      1 year ago

      Nixpkgs submissions work through GitHub PRs which have to be reviewed, and packages usually build from source (or download binaries from the official site if no source is available, and verifying it against a checksum). It’s a much safer model since every user has a reproducible script to build the binary, especially if Flathub doesn’t have any reviews as you say.

    • Sparking@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Wouldn’t it go noticed quickly if a super popular flatpak distribution app is compromised? I love flatpacks for my 5 desktop apps that I actually use everyday, but it is definitely not suitable for general apps I install on a whim.