Better yet, how about some sort of acknowledgement of testing in addition to being cleared of viruses? Until some milestone of testing is complete, don’t publish the app.
Over almost 2 years I have started leaning more on Debian distributions like LMDE because I appreciate the levels of testing done over a long period of time which bolsters the security aspect of packages. Granted it does not eliminate risk entirely but it does thwart or mitigate a lot of problems.
Flatpaks and Snaps to my knowledge don’t do any testing on apps. Flatpaks supposedly audit the code, whatever that means, but there is no consequential testing that I know of. Snapcraft is only starting to audit the their packages after having been stung badly some nefarious cryptocurrency applications being loaded on the Snap store, but again, no long term testing. Just build the app and publish like much like a Windows program but - no real antivirus for Linux because Linux doesn’t need that right?
I feel like Linux is being lax on security yet trying to pretend it is more secure. What am I missing?