Is Flathub Safe? Newbie question

Hello everyone, im new here… Just a quick question really… are releases here official?

e.g - Install Spotify on Linux | Flathub

That says Unverified

Thanks!!!

To put it short:
The “official” badge tells if the Flathub release is considered official. If there is a “unverified”, then its likely not.

“Unverified” means that the packaging is done by a third-party maintainer. In the open-source space, that is not that uncommon. In fact, the packages in the repositories of Linux distributions are mostly maintained by a third party, the distributions maintainers, as well.
For open-source software, this is rarely an issue. But it has some implications for proprietary ones, like Spotify.

Flathub has made efforts to make the Flatpaks officially supported by the developers, but some are still maintained by community maintainers.
But, you can always check the package manifest (linked in the links section) for how the Flatpak is build and from where the sources come.

In the case of Spotify, the Flathub manifest uses the files from the official Snap release, with some additional files for it to work in the Flatpak environment.

1 Like

Thanks for the reply!!! im new to linux, and i really like it! Just abit nervous when it comes to security etc at the mo.

Really helpful though, so thanks for that

You may find this earlier discussion on Flathub of interest

This topic was automatically closed after 2 days. New replies are no longer allowed.