[Suggestion] Core and Community repositories

Hi! Right now Flathub has just one repository for all apps, both maintained by the apps authors and the maintained by community members.

Since when I install an app, I must already trust the author of the app, if I install an app delivered from the community I have to trust also the person who is packaging the app, introducing a new layer of security,

That is why I suggest to split the repository in two, like some distros do (In Arch for instance you can find core, extra, community, AUR, …): One repository only with apps packaged directly by the app creators, and other for the apps packaged by community members.

This way you can choose if you want to use one or both repositories, improving security and making users more conscious of the origin of the flatpak.


That sounds like great idea. So in a scenario where the original developer for an app decides that he doesn’t want to support it anymore, but there is still interest from the community and people willing to do it.

Could this be implemented using the named subset feature introduced in Flatpak 1.10?