Flathub system merged a feature that gives you a verified badge for Flatpak apps.
Clearly Flatpak is already “won” over “Snap” and “Appimage” in the Linux software distribution for desktops. Today, almost all major Linux distributions enable Flatpak by default, except vanilla Ubuntu. Despite Ubuntu being the most used Linux distro, you probably already know why it doesn’t include Flatpak by default. That’s another topic for another day.
The Flathub is the only repository where you can get all the Flatpak apps today. However, publishing in a new Flathub repository for your new application is a lengthy process. It has well-established guidelines and a review mechanism.
To prevent any unforeseen security incident, which is quite common in open-source (Remember the recent NPM and Python incidents?). Since Flatpak is sandboxed, it tends to package many additional components together in the deployment bundle.
Although there are processes in place, the problem remains.
To protect all Flatpak users and help them make wise decisions before installing an app, the new verification feature arrives in Flathub.
Although there is no documentation available on its looks and workings, it seems there will be a “tick” badge beside the app name/logo on the Flathub app page. Something like the below mockup.
Flathub verification badge: How does it work?
From the look of the code, it seems you get a verification symbol if –
- You own the application and its respective GitLab/GitHub repo
- You control the domain of the app ID (e.g.
Also, there could be situations where I build an app, but another person creates the Flatpak for distribution. I believe Flathub would establish a manual verification badge update method via an approval/review process for those cases.
Nonetheless, it is a great feature, and we should all be more comfortable installing the Flatpak apps packaged by the developer only.
The Flathub code is now merged in the main branch. I am not sure when it will appear on the official website. Stay tuned.