Open sr66139p opened 3 months ago
Thanks! Someone actually maintains the flatpak, I've been meaning to reach out to them. Will keep you updated on it.
Is Waterfox on Flatpak safe? Because this is very weird that someone maintains Watefox on Flatpak but there is no info about safe that thing. In my opinion, if someone from third-party is maintains some app on some place could be a vector of cyberattact.
Hi, I maintain the Flatpak for Waterfox. Many (almost all) Flatpaks are maintained by people outside of the originally development, and sure it does open another attack vector, but all builds are based off of the official Waterfox bin, you can see that in the manifest repository in the flathub organization here on GitHub. The repository is flathub/net.waterfox.waterfox. I've been trying to contact @MrAlex94 for a while as well, haha.
Is your feature request related to a problem? Please describe. People finding Waterfox on Flathub won't know it's official
Describe the solution you'd like You can verify the flatpak by putting a token on the website or verifying the GitHub
Describe alternatives you've considered You could reach out to Flathub to manually verify the flatpak
Additional context Here's a link to Flathub's Verification documentation for developers https://docs.flathub.org/docs/for-app-authors/verification/