Closed cassidyjames closed 1 year ago
decathorpe
commented
4 years ago Though it would be great if this string was configurable with a meson switch. For example, it wouldn't make sense for sideload to claim things about elementary when it's running on fedora.
cassidyjames
commented
4 years ago @decathorpe yeah, could provide "Fedora" if that makes sense, and our fall back text could be more ambiguous, like "may not have been reviewed" or something.
cassidyjames
commented
4 years ago I wanted to grab this from OS info, but I don't think we have a distinct "entity" from the OS name, and I'm not sure if it always makes sense to use the OS name.
decathorpe
commented
4 years ago Yeah, I thought about using LSB information / os-release file as well, but came to the same conclusion that it probably won't always lead to sensible or correct information. So I guess it will be up to the packager to specify an appropriate "vendor string".
ids1024
commented
3 years ago Equally, it might not be entirely right to say the app is "provided solely by its developer". Packages on Flathub are ideally maintained by the developers of the software, but not always.
cassidyjames
commented
3 years ago @ids1024 that's a separate issue; see https://github.com/elementary/appcenter/issues/1132#issuecomment-550815517 for a possible solution.
Some folks have pointed out that it might not be entirely accurate to say an app has not been reviewed for security and privacy, as Canonical may have reviewed apps in their repos, Flathub may have reviewed apps in their remotes, etc.
I think this can be resolved by being more precise, and saying they have not been reviewed “by elementary”.