@fuxoft How is it different from traditional packages? By installing a package you give its author unlimited root access to your system.
Flatpak is not perfect and it currently allows apps to get access the host because they wouldn't otherwise work. But it's not a security nightmare. And if it is, then all means of software distribution on Linux are.
@fuxoft @mirek Well, Flatpak already allows apps to be completely sandboxed on the file system and get access to the host in a controlled way. Quite a few apps already work that way. Quite a few don't and need full access for compatibility reasons. The Flatpak project doesn't hide the option is there and that the sandbox is not enforced for all apps.
Yeah, if you check flatpak.org index page, there are lot of benefits and features mentioned, but not a word about better security or sandboxing.
It's not even the immediate goal of Flatpak. Now it's: let's get apps on board, and solve the distribution problem, and in the future let's work with their authors to make them run securely.
@andrej @fuxoft #Flathub is building tools to notify about new versions of used modules, but it is and has always been responsibility of maintainers. All my flatpaks have their modules up to date.
And BTW that applies to Linux distros as well. Most packages in Ubuntu universe never receive an update during the release lifetime.