[AppStream] Appstream ID and Flatpak
Matthias Klumpp
matthias at tenstral.net
Thu Jan 25 02:40:16 UTC 2018
2018-01-16 8:23 GMT+01:00 Alexander Larsson <alexl at redhat.com>:
> Well, the appstream id is not really tied to the dns name in any way
> but the hope that all people play ball to avoid unintentional
> conflicts. So, even on the year of the linux desktop, anyone can
> intentionally be evil and confusing by using someone elses id.
>
> Things are *somewhat* more obvious for flatpak:ed apps, as the
> appstream id matches the name which is at least a visible thing to the
> user, but in e.g. an rpm your appstream could have whatever appstream
> id and nobody would see it.
Further emphasizing on this: The AppStream ID was since its inception
only meant to uniquely identify the application in a computer system,
not to the user. To ensure uniqueness, we initially suggested a rDNS
name and with a later revision started to pretty much enforce it. The
job to actually ensure that an AppStream ID isn't used maliciously
belongs to the repository delivering the software, though. And the
user has to trust that repository to do the job right.
For distribution package archives, we already ensure duplicated IDs of
different software don't occur (in that case rejecting both
applications to force the developers to resolve the conflict). In a
prototype for a software delivery system similar to Flathub, I
implemented a way to reserve a certain rDNS "namespace" for a certain
entity (so nobody could upload some org.mozilla.* app who isn't
Mozilla), and also ensured that once an AppStream ID was used, it
could never be used again, even if the original project was deleted.
In that scenario, the AppStream ID could in theory be anything, and
the repository / AppStore / etc. will ensure that people create unique
names just based on a "first come, first served" logic, just like we
handle packages today. Using rDNS is a lot smarter though, because it
decentralizes the naming and makes conflicts impossible or at least
incredibly unlikely.
On a related note: The AppStream spec now recommends "DBus compatible"
names, and if you run appstreamcli validate on your metainfo files, it
will throw an info-type hint in case any hyphens are present in the
ID, or any section of the ID started with a digit. This should
hopefully solve the issue and make it possible for Flathub to use
AppStream IDs directly, and not rename them at all.
I am thinking about making this a hard requirement for AppStream 1.0
(but enforcing ID changes abruptly now would be bad, as it would
suddenly render a lot of files invalid and annoy people, especially
since the change happened in a minor release).
Cheers,
Matthias
More information about the Flatpak
mailing list