Major changes in 0.8.1
This is a bugfix and security update (CVE-2017-5226).
Flatpak now uses seccomp to disallow the TIOCSTI ioctl in the sandbox,
which works around the possibility to inject text on the controlling
This was previously fixed in bubblewrap in 0.1.6, but that change has
now been reverted as it introduced other problems for flatpak.
- Update bundled bubblewrap to 0.1.7
- Fix writing new file with O_EXCL in the document portal.
- Allow appstream data that doesn't have .desktop in the component id,
such as data for runtimes.
- Drop json-glib dependency from 1.2 to 1.0
- Builder: Fail if unable to read included file
- OCI: Ensure exported layers are readable by everyone
- Fix extra-data download in gnome-software
- Fix update-mime-database trigger when installing via
the system helper.
- Updating an app by installing a newer bundle now works
- Make /var/tmp not be on a tmpfs (it is now in
- Documentation / translation updates
$ sha256sum flatpak-0.8.1.tar.xz 9de103312b86f1033fa12768dc836525d6d9385defc80306e68691df66e7edaf flatpak-0.8.1.tar.xz
Major changes in 0.8.0
This is the first release in a new series of stable releases called 0.8.x. New features will be added to 0.9.x, and only bugfixes will be backported to 0.8.x. The featureset of this release is a good base to
target if you're creating flatpaks that should be widely usable.
This release technically requires only OSTree 2016.14, and it build fine with this, but we recommend using OSTree 2016.15, because of the change in how it verifies the checksums of commits in delta files.
- Flatpakrepo files now support a RuntimeRepo= key which points to
a flatpakrepo file. This means the user don't have to manually
configure a remote for the runtime, just reply to the prompt
to automatically do this when installing the app.
- We now support dependencies when installing bundles. This includes
required runtimes, related refs, and the equivalent of RuntimeRepo.
- The support for OCI in flatpak has been updated to the latest
OCI spec version, and support has been added to directly install
flatpak applications from an OCI image.
- In flatpak install, the --from and --bundle options are now optional
if the argument has the correct suffix (.flatpakref and .flatpak)
- Flatpak install now supports -y to let you avoid interactive prompts.
- build-finish: We now export mime type files with the right name.
- build-finish: New --require-version option let you specify a particular
version of flatpak, and older version of flatpak will not install
or update to the new version.
- build-sign: Allow signing all apps by omitting the id.
- Fix regression in the document portal when adding named files.
- build-import-bundle now signs the commit if you specify a gpg key.
- Flatpak now reads configuration from /etc/flatpak/installations.d
which lets you support multiple system-level installation paths.
These can be accessed with new --installation=... arguments to
most of the commands.
- flatpak-builder: Support --jobs=N to limit parallel builds
- flatpak-builder: Patch source got new options property that lets
you pass arguments to patch.
- flatpak-builder: New generic "buildsystem: type" option that
replace the (now deprecated) "cmake: true" option. This
supports "autotools", "cmake" and "meson".
$ sha256sum flatpak-0.8.0.tar.xz 5b082065c9921308305845f99b0facbc9b85a93e3d7553fd238824190294aacd flatpak-0.8.0.tar.xz
Major changes in 0.6.14
- Update bundled bubblewrap to 0.1.4 which has some nice bugfixes.
If you are using an external bubblewrap it is recommended, but
not required to update.
- Requires OSTree 2016.14, which allows us to drop some old
- When installing an application system-wide, don't consider
dependencies that are installed for the user only.
- Flatpak install --from now tries to re-use existing remotes to
avoid creating unnecessary origin remotes.
- Using --filesystem=$dir when $dir is a symlink-to-directory now works.
- Using --filesystem=$file to expose unix sockets to the app is now
- By default all the directories in ~/.var/app (except the app), as
well as ~/.local/share/flatpak are hidden in the sandbox.
- New option --filesystem=$dir:create which will create the destination
if it did not previously exist.
- --filesystem= now supports for xdg-[config|cache|data]. This
allows you access to the host versions of these xdg dirs. Additionally
if you use these with a subdirectory, like:
then that subdirectory on the host will be shared with the per-app
instance of the xdg-dir.
- Builder now correctly handles app-ids that have dashes in them.
Previously this generated invalid ids for the debuginfo and locale
- The experimental OCI file format support was changed from creating an
OCI container to creating an OCI image.
- Fix regression where "flatpak update --appstream remotename" broke
$ sha256sum flatpak-0.6.14.tar.xz 137886b1de9d91f701a9d9cbc6bf52cc0f232d923a8f185977a892dcb7eb2430 flatpak-0.6.14.tar.xz
Major changes in 0.6.13
The command line arguments for install/update/uninstall changed
These used to take an application id and an optional branch name as
two arguments. This meant you could not specify multiple apps
to install in a single command. So, instead of having the branch
as a separate argument we now support partial references.
If you only specify an id we try to match the rest as best we
can depending on what is installed/available, but if this
matches multiple things you have to specify more details.
For example you can use:
- org.my.App//stable - Any compatible arch, stable branch
- org.my.App/x86_64 - x86-64, look for available branch
- org.my.App/x86_64/stable - exact reference
This means install/update/uninstall can now install multiple apps
in a single operation.
Application runtime depencenies are checked/downloaded
Whenever you install or update an application we check that the
required runtime is installed. If not, we check if it is available
in any configured remote, and if found asks the user if/where to
install it from. If it is not found, the install/update fails.
You can mark remotes as --no-use-for-deps, which means flatpak will
never search for runtime dependencies in such remotes. This makes
the dependency search faster if you have app-only remotes.
It is recommended that app-only .flatpakrepo file define this
by specifying NoDeps=true.
remote-add and install --from now supports uris
This means you can install flatpakrefs and flatpakrepos in a
single command like so:
flatpak run can now launch a runtime directly
For example, "flatpak run org.gnome.Platform//3.22" will launch a shell
inside a sandbox with the gnome 3.22 runtime and an empty /app.
This is useful for development and testing.
included bubblewrap was bumped to 0.1.3 which has a security fix
Support for defining the default branch per remote
remote-add/modify: --update-metadata pulls current title and default branch
from remote summary file
Applications can now list a set of URIs that will be downloaded with the
application. The app can then extract these and use as a part of the
application data. This is useful for applications using freely downloadable
parts that can't be redistributed elsewhere.
flatpak-builder: Support --finish-only and --allow-missing-runtimes
flatpak-builder: Support app layering
An app can define a "base" application which is used for the initial
content before the application is built. This way applications can
be built in a layered fashion.
dbus proxy: The filtering has been tightened up
build-finish: Now exports icons for themes other than hicolor too
There is support in the app metadata for generic policies.
These are read and propagated and supports overriding, but are
not otherwise interpreted by flatpak. They can be used by other
host services as static permissions for the application.
Support for extensions directories
In addition to using a runtime as an extension, Flatpak apps can now use regular directories in
~/.local/share/flatpak/extension and /var/lib/flatpak/extension For example, if you create a
directory called org.freedesktop.Platform.GStreamer.MyPlugins/x86_64/1.4
there it will be used as a source for gstreamer plugins for all
runtimes based on the freedesktop 1.4 runtime.
$ sha256sum flatpak-0.6.13.tar.xz 3729102e979ed4ceded3d9fe5dd96ee77d83e1daf8d0dcda3bb61d64f94d0106 flatpak-0.6.13.tar.xz
Major changes in 0.6.12
- Partial revert in application id rules. Application ids
can now only have dashes in the last element. This allows
apps to export files such as org.my.App-extra.desktop which
was used by the libreoffice builds.
- By default the kernel keyring is not accessable, as it is
- Some robustness fixes for build-commit-from
- Better error messages
- flatpak update --appstream now updates for all remotes
- Made flatpak enter work, and you can now use any pid in the sandbox.
However, it requires root permissions.
- Support for --device=kvm for /dev/kvm access
- Support for --allow=multiarch to support non-primary arch support.
For example running i686 code in an x86_64 app.
- Add new default-branch setting for the remote configuration
$ sha256sum flatpak-0.6.12.tar.xz 2a96022fd5ce195b9715746175b20882793ec3ac1080acecf81b4dc48bee5545 flatpak-0.6.12.tar.xz
Major changes in 0.6.11
- Dashes are now allowed in application ids. However, to still work with
symbolic icon names, they may not end with "-symbolic".
- HostCommand now handles ptys correctly
- Various documentation updates
- New FLATPAK_CHECK_VERSION macro in libflatpak
- HostCommand now returns the real PID rather than a fake one.
- Fix regression in flatpak update --appstream
- Fix regression installing bundles without origin urls
- New flatpak-builder option --show-deps lists all the files
the manifest depends on.
$sha256sum flatpak-0.6.11.tar.xz 38be61039ced4b7c77a0b7e71622f32a9720558ad28e17bc4db634ffedb697b4 flatpak-0.6.11.tar.xz
Major changes in 0.6.10
- Dropped requirement for systemd --user.
The way we detect if an process we're talking to is sandboxed, and
what application id it has doesn't use cgroups anymore, which means
that the dependency on systemd in the user session is now optional.
This also means the --no-desktop argument is not needed any more.
(It is still accepted but does nothing.)
- Initial support has been added for .flatpakref files. These are simple key
value files similar to .flatpakrepo files, however they specify an application
to install in addition to the repo information. For example, gedit can be
installed by downloading https://sdk.gnome.org/gedit.flatpakref and running:
flatpak install --from gedit.flatpakref
There is also library support for this so it can be added to graphical
installers (such as gnome-software).
- Requires OSTree 2016.10. The change in how OSTree handles mtimes in
checkouts that was introduced in 2016.7 has been reverted, and
the required changes in Flatpak has been made. This means that
flatpak now depends on OSTree 2016.10.
- Requires Bubblewrap 0.1.2 for builds using the system bubblewrap.
Builds using the included copy need no changes.
- The $XDG_RUNTIME_DIR/flatpak-info file has added information
about the running application, and is now also securely available
for a running application from the host as "/proc/$fd/root/.flatpak-info".
This is what is used to identify remote apps instead of the cgroup
- A new run permission --allow=devel has been added. An application with
this permission is allowed to use ptrace and perf. This was previously
only available during "flatpak build" and "flatpak run -d". This
is useful if you're packaging e.g. an IDE.
- When an application is updated or removed a /app/.updated or /app/.removed
file is created for running instances. This can be used by applications to
trigger e.g. a restart for the new version.
- A new dbus request "HostCommand" has been added to org.freedesktop.Flatpak.
This lets you run any command on the host, and is therefore clearly not
sandboxed, so access to this should be limited. However, it is very useful
if you're using flatpak mainly as a distribution mechanism, for a non-sandboxed
- flatpak-builder now supports running from inside a flatpak, by auto-detecting
this and using the HostCommand service to run recursive flatpaks.
- Consecutive calls to flatpak build-update-repo has been speed up.
- The document portal now allows sandboxed applications to create references
to files in /app and /usr (in the app/runtime).
- The update process noew doesn't stop at the first failure.
$ sha256sum flatpak-0.6.10.tar.xz bc16df27b6efef087c1f527c4cc1ad75973fe06fd51053503c1157e702475aa9 flatpak-0.6.10.tar.xz
Major changes in 0.6.9
- Dropped dependency on libgsystem
- Allow passing partial refs whenever a CLI command takes
an app or runtime name.
- New command build-commit-from creates a new commit based
on the contents of another commit (optionally from another
- The sandbox now contains $XDG_RUNTIME_DIR/app/$APPID from the
host (and the directory is created if needed).
- update: Better output, and faster for the no updates case
- build-export: Don't make most validation errors fail, instead
just print a warning.
- builder: Support local path references for git sources
- builder: Better handling of recursive git submodules
- builder: Fixed issues with the .pyc mtime rewriting
- builder: Handle symbolic icons for rename-icon
- builder: Add --stop-at=$module to do partial builds
- builder: Add --sandbox flag to disable the build from escaping
from the sandbox via build-args.
sha256sum flatpak-0.6.9.tar.xz 3214f00d4d44a4515a05145c791adac334f37ade2e58318ddcceb944085a3330 flatpak-0.6.9.tar.xz
Major changes in 0.6.8
- Requires OSTree 2016.7, allowing us to enable use of static delta
for system downloads again.
- Support --no-desktop which allows you to run a flatpak app outside
a desktop, with some loss of functionallity (for example, there
will be no systemd --user scope created for the app)..
- More documentation.
- Memory leak fixes.
- Initial support for rpms as flatpak-builder archive sources.
- Start work on translating the CLI.
- Install systemd config snippet to set the right XDG_DATA_DIRS path.
- Support --arch in flatpak list.
- Support access() in the document portal.
- Validate exported desktop files.
$ sha256sum flatpak-0.6.8.tar.xz c58bd81db6f917f1b30165e262978129b636d05629a47028674ca51b036cd451 flatpak-0.6.8.tar.xz
Major changes in 0.6.7
- Automatically download and update related references such
as locales when using the CLI.
- lib: Support for getting related references
- Document metadata format
- Support build using system-installed bwrap
- Allow access to the journal socket in the sandbox
- builder: Support applying patches with git (useful for binary diffs)
- Requires ostree 2016.6
$ sha256sum flatpak-0.6.7.tar.xz a3695279c22df439927ef8cc776d8bf56e331935b5d87446e53a7825c71b955b flatpak-0.6.7.tar.xz