@alexlarsson alexlarsson released this Aug 20, 2018 · 2 commits to master since this release

Assets 3

Changes in 1.0

Flatpak 1.0 is the first version in a new stable release series. This
new 1.x series is the successor to the 0.10.x series, which was first
introduced in October 2017. 1.0 is the new standard Flatpak version,
and distributions are recommended to update to it as soon as possible.

The following release notes describe the major changes since
0.10.0. For a complete overview of Flatpak, please see

For users, app developers and distributors

Flatpak 1.0 marks a significant improvement in performance and
reliability, and includes a big collection of bug fixes. 1.0 also
includes a collection of new features, including:

  • Faster installation and updates.
  • Applications can now be marked as end-of-life. App centers and
    desktops can use this information to warn users who have an end-of-life
    version installed.
  • Permissions now use an up-front verification model: users are
    asked to confirm app permissions at install time, if an update
    requires additional permissions, the user must also confirm.
  • A new portal
    allows apps to create sandboxes and restart themselves. This allows
    applications to restart themselves after they have been updated (to
    start using the new version), and to increase sandboxing for parts
    of the application.
  • flatpak-spawn is a new tool for running host commands (if
    permissions allow) and creating new sandboxes from an app (this
    uses the above portals APIs).
  • Apps can now export D-Bus services for all the D-Bus names they are
    privileged to own (rather than just the application ID).
  • Flatpak's support for OCI bundles has been updated to the latest
    specification. Also, AppData can now be distributed through OCI
  • Host TLS certificates are now exposed to applications, using
    p11-kit-server. This removes a point of friction when accessing
    network services in some environments.
  • Apps can now request access the host SSH agent to securely access
    remote servers or Git repositories.
  • A new application permission can be used to grant access to
    Bluetooth devices.
  • A new fallback-x11 permission grants X11 access, but only if the
    user is running in a X11 session. For applications that support
    both Wayland and X11, this can be used to ensure that the app
    doesn't have unnecessary X11 access while in Wayland, but still
    works in an X11 session.
  • Peer-to-peer installation (via USB sticks or local network) is now
    enabled and supported by default in all builds.

The Flatpak command line also introduces new commands and options, including:

  • uninstall --unused automatically removes unused runtimes and
    extensions (if you've removed all apps that depend on a runtime, or
    all the apps you had depending on it have upgraded to a newer
  • New info options, including --show-permissions,
    --file-access, --show-location, --show-runtime, --show-sdk.
  • repair - fixes broken installs by scanning for errors, removing
    invalid objects and reinstalling anything that's missing.
  • permission-* - allows interaction with the portals permissions
    store. This is useful for testing and for getting back to a clean
  • create-usb - can be used to prepare an repository to be used as a
    local updates source.

Finally, the command line has a collection of other improvements, such as:

  • If --system or --user aren't specified, one is automatically
    picked if it is obvious (or it will ask if the correct option isn't
  • The install, update and uninstall commands now ask for
    confirmation of changes before proceeding, in order to prevent
    mistakes, and to show the required application permissions.
  • The uninstall command now does not allow you to remove a runtime
    if some installed application requires it.
  • flatpak remove is now an alias for flatpak uninstall.

For Linux distributors, OS and platform developers

  • Flatpak no longer requires a filesystem that supports xattr.
  • Portals are now more cleanly separated from Flatpak, thanks to the
    document portal and permission store having been moved to
    xdg-desktop-portal. It is recommended that the flatpak package has
    a weak dependency on xdg-desktop-portal.
  • libflatpak now has a transaction API for install, update and
    uninstall operations. This means that it is much easier to use as
    the basis of app centers and other graphical app management
  • Flatpak now sets several HTTP headers when installing applications,
    which make it easier for Flatpak repositories to log things like
    app download statistics and Flatpak versions in use.
  • It is now recommended that Flatpak packages add a dependency on
    p11-kit-server, as this allows apps to access host
    certificates. However, this does not need to be a hard dependency.
  • Requires bubblewrap 0.2.1 or later, and comes bundled with 0.3.0.
  • Requires OSTree 2018.7.
$ sha256sum flatpak-1.0.0.tar.xz 
e61bd01cffbbbb2ecd6a0946307987f9de795533358ba6ed7c63ce0c9f3b03e7  flatpak-1.0.0.tar.xz

@alexlarsson alexlarsson released this Jul 10, 2018 · 110 commits to master since this release

Assets 3

Major changes in 0.99.3

  • Fixed case where system install would sometimes fail
    due to the system-helper idle exiting.
  • Support installing flatpakref files in FlatpakTransaction,
    including a new signal add-new-remote for when remotes
    might be added.
  • Added some new FlatpakError codes.
  • We now support .flatpakrepo files with no gpg signatures
  • Fix crash in system-helper when updating appstream
  • New command create-usb which can be used to prepare
    an repo for offline updates.
  • Fix some non-handled cases of the CLI not working when
    /var/lib/flatpak doesn't exist.
  • Fix crash when running with a gid that is not in
  • Add new permission-* commands to interact with the
    permissions store from the portals.
  • Include appdata in OCI bundle.
$ sha256sum flatpak-0.99.3.tar.xz 
d3ab44c8174f9c2b69b09ac630d5d1987bfe529226d7eca6ac1c7d8f438fa671  flatpak-0.99.3.tar.xz

@alexlarsson alexlarsson released this Jun 27, 2018 · 174 commits to master since this release

Assets 3

Major changes in 0.99.2

  • Fix race condition on instance id allocation
  • Translation updates
  • Build fixes for new glibc versions
  • Build fixes for new libsoup versions
  • Build fixes for old glib versions
$ sha256sum flatpak-0.99.2.tar.xz
dcdff70f996fbc056b6e8e590203f970c2b138a5f0863625251524d1ba1588b1  flatpak-0.99.2.tar.xz

@alexlarsson alexlarsson released this Jun 21, 2018 · 187 commits to master since this release

Assets 3

Major changes in 0.99.1

This is the first pre-release before flatpak 1.0. This is considered
feature-complete and we expect no features or major changes before
1.0, only bugfixes.

Note: There were some (minor) API changes in the FlatpakTransaction
APIs that were added in 0.11.8, so please don't use the old
version. (Note: I know of no user of this API).

Changes since last minor release:

  • Ostree 2018.6 is required, and with this, the p2p code in
    flatpak is made non-optional.
  • flatpak install/update/ininstall now lists all the operations
    that it will do and asks for confirmation before starting.
  • In the above confirmation the permissions (new permissions
    for updates) are shown for all applications.
  • The FlatpakTranscation API has a new ::ready signal that
    allows users to do similar confirmation prompts.
  • P2P updates are more efficient
  • system-wide installation uses less fsync calls so should
    installation should be faster.
  • New ssh agent permissions allows granting an app
    ssh access.
$ sha256sum flatpak-0.99.1.tar.xz 
00b25c57c1015a8aea589ee740142571afcd81d838dc79b38b378cc26c751538  flatpak-0.99.1.tar.xz

@alexlarsson alexlarsson released this Jun 13, 2018 · 233 commits to master since this release

Assets 3

This release fixes an issue where app startups would block
for 25 seconds on Ubuntu bionic due to an interaction with older
versions of p11-kit.

Major changes in

  • Fix a 25 second timeout on startup if using p11-kit < 0.23.10
  • Minor change in dbus proxy default filter, now broadcasts are
    not accepted from portals.
$ sha256sum flatpak- 
be463fb628490252aea10e7855bb4a522cc1b57856509cf50e21009067c8f3b5  flatpak-

@alexlarsson alexlarsson released this Jun 11, 2018 · 239 commits to master since this release

Assets 3

Major changes in

  • Fix crash when building some apps
  • Allow multiple appstream components per app
  • Fix handling of gl drivers in uninstall --unused
  • Don't prompt if nothing changed in uninstall --unused
  • Longer timeouts in test suite
  • Updated translations
$ sha256sum flatpak-
c73513135c794231d846eefae6b6b04cadda4f101d155484e63bc7e34177820d  flatpak-

@alexlarsson alexlarsson released this Jun 8, 2018 · 250 commits to master since this release

Assets 3

Major changes in

  • Fixed regression running apps with --own=* permissions
$ sha256sum flatpak- 
9b2356a105da2d0a0332150f5a242a78ca3957f991db5d785c256fdad00cd06a  flatpak-

@alexlarsson alexlarsson released this Jun 7, 2018 · 253 commits to master since this release

Assets 3

Major changes in 0.11.8

  • Flatpak uninstall now accepts --all to remove everything and --unused to remove unused
  • New command "flatpak repair" allows checking and repairing a flatpak installation.
  • New permission --allow=bluetooth allows use of AF_BLUETOOTH sockets
  • If p11-kit-server is installed on the host, this is now used to forward the host
    certificate trust store to the sandboxed app.
  • New transaction API in libflatpak that makes it much easier to implement
    installation and updates in frontends.
  • Flatpak uninstall now does not allow you to remove a runtime if some installed app requires it.
  • We now have tab-completion for zsh.
  • New installations of flatpak now defaults to bare-user-only repos, which means
    that it works with filesystems that don't support xattrs.
  • New flatpak info options: --show-location, --show-runtime, --show-sdk
  • New flatpak remote-info options: --show-runtime, --show-sdk
  • p2p operations now work when offline.
  • Work around hanging on app startup on blocking autofs mounts.
  • The dbus proxy filtering now works matches the new dbus containers filtering API.
  • Various optimizations make installation and updates faster. In particular
    operations like running triggers and pruning only happens once per
    install/update operation.
  • We now respect multiple extension versions matches when auto-downloading extensions.
  • New http header Flatpak-Upgrade-From sent when upgrading.
  • Commands like "flatpak info/list/remotes/seach" now work properly if /var/lib/flatpak doesn't exist.
  • The bubblewrap version required for system-bwrap is now 0.2.1.
$ sha256sum flatpak-0.11.8.tar.xz 
4978e287a756dbe94556d7e200bdec85f9e8478906ff05027430af7ca7313008  flatpak-0.11.8.tar.xz

@alexlarsson alexlarsson released this May 3, 2018 · 399 commits to master since this release

Assets 3

Major changes in 0.11.7

  • Fix regression in installing .flatpak bundles
$ sha256sum flatpak-0.11.7.tar.xz 
1099f3115972f40940ac02af5981bc56931fba662b6875b776e45264f69104ef  flatpak-0.11.7.tar.xz

@alexlarsson alexlarsson released this May 2, 2018 · 405 commits to master since this release

Assets 3

Major changes in 0.11.6

  • Further work on the export filename regression, now also fixes the
    same issue as in 0.11.5 but in flatpak build-finish.
  • Fix segfault when installing from .flatpakref in gnome-software
  • Build yacc parser from source.
  • Don't tab-complete Sources/Locale/Debug extension by default.
  • Fix tests on debian.
$ sha256sum flatpak-0.11.6.tar.xz 
568782f2d2eeb6874d6a8b950ad5f8e862bfdfe9eb4bc143173a4a5e87a2c82c  flatpak-0.11.6.tar.xz