I think it's dumb. Software only hosted on Github without a dedicated website shouldn't use com.github.appname. If Flatpak adopts parts of Android's security system, all com.github.* applications could access each others data. That's awful but I don't think it's going away. It's too late for that.
Now that I think of it, what I would wish for is for an the Flatpak published a guideline how to deal with developers who don't have a domain name, eg. flatpak.devname.appname instead of com.github.appname
I'm curious about what you mean by the issue with Android's security model. Apps can have whatever package name they want (… Well, I am sure you can't publish a com.google package on the Play Store) so that doesn't make sense.
The only thing I can imagine you're referring to is data sharing between applications signed with the same key, but that's not the package name.
From what I've read, applications by the same vendor can automatically log into the vendor's services after one app is logged in because they share the same name space. What else would name space be if not com.facebook., com.google., com.microsoft.*, etc.?
Flatpak already has an established security model.
You are not a Flatpak core developer, so you have absolutely no idea whether they decide if different applications from the same vendor will at some point be allowed to access each others data.
Your statement is pointless
It's not pointless to think about possible future decisions a crucial piece of software might have to make. I also replied to a question from OP, so it's not your decision what is pointless and what isn't anyway.
and you are rude.
If you think that being an uninvited "But actually" comment isn't rude, you have a skewed sense of reality. I was answering a question from OP, not yours. You're the one who engaged with that attitude. Look in the mirror before making accusations.
Edit: Blocking you now. Not engaging with a brat any longer.
I think it's dumb. Software only hosted on Github without a dedicated website shouldn't use com.github.appname. If Flatpak adopts parts of Android's security system, all com.github.* applications could access each others data. That's awful but I don't think it's going away. It's too late for that.
Now that I think of it, what I would wish for is for an the Flatpak published a guideline how to deal with developers who don't have a domain name, eg. flatpak.devname.appname instead of com.github.appname
I'm curious about what you mean by the issue with Android's security model. Apps can have whatever package name they want (… Well, I am sure you can't publish a
com.googlepackage on the Play Store) so that doesn't make sense.The only thing I can imagine you're referring to is data sharing between applications signed with the same key, but that's not the package name.
From what I've read, applications by the same vendor can automatically log into the vendor's services after one app is logged in because they share the same name space. What else would name space be if not com.facebook., com.google., com.microsoft.*, etc.?
I'm pretty sure they have to be signed with the same keys only
See the 3rd bullet point here https://developer.android.com/studio/publish/app-signing#considerations
Huh. Maybe it was different before or whatever I've read was just wrong. Good to know.
It’s not android so that’s not how permissions work.
Which part of "If Flatpak adopts parts of Android’s security system" don't you understand? Do you need help with conditionals in the English language?
Flatpak already has an established security model.
Your statement is pointless and you are rude.
You are not a Flatpak core developer, so you have absolutely no idea whether they decide if different applications from the same vendor will at some point be allowed to access each others data.
It's not pointless to think about possible future decisions a crucial piece of software might have to make. I also replied to a question from OP, so it's not your decision what is pointless and what isn't anyway.
If you think that being an uninvited "But actually" comment isn't rude, you have a skewed sense of reality. I was answering a question from OP, not yours. You're the one who engaged with that attitude. Look in the mirror before making accusations.
Edit: Blocking you now. Not engaging with a brat any longer.
Looks you're talking about flathub, not flatpak…
So flatpak itself does not enforce the use of the reverse DNS naming scheme?
Flatpak uses a . separator for namespaces. Mostly because DBus does.
The association with a real domain is a Flathub policy.