After a long hiatus of two and a half years since the previous release of Flatpak 1.14, the Linux app sandboxing and distribution framework has been significantly updated to version 1.16. This new version marks a major shift in the platform with a wide array of new features and enhancements aimed at improving functionality and user experience. Among the many updates, notable features include USB device listing, KDE search completion support, and the transition from Autotools to Meson for compiling Flatpak. These changes acknowledge the evolving needs of the user community and represent Flatpak’s commitment to maintaining a robust and reliable platform.
One of the most significant features introduced in Flatpak 1.16 is the ability to create a private Wayland socket using the “security context” extension. This functionality allows the compositor to identify connections from sandboxed apps, adding an extra layer of security and control. Another essential update is the inclusion of the modify_ldt system call as part of the –allow=multiarch command, which is particularly crucial for running 16-bit executables in certain versions of Wine. Additionally, an HTTP backend variable has been included in flatpak.pc, which is a boon for dependent projects like GNOME Software that rely on compatibility with the libflatpak library.
Key Upgrades and Enhancements
Among the array of new features in Flatpak 1.16, a notable improvement is the mechanism to clean up old temporary deploy directories during updates. This new method ensures that outdated directories do not accumulate over time, which can otherwise lead to clutter and potential conflicts. The addition of the –device=input option provides access to evdev devices, facilitating smoother hardware interactions for applications that require detailed device input functionality. Furthermore, terminal emulators will now display Flatpak operation progress more effectively, offering users a clearer insight into ongoing processes.
Another critical improvement is the introduction of the new flatpak_transaction_add_rebase_and_uninstall() API. This API significantly aids in the smoother replacement of end-of-life Flatpak applications, ensuring that obsolete versions are removed efficiently without causing interruptions or conflicts with other software. Users who faced issues with environment variables, specifically the FLATPAK_GL_DRIVERS variable, will now find that these variables are correctly inherited from the original flatpak run command. The updated version allows for the automatic removal of obsolete driver versions and other auto-pruned references, enhancing system efficiency and reducing the risk of compatibility issues.
Enhanced Security and Flexibility
Flatpak 1.16 also brings robust enhancements in terms of security and flexibility. It supports Kerberos authentication without requiring a breach of the sandbox, which is a significant step forward for user privacy and security when accessing network resources. The introduction of several environment variables, such as FLATPAK_DATA_DIR, FLATPAK_DOWNLOAD_TMPDIR, and FLATPAK_TTY_PROGRESS, offers users greater configuration flexibility, making it easier to tailor the platform to specific needs and preferences.
The update also addresses the necessity for improved accessibility by supporting connectivity between sub-sandbox and main process accessibility trees. This feature is particularly critical for applications such as WebKit, ensuring that they remain performant and accessible. Developers and users can now also run Flatpak with verbose verbosity, which displays sandboxing parameters and debug messages extensively, aiding in troubleshooting and configuration adjustments without needing to dig through less intuitive logs or data.
Conclusion and Recommendations
After a two-and-a-half-year break since the last release of Flatpak 1.14, the Linux app sandboxing and distribution framework has been upgraded to version 1.16. This update is a major advancement, bringing numerous features and enhancements to improve functionality and user experience. Key updates include USB device listing, KDE search completion support, and switching from Autotools to Meson for compiling Flatpak. These changes show Flatpak’s dedication to addressing the evolving needs of its user community and ensuring the platform remains strong and dependable.
One standout feature in Flatpak 1.16 is the creation of a private Wayland socket using the “security context” extension. This feature allows the compositor to recognize connections from sandboxed apps, providing enhanced security and control. Another significant update is the addition of the modify_ldt system call in the –allow=multiarch command, crucial for running 16-bit executables in certain Wine versions. Furthermore, an HTTP backend variable has been added to flatpak.pc, greatly benefiting dependent projects like GNOME Software that require compatibility with the libflatpak library.