I love how Canonical just has to double down on a double down on a double down. Years of wild ideas, and still the fundamental issues of snap aren't addressed at all, at best worked around with changes on the app.

During the last 1.5 years or so, I've heard such propaganda a lot from advocates of both Snaps and Flatpaks. You know, about all the benefits of getting the software directly from the developer and that repackaging it for different distros is a waste of time.

Recently, I've scrutinised the distro packaging process (previously I didn't know at all about how packages are made) and it made me appreciate traditional packages like never before. Particularly, I like the fact that packaging provides additional wall of security which you don't have if you get the software directly from the developer. What if the developer makes his software do something malicious and no one catches it before it gets to the user?
I also like the fact that at least some distros like Debian work closely with upstream. For example, Debian packagers may find bugs and report them to upstream. One thing I dislike about open source software in general is the over-reliance on users for reporting bugs. At least with distros like Debian, the packagers essentially also participate in bug reporting, not just the users. Again, something that's impossible if you get the software directly from the developer.

For fucks sake Canonical, just drop it!
How long are you still willing to try to force push this crap, while people are resisting?

I hate to spoil it for you, but the package maintainer can do the same. The package goes through a proper review only once, then you can make changes and don't have to ask.
I maintain applications both on Flathub and in a distro repository and I have to say that Flathub has been much more pushy about doing things right. They for example forced me to remove permission that became unnecessary when the app had already been on Flathub for 3 years. My packages in distro repos have never received so much scrutiny after they got in.

Nah, I don't think distro packagers catch more bugs than other people. Problem in compiling process? Sure, but how the software is actually used, everyone has same chance to encounter a bug.

And about downstream patches, there's a reason why a patch doesn't get merged. If you want to include those patches in your distro. Fine, you do you... Not really. There's just so many bug reports in upstream caused by downstream patches. Did I say so many? I mean fuckton of them, thousand of hours of developers time wasted just to find out that that bug a user reports, doesn't even exist in their software.

Remember, a packager will never be smarter than the developer. (No offense packagers out there thanks for keeping open source alive 🥰🥰). Devs just have more thingz to consider, more responsibility to users than packagers

Which distro are you talking about? Cause I'm sure not all distros have the absolute same level of scrutiny.

I've looked at the sandbox permissions of a lot of Flathub apps and I have to say many of them are too lax. Like why in the world does LibreOffice and image viewers have full filesystem read/write access when it should at the very least be limited just to your home directory? Maybe the fact that your app has been 3 years on Flathub is most likely the reason why at some point someone scrutinised your app and asked you to remove unnecessary permissions.
There are now over 2400 apps on Flathub, which is a lot, so I think there's no way someone constantly sits and manually checks if every single app has proper permissions.

On another note, I do agree that Flathub really tries to do things right. That's unlike the SNAP Store, which clearly prioritises quantity over quality, the speed of publishing the app and the overreliance on automatic reviews, which afair the reason it was hit by malware twice now.

Well... Can't wait to try it out!

Probably because of a forest of little things like "If you plug a USB stick in, it mounts under /media, not /home", combined with how you need --filesystem=host to get /usr/share/doc available at /var/run/host/usr/share/doc. so LibreOffice can be used as a reader for RTF- or ODT-format documentation (they're rare but do exist) before they get around to supporting the file chooser portal.

If not for that last one, I could definitely see a case being made for specifically enumerating the places to grant but, with it, it's very tricky to have a setup that Just Works™ reliably for users... and prioritizing "Just Works™" over "best sandboxing" is the name of the game for a lot of these Flatpak maintainers because they don't want people trying the Flatpak option, seeing something broken, and writing off Flatpak entirely as "it sucks".

The OBS and openQA beg to differ.