Yes. Ubuntu has two main repos, main and universe.

main is relatively small and includes everything that comes with Ubuntu by default. Canonical secures this repo with security fixes for everyone.

universe is not officially supported by Canonical. It’s updates are done by community members. However, Ubuntu started a service called Ubuntu Pro / ESM that provides updates for packages in universe. It’s opt in because Canonical wants companies using Ubuntu to pay for Pro in order to help fund Ubuntu. However, Pro is also free for personal use on up to 5 machines, so there’s no reason not to enable it. f it was enabled by default then no one would pay for it.

Haven’t heard about any distros removing Firefox from the repos.

It’s possible that some distros may go an IceWeasel by default route, but I see that as unlikely.

Problem is that it wouldn’t launch for them. Fedora has an RPM for it, but I don’t think Ubuntu does.

Try “flatpak override —user —reset” and “Flatpak override —system —reset”.

GTK3->GTK4 should be easier than GTK2->GTK3.

The frog color management protocol is based on the upstream protocol. They used an experimental version to bring the feature to Steam Deck faster.

Though Frog did do a good job with pushing FIFO forward.

Are you sure about that? KDE has a feature that lets Xwayland apps snoop if certain keys are pressed, but Gnome does not.

Apps need to add support for the new portal system. Chromium is adding (or added?) support, so Discord may implement it once they use an Electron version with support.

If you’re using KDE, you can tell Discord to use X11 and use KDE’s feature to let X11 apps snoop on key presses.

Already merged there some time ago.

The traditional insecure global shortcuts system works in Xorg.

Gnome Extensions run in the Gnome shell, so they have special privileges.

Wayland’s security focus prevents apps from listening in on all user key presses, which means they can’t know you used a keyboard shortcut unless the app is focused.

The Global Shortcut Portal was made to address this. An app registers for a global shortcut, and when the user activates the shortcut, the portal tells the app that it’s been activated.

Fedora Flatpak exists to match Fedora’s philosophy on FOSS, patented software, and security.

Everything in Fedora must be FOSS and free of legal issues, like codecs. Fedora also takes security seriously, so all their Flatpaks use dependencies all from Fedora repos.

Fedora never called it official. It lacked the verification tick that official Flathub packages get and right under the install button in Gnome Software, the install source says “Fedora Linux”.

Flathub isn’t quite default, but it’s an option in the setup screen. It’s also the lowest priority.

Provided they fix the issues they outlined, yes.

Fedora aims for FOSS, software unencumbered by patents, and security.

Flathub explicitly allows proprietary and patented software.

And since they want upstream apps to publish their apps and not scare them away, security isn’t as strong. Apps are allowed to use EOL runtimes and apps roll their own vendored dependencies. Fedora Flatpaks solve this problem by building all their flatpaks from their distro packages.

That uses the experiemental of the color management protocol. Now that the protocol is stable, it will be exposed by default. And hopefully we shouldn’t need to install additional software, set environmental variables, or pass command line flags.

It means it can play HDR videos in Wayland environments that support the protocol (Gnome, Plasma) among other color improvements this protocol brings.

Videos may use different color spaces. So it’s good to tell the composition which colorspace you’re using so you don’t end up losing detail and distorting colors when displaying them.

(I’m also by no means a color expert, might have gotten some details wrong).

OBS continued using the EOL runtime because of Qt regressions introduced in the updated KDE runtime. The OBS team decided the security risk of sticking to the EOL runtime was small, so they didn’t update.

But that still does mean that users were no longer receiving security updates. Ideally, OBS should have moved to the standard Freedesktop runtime and vendored in the older Qt dependency. That way, the they would still be receiving security updates for everything in the Freedesktop runtime. Then once the regressions were fixed, they could move to the updated KDE runtime and remove the vendored Qt dependency.

Overall, the risk OBS had was small. But it demonstrates a larger issue with Flathub, which is that they don’t take security as seriously as Fedora. There are hundreds of flatpaks in Flathub that haven’t been updated in years, using EOL runtimes and vendored dependencies that get no updates.