Does the flatpak
package manager in Fedora-based systems require successful cryptographic authentication and integrity validation for all packages?
I know that software downloaded with apt-get
packages must be cryptographically verified because the repo's manifest files (synced with apt-get update
) are cryptographically signed.
But what about flatpak
?
Do Operating Systems with flatpak
require valid signatures from a pinned set of keys on all packages by default?