Security of unverified flatpaks

The first question is very technical; I wish there were detailed documentation pages to answer your question. Here’s what I could find: * Basic concepts - Flatpak documentation * Basic concepts - Flatpak documentation * Sandbox Permissions - Flatpak documentation Second question: Even modified source code must use the same sandbox permissions. Otherwise, some major changes made to the manifest file will automatically trigger certain alarms, and the application will not be released. We also track changes made to the manifest file. I wish there was a restriction preventing changes to the main repository. Sometimes applications change repository names, sometimes developers change usernames, and there is currently no strict restriction against changing the main repository URL. I couldn’t find any documentation to link to regarding the last question. That’s all the information I have. I didn’t want to just paste an AI-generated answer. /Google Translate