If you didn't notice: There is a 1.6.0 release of Riot on its way to Flathub :)

Riot 1.6.0 bring the new and shiny cross-signing features. Means you get TOFU now, can cross-sign your devices and users, which allows easy to transfer trust between all your matrix sessions.

Just make sure you use RiotX on Android in order to have all devices compatible :)

Preparing Riot.im 1.6.0 build in Flatpak…

Due to the new search feature for encrypted history, I'm currently building TCL as tclsh is needed to build sqlcipher, which is needed for this feature.

We are getting there!

There is a security update for Riot out. Please updates your clients as soon as possible.


The newest version is already on Flathub, therefore `flatpak update` should get you safe again.

Today I checked the in from . Looks usable on first sight. For most people that's a nice and easy step forward in browser security. Sadly I can't use it due to my integration with Yubikeys and other programs. But for most users who aren't using all this fancy stuff, It's a great option.

And for those worried "flatpak leads to outdated dependencies", nope, the version from registry.fedoraproject.org uses basically the same CI mechanisms as the RPM version.

Just pushed the newest version of to you 🙂

Expect the delivery within the next 24 hours. 📦

By the way, there was an update for Riot yesterday.

When you use Gnome Software and have automatic updates for flatpaks activated, it's very likely you have it already installed.

Otherwise, go for it :)

For CLI users: `flatpak update` will do the job.

Riot v1.1.1 is on its way to your desktop 🎉

The Flatpak was updated. Just waiting for the build to finish and publishing to flathub.

When Gnome Software is configured properly on your system, you'll just get a notification that Riot was updated in Background as soon as it made it to your system 🚀

For everyone else: Run `flatpak update` tomorrow and it should wait for you to install 🙂

By the way, the Riot 1.1.0 flatpak is on its way 🎉

Just wait for the repository metadata to be updates and things will arrive on your workstation :)

Looking for opinions on Flatpak isolation for .

Right now we only allow write access to the Downloads directory, which causes problem with drag and drop and sending files in general. We currently considering to give access to the entire home directory, but the big question is: Allow writing or read-only access?

Discussion can be found here:


If someone is into CPP or electron development, please have a look at:

When there is one thing I don't want to care about, then it's updates for software installed on my notebook.

Thanks to with and this works amazingly well.

I recommend to try that :)

By the way, for those of you who didn't already get the update: Riot 1.0.6 is available as flatpak 🎉

Today I learned: There is a new project called . It's a new, native Gnome applications using the keepass password database format (v4), which means it's compatible to KeepassXC.

And it's available on Flathub: flathub.org/apps/details/org.g

It's just a few months old, so give it some time to add more features, The streamlined UI looks quite good!

Project repository: gitlab.gnome.org/World/Passwor

Do you know what's great? When things just work.

Do you know what's even greater? When you merge something, and it causes upgrades on at least a few hundred but maybe a few thousand devices and it just works.

Oh and by the way I merged 1.0.5 recently which is rolled out to all users who use it from there :)

Those of you who run an up-to-date Fedora version will get it installed automatically in background. Just great :)


The Riot 1.0.4 flatpak is out 🎉

Given that you run an up-to-date version of Gnome Software, it'll by installed automatically in background 🙂

Otherwise it's time to run `flatpak update`!

I'm now an official maintainer of the Riot flatpak on flathub 🎉

I will try to make sure that we get the latest and greatest version of Riot as flatpak as soon as possible.

For those who run Riot as Flatpak and want to try the latest version, I created a PR. And buildbot was so friendly to provide a build of it, so you don't have to trust me:


/cc @matrix

So RedHat build a flatpak version of Firefox perfectly integrated with Gnome and granularly isolated from the rest of the system. Which means even a compromised Firefox can't steal your SSH keys…


There is just one problem: Of course those are all unofficial builds and there is no intend by Mozilla to take this project's work and create official Firefox builds on it. It's really sad…