I just tried to update all my flatpaks on my system using sudo flatpak update
and got the following error:
Error: While downloading https://api.snapcraft.io/api/v1/snaps/download/H8ZpNgIoPyvmkgxOWw5MSzsXK1wRZiHn_23.snap: Server returned status 404
It seems very strange to me. snapd
isn’t installed, so nothing should be making calls to the snap API as far as I’m aware.
The download attempt seems to be coming from the com.authy.Authy
app. sudo flatpak update com.authy.Authy
makes the error appear. This is not the case for the other flatpak apps.
It also shows the following EOL warning:
Info: app com.authy.Authy branch stable is end-of-life, with reason:
The Authy Desktop app have their End-of-Life. It is recommended to switch to use their mobile apps instead or other equivalent desktop apps.
I suspect the app attempts to somehow install the snap package as a replacement (although that’s a bit strange considering that one is also deprecated).
Does anyone have an idea what might be going on?
Here are the syscalls from during the update process mentioning snap
.
statx(AT_FDCWD, "/root/.local/share/flatpak/extra-data/26e56aeca2aa53c5983fbbcb115f72456cd28093171323b3144e280dac91135a/authy.snap", AT_STATX_SYNC_AS_STAT|AT_SYMLINK_NOFOLLOW|AT_NO_AUTOMOUNT, STATX_ALL, 0x7ffc09fb0920) = -1 ENOENT (No such file or directory)
write(2, "Error: While downloading https:/"..., 141Error: While downloading https://api.snapcraft.io/api/v1/snaps/download/H8ZpNgIoPyvmkgxOWw5MSzsXK1wRZiHn_23.snap: Server returned status 404
Dark Arc is spot on, also, the original package is taken off from snap store due to Twilio killing their authy desktop app:
It looks like the flatpak internally uses snap. Very strange setup:
https://github.com/flathub/com.authy.Authy/blob/master/com.authy.Authy.yaml#L42
It’s all on flathub though, it’s no secret.
That’s indeed a very interesting way to package a flatpak.
No idea what’s going on, but it looks super fishy.