I hear great things about the Nix package manager and AppImages, but I personally use the AUR. The vast majority of what I use is in the Arch official repositories.
I’m also not saying to not use Flatpak, but you shouldn’t be using it for sandboxing or depend solely on its purported security benefits on mission critical systems.
What constitutes a reasonably secure package management system depends on your threat model (no such thing as 100% secure).
I hear great things about the Nix package manager and AppImages, but I personally use the AUR. The vast majority of what I use is in the Arch official repositories.
I’m also not saying to not use Flatpak, but you shouldn’t be using it for sandboxing or depend solely on its purported security benefits on mission critical systems.
What constitutes a reasonably secure package management system depends on your threat model (no such thing as 100% secure).
+1 for nix. I use it daily, and it’s great. A lot of apps are packaged in nixpkgs, too.