Thank you, it seems every way I go i make the wrong choice lol
Welcome to linux.
What you were told about appimage depending on legacy stuff is also not true, it is the libfuse2 dependency, which hasn't been a dependency of AppImage for 3 years (though some projects haven't updated yet).
It also isn't a big deal if you run into an appimage that still depends on it, archlinux which is a rolling release distro, some of its packages like mtpfs and ntfs-3g still depend on libfuse2 as well. And you can still run the AppImage by setting the env variable APPIMAGE_EXTRACT_AND_RUN=1 to avoid having to install libfuse2 in those cases.
You don't have namespaces still...
For reference, chromium will not launch without that, you have to pass the
--no-sandboxflag and brave iirc disabled that all together.Not really an issue with chromium because you do have working namespaces sandbox thru zypack, although some disagree that this is safe
Disable the self updates in that case... before you were saying that AppImages had no way to self update and now are saying that you don't recommend it?
Also what validation are we talking about? the one that flathub does? The most you will get is recognizing that the application comes from upstream, you can even ship pre-compiled binaries thru flathub.
Such as?
EDIT:
With AppImage you have this outside the application thru the zsync delta updates, the info is embedded in the appimage and it is checked by appimageupdatetool, appimagelauncher, and similar and let you know when there is an update available without the application itself doing the check.