Introduction

APM (AppImage Package Manager) is a next-generation package manager for Linux. It takes the simplicity of AppImages and adds the efficiency of content-addressed storage (CAS) and the security of a hardened sandbox.

Why APM?

While AppImages are great for portability, they often lead to wasted disk space because every app bundles its own copies of large libraries like Electron, Qt, or GTK. They also run with full user permissions by default.

APM solves this by:

1. Deduplication: When you install an AppImage, APM extracts its contents into a Content-Addressed Store (CAS). If multiple apps use the same version of a library, it is only stored once on your disk.
2. Zero-Config Sandboxing: Every app runs inside a Sydbox-based sandbox. APM automatically applies security profiles (leveraging heuristics and Landlock) so you don’t have to worry about permissions.
3. Smart Updates: Supports delta updates via zsync and HTTP Range requests, ensuring you only download the parts of an app that have actually changed.

Key concepts

• AppImages are the primary distribution format. APM can install any standard .AppImage from a URL or local file.
• CAS (Content-Addressed Store) is where all application files are stored by their hash, enabling massive disk savings through hardlinks.
• Sandboxing isolates every app using Sydbox, restricting access to the filesystem, network, and devices unless explicitly allowed.
• DNS verification (Optional) allows developers to sign their AppImages and tie them to a verified domain for maximum trust.

Next steps

• Get started with installing APM and your first AppImages.
• How it works for a deep dive into deduplication and sandboxing.