Disclaimer
Flatpak uses OSTree, like Fedora Atomic Desktops (Silverblue, Kinoite etc) and similar to BTRFS snapshots.
So many files are deduplicated and linked, not actually there
https://gitlab.com/TheEvilSkeleton/flatpak-dedup-checker
50GB without
31GB with deduplication
21,4GB with BTRFS compression
Firejail has some major vulnerabilities if you want to be secure. Bubblejail would be preferred but it has even less documentation not to mention presets like with Flatpak. So you need to sandbox every app yourself afaik
This is news to me, one of these major vulnerabilities?
https://madaidans-insecurities.github.io/linux.html#firejail
https://seclists.org/oss-sec/2017/q1/25
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firejail
interesting, ill have to read more on these