Jump to contentJump to page navigation: previous page [access key p]/next page [access key n]
Applies to AppStream 0.12

2 Upstream Metadata

AppStream allows upstream projects to define metadata about the components they provide using small XML files, metainfo files, which get installed into locations on the client system and are used by distribuors to enhance their metadata.

A "component" is a piece of software, like an application, a library, a font or a codec. For several components, especially those which are shown in software-centers, we provide specialized metainfo files to define specific properties and data of these components. For example, applications and fonts support screenshots, while codecs don't.

All metainfo files need to contain a minimal amount of information, defined in the "Generic Component" section, which also describes some optional elements which can be used. Specialized components might require more information to be complete and valid.

The XML in metainfo files does not need any XML namespace, and adding one should generally be avoided. If you want to use a namespace though (maybe in case you want to embed the data in other contexts), the xmlns should be https://specifications.freedesktop.org/metainfo/1.0.

2.1 Generic Component

2.1.1 Introduction

For a distribution, it is good to know more about the content of a package. Which public interfaces (libraries? Python modules?) does it provide? Does it contain codecs? Does it contain firmware? Fonts? An application? All of this information can be used to automatically install missing software or to offer users a choice on what they want to install from a software center.

To provide this information, we created the metainfo files, which allow upstream projects to describe the content of their software package. If a metainfo file contains a <provides/> tag, distributors must also ensure that the package providing the file contains all items referenced by that statement, or is installed by a metapackage depending on packages which provide these items. This gives upstream projects a (very light) way to influence distributor packaging. More information about that can be found below.

Several specialized component-metainfo files exist, for example for applications or fonts. These are all based on this generic component XML specification, and are described in the following chapters.

2.1.2 Filesystem locations

Upstream projects can ship one or more metainfo files in /usr/share/metainfo/%{id}.metainfo.xml, where id is a unique identifier of this specific component.


Component metadata of type desktop-application as described in Section 2.2, “Desktop Applications” can be installed with an .appdata.xml extension as well for historical reasons. AppStream implementations will read the XML files as long as they end up in the right location on the filesystem.

Important: Legacy Path

AppStream tools scan the /usr/share/appdata/ path for legacy compatibility as well. It should not be used anymore by new software though, even on older Linux distributions (like RHEL 7 and Ubuntu 16.04 LTS) the metainfo path is well supported. Support for the legacy path will likely be dropped completely with a future AppStream 1.0 release.

2.1.3 XML Specification

The XML for a generic component definition starts with a <component> tag as the root element. The <component> element must at least have an id, name and summary tag; and a provides tag with appropriate children is highly recommended. All possible tags in the generic set are:


The <id> tag is a unique identifier for this component. It must contain only ASCII characters, dots, hyphens and numbers. Spaces are not allowed. While hyphens are allowed for legacy compatibility, their usage is strongly discouraged to ensure interoperability of the AppStream ID with other tools such as D-Bus (and thereby making the ID more generic and useful). For the same reason it is also strongly discouraged to start any segment of the ID with a digit. Additionally, even though uppercase letters are permitted in a component-ID, it is strongly encouraged to only use lowercase letters for the ID.

The ID must follow a reverse-DNS scheme, consisting of {tld}.{vendor}.{product}, for example org.kde.gwenview or com.hugski.colorhug2. Ownership of {vendor}.{tld} in the domain name system guarantees uniqueness of IDs.

To increase the uniqueness and to distinguish between different pieces of a software suite, it is suggested to append the type name to the component-id in these cases. For example, one can use com.hugski.colorhug2 for the client tools to control hardware, and com.hugski.colorhug2.firmware for the runtime firmware files.

Note that the value of this tag must be unique across all distributions and software deployment platforms. In case it is not unique, distributors are expected to reject the conflicting components from inclusion into their metadata and notify the upstream projects about this issue.

Important: Escaping characters in the component ID

To ensures the greatest possible compatibility of an AppStream ID, it is recommended to replace any hyphens in the ID with underscores, and prefix every leading digit of a section with an underscore as well. Since the underscore is not a valid character in domain names, the uniqueness of the ID is kept. For example, the ID org.7-zip.7zip could become org._7_zip._7zip.


The <metadata_license/> tag indicates the content license that you are releasing the one metainfo XML file under. This is typically not the same as the project license. Omitting the license value can result in your data not being incorporated into the distribution metadata (so this is a required tag).

A permissive (https://en.wikipedia.org/wiki/Permissive_software_licence) license ensures your data can be combined with arbitrary other data in one file (this means copyleft licenses like the GPL are not suitable as metadata license). Currently, only a restricted set of permissive licenses is supported by AppStream implementations. Valid permissive licenses include:


  • CC0-1.0

  • CC-BY-3.0

  • CC-BY-SA-3.0

  • GFDL-1.3

  • MIT

The license codes correspond to the identifiers found at the SPDX OpenSource License Registry (http://spdx.org/licenses/). For instance, CC-BY-SA-3.0 corresponds to the license at creativecommons.org/licenses/by-sa/3.0 (http://creativecommons.org/licenses/by-sa/3.0/).


A human-readable name for this software component. For example, if the component ID was "libc", its name might be "GNU Standard C Library".


A short summary of what this component does. If the component is "PackageKit", the summary could be "Provides a package-management abstraction layer".


The <icon/> tag describes the component icon. It is mostly used for GUI applications (component-type desktop-application). It can be of type stock, local or remote.

stock icons are loaded from the icon stock (the current or hicolor/locolor fallback themes). The icon name must not include any file-extension or path.

local icons are loaded from a file in the filesystem. They should specify a full file path. This icon type may have width and height properties.

remote icons loaded from a remote URL. Currently, only HTTP/HTTPS urls are supported. This icon type should have width and height properties.


A long description of this component. Some markup can be used.

Do not assume the format is HTML. This list contains all currently supported formatting options:

  • Paragraph (p)

  • Ordered list (ol), with list items (li)

  • Unordered list (ul), with list items (li)

  • Within paragraphs and list items, emphasis (em) and inline code (code) text styles are supported. The emphasis is commonly rendered in italic, while inline code is shown in a monospaced font.

  • Nested lists are not supported

In metainfo files, this tag should be translated by-paragraph, meaning that in a translated file, each translated <p/> child has a language property.


This tag can contain one or more <category>> entries, describing the categories this software component is associated with. This tag is usually applied to components of type desktop-application, but can be used with any component. A list of valid category names can be found in the Freedesktop menu specification (https://specifications.freedesktop.org/menu-spec/latest/apa.html). Example:


Defines web URLs for this component.There are several different URL types allowed:


Should be a link to the upstream homepage for the component.


Should point to the software's bug tracking system, for users to report new bugs.


Should link a FAQ page for this software, to answer some of the most-asked questions in detail, something which you cannot do in the component's description.


Should provide a web link to an online user's reference, a software manual or help page.


URLs of this type should point to a webpage showing information on how to donate to the described software project.


URLs of this type should point to a webpage where users can submit or modify translations of the upstream project.

Typically this should be a link to the project page in Weblate, Transifex or Zanata, but could also be a link to an upstream-hosted wiki page describing how to send translations upstream.


URLs of this type should allow the user to contact the developer.

This could be an email address (mailto link), a webpage (e.g. an online form or a page describing how to contact the developer) or some other valid URL.


This optional tag indicates possible methods to launch the software described in this component. It is allowed to appear multiple times in the metainfo data.

The <launchable/> tag has a essential type property indicating the system that is used to launch the component. The following types are allowed:


The application can be launched via a desktop file. The value of the tag is a desktop-file id (https://specifications.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html#desktop-file-id).

In case a software component has multiple launchable entries, the software center might display a dialog to choose which entry to launch. If possible though, it should be avoided to add multiple launchable tags of type desktop-id.


The software can be started, stopped, and monitored by the OS "init" facility, such as systemd. The value of the tag is a name that can be used with that facility, such as a systemd unit name.

Multiple launchable tags of type service are not alternatives to start the same service, but the component does contain multiple services that might all need to be started.

Only those services should be listed as launchables that the user is actually expected to start and stop manually. Services that are started/stopped indirectly via dependencies of other services should not be listed.

For systemd units, the services listed as launchables are expected to support enabling and disabling.


The software can be launched from the menus of the Cockpit (http://cockpit-project.org) admin interface. The value of the tag is the name of a Cockpit package (http://cockpit-project.org/guide/latest/packages.html).


The application is a web site that is viewed through a browser. The value of the tag is a direct HTTP/HTTPS URL that the browser must navigate to.


<launchable type="desktop-id">org.gnome.sysprof2.desktop</launchable>

The <releases> tag contains <release/> child tags which describe some metainformation about the current release of the described software. Each release of the software component should have a <release/> tag describing it, but at least one release child must be present for the current release of the software. The release children should be sorted in a latest-to-oldest order to simplify reading the metadata file.

A release tag can have the properties version, date and timestamp. The date property can have any time in ISO 8601 (https://en.wikipedia.org/wiki/ISO_8601) format as its value and should be present for every release. At least day-level granularity is required, which means that the ISO 8601 string must contain at least a full date (e.g. 2020-08-12). The timestamp tag contains the release time in the form of a UNIX epoch. This tag should not be used in metainfo files in newly written metadata, but will still be parsed in case it is present. The timestamp property is mainly used in generated distro-metadata. In case both release-time tags are present, the timestamp tag will take precedence over date.

A release tag may also have a date_eol property that denotes the date when the release stops to receive support from the software developers (end-of-life). Its value can be any complete date or time in ISO 8601 (https://en.wikipedia.org/wiki/ISO_8601).

Optionally, the <release/> tag may also have an urgency property, having one of the following values:

  • low

  • medium

  • high

  • critical

The urgency defines how important it is to install the new release as an update. This is especially important for type=firmware components. If no urgency is defined, a medium urgency is implicitly assumed. The urgency defines how the update will be presented to the user, and sometimes if it will be installed automatically and immediately, or delayed.

A release tag may have a type property to classify releases with one of the following values:

  • stable

  • development

By default, if no release type is defined, stable is assumed. A software displaying a listing of releases should only show stable releases and discard any development release if the current version is itself stable. It can show all versions when development versions of the software are also distributed.

Each release tag may have a description tag as child, containing a brief description of what is new in the release. The description tag is structured as described in <description/>.

A release may also have an url tag as child. The release url should point to detailed release notes that explain the changes made in this particular release. The url tag may have a type property with details as the only currently allowed value. If the type is missing, an URL type of details is implicitly assumed.

In order to mention issues that were resolved in a release, and especially reference CVE (https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures) IDs, issue tags can be used as children of one issues tag within a release. The value of an issue tag must be the bug number, ticket name, or CVE ID and is typically displayed to the user, but may also in case of CVE IDs be read by machines. If the value is a CVE ID, the type property of the issue tag must be set to cve. If the type property is missing, an issue type of generic is assumed. The url property can be used to provide a web URL to a details page on the respective issue. It is required for all issue types, except for the cve type, where it is optional.

To denote release artifacts, the artifacts child tag can be used. It itself contains the artifacts as artifact children. Each artifact tag must have a type property with the value of either binary or source to indicate whether the artifact is the releases' source-code or a binary distribution. In case of a binary type, an optional platform property may also be set, containing a target triplet (also known as normalized GNU triplet), such as x86_64-linux-gnu. Refer to Debian multiarch tuples (https://wiki.debian.org/Multiarch/Tuples#Used_solution) for a list of possible triplets to use and more information on their purpose. For the Windows platform, a platform identifier string such as win32 is also permitted as platform identifier. Binary artifacts may also have a bundle property to indicate the bundling system the binary distribution is made for. Refer to the bundle types in <bundle/> for a list of possible values. Each artifact can have a number of children:


Each artifact must have a location child, denoting the web location (HTTP or HTTPS) where it can be downloaded from. Multiple location tags are allowed to make it possible to have mirror options to download the same artifact from.


At least one checksum child must be present to contain the checksum of the released artifact. The <checksum/> tag has a type attribute, containing the name of the hash function that was used to create it. Currently aupported values (and hash sums) are: sha1, sha256, blake2b and blake2s. For most purposes (on 64-bit machines), using BLAKE2b (https://blake2.net) via the b2sum utility from GNU Coreutils is a good choice.


One or multiple size tags may also be present, which define the installed and download size of this component release artifact. The size type is defined via a type property on the size tag, and may assume the value download or installed. The size itself is set as the value and must be given in bytes.

Examples for a valid releases tag with artifacts:

  <release version="1.2" date="2014-04-12" urgency="high">
      <p>This stable release fixes bugs.</p>


      <issue url="https://example.com/bugzilla/12345">bz#12345</issue>
      <issue type="cve">CVE-2019-123456</issue>

      <artifact type="binary" platform="x86_64-linux-gnu">
        <checksum type="sha256">....</checksum>
        <checksum type="blake2b">....</checksum>
        <size type="download">12345678</size>
        <size type="installed">42424242</size>
      <artifact type="binary" platform="win32">
      <artifact type="source">
        <checksum type="sha256">....</checksum>
  <release version="1.1" type="development" date="2013-10-20" />
  <release version="1.0" date="2012-08-26" />

The provides tag and its children describe the public interfaces this application provides. A public interface can be anything which other applications, which are not part of the upstream project, can access or reference. This includes binaries and libraries. Private interfaces should never be added to a provides tag.

A provides tag contain a number of children describing the type and name of the provided public interface items. It is suggested that the build system auto-generates this tag and its children. Currently allowed item types are listed below. If you miss something, file a bug against AppStream (https://github.com/ximion/appstream/issues/new) so we can add the new type.


Contains the name of a shared library placed in a publicly accessible library path, such as /usr/lib, /usr/lib/<triplet> or /lib. For example, for the libappstream library, the value for library would be




Name of a binary installed into a location in PATH.


Full name of a font provided by this component. See Section 2.7, “Fonts” for more information.


A modalias glob representing the hardware types (for example USB, PCI, ACPI, DMI) this component handles. Useful for installing printer drivers or other USB protocol drivers for smartphones, firmware, and out of tree kernel drivers.


This provided element is described in details for the firmware component type, where it is mandatory. Please see <provides/> ↪ <firmware/> for more information.


Name of a Python 2 module this component provides.


Name of a Python 3 module this component provides.


Contains the well-known name of a D-Bus service as its value. The type of the service must be specified using the type property of this tag. Allowed values are user and system.


  <dbus type="system">org.freedesktop.packagekit</dbus>

Contains the component-ID of another software component. The presence of this tag indicates that the software component containing it is able to provide all functionality of the one referenced in the <provides/> ↪ <id/> tag.

This is useful in case a component-id had to be renamed in the past, e.g. because its domain-name changed.

<requires/> & <recommends/> 

The requires tag denotes an absolute requirement on a different system component. A component can require a certain hardware to be present, or kernel, or other component to be installed first. If a requirement is not met, AppStream clients should prevent the installation of the particular software component.

If it is not essential that a certain requirement is met by the system, but just recommended to be available, a recommends tag should be used. In this case, AppStream clients should allow the installation of the software component, but may display a warning before allowing it.

A requires or recommends tag contains children describing the type, value and version relation of the required item. Each child can have a version and a compare property, to allow depending on a certain minimal version of the respective item. The version property contains the version to be compared against, while the compare property contains a two-letter code denoting how to compare the version of a present item with the version listed in the property. If no compare property is given, but a version property is found, AppStream implementations should implicitly assume a value of ge for comparison of the versions. The installed version is on the left side of the required version when comparing them. Possible two-letter codes for version comparisons are:

  • eq - Equal to

  • ne - Not equal to

  • lt - Lesser than

  • gt - Greater than

  • le - Lesser than or equal to

  • ge - Greater than or equal to

Possible item types to declare a requirement on or a recommendation for are:


A relation to another software component. The value should be another component-ID. Example:

  <id version="1.0" compare="ge">org.example.my_software</id>

Check for a specific hardware to be present via its modalias. The modalias may contain a wildcard expression. Example:


Check for a specific kernel to be running on the system. The kernel name is the output of uname -s. Example:

  <kernel version="4.14" compare="ge">Linux</kernel>

Set a relation to the amount of physical memory (RAM) the system should have to run the software component. The memory size is set in MiB. You usually only want to use this with the recommends tag, because users might want to install the software on systems even if they have a lesser amount of memory compared to what would be ideal. Example:

  <memory>2048</memory> <!-- recommend at least 2GiB of memory -->

Depend on a specific device firmware. The value of this tag should either be a name like bootloader, be empty to reference the firmware itself described by the firmware-type component this tag is contained in, or contain a GUID. This tag is commonly used and interpreted by Fwupd (https://www.fwupd.org/). Example:

  <firmware compare="ge" version="0.1.2">6de5d951-d755-576b-bd09-c5cf66b27234</firmware>
  <firmware compare="ge" version="0.1.2"/>
  <firmware compare="ge" version="0.3.4">bootloader</firmware>

This item type can be used to recommend or require certain ways a user can control the software. This usually maps to certain methods of input. If multiples of these tag are found within a requires/recommends block, only one of them needs to be satisfied on the system to mark an application as compatible. This means if touch and pointing are both recommended as controls, an system that only has a mouse and no touchscreen will still be considered able to run the application. Valid values for this tag are:

  • pointing - Input via mouse/cursors/other pointing devices is possible

  • keyboard - Keyboard input is possible

  • console - Control via a console / command-line interface

  • touch - Input by touching a surface with fingers is possible

  • gamepad - The component supports gamepads (any game controller with wheels/buttons/joysticks)

  • voice - The software can be controlled via voice recognition/activation

  • vision - The software can be controlled by computer vision / visual object and sign detection

If a control type is recommended, it means the software supports the given method of user input. As long as one of the input methods is available on the system, the software can be used. Installation on systems without the given control is still permitted. If a control type is required, the same applies, but the software installer should refuse to install the application on devices which do not have at least one of the input methods. It is therefore advised to only use the control tag in recommends listings, and avoid to use it in requires.

For certain component types, some permitted controls are implicitly assumed: For desktop-application and web-application components, pointing and keyboard controls are assumed. For console-application, control via console is assumed.

Example control recommendation:


This tag can contain one or more <mimetype/> children, describing the MIME types this application supports. This tag is especially useful for generic components and addon-type components. For applications, the metadata will automatically be fetched from their .desktop files by the distribution's metadata generator. Example:


If you include the <project_group/> tag then this identifies your project with a specific upstream umbrella project. Known values include GNOME, KDE, XFCE, MATE and LXDE, although other umbrella projects like Yorba or Mozilla make sense too.


You should only identify with an umbrella project if you use all their infrastructure and policies, for instance string freezes dates, bugtracker and source control instance.


The <compulsory_for_desktop> tag indicates that the component which the metadata belongs to is essential for the functionality of the defined desktop environment. Examples for compulsory components are the GNOME Shell by the GNOME Project, or the Plasma Desktop by KDE, as well as things like iBus or the desktop login manager.

Software centers are expected to detect the running desktop environment and disable uninstallation for compulsory components of that desktop, so users will not be able to damage their currently running, primary desktop environment.

Multiple occurrences of the <compulsory_for_desktop> tag are allowed, so a project can be essential for many desktops. The distributor decides which components should be made compulsory, however it is generally a good idea to follow upstream's recommendations on that matter.

A list of all allowed values for this tag is defined in the XDG Menu Specification (https://specifications.freedesktop.org/menu-spec/latest/apb.html). Software center applications will only recognize these values.


The <project_license/> tag is indicating the license of the component (application/library/addon/font/etc.) described in the metadata document. It should be a SPDX license expression (https://spdx.org/specifications). Possible values include:

  • GPL-2.0

  • LGPL-3.0+ AND GPL-3.0+

  • MIT

  • CC-BY-SA-2.0

  • LicenseRef-Proprietary=https://example.com/mylicense.html

A full list of recognized licenses and their identifiers can be found at the SPDX OpenSource License Registry (http://spdx.org/licenses/).

Custom licenses which are not in the SPDX registry, like proprietary licenses, can be denoted using the LicenseRef notation. LicenseRef-Proprietary can be used to denote a proprietary license, with an optional URL to the license text following after a = sign.

Although the project_license tag is not mandatory, it is highly recommended to include it.


<project_license>LGPL-3.0+ OR MPL-2.0</project_license>
<project_license>LGPL-3.0+ OR MPL-2.0</project_license>

The <developer_name/> tag is designed to represent the developers or project responsible for development of the project described in the metadata.

Values might be for example "The GNOME Foundation" or "The KDE Community". You must not include hyperlinks or emails in this field, if you want to link to the developer's homepage, use the <url/>-tag instead.

This tag is translatable.


Visual components (like fonts or graphical applications) may choose to add one or multiple screenshots to their metadata. Screenshots can be either a video or a static image.

The <screenshots/> tag contains multiple <screenshot/> children, where at least one of them must have the property type="default" to indicate the primary screenshot of the software. Every <screenshot/> tag must have at least one <image/> or <video/> child, but never an image and video at the same time. Also, screenshots containing videos must not be the default screenshot.

The value of the <image/> tag is a direct HTTP/HTTPS URL to a screenshot uploaded to a public location on the web. Images should ideally be provided in the PNG format, however using JPEG or WebP is also fine for images in metainfo files.

The <image/> tag may have the following properties:

  • type

    The type of the image: source for the source image, and thumbnail for a thumbnail image. In case the type is thumbnail, the width and height properties must be present.

  • width

    The width of the image in pixels.

  • height

    The height of the image in pixels.

  • xml:lang

    The language this screenshot image is translated in. This property should only be present if there are multiple images with different locales present.

The value of the <video/> tag is a direct HTTP/HTTPS URL to a video uploaded to a public location on the web. The video must be in a Matroska (.mkv) (https://www.matroska.org/) or WebM (https://www.webmproject.org/) container and use either the VP9 (https://www.webmproject.org/vp9/) or AV1 (http://aomedia.org/av1-features/) codec. The video should ideally work without any audio, but if audio is needed, the Opus (https://opus-codec.org/) codec should be used. Software centers may still play the video without any sound though. Additionally, AppStream metadata repositories (like in distributions such as Fedora and Debian) may impose size limitations to video files delivered by their CDN, so it is recommended to keep the video file size below 10MiB. There is also a chance that software centers do not display any video at all, so a video must never be in a default screenshot.

The <video/> tag may have the following properties:

  • container

    The video container that is used, can be webm or matroska.

  • codec

    The video codec used, can be av1 or vp9.

  • width

    The width of the video in pixels.

  • height

    The height of the video in pixels.

  • xml:lang

    The language this video is translated in. This property should only be present if there are multiple videos with different locales present.

Optionally, a <screenshot/> tag may have a translatable <caption/> child, defining a short (ideally not more than 256 characters) description of what the user can see on the referenced screenshot.

Ideally, all image screenshots as well as videos should have a 16:9 aspect ratio, and should have a width that is no smaller than 620 pixels.


  <screenshot type="default">
    <caption>The FooBar main window.</caption>
    <image type="source" width="1600" height="900">https://example.com/foobar/screenshot-1.png</image>
    <caption>Foobar showing the frobnicate functionality.</caption>
    <image type="source" width="1600" height="900">https://example.com/foobar/screenshot-2.png</image>
    <video codec="av1" width="1600" height="900">https://example.com/foobar/screencast.mkv</video>

The <translation/> tag is an optional tag which can be added to specify the translation domain used for this software component. It may be used by the AppStream distro metadata generator to determine the translation status of the respective software (e.g. which languages the software is translated into and how complete the translations are).

The tag must have a type property, assuming the value of the translation system which is used. Right now, allowed translation systems and values for type are:

  • gettext

  • qt

In case a software components gets its translation from multiple translation domains, the <translation/> tag may be defined more than once.


<translation type="gettext">foobar</translation>

The <suggests/> tag is an optional tag which can be added to specify the component-ids of other software this components suggests. Software centers might present the suggested software on the installation page of the described component.

The tag may have a type property, with the value upstream, indicating that this suggestion originates from the upstream project. If no type property is given, upstream is implicitly assumed as value. Metainfo files must not define other suggests types, those are reserved for AppStream catalog XML (see <suggests/> in catalog XML).

The suggests tag must have one or more <id/> tags as children, specifying the IDs of the suggested other software components.



The <content_rating/> tag is an optional tag which can be added to specify age ratings for the respective software components. These maybe be used for parental control or to display their information in software centers.

The tag must have a type property, indicating the type of the rating system that is used. At the moment, the Open Age Ratings Service (https://hughsie.github.io/oars/) (value oars-1.0) is supported natively, but more services might be added in future.

The <content_rating/> tag may have <content_attribute/> children which each must have an id property indicating the specific section that is rated. Their value indicates the intensity of the rated section and can be one of:

  • none - no rating given

  • mild

  • moderate

  • intense

In case the <content_rating/> tag is empty (no <content_attribute/> is present), it is assumed that the component was checked for age ratings and no age restrictions apply.

The website of the Open Age Ratings Service provides an online form (https://hughsie.github.io/oars/generate.html) which will automatically generate AppStream compatible metadata based on a set of questions answered about the content.


<content_rating type="oars-1.0">
  <content_attribute id="drugs-alcohol">moderate</content_attribute>
  <content_attribute id="language-humor">mild</content_attribute>

The <agreement/> tag is an optional tag which can be added to specify agreements the user has to accept or acknowledge before using the software. This tag can appear multiple times, if multiple agreements are required for a software component.

The tag should have a type property, indicating the type of the agreement. If the type property is missing, an agreement of type generic is assumed. Currently recognized agreement types are:

  • eula - an end-user license agreement the user has to accept before installing the software.

  • privacy - a privacy statement for the software, usually a GDPR (https://www.eugdpr.org/) compliant statement

The <agreement/> tag must have a version_id property, containing a version identifier for the license. It may be used by client applications to determine whether an agreement needs to be shown again after it has been accepted already by the user.

Every <agreement/> must have <agreement_section/> children which each have an id property indicating the specific section that they describe (e.g. introduction). These values may be used to automatically jump to a specific section. Each <agreement_section/> has a translatable name child denoting the name or title of the respective section, and a description child that is translated according to the same translation rules that apply to the <description/> tag. The description contains the content of the respective agreement section.


<agreement type="privacy" version_id="1.0">
    <agreement_section type="introduction">
          We hold personal data about vendors, administrators, clients and other
          individuals for a variety of purposes.

    <agreement_section type="scope">
          This policy applies to all users who have access to any of the personally
          identifiable data.


The <update_contact/> tag is an optional tag which can be added to provide an email address distributors can use to contact the project about invalid or incomplete metadata or – in case the specification has changed – about old metadata. It can also be used to ask general questions in case of an update of the component described in the metadata file.

The <update_contact/> tag must only be used by distributors. It is not included in the distribution-provided AppStream XML file, and therefore not exposed to the end user via any kind of UI.

Upstream authors might decide to add an email address in cleartext, but spam protection using _AT_ is also valid. The value of this tag is generally treated a case-insensitive way.



Variant suffix that software centers may append to the component name on lists in case multiple components have the same name. This is currently primarily used for firmware, where components only need to be distinguished if multiple variants are displayed. A name variant suffix could e.g. be 'Prerelease' or 'China'.


The <custom/> tag is an optional tag which can be used as a key-value store for custom values that are not covered by the AppStream specification. The tag is usually stripped out or filtered by collection metadata generators, such as appstream-generator. When present, the data contained in a custom can be read by all tools making use of AppStream metadata, making it an ideal extension point when using an existing AppStream library is desired and some custom additions to the metadata are still required. The custom tag is also often used for prototyping new features in AppStream.

The tag must have value children which must have a key property. The value of the value tag denotes a user-defined value, while the key string set for the key property denotes a user-specified key string. The key must be unique, multiple keys with the same name are not allowed.

To avoid name conflicts, it is recommended to prefix keys with a vendor prefix, like GNOME:: or KDE::.


Before using a custom tag, please consider if there is a better way to achieve your goal than adding the data to the AppStream metainfo file, or whether AppStream maybe already contains a way to achieve what you want. Additionally, if you think that the purpose you use the custom tag for is generally useful, please file a feature request against AppStream, so we can discuss adding the new feature to the specification and make it more usable for a bigger audience.


  <value key="MyCorp::app_color">#FF0000</value>
  <value key="MyCorp::special_id">284fd262-6870-42a6-89a4-b189d3109e3e</value>

An example for a very basic component file could look like this:

<?xml version="1.0" encoding="UTF-8"?>
  <name>Foo Bar</name>
  <summary>A foo-ish bar</summary>
  <url type="homepage">http://www.example.org</url>

    <release version="1.2" date="2015-02-16" />
  <developer_name>FooBar Team</developer_name>

For a component of type generic, the minimal amount of required tags is: <id/>, <name/>, <summary/>, <metadata_license/>.