I think there are two FIDO2 applets – with the open source one being the most up-to-date.
One - GitHub - BryanJacobs/FIDO2Applet: FIDO2 Javacard Applet - is open source and designed to be compatiable with any JavaCard 3.04 chip. The repository looks to be updated regularly (last release was in January), and the documentation says that it can work with Linux – both to unlock a LUKS encrypted disk, and to log in (but that requires a Yubico designed module be installed first). I haven’t tested unlocking a LUKS disk with a an Apex/Javacard, but that seems a great use assuming it is straightforward to setup. I’m a little weary though, since my understanding is that FIDO2 requires a trusted authority, and I don’t know how that authority would be added or known by LUKS.
Then there is a second, closed source FIDO2 applet that VivoKey/Dangerous Things is developing. According to the documentation, "FIDO2 CTAP2 (Client to Authenticator Protocol) is an extension and improvement over FIDO U2F.", but it doesn’t look like it is complete yet (not sure if it is even being actively developed). The linked doc says that it doesn’t work natively with Linux, but can be proxied via an open source module.
There is also a discussion about getting a certified FIDO2 applet for Apex devices. I don’t know if that is just a certified version of the Bryan Jackobs applet, or a fork that DT will work on, or something else entirely.
All of the FlexSecure applets are available pre-compiled from Releases · DangerousThings/flexsecure-applets · GitHub. I think the compiled FIDO2 applet is the open-source Bryan Jackobs one. I was able to easily install and use it on a P71 test card I’ve been playing with, but I’ve only tried it on Windows. It worked to let me sign in to AWS, Google and some others on both Chrome and Firefox, but I didn’t try using it for Windows log on.
@StarGate01 is the maintainer and developer of most of the applets, so he would be the person to clarify the differences between the applets and their capabilities.