Package extensions are a special extension type. They contain no code. Instead, they contain a packing list of other extensions (components, modules, plugins, templates, libraries, files) to install on your site.
When you open a package file's XML manifest you will see a number of lines like these (the following example is from Akeeba Backup Professional 10.0):
<files> <file type="component" id="com_akeebabackup">com_akeebabackup-pro.zip</file> <file type="plugin" group="console" id="akeebabackup">plg_console_akeebabackup.zip</file> <file type="plugin" group="quickicon" id="akeebabackup">plg_quickicon_akeebabackup.zip</file> <file type="plugin" group="system" id="backuponupdate">plg_system_backuponupdate.zip</file> <file type="plugin" group="actionlog" id="akeebabackup">plg_actionlog_akeebabackup.zip</file> <file type="plugin" group="task" id="akeebabackup">plg_task_akeebabackup.zip</file> <file type="plugin" group="webservices" id="akeebabackup">plg_webservices_akeebabackup.zip</file></files>
This is the list of extensions to be installed. The files mentioned in those lines (the .zip files in our example) are included in the package archive. The XML manifest lines tell Joomla to install them.
This is similar to, but not exactly the same, as installing each of these files yourself. The big difference is installing a package will also create a record in the #__extensions table for the package itself, and set the package_id of each installed extension to this package extension record's extension_id. This creates a parent-child relationship between the package and each of its installed extensions.
The parent-child relationship is very important for two things.
Extension updates. Instead of each extension having its own update site and being updated independently of each other, the update site belongs to the package extension. When you update the extension, all of its installed extensions are updated at the same time. This is extremely important, as mixing extensions from different versions of a package would most likely cause your site to break. That's the main reason package extensions were introduced in Joomla! 1.6 back in 2011; it was the point in time when non-trivial extensions with inter-dependent components, plugins, modules etc were becoming the norm.
Joomla updates. Whenever you are updating Joomla to a new minor (e.g. 5.0 to 5.1) or major (e.g. 5.x to 6.x) version Joomla needs to check if the extensions on your site are compatible with the new Joomla version. To do that, it reads the update information of the extensions and checks their Joomla and database server compatibility information. When it comes to a package, Joomla will only check the package's update information knowing it applies to all of its child extensions. This saves a lot of time, but will also cause a lot of false “Incompatible” extension warnings if the parent-child relationship between a package and its installed extensions is broken.
THEREFORE, YOU MUST ALWAYS INSTALL THE PACKAGE EXTENSION'S ZIP FILE ITSELF. DO NOT EXTRACT IT. DO NOT INSTALL THE INCLUDED EXTENSIONS SEPARATELY. IT WILL CAUSE EXTENSION AND JOOMLA UPDATE ISSUES.
Safari comes with a very unfortunate default configuration: it will always try to open “safe” files upon download. This includes .zip files which are opened with Archive Utility, which extracts them in a subdirectory of your Downloads directory and deletes the original ZIP file.
This has mislead many a Mac user to install a package's included extensions separately, without installing the package. As noted above, this causes all sorts of update issues.
If you are a Mac user using Safari as your main browser go to Safari, Settings in the menu bar, click on General and uncheck ‘Open “safe” files after downloading’.
This is not a dig at Mac users; we had been using macOS. Instead, it is a dig at Apple for providing a perplexing, non-standard, and dangerous default option in Safari few people know exists. Far from being just a nuissance with Joomla packages, this option is also unsafe as the list of “safe” files also includes PDF files and images. Given the security issues concerning these files and Preview (which opens them by default) fixed in the past few years alongside the fact that modern sites can force an automatic download upon visiting a page we can conclude there is no such thing as a “safe” file which should be opened by default. Darn it, Apple, do better! Y'all know better than this.