Can I ignore flatpak indefinitely?
-
Did I ask for a command? Give that a try in Debian 10...
-
I'm admittedly yelling at cloud a bit here, but I like package managers just fine. I don't want to have to have a plurality of software management tools. However, I also don't want to be caught off guard in the future if applications I rely on begin releasing exclusively with flatpak.
I don't develop distributed applications, but Im not understanding how it simplifies dependency management. Isn't it just shifting the work into the app bundle? Stuff still has to be updated or replaced all the time, right?
Don't maintainers have to release new bundles if they contain dependencies with vulnerabilities?
Is it because developers are often using dependencies that are ahead of release versions?
Also, how is it so much better than images for your applications on Docker Hub?
Never say never, I guess, but nothing about flatpak really appeals to my instincts. I really just want to know if it's something I should adopt, or if I can continue to blissfully ignore.
Maybe but probably not. People that develop applications can save a major headache by choosing flatpaks so the ecosystem will gravitate towards it.
At some point new applications that didn't launch a Linux version will do so but only on flatpak and older applications will start moving towards flatpaks since it's less dev time.
It looks to me as inevitable that the best versions of an app will be a flatpak but if you're on Ubuntu based system you can probably get by for very long without them.
-
Downsides of distro pacakges:
- someone needs to package an application for each distro
- applications often need to maintain support for multiple versions of some of their dependencies to be able to continue to work on multiple distros
- users of different distros use different versions of the application, creating more support work for upstream
- users of some distros can't use the application at all because there is no package
- adding 3rd party package repos is dangerous; every package effectively gets root access, and in many cases every repo has the ability to replace any distro-provided package by including one with a higher version number. 3rd party repos bring the possibility of breaking your system through malice or incompetence.
Downsides of flatpak:
- application maintainers are responsible for shipping shipping their dependencies, and may not be as competent at shipping security updates as distro security teams
- more disk space is used by applications potentially bringing their own copies of the same dependencies
Many of the problems with security and disk space are limited by flatpaks using same base layer for applications that is shared and easy to update.
-
Just use Nix. It can run all the packages on whatever platform. It has the largest repository of software & are some of the most up-to-date.
But then I'd have to run Nix.
-
I'm admittedly yelling at cloud a bit here, but I like package managers just fine. I don't want to have to have a plurality of software management tools. However, I also don't want to be caught off guard in the future if applications I rely on begin releasing exclusively with flatpak.
I don't develop distributed applications, but Im not understanding how it simplifies dependency management. Isn't it just shifting the work into the app bundle? Stuff still has to be updated or replaced all the time, right?
Don't maintainers have to release new bundles if they contain dependencies with vulnerabilities?
Is it because developers are often using dependencies that are ahead of release versions?
Also, how is it so much better than images for your applications on Docker Hub?
Never say never, I guess, but nothing about flatpak really appeals to my instincts. I really just want to know if it's something I should adopt, or if I can continue to blissfully ignore.
The real thing that Flatpak offers is one place to publish for Linux. You put your app in the App Store for Apple, you put it in the Play Store for Android, you put it in Flathub for Linux.
-
But then I'd have to run Nix.
So? Not everything is packaged on all distros & you can benefit from sharing & reusing declarative configuration even if for specific scopes (meaning not just NixOS).
-
I might be an exception here, but I really like flatpaks. I like their sandboxed nature and using Flatseal, you can cherry pick the permissions you want to give to a flatpak application. Don't want to give n/w access, boom done, like that. And finally if anything goes wrong, delete the app data and you are fresh to go. Also from a security standpoint, you can grand or deny access to specific directories and most apps don't have root access.
I love Flatpaks. It's always the default for me and I use Arch. Packages from the Arch repos or the AUR are almost always the last resort.
-
I'm admittedly yelling at cloud a bit here, but I like package managers just fine. I don't want to have to have a plurality of software management tools. However, I also don't want to be caught off guard in the future if applications I rely on begin releasing exclusively with flatpak.
I don't develop distributed applications, but Im not understanding how it simplifies dependency management. Isn't it just shifting the work into the app bundle? Stuff still has to be updated or replaced all the time, right?
Don't maintainers have to release new bundles if they contain dependencies with vulnerabilities?
Is it because developers are often using dependencies that are ahead of release versions?
Also, how is it so much better than images for your applications on Docker Hub?
Never say never, I guess, but nothing about flatpak really appeals to my instincts. I really just want to know if it's something I should adopt, or if I can continue to blissfully ignore.
Flatpak is supposed to "just work" everywhere.
-
No missing/outdated/renamed dependencies while building it?
-
No missing/outdated/renamed dependencies while building it?
-
I'm admittedly yelling at cloud a bit here, but I like package managers just fine. I don't want to have to have a plurality of software management tools. However, I also don't want to be caught off guard in the future if applications I rely on begin releasing exclusively with flatpak.
I don't develop distributed applications, but Im not understanding how it simplifies dependency management. Isn't it just shifting the work into the app bundle? Stuff still has to be updated or replaced all the time, right?
Don't maintainers have to release new bundles if they contain dependencies with vulnerabilities?
Is it because developers are often using dependencies that are ahead of release versions?
Also, how is it so much better than images for your applications on Docker Hub?
Never say never, I guess, but nothing about flatpak really appeals to my instincts. I really just want to know if it's something I should adopt, or if I can continue to blissfully ignore.
It really only makes sense to me when your distro is older or doesn't have the software you want.
I fully prefer native packages too, though, but I use Flatpak on phone. -
So? Not everything is packaged on all distros & you can benefit from sharing & reusing declarative configuration even if for specific scopes (meaning not just NixOS).
That’s why Arch has the AUR.
-
That’s why Arch has the AUR.
AUR has a lot of packages but still nowhere near as much as Nixpkgs
-
Can I ignore flatpak indefinitely?
Sure, at least until software you want to use is flatpak only, e.g. Bottles
Well, you can get Bottles as an AppImage... unofficially
https://github.com/ivan-hc/Bottles-appimage -
If your distro provides everything you need then I would avoid flatpak. Getting apps to speak to each other is a pain, updates use more data, backups and restores take much longer, they don't perform as well and config files are not necessarily where you expect them to be.
I have Debian Stable on an older laptop and only install apps as flatpaks if they are not available otherwise. I also have a very new laptop with Fedora on it (because it needs a newer kernel) and have had to install more flatpaks just to make things work properly, because they include their dependencies, codecs etc which are missing in Fedora. Appimages seem to do this too and I find them preferable to flatpak because they integrate more predictably with my system. Apps are slower to launch though and have to be manually updated.
Like you, I'd prefer to just have a package manager and a single source of software and plan to go back to Debian when my newer machine is supported by it.
There are tools to update AppImages, like AM and Gear Lever.
-
There are tools to update AppImages, like AM and Gear Lever.
Nice, I will have a look
-
System shared this topic on
