Fedora threatened with legal action from OBS Studio due to their Flatpak packaging
-
This post did not contain any content.
-
L [email protected] shared this topic
-
lol. so I guess fedora is pushing flatpacks now? I know Ubuntu was pushing snap, so I guess fedora followed suite with a different standard. yay.
thankfully arch isn't getting into this nonsense
-
Ubuntu was pushing snap,
interesting... ive not seen anything regarding snaps in mint... flatpak is the other option in the software manager
-
Mint explicitly goes out of its way to disable snap in favour of flatpaks.
https://linuxmint-user-guide.readthedocs.io/en/latest/snap.html
-
The Mint team removed snap intentionally and explain their reasons here: https://blog.linuxmint.com/?p=3906
-
The issue is that they are pushing their own version of flatpaks, some of which are broken, instead of contributing to flat hub and making that the default.
-
I feel like OP missed an opportunity to title this post “Fedora Flatpaks Fall Flat”
-
Worse than that, the issue the article states isn't that it's a flat pack, it's that fedora is pushing their rebuilt flat pack of obs that's buggy instead of the official obs one from flat hub that works, and then the obs project is getting bug reports for a third party distribution that's broken.
Because fedora isn't just pushing flat packs, they're pushing made by fedora versions of them instead of the official builds from the maintainers.
-
Having distro-specific flatpaks really seems to be defeating the whole purpose
-
It doesn't mean they are pushing flatpaks, but rather for whatever reason they decided to package their own flatpaks.
It is kinda of strange as Flatpak can support different repos, so of course fedora can host its own. The strange bit is why bother repackaging and hosting software that is already packaged by the project itself on flathub?
One argument might me the security risk of poorly packaged flatpaks relying on eol of dependencies. Fedora may feel it is better to have a version that it packages in line with what it packages in its own repos?
I have some sympathy for that position. But it makes sense that it is causing confusion of its broken, and worse it sounds like things got very petty fast. I think OBS request that fedora flag this up as being different from the flathub version wasn't unreasonable - but not sure what went down for it to get to thepoint of threatening legal action under misuse of the branding.
-
What is the lesson we can learn here as stated by the author of the post?
A messy situation but hopefully one some lessons can be learned from.
There is no info why packaging failed. I can't draw any lesson from this post
-
That wouldn’t work. Flathub and Fedora Flatpaks have different goals.
Fedora Flatpaks must meet legal requirement set by Fedora, so no proprietary or patented software.
Flathub also encourages upstream to maintain their packages. But upstream may not meet the security requirements set by Fedora. Fedora has much stricter packaging guidelines which don’t permit vendored dependencies.
-
inb4 Iceweasel
-
It’s not distro specific. Fedora Flatpaks are just built from Fedora RPMs, but they work on all distros.
If you care about FOSS spirit, security, and a higher packaging standard, then Fedora Flatpaks may be of interest.
If you want a package that just works, then Flathub may be of interest. But those packages may be using EOL runtimes and may include vendored dependencies that have security issues.
-
The lesson is that Fedora Flatpak Repo needs to fuck off. It's an anti-pattern to have an obscure flatpak repo with software that is packaged differently from everything else.
The entire point of flatpaks was to have a universal packaging format that upstream devs could make themselves, and Fedora is completely undermining it.
-
Obviously, the best solution is that the gets settled out-of-court. However, Fedora has had a long time to listen to the OBS devs' request to stop packaging broken software, so maybe they won't listen to reason.
Fedora needs to get their heads out of their asses and kill the Fedora Flatpak repo.
-
I'm sorry, but you've completely missed either the point, or how it works.
Flathub is really the problem here for not properly verifying package owners/maintainers and allowing them to moderate other versions of their work.
There honestly just needs to finally be a way to sort official packages from community packages. Right now it's a mess. Fedora should just take theirs down.
-
Fedora has always been one of the flatpak friendly distros.
No, it’s not like snap. Fedora is not removing RPMs and replacing them with flatpaks. It just defaults to flatpaks. Fedora Flatpaks are built entirely from existing RPMs.
-
Totally forget that I still was in fedora's flatpak repo until the news dropped. Took the opportunity to remove and replace it with flathub.
-
I prefer flatpaks that work.