Basically title.
I’m wondering if a package manager like flatpak comes with any drawback or negatives. Since it just works on basically any distro. Why isn’t this just the default? It seems very convenient.
Basically title.
I’m wondering if a package manager like flatpak comes with any drawback or negatives. Since it just works on basically any distro. Why isn’t this just the default? It seems very convenient.
IMO yes but it might not be an issue for you, flatpaks work like windows standalone executables where each app brings all their dependencies with them, the advantage is the insane stability that method provides, the downside is the huge size the app will ultimately take, flatpaks are compressed and they don’t really bring all their dependencies with them (because they can share runtimes) but the gist of it is a flatpak is usually much heavier than a system (.deb .rpm .PKG) package.
If you are ok with tweaking I recommend nix pkgs as they work on any distro and only take slightly more space than system packages. I have a terrible connection and low disk space, flatpaks aren’t something I can use on the long run.
Oh and if you’re wondering flatpak >>>> snap > appimages (IMO)
No thats appimage. Flatpaks run on shared libraries and even different runtimes containing the same packages share those using deduplication
https://gitlab.com/TheEvilSkeleton/flatpak-dedup-checker
A Flatpak is exactly as heavy as a system app, just that on the system you already have some libraries installed.
Initial download size is bigger, okay. And in general more downloads, I guess the deduplication happens on the disk.
Its like, shared runtimes but also not. Its a bad situation tbh.
I didn’t know we were ranking the horsemen of the apocalypse. Leave room for shitty supply-chain victims like cpan/composer/npm and other irresponsible shortcut tools that throw security out the window.
In the case of NPM (don’t know enough about the others) it’s not a general purpose package manager, it’s only for node related packages.
And yes I think ranking them is relevant Appimages are pretty terrible security wise(let’s download random executables on the internet yayyy!), snaps are getting better but used to be really terrible and to be fair NixPkgs aren’t that safe either.
Flatpaks are pretty secure, they work well, the stack is fully open source and allows you to host your own flatpaks repos, as well as manage sandboxing parameters. If only they were lighter I could easily see them become the “Linux executable format”
I think using AppImage like Flatpak is silly. It is perfect for keeping some programs on a USB drive for example, but not as a way of installed software.