Salta al contenuto principale

I'd recommend following the link to read the full thread

Drew DeVault

2019-12-07 17:53:39


Developer-driven software distribution is a bad idea, which is why I dislike things like Flatpak.

Having distro maintainers involved in the process and installing your software from a free software distribution like Debian or FreeBSD is a much better distribution of power. The packages can be tuned to suit their environment without the developer having to repackage it for every distro, and the distro maintainers can keep out anti-features like telemetry and advertising.

The middleman may seem annoying to developers, but embrace the model and it'll work for you. Landing packages in your favorite distro isn't actually that hard, and the rest of the distros will follow. If you're an end-user who wants to see some software available for your distro, look into packaging and volunteer - it's easy.

in reply to Elena ``of Valhalla''

∿ und̷e̷l̷ě̷t̷e̷d̷
∿ und̷e̷l̷ě̷t̷e̷d̷
For me as a user, Flatpak has been useful in situations where I needed to install something I would hesitate to otherwise apt-get install because it's a third-party application that I don't want to install system-wide or let it run its post-installation scripts as root. But in general I agree that I don't want to install most software via Flatpaks.
in reply to ∿ und̷e̷l̷ě̷t̷e̷d̷

Elena ``of Valhalla''
Elena ``of Valhalla''
Well, the original post recommended getting software *into* (from, for the user) the distributions, with the distribution maintainer as middleman, not just packaged as .deb (or .rpm, etc.) from a third party repository; those skip the middleman are just as bad as flatpak (and even worse, as you have to install them as root).
in reply to Elena ``of Valhalla''

∿ und̷e̷l̷ě̷t̷e̷d̷
∿ und̷e̷l̷ě̷t̷e̷d̷
Having thought about it more generally, I think there are two dimensions - technical and social. IMO, a major part of the value behind trustworthy distributions like debian is that they have proven to maintain certain curatorial standards with software they include. I don't see why something like this (i.e. the middle(wo)men) might not happen with Flatpaks too. One could be using Flatpaks coming from a trustworthy curated pool with PGP signatures and hashes on everything.
in reply to ∿ und̷e̷l̷ě̷t̷e̷d̷

∿ und̷e̷l̷ě̷t̷e̷d̷
∿ und̷e̷l̷ě̷t̷e̷d̷
Having that said, I certainly wouldn't want to have distributions replaced with Flatpaks. For now I consider Flatpaks just a little better alternative to "curl ... | sudo bash" if there is no proper package available. (And I wouldn't want to be installing `git` or `curl` with Flatpak for sure).
in reply to ∿ und̷e̷l̷ě̷t̷e̷d̷

Elena ``of Valhalla''
Elena ``of Valhalla''
I don't see any technical reason why there couldn't be a trustworthy source of curated flatpacks, but wouldn't that be basically a distribution repository?

Yes, programs wouldn't have to be patched to work with different versions of their dependencies, but flatpacks would have to be regenerated every time a dependency has a security issue, so I'm not convinced it would be easier for the maintainers.

Questo sito utilizza cookie per riconosce gli utenti loggati e quelli che tornano a visitare. Proseguendo la navigazione su questo sito, accetti l'utilizzo di questi cookie.

⇧