How does it stack up against traditional package management and others like AUR and Nix?
I prefer Flatpaks because it’s a nice easy way of getting software without the chance of broken or missing dependencies for a program.
Much better than Snaps, snaps is flatpaks but MUCH worse and slower.
Flatpak is very nice. Flathub is very nice. Flathub’s developer documentation is shit covered shit.
As a non-technical user: fucking love it.
As a semi-technical user: I also fucking love it. It gets out of the way so I can focus my time on my work and not OS maintenance.
Banned at both my jobs; one for security and the other for breaking consistency.
That last point is often under-appreciated in its importance, especially when dealing with hundreds of servers.
I wish more apps where officially supported, instead of saying it supports Linux and providing a .deb. Good thing the community provides unofficial flatpaks at least.
I love flatpak. It makes it easier for Linux to become mainstream.
My totally unscientific opinion (with a double-your-money-back guarantee!):
I’m not crazy about either Flatpak or Snap for that matter as there’s so much backend baggage for both as well as certain hurdles regarding privileges and access to the file system (somebody please correct me if I’m wrong or working with dated information.)
My other completely prejudiced, unfounded bias against Flatpak is that it appears to have been adopted by RedHat as “the one true way,” and what with IBM’s/RedHat’s behaviour anti-FOSS behaviour lately, plus I’ve almost always have been an
aptuser, I find it a pill hard to swallow.Me, say what you will about the security issues and its other flaws, but I like AppImage.
Flatpaks follow the concept “losen the sandbox as much as needed to make apps work”. This sucks, in constrast to android, but its needed.
So you shouldnt need to edit anything via Flatseal/KDEs settings, if you want to make apps work.
Flatpak is default on OpenSuse too, even more as they use Flathub instead of the Fedora Flatpaks repo. RHEL is just trying to get some money and stop people from using their work, as they need to make money.
Honestly it should be normalized that people on FOSS do weird things to make money. Fedora is RHEL upstream, so RHEL is not stealing any code, just take what Fedora does and wait a bit until its stable.
Appimages are completely flawed and as an apt user you should not like to use them, at all. This post of min may give some infos, I will update it soon.
And speaking of completely flawed, your link doesn’t work.
Anyway, thanks for
beratinginforming me about AppImage but it’s the closest thing on Linux to app bundles which IM<HO is the sanest way to package applications.Thats a lemmy problem, copy the link and remove the lemmy part
Thats a lemmy problem
Hmmm…my link in the previous post works. More proof of why Linux has never really taken off with the non-spectrum general public. I guess just following format (
[words](https://your.lousy.link)) or – god forbid – you select a word, click the link button and paste just isn’t esoteric enough…?In any case, I see that you edited your post to
cover your tracksfix Lemmy’s error.
AppImages are actually more secure than flatpak. At least it has a way for devs to sign them and users to verify them.
@tet its great because you can listen to people whine about it now instead of systemd
The two whines are not mutually exclusive. ¯\_(ツ)_/¯
Cheese with your whines?
You should use WINE only through Flatpak btw
Speaking of which, didja hear that for the upcoming Easter holiday, Amazon is offering a special gift basket of northern Israeli cheeses.
They’re calling it Cheeses of Nazareth.
@kingmongoose7877 until someone tells me another way to run 2 python apps one which requires python 2 and one which requires python 3, on the same system, which is EASIER than installing a flatpak, im gonna maintain that they have a use case, even if they aren’t idealized package management as we dreamed of
Easy, tiger. I think you misinterpreted my original reply.
I meant the whining about the two (systemd and flatpak) isn’t strictly OR but may be AND. Have a nice day.
Uh. Python is like the worst example for this, conda/mamba?
I think pyenv would be the appropriate tool for doing a native install. And of course when it comes to CLI, Flatpak isn’t really for that.
@pingveno i think that two things get conflated. 1. flatpaks and appimages, snaps, have some niche uses for obsolete software and maybe some other edge cases 2. because the two major standards are backed by dumbass corporate entities, they have been promoted as the universal solution to everything that will revolutionize linux 3. the real thing everyone hates, is these stupid companies trying to get rid of a beautiful package management architechture so they can enshittify linux like windows
I think their uses extend beyond obsolete software. In particular, trying to get updates out to a wide variety of Linux distros has generally meant a tradeoff between “move fast, break things” and “move slow, never change”. Flatpak gives you a stable set of libraries to work with and the ability to run multiple versions of those libraries at once. Linux package managers have a place, but their sheer proliferation means that for most applications to reach all desktop Linux users, they have to go through something like Flatpak for distribution.
Are you trying to start a war? Hopefully no one mentions wayland vs xorg else it might go nuclear
@squid_slime let me install this flatpak of kde wayland on my oracle unbreakable kernel running under redhat enterprise
Best of the three major agnostic package formats. If it brings more focus to Linux development, I don’t see how it can be a bad thing. A bit more space needed but for most setups this is a non-issue
Plus, being able to sandbox user space applications, which previously had free reign, is nice.
Sandboxing isn’t 100% there yet, but it’s come along way.
Yeah duplication of running libraries is also a RAM/CPU resource issue but for modern well resourced machines probably not noticable. It is an issue when scaling down to low powered / old devices though. Like, running a web browser which runs in it’s own sandbox with duplicate libraries running is going to have noticable performance differences compared to a non-sandboxed program running native libraries on a low RAM or low CPU system.
That’s not to say Flatpak isn’t a good solution; and all the agnostic package formats have the same issue compared to non-sandboxed apps. Plus the added security issues and stability on bleeding edge systems is good.
Does anyone know how they handle spoofed malware? I can never figure out whether I can trust the packages from flathub. I always have to check the official website of the particular software first.
Flathub verifies you have permission from upstream before accepting it. Other than that, sandbox.
Flathub maintainers do not upload anything, they just write a manifest pointing to the official source and flathub does the rest. They also cannot modify it freely, approval is required.
Some of the under-the-hood implementation of Flatpak irritates me, like why the hell are we installing software in /var? Using it with the terminal is a pain because of the org.something.SomeThing shit it does, and I think Flatpak gives you all the drawbacks of app sandboxing with none of the benefits. It likes to not see the whole file structure; for instance I found the Flatpak version of Steam to be unusable because it wouldn’t see anywhere I wanted to put my games library. That needs to be fixed.
That said, I think it’s the better of the three all-distro package managers, it’s got a central repository and package manager unlike Appimage so it’s a place to publish and get stuff, and it’s not tied to Canonical so it’s obviously better than Snap.
https://github.com/trytomakeyouprivate/flatalias
Try this script I wrote and help improve it!
if you want to change app permissions, use Flatseal and add the needed directory. This is very easy. If it is something all users generally need, open a bug on their repo.
Installing a separate program to make the first program work the way it should in the first place, and opening bugs in repos, is abolutely 100% things end users are willing to do.
KDE has flatpak settings included, GNOME is doing their thing with unix philosophy and all. Flatseal works fine.
As I said, you should not need to edit those settings, maybe you need to, and if it generally makes sense (for example GNUmeric only has documents access, nothing else) this needs to be fixed.
Will not happen often for common apps
Reminds me of this XKCD.
The state of flatpak permissions currently is like that. They can never read each others storage, much like on Android with
/storage/emulated/0/Android/data. So it you keep stuff stored inside these apps its safe.Until they can use portals, many have permissions to read/write everything
It likes to not see the whole file structure; for instance I found the Flatpak version of Steam to be unusable because it wouldn’t see anywhere I wanted to put my games library. That needs to be fixed.
That has been fixed with the introduction of Portals: https://docs.flatpak.org/en/latest/portal-api-reference.html
It’s fantastic, for two reasons:
- There’s so much great software available through it, and I can always get the latest version regardless of my distro - or an older version if it hasn’t kept up with its dependencies.
- It’s part of the tooling that allows me to update my operating system without risk of it breaking (i.e. I can use an atomic distro because of it).
WhileI don’t think flatpak shouldn’t replace traditional packages, I still like it.
Flatpak apps just work most of the time, they work without issues and are often very up to date. The sandboxing does have benefits because no apps interfere with it, the problem is that it doesn’t work super well with other apps, sometimes the theming is off, and it doesn’t work well with other apps, installing apps takes much longer and it isn’t as easily started from the command line.
In my opinion, with a debian style distro as the example, apt-get should be used for syatemwide stuff. Individual users can go for flatpak.
I got sick and tired of the AUR for the simple packages so I started using it for most things I would use the AUR for, and I’m very happy with it. I think some packages have issues with default permissions - I was wondering why 86Box would forget my hard drive images but then I realised the permissions on my home folder weren’t set properly - but that can be sorted anyway.
I think it’s a good way for people to release software for Linux without having to deal with specific distro stuff (which historically has pretty much been “just provide a .deb for Ubuntu and a .tar.gz for other people to figure out”).
I’m hoping that it pushes for more people porting stuff to Linux because it’s a single target that gives you access to Steam Decks, Chromebooks and desktops.
I don’t think it makes sense for things that aren’t desktop applications such as servers or libraries, just because those tend to be open source, don’t need to be that up to date and benefit from tighter system integration. I see it as something that sits on top of other package managers rather than replacing them.
For Flathub? Eh, if they turn out to be bad we can just all move to another server, we’re not snap. :P I’m willing to bet that someone has already made a flatpak repo for Citra and Yuzu.
