I’m admittedly yelling at cloud a bit here, but I like package managers just fine. I don’t want to have to have a plurality of software management tools. However, I also don’t want to be caught off guard in the future if applications I rely on begin releasing exclusively with flatpak.

I don’t develop distributed applications, but Im not understanding how it simplifies dependency management. Isn’t it just shifting the work into the app bundle? Stuff still has to be updated or replaced all the time, right?

Don’t maintainers have to release new bundles if they contain dependencies with vulnerabilities?

Is it because developers are often using dependencies that are ahead of release versions?

Also, how is it so much better than images for your applications on Docker Hub?

Never say never, I guess, but nothing about flatpak really appeals to my instincts. I really just want to know if it’s something I should adopt, or if I can continue to blissfully ignore.

    • skilltheamps@feddit.org
      4·
      5 days ago

      Only if the application source code fits the API of the library versions on your system. Otherwise you also need to port the application to your available library versions. Also using different dependency versions might surface bugs that you have to sort out yourself.

      I only want to point this out because it often seems that the people that complain about flatpak do not grasp what maintaining a package entails, and your suggestion effectively puts you in the position of being a package maintaier for your specific distro. (But the upshot is that with open source software you are always free to do this, and also share it with other people through (community-) repositories)

  • kixik@lemmy.ml
    7·
    5 days ago

    FLOSS used to include the ability to build software. Perhaps that’s not important anymore but now a days some developers don’t attend problems with their build recipes because they only consider what they release through binaries, whether on flatpak or whatever other binary repository they like. At least I dislike that, it’s ok to me some or most users would prefer to grab a bloated binary rather than building anything, but that doesn’t mean forgetting about those actually wanting to build from source, or wanting to use shared libraries and software from their distros, actually that’s a requirement for free/libre software repositories. Not sure if the tendency is to move the gnu+linux users into app stores like the ones on windows, now ubuntu snaps, android play store and the like. Sure there’s more security with sandboxing, but nothing one can’t get with firejail, and if wanting MAC as well then firejail + apparmor for example.

    At any rate, just my little rant. And if you’re wondering, I use AUR on Artix, and I really hope I won’t have a need for a flatpak stuff.

  • N.E.P.T.R@lemmy.blahaj.zoneEnglish
    17·
    6 days ago

    I personally like flatpak and its build system. Flatpak applications are sandboxed by default and don’t require root during any part of installation, reducing the risk of malicious/broken software damaging the host. They also are available for basically any base distro, meaning i can use the same apps if a ever distrohop and i can even just copy over the config folders as if nothing happened.

    • warmaster@lemmy.world
      4·
      5 days ago

      The build instructions for all flatpaks are in one repo, you could build it yourself and maintain your own registry if you wanted.

  • toastal@lemmy.ml
    33·
    4 days ago

    Just use Nix. It can run all the packages on whatever platform. It has the largest repository of software & are some of the most up-to-date.

  • spacemanspiffy@lemmy.worldEnglish
    1·
    3 days ago

    It really only makes sense to me when your distro is older or doesn’t have the software you want. I fully prefer native packages too, though, but I use Flatpak on phone.

  • jokeyrhyme@lemmy.mlEnglish
    17·
    6 days ago

    Can I ignore flatpak indefinitely?

    Sure, at least until software you want to use is flatpak only, e.g. Bottles

  • communism@lemmy.ml
    3·
    5 days ago

    I never use flatpaks and am doing just fine. I don’t want my packages to be installed from a bunch of different places; I want it all managed by one package manager, which for me is my distro package manager. I’ve never noticed a problem arising out of not using flatpaks; everything I want is either already packaged for me, or I can make a package myself.

  • Decker108@lemmy.ml
    291·
    6 days ago

    Sure you can! Just run alias flatpak=snap and you’ll be golden.

    (I’ll show myself out…)

  • onlinepersona@programming.devEnglish
    132·
    5 days ago

    Adopt nix and you will be able to ignore it forever! 😉

    Seriously though, as others have said, use whatever fits you best. I avoided snaps and flatpaks due to the increased size requirements. So many things were duplicated for no apparent benefit (to me). However, with their introduction of permissions and portals, it does seem like a safer option. Although, we’re in a phase right now where not everything is flatpakked and applications trying to talk to each other is a pain (keepassxc unable to talk to flatpak firefox librewolf, chromium, etc.).

    Now that I use nix, I have a whole bunch of other problems, but at least getting packages is quite low on the list.

    Anti Commercial-AI license

      • onlinepersona@programming.devEnglish
        6·
        5 days ago

        I wasn’t being very serious about nix. IMO, it’s quite the time investment due to its poor documentation and it has a lot of gotcha’s if you aren’t on NixOS e.g one example is that it’s great for terminal applications, but horrendous for GUI applications as it’ll be hit or miss. Again, this is if you’re not on NixOS. So, it can feel like an “all or nothing” approach.

        If you have the time and will, then it can be very rewarding. But if you just "want something that works ™ " side by side in your current system, personally, I wouldn’t recommend it - unless it’s hidden by some other tool like devenv (which is a great tool for reproducible developer environments).

        Anti Commercial-AI license

        • krakenfury@lemmy.sdf.orgOPEnglish
          2·
          5 days ago

          Lol thanks for clarifying your sarcasm. 😂 I can be an airhead at times.

          I was actually interested in trying NixOS on a laptop that is gathering dust. I did see a few months ago that there was some drama surrounding the project owner, though. I never investigated enough to understand what that was all about, but I’m less excited about digging into something if it may suddenly end.

  • warmaster@lemmy.world
    50·
    6 days ago

    You’re just not the target user.

    The whole OCI mindset is geared towards absolute noobs like me, and cloud native devs that develop inside containers on a daily basis.

    Take me for example. I use Bazzite, it’s the first distro I couldn’t break. On top of that, flatpaks, appimages and brew are my only options for software. Since Bazzite is an atomic distro (think immutable ) I could also use Distrobox but I don’t want to deal with it.

    Everything just works for me, I don’t care about anything. I broke so many distros before. Sure, I don’t control every nut and cranny but I don’t want to.

    If you know how to not break your stuff then that’s great, but I don’t, and I don’t want to learn that. I just want to learn other things.

    • AmbiguousProps@lemmy.todayEnglish
      8·
      6 days ago

      Not to be that person, but you aren’t restricted to those solutions for software, that’s what rpm-ostree is there for. It layers applications over your system image and installs software in a similar manner to a “normal” package manager.

      • chingadera@lemmy.world
        3·
        6 days ago

        I’ve used it here and there when there is no other option, still no problems yet for the OS itself, but I have run into issues installing certain things, most likely due to my lack of knowledge.

        I think I may be giving arch another shot soon as my needs have changed and it was so godamn close to everything I needed.

      • notanapple@lemm.eeEnglish
        8·
        6 days ago

        rpm-ostree is intended to be the last resort because layering causes issues with updates and other things

    • untorquer@lemmy.world
      2·
      6 days ago

      I just use it if the package/dependencies aren’t available or functional in the default arch repo. I like to be able to turn nuts and bolts but also avoid it when it’s inconvenient.

      2 package managers is fine for me.

  • mexicancartel@lemmy.dbzer0.comEnglish
    4·
    4 days ago

    If there is nothing appealing on flatpak, then sure. But for me it was really appealing and I still ignored it because you need to download big files at the beggining. But later on i started using it for steam and all because that thing is better staying as user-installed files in some form of permission sandbox

  • paequ2@lemmy.todayEnglish
    8·
    6 days ago

    I like package managers just fine. I don’t want to have to have a plurality of software management tools.

    Same. I grumble when I have to install things through the AUR. I’d prefer if it was in the official repos.

    can continue to blissfully ignore

    That’s what I’ve been doing. I haven’t run into a situation where I’ve needed to mess with Flatpak. 🤷 Curious to hear other folk’s experiences though.

    Also for your consideration, Flatpak seems to be mainly used for desktop GUI apps. You’ll still need your regular package manager to install CLIs. So… if you wanna keep your software management tools to a minimum…

    • krakenfury@lemmy.sdf.orgOPEnglish
      5·
      6 days ago

      The AUR is a different kettle of fish entirely, though. I do see your point, but the AUR is solving a problem common to all distros; hosting a repository for applications that there isn’t willingness or capacity to host in the official binary repos.

      Installation, removal, dependency management, etc are all still handled by pacman. As others have pointed out there are great tools available to aid in AUR usability. My favorite is aurutils.

      • paequ2@lemmy.todayEnglish
        4·
        6 days ago

        yay simplifies the AUR installation

        Simple to me means not having to install some random extra tool and just using pacman like normal. That’s why I grumble.

        • sorter_plainview@lemmy.today
          1·
          6 days ago

          Haa understood. In that perspective yes it is not simple. I would also be happy if pacman had better support for AUR.

          But I have a different perspective on this. I always look for the right or the best tool available to do something. So I’m not that hesitant to use another tool for AUR. I guess it’s a personal preference after all.