I really like flatpak! But it has its limitations. Thats okay!
There is just a space for containerized images of desktop apps that are distro independent. Linus talks about this at a QA, but having a maintrainer for every app and every distro under the sun is just a waste (he used his diving app as an example). Flat park is a good solution for packaging up apps, and it makes sense for stand alone apps that have a lot of moving parts and don’t need to integrate with the rest your intro. Their are basically 5 apps that I use everyday that install through flatpak. Stuff like discord and Joplin.
At the same time, if something is supported through the distro package manager directly, I would rather install through that. Especially for core system components, but also for apps that aren’t really daily drivers for me. I definitely feel like I have to actively maintain flatpak installations, so if I can install without a flatpak, I would rather not. For small apps, especially simple command line apps, their probably isn’t that much maintenance work to get them on the distro anyway.
I don’t really consider myself a power user, so I’ll use flatpak if it’s easy to use and doesn’t block certain features. Otherwise I’ll just look for an appimage or debian package because I already know how to use those.
The biggest issue I see is big labels like “potentially unsafe” and “proprietary” on flathub that scare people away from popular, well trusted non-FOSS software like Discord. At the same time, FOSS-friendlyness is one of the selling points for many people. How can it appease both camps?
Plus, casual users aren’t going to flathub to download programs, they’re downloading from the software site. Since most of the most popular flattpak images are not officially verified by the software owners, nothing is linking to them to increase their popularity.
Yeah, I agree, I don’t like that aspect of flatpak development either. The idea that the containerization is supposed to provide some kind of resistant form of a sandbox that prevents malicious programs from breaking into your system; I don’t buy it.
Look, you need to trust your application sources, there is no way around that. The idea that this is supposed to be a “safer” way to install software than any other package manager is silly.
I still like that flatpak apps are separated from your system and locked to their own dependencies because it makes these apps more portable to different distros. But not for security reasons.
I really like flatpak! But it has its limitations. Thats okay!
There is just a space for containerized images of desktop apps that are distro independent. Linus talks about this at a QA, but having a maintrainer for every app and every distro under the sun is just a waste (he used his diving app as an example). Flat park is a good solution for packaging up apps, and it makes sense for stand alone apps that have a lot of moving parts and don’t need to integrate with the rest your intro. Their are basically 5 apps that I use everyday that install through flatpak. Stuff like discord and Joplin.
At the same time, if something is supported through the distro package manager directly, I would rather install through that. Especially for core system components, but also for apps that aren’t really daily drivers for me. I definitely feel like I have to actively maintain flatpak installations, so if I can install without a flatpak, I would rather not. For small apps, especially simple command line apps, their probably isn’t that much maintenance work to get them on the distro anyway.
I don’t really consider myself a power user, so I’ll use flatpak if it’s easy to use and doesn’t block certain features. Otherwise I’ll just look for an appimage or debian package because I already know how to use those.
The biggest issue I see is big labels like “potentially unsafe” and “proprietary” on flathub that scare people away from popular, well trusted non-FOSS software like Discord. At the same time, FOSS-friendlyness is one of the selling points for many people. How can it appease both camps?
Plus, casual users aren’t going to flathub to download programs, they’re downloading from the software site. Since most of the most popular flattpak images are not officially verified by the software owners, nothing is linking to them to increase their popularity.
Yeah, I agree, I don’t like that aspect of flatpak development either. The idea that the containerization is supposed to provide some kind of resistant form of a sandbox that prevents malicious programs from breaking into your system; I don’t buy it.
Look, you need to trust your application sources, there is no way around that. The idea that this is supposed to be a “safer” way to install software than any other package manager is silly.
I still like that flatpak apps are separated from your system and locked to their own dependencies because it makes these apps more portable to different distros. But not for security reasons.