Linux Packaging Formats explained: Flatpak vs Snaps vs DEB & RPM vs AppImage vs AUR
Вставка
- Опубліковано 22 тра 2024
- Download Safing's Portmaster and take control of your network traffic: safing.io
Grab a brand new laptop or desktop running Linux: www.tuxedocomputers.com/en#
👏 SUPPORT THE CHANNEL:
Get access to a weekly podcast, vote on the next topics I cover, and get your name in the credits:
UA-cam: www.youtube.com/@thelinuxexp/...
Patreon: / thelinuxexperiment
Or, you can donate whatever you want: paypal.me/thelinuxexp
🎙️ LINUX AND OPEN SOURCE NEWS PODCAST:
Listen to the latest Linux and open source news, with more in depth coverage, and ad-free! podcast.thelinuxexp.com
🏆 FOLLOW ME ELSEWHERE:
Website: thelinuxexp.com
Mastodon: mastodon.social/web/@thelinuxEXP
Pixelfed: pixelfed.social/TLENick
Twitter : / thelinuxexp
PeerTube: tilvids.com/c/thelinuxexperim...
This video is distributed under the Creative Commons Share Alike license.
#flatpak #linux #packages
00:00 Intro
00:33 Sponsor: Monitor and Secure your internet connection
01:38 Regular Packages: DEBs & RPMs
04:53 Flatpaks
08:56 Snaps
11:29 AppImages
14:11 The Arch User Repository
16:35 These formats aren't important
17:40 Sponsor: Get a device that runs Linux perfectly
18:28 Support the channel
DEBs & RPMs are contained in repositories that your distribution set up or that you add yourself.
In terms of advantages, these packages are all separate, which means that each package contains either an application or a library: you only install what is needed, nothing more. This also means they tend to use less space as time goes on.
Second, they're maintained and tested by your distributions, which means they should all work well without any issues.
Third, they're all based on a dependency system: applications declare which other packages they need to run.
You install a package as a superuser, which means you grant the package all the rights to do whatever it wants to your system as it's being installed. They also can create dependency hell.
These packages need to be made for every architecture, and for 32 bit and 64 bit, for all the currently supported versions of a distribution, and for all distributions.
And that was the main reason why Flatpaks were invented. It packages the application and everything it needs to run in a single bundle. If the application depends on a LOT of libraries that are commonly used by other applications, it can install what's called a runtime instead.
Flatpaks are only meant for graphical applications: they aren't a way to distribute libraries, or command line apps. Flatpaks are generally hosted on Flathub, but there are others repos.
Flatpaks are more secure than regular packages. They're installed as a regular user, and can't install crap that will run at the system level. They can also use a sandbox, with permissions.
Another advantage is for app developers: flatpaks run on any distribution that has flatpak installed, which is basically all of them apart from Ubuntu and its various flavors.
It also means you're not dependent on your distribution for updates: you can get the new versions of your app as soon as the developer has published them. Last advantage is no dependency hell.
Flatpaks tend to use more space, and they can''t fully replace packages: they are only for graphical programs. Finally, flatpak apps might not follow your custom themes.
You can install Snap packages on Ubuntu and all of its derivatives, or any distro that can install the snapd package. They're auto updated and containerized. Snaps also let you test future releases in advance, with "channels". While the packaging format is open source, the server component isn't.
Snaps are very slow to open at first start. They tend to clutter your mount points. Snaps also generally don't support your custom themes. Snaps do have the advantage of supporting command line utilities.
AppImages are an all in one bundle that packages the application and all its libraries in a single file.
They're very portable. They also won't create dependency hell, since they're completely independent. Appimages can be sandboxed but not a lot of them are. Appimages don't integrate with your system at all. They also use more space than any other packaging format.
Next is the AUR, it means Arch User Repository. it's available on Arch Linux and other Arch based distros like Manjaro.
The AUR is a big repository of applications and libraries packaged by individuals: they're generally not official, and not supported by the distro or the original developer.
Its main advantage is that is has virtually everything. The AUR doesn't host packages, but packagebuilds, which are scripts that will make the package.
This means that installing something might take a bit longer, and it also means that unless you read the package build scripts yourself, you completely trust an individual with the security of your system. - Наука та технологія
Download Safing's Portmaster and take control of your network traffic: safing.io
I have yet to see a single windows program that required me to click next ten times or bypass "prechecked crapware" or whatever that is. I'm starting to think you have never used windows in your whole life.
@queerdo Sorry, i don't install blatant malware from shady websites. In fact, i don't install anything, because i use winget, which is like Flatpacks but with automatic updates, and i use PortableApps, which is like AppImages, but with automatic updates. Linux still has no alternative to this.
you forgot to go over Nix package manager
flatpak is able to run command line apps and there are command line apps available for flatpak like neovim
@queerdo Why install anything from shady sources when Winget allows you to install anything that isn't from a shady source?
I think an important advantage of Flatpak that's rarely talked about is de-duplication.
In addition to shared runtimes, Flatpak uses a special technology called OSTree, which means any duplicate file or library across your entire Flatpak installation (apps + runtimes) will only be downloaded and stored once; this is called de-duplication.
This is why, when you install a new app, Flatpak will sometimes download less than the total size of the app, because some files or libraries were already present on your computer.
This is also why Flatpak updates tend to be really small, as only new or modified files get downloaded during updates.
De-duplication is a powerful feature of Flatpak that helps optimize storage space, reduce bandwidth usage, and make updates more efficient, ultimately providing a more streamlined and efficient user experience
@@mishal_legit are you chatgpt
@@Autotrope I hope youngsters aren’t tempted to start typing in poor grammar just to avoid the impression of ChatGPT
I have the opposite experience
I tried downloading a 30mb file and flat pack proceeds to download 1gb
And apt only downloaded 8mb for the same file
So I don't really think de-duplication or whatever is unique to flatpak
Only modified files being updated is pretty much the standard for most package managers
@@JamesQHolden47it's not just the grammar. it's the unprompted paragraph that reads like a wikipedia page.
I like that you tell people "use whatever you like". They're all used so widely that... I think they all have something that is compelling enough to people.
It's been a theme with your channel throughout. I think it creates less toxicity and more enthusiasm for the possibilities Linux has to offer for users without making them feel like they should be ashamed for what they're using.
Yeah, they all work, and they all serve a purpose. Use what works is my motto here
@@TheLinuxEXP It's a nice contrast... but to use apple phones for example, even though you seem to care about privacy?
Especially with how against repair they are, which creates just so much e-waste. Apple is just about as bad as Microsoft.
@@elecbaguette Choosing phones is like electing a US president, though. It’s not about which one is the best, but rather which one is the least bad. Both iOS and Android are privacy nightmares, and using any «alternative» phone OS will throw you into usability issues from the get-go as of now.
@@elecbaguette apple recently restricted Chinese users airdrop function to negatively influence a massive protest against co-vid policies. Apple has turned into a political pos company.
@@bragefuglseth3505 I believe the fairphone is a good alternative, though I haven't gotten one yet.
This clears up a lot. I've been using Mint for about 6 years now and have generally stuck to their package manager for apps, but have successfully used Flatpak and Appimage packages. The recent Flatpak support in Mint's package manager works very well.
My biggest issue with Flatpak is that IDEs don’t have access to your console (there are some ways that sometimes work but they’re timeconsuming and non-trivial) which can be really annoying for developers
As for AppImages: If you‘re using Wayland, there‘s a big chance that they require you to run XWayland since there is still no convenient way for developers to create an AppImage with native support and the creator of AppImage seems to be on a personal agenda against Wayland (and everything associated with Red Hat) so I prefer native and Flatpak over AppImages
I wonder if Nix and source packages could have been included in this video, but, well, from source is not really what this targets, but I could still see Nix packages included in there, they can be pretty cool
Or homebrew for that matter.
Nix is so new, it doesn't even have stacer 😂
Give it some time to get it mature.
Nix also has binary packages so uh yeah xd
@@alwasif it's over 10 years old actually, it has more packages than the aur xd
I can't even build Microsoft-edge-dev in nix os, then I mostly use stacer that is not in the nix stable repo. How may I even start with nix?!
One disadvantage of container formats (flatpak, snap, appimage, etc) that Nick didn't mention - which is also an advantage or system packages (RPM, DEB) is that if a library has a security issue, and the library developer fixes it, then they can release an updated DEB or RPM package that will get applied to your system and all depending applications will be immediately updated, but for applications in containers - you have to wait until the app developer updates their application - which may take a long time, possibly years, or it may never be updated: for example, the popular GNOME git client - gitg - has an official flatpak that was last updated December 2021 and still carries an old version of libssh with a serious security flaw that was fixed back in 2019.
For some other security concerns, read "The sandbox is still a lie".
Responsible for the application is its developer, so if you create and distribute an application it is your responsibility to update it. Furthermore, I assure you that above all the fix release distributions are not so quick to update a vulnerable library, especially if used by non-prominent applications, indeed sometimes they are not really fixed.
The case of VLC from some time ago on Ubuntu is proof of this.
@@carlocoppa5246 I assure you that libssh was updated by all distributions, at least once (*) since 2019.
*) And likely many many more times.
Yeah, this security update of a dependency also breaks your app and good luck if you don't have time to look closely at what the developers of 894 Linux distros are up to. Really a paradise for an app developer.
I link everything I can statically. It just saves me too much trouble when developing stuff where safety is not a primary concern. And if you don't want me to do it, then someone tell the distro devs to STOP BREAKING MY SH#T.
But that's not how distributions work, only rolling releases do it, the others at the limit make backports, but it is not said that they do, because it is always necessary to evaluate their impact and difficulty.
@@carlocoppa5246 another proof was the vpn solution in EPEL. One maintainer, hope you get support etc.. You don't want this. Really you don't.
Flatpacks really need to consider adding the terminal type of apps, in the future.
You can run Flatpaks from the command line it just requires typing flatpak run package_name [arguments]. So it is tedious. I suppose you could setup an alias so that flatpak-builder = flatpak run org.flatpak.Builder
It exists, it's just not listed on the website. And they don't push for getting those apps.
Flathub that is
I’ve recently returned to Linux and this channel has been super helpful in getting caught up on what’s been happening.
As a ubuntu user, i have recently noticed that in my ubuntu 22.04 system, snap apps are launching very fast!! Sometimes snap apps launch with the same speed as flatpaks launch. This is a great sign that snaps are now improving, and we can see it 👍
That’s because Ubuntu 22.04 recently upgraded its kernel to 5.19. This new kernel adds a change that makes squashfs use multithreaded decompression. Previously it was just single core.
Yes, Canonical is improving them all the time. It just depends on the snap package you are using because they can rely on different core bases which utilize different tools and libraries to be run. If the developers behind the application update all of that, snaps shouldn't perform much different than flatpaks.
The permissions work quite a bit different though. So sometimes either the flatpak or the snap can be somewhat broken or less secure than the other because of that.
That's good news! I left Ubuntu, when they went to the new LTS release last summer. I wanted to try Pop!_OS and I preferred it. The Ubuntu that has caught me eye is the new Unity spin. Looks like it could be cool and their new stand out project.
Honestly i think snaps are faster on kde than gnome, but maybe that's just me
Ubuntu isn't sleeping. Of course they work on improving their baby 💪😁
You cleared one thing up for me, I could not understand why some updates I had to put in my su password and other time I did not. I did not know flatpack ran under just user.
This was a great rundown! Flatpaks work so well for me with Mint and their updater. It's great that there's no bad way :)
THANK YOU! I was a casual Linux user a long time ago, and then with Windows 11 being the metaphorical straw that broke this camels back, I am slowly moving my daily drive over to Linux, Mint 20.3 for now, and was hit with all this and see these messaged in Linux videos with no explanations. You saved my To Do list of looking this up that only had SNAPs checked off. Saved me time and was to the point. Thanks again.
Great explanation, I finally understand what's the deal with flatpaks and why they're taking over the landscape. Thanks!
As someone new to Linux and on the verge of finishing a PC build to run Mint, this was incredibly helpful to understand the differences. Especially given the recent Flathub chatter on the interwebs.
As a new user, you dont have to get too deep into that discussion. It's mostly politics/philosophy discussed by overly dramatizing enthusiasts.
You should simply focus on what works for YOUR use case scenario 💪☺️
Please list out your pc components, im planning to build a linix PC too. Thx in advance
As a long time linux user i prefer the native formats. They are the best. Doesn't takes up much space, uses less data (i am a mobile data user), best integration.
Actually snap updates use less data, unlike native packages it has delta updates ;)
@@fuseteam Can't say about snaps as I don't use it. But flatpaks use a lot of data. And rpms also support delta upgrade
@@MrinmoyHaloi i use snaps (and it's documented on the web) so i can tell that snaps use delta upgrades just like rpm i suppose........granted fedora is considering to drop delta updates
I use Flatpak and RPMs on my system. Both of them work quite well (sometimes I actually have to look it up if the application in question is an RPM or Flatpak), I find RPMs a bit easier to handle, especially when creating shortcuts manually or using the command line to launch/update it.
I never install applications outside of the Fedora repos or the Flathub for security reasons
you can update and launch flatpaks very easily through flatpak cli too. And the slight inconvenience it part and parcel of a sanboxed system.
Really nice walk-through. I'll look for your channel in future searches.
Thank you, Nick. I really like Linux, but sometimes feel lost as I learn this new environment. Your videos help a lot, and I've even been able to help answer questions for a couple other people now.
You didn't mention the biggest drawback of appimages: there is no centralized way to update them, you have to check every program manually for new versions and then download them.
Thanks a lot for these clarifications. With Linux, you learn a new trick everyday!
Congrats to 250k followers!! 🥳 I've never thought that there is so much interest in Linux
Imho libraries are meant to be widely backwards compatible, so if you install libXY.3.7, every program which uses libXY.3 should be able to use it - maybe with bugs in 3.6, 3.5 and so on till 3.1.
If your library change is breaking backwards compatibility, you should versionize it as libXY.4.0 - then incompatibilities are to be expected.
And if a very program depends on libXY.4.*, you may install that single program by hand to /usr/local, so multiple versions of a software/library can coexist.
Thanks so much for this video, it cleared up several misconceptions I have had.
Thank you so much for explaining all these formats.
Thanks, Nick. Always worth the time!
The Biggest advantage of Linux for me was always that most Times apt-get install was perfect, one to rule them all.
Now not only do you need to choose a distro but also a package Manager.
Nah not needed, zypper, apt all suffice tbh
This is great! I didn't understand Snaps vs Flatpaks until this video
Great video, thanks! There's not always much opportunity to come across this info, and realise what you don't know, if you're not deep into the linux world
Thank you for the clear explanation of these technologies. I remember when I would get a tarball and then run configure and make.
13:03 Ubuntu doesn't prevent the installation of Flatpak. Some flavours just don't have it enabled by default anymore (Ubuntu never shipped flatpak by default). You can still enable it if necessary
They prevent flavors from preinstalling it
ubuntu server will install flatpak as a snaps package (on the setup screen)
5:28 There are some command-line tools distributed as a Flatpak, and they work just fine in my experience, though most non-graphical apps usually prefer being shipped as Snaps
EDIT: But it can be annoying to have to do `flatpak run something.something.theapp.something`, but I think that if everything is configured properly and that you don't also have the app installed natively, you can just run it with the name of the app, but I don't really know as I have a custom menu for all my programs in any format I like
In order to not to call it with a long name you can create an alias which will call the package by typing less
You can create aliases to make it easier running your flatpaks from the terminal
alias something="flatpak run something.something.theapp.something"
which cli tools do you use from flatpak?
@egorandreevich7830 It stands for Command Line Interface tools. Basically commands you run in thebterminal
Thank you so much for the video, this video helped me a lot to understand the Linux Packaging formats.
Oh thank you Nick for making this video when I want it the most
Was learning how to install fedora after using Ubuntu for 6 months
This video helped me a lot
Thanks Nic!
Really enjoy and learn from your show!
AppImages are so nice when you test development versions of new software. It's so helpful that they will run regardless of your system and the libraries you have installed.
Also being a MacOS user (oh, the horror), the ability to easily add & remove applications is nice too (as it works like AppImages) - plus being able to run 2 versions of the same app, means you can try before you upgrade/migrate.
I feel like AppImages could have been (& still could be) the solution that negated Snaps & FlatPacks.
I've been using Nix and Conty a lot since I use Vanilla, they're pretty good. Nix was confusing at first but itsfoss has a good introduction to it, I'm currently learning home-manager for it as it sounds super convenient for distro-hopping. But it isn't as comprehensive as AUR and Conty can help with some of that, especially for gaming as it compress a lot of stuff into a surprisingly small executable, and they include Steam, Bottles, and many emulators with the help of chaotic-aur. Add distrobox, flatpak, and appimage, surprisingly I don't need to use traditional package management on host all that much.
Great overview! And thanks for going a bit deeper by including the fair warnings about the aur.
Oh yeah, It's basically Wild West 😵💫
@@ArniesTech pretty much. the aur team try their best to keep it together though.
In fact I would like to see more app images. I seriously like Windows' way of handling data (unpopular oppinion, I know) 🫡 and your description at 4:06 perfectly shows that, and I feel like app images comes closest to this 🙏
Not really. App images are more like portable all-in-one exe files on Windows, which are quite rare to find nowdays. Snaps and fltapacks are actually closer to Windows idea of installing software - because there're some libraries which are unique to this software (and usually they are installed to c:\program files\) and some are shared like msvc redistributable or directx which is installed systemwide and once-and-for-all
Thanks. This made things a lot clearer.
"Flatpaks are only meant for graphical applications: they aren't a way to distribute libraries, or command line apps."
There are some actually, but not convenient, so the point stands. Some crazy people (we all know who 😄) even packaged stuff like distrobox and alpine in it.
I couldn't explain all of this to anyone. So, thanks so much for this video! 😊
Thank for the video! Great work!
very informational video, thanks nick
Great video! I feel like you explained everything very well, and the transition from flatpaks to snaps was smoother than LTT sponsor segues.
Edit: Your sponsor segues are also getting smoother than LTT sponsor segues
Edit 2: 18:37 😂😂
Another great video, thank you for your content
thanks. as a newbie, these vids are highly valuable to me
Wish I saw this video sooner. I remember trying to understand the package formats when I was trying to get the latest version of an 3D printer slicing program called Cura on my laptop running Fedora KDE Spin. The RPM format of Cura from the Fedora app store is incredibly old (v4) and Cura have their v5 app image on their website. It runs just like on Windows however it uses a different file manager and that means I can't save to my SMB share. I did saw/tried other methods but I don't remember as I ended up reinstalling Windows on my laptop for the convenience of an relative who I share this laptop with when he needs to borrow it.
But I had been meaning to return to Linux on my gaming PC whenever Microsoft drops support for Windows 10.
Homebrew is another one. I've been using it on an old Macbook with Debian running on it. It's advantage is it doesn't run under root, seems to work pretty well on Linux.
Great video Nick!
what would be nice with the thing you were talking about around the 16 to 16:19 point. It would be nice to be able to have a kernel level tool that could read what a package needs, determine with the advent of things like flatpak & snaps if you have something in another package that could be used for a new package and creates a centralized package that hands those out, basically take the best of both worlds of .deb and all those others and the niceness of packaging everything an app needs in its file in a self-contained unit.
Great job summarizing the dizzying array of package types on Linux. And I think it's great advice to just "go with the flow" and use whatever package manager your distro encourages. Unless you're a developer in which case you'll have "special needs" and end up using them all...
not sure if i really understand it all just yet but to me ‘packages’ sounds like the best thing for the future. As an admin in a windows environment we’ve been using App-V for many years now. Application virtualization. Microsoft tech that sits between the ‘package’ and the OS to make sure everything works. instead of installing an application we just copy let’s call it an advanced zip file, that contains everything it needs, onto our machines (created via a wizard) . 1 application can no longer mess up another one.
Great video! At last these are explained. I am new to Linux and I am so confused. Thank you.
MANNNNNN I really needed to see this video!!!
There's a major difference between snaps and flatpak. By default, nothing restrict the app to access the host file system. Flatpak is the opposite, by default it will block the access to the user's host file system.
This is not that important for apps from big players like Canonical or Red Hat, but I personally believe that flatpak is much more secure for third-party apps, forcing the developer to ask for access to the host's file system.
Flatpaks vs snaps vs appimage was something I've been interested in for sometime now
I love Flatpaks, and honestly think they should become the first-class citizen for graphical applications going forward. I see Flatpaks as especially promising for gaming, as well as for productivity suites like Adobe and Affinity (Serif)... if they would ever get their acts together and show Linux some love, that is!
That said, there have been situations in the past where AppImages were indispensable diamonds in the rough. So, yeah, there's definitely a place for all of them.
flatpaks and appimages are fantastic. a reduction in dependency hell. no longer need to add third party PPAs just for that one app because their distro is too slow to update the software. The sandboxed nature of flatpaks is also much added bonus. downside is the extra size, but space continues to get cheaper. there needs to be more support for an appimage central hub like flatpak
nice sponsor! safing is actually really cool!
Back in the Amiga Workbench days programs would check for a minimum version of a library or file and so long as it met that requirement it would run. No dependency hell just a min version required, so you'd thing that in 2023 linux would use something similar.
Отличное видео, быстро и по делу.
Nice explanation
Thanks a lot for this, I'll have to rewatch it a few times, this has been the most confusing thing after returning to Linux in around 5 years O_o
Thank you, Nick. I've settled .debs or, preferably, flatpacks. I'm on POP waiting for the new COSMIC DE to be ready so flatpacks allow an LTS to have the newest version of software.
love this vid, thanks
As always writing a comment to support the channel
Using SteamOS Flatpak is what you get through Discover. It seems to work fine for my needs. That is my main Linux PC now. Actually seems to have taken over as my actual main PC most of the time...
I have not really installed much software on my portable Ubuntu install as that is mostly for troubleshooting and retrieving data from busted OSs. I've also not really used Ubuntu much since my Steam Deck arrived. It just seems to have taken over everything.
I still mostly install packages through the terminal though when working or studying. Then again that is mostly on a variety of VMs or an RPi.
I'm an ubuntu user. I've seen many threads about the best linux app packaging format. The pros and cons, mostly said snap is suck, but sometimes leaves me confused. So rather than join the debates, i decided to use all those 3 snap, flatpak, and natives deb/dpkg/apt. Interestingly, i've found that every app can runs better in every different format. For example, Firefox runs overall better faster on flatpak, Steam app and games run overall better faster on native dpkg, and Spotify sound output is overall better on snap.
So if i want to install an app i will install from all those 3 formats, compare and pick one which runs better. Now i'm relieved 😌
Great video
Nice video. The only app i don't get from my distro repos is the criptext e-mail app, which is distributed officially through AppImage format.
I just use AUR and Flatpak on EndeavourOS and I haven't had any issues. Best combo imo
THANK YOU!!!!
are docker containers the same as flat packs?
is all the stuff that is put into a container flat packed?
also binaries that require system dependencies can they be manually installed in the same folder with the program?
in the same way that you can put the msrvcr.dll in the same folder with the program that requires that dll can you do the same thing with the dependencies for non flat pack programs?
i am a customer of a seedbox that allows running programs on the seedbox but sudo is not given to us customers so we can only run self contained programs or programs that do not require dependencies that require sudo.
so could i take a non flatpack and extract to say the downloads folder and copy it to another machine that does not have sudo access and run it there will the program detect and execute the dependencies from the files in the same folder?
For command line apps, would be nice a mention of Homebrew, pip and npm.
I find nix better than homebrew. there is even a portable version where you don't need permission to install it.
You probably even want to use toolbx or distrobox for that, instead of polluting your Main System
@@razzeeee You are right, I didn't know much about those at the time. Also, now would be pipx instead of pip
Two sopnser in a video!
Great job man, Linux UA-camrs need this growth🎉
really useful 👍
I'm also an advocate for using the traditional packages for the base system, and the third-party package formats for GUI apps. Not to say that you shouldn't be allowed to install a GUI app via traditional means, but I couldn't tell you how many times I have ruined a system by trying to get a new app running through the distro-level package manager, and breaking a zillion dependencies. With packaging like Flatpak or AppImage, there is only so much damage an inexperienced user can do. An inexperienced user probably doesn't want to mess with their base system anyway, so it works very nicely having some kind of delineation between base system and user apps.
I finally understood the Snap situation.
1) Regular Package
2) Flatpak
3) Snap (if it is a command line tool or it is not available in flatpak)
4) AUR (at last because you never know, and I don't trust it much)
If it is not an Arch derivative, I may prefer flatpak or snap over regular package for some app to get the last updates. I don't use appimages.
From me the best fit is pacman + AUR, and Appimage for the outdated apps. I like Manjaro because they test packages for a while.
I don't know too much but Nix seems to be a interesting project.
I have a two disk setup, with my /home/user/Documents folder mapped to the second drive. The sandboxing on flatpaks drove me crazy as the second drive was locked out. The `flatseal` application is the way to modify the sandboxing. I think you showed that on screen but didn't mention it by name.
Using snap you can pin a specific "release channel", like a major version. So, when a new major version comes your app will not be updated to it.
First thing I do after an Ubuntu install is sudo apt purge snapd. I occasionally use flatpack and appimage, but for the most part I use the apt repositories and developers sites...
While you mentioned AUR you should have mentioned DUR as well, although it is still pretty small but I believe it will take off with time...hopefully😅
Can you check out the nitruxos? It feels like a unique distro having its own applications, customized version of plasma (having sort of their own DE) and it uses appimages by default
Nitrux has a great way of implementing Appimages. There's an installer program / app that makes sure they appear in the global menu, enables them to adopt local graphical settings and sets them up to run in sandboxes. It also identifies if the Appimage update facility is included by the developer and if so it checks for updates for you. This is how they should be used and it's a shame the format developer seems indifferent to these facilities. The question of the the security/integrity of the Appimage is still unresolved though. But when all the bits work as they should they are simplicity itself to use.
The intro had so many clever jokes that it completely snapped my brain
I love this channel.
Thanks!
I was just missing the NixPackages. They are very interesting because they are totally different.😉
Ty 😌 for content ☺️ now i can talk clearly to Linux geeks.
Reposting because _of course_ UA-cam shadown-banned my comment for no reason.
I think Richard Brown compared these really well in his 2023 Fosdem presentation.
He explained some technical reasons why Flatpak is the better option as a software maintainer, it was really interesting.
Thanks, I’ll look it up!
.
The only and best way is put a recall repositories in the terminal sudo install.
You want something not terminal based? Then just put a simple visual version of it. If I click then start sudo install.
We need a mix between those two procedures: more closer to Homebrew.
BTW, Nick: kudos on your graphic game. Impressive.
I wish Canonical just gave up on trying to force snap on desktop linux. It really is a great tool for servers, and it shows that it was designed for servers in the first place. But for desktop flatpak is the clear winner even with it's small problems.
AppImages can be sandboxed with firejail. Not easy for many users, but at least it is possible.
By the way flatpaks and snaps can even be less secure depending on the attacker. Because with flatpaks you rely heavily on the maintainer to not just maintain the application itself to build properly but also all of its dependencies which are not inside a runtime. Then even if they are inside a runtime, they have to manually update the runtime they rely on as well.
So it's actually possible that you install a flatpak which uses less updated/patched dependencies than you would use within your distribution via .rpm or .deb packages, potentially containing security vulnerabilities. In worst case this leads to sudo privileges escalation, making the fact you don't install them as root user irrelevant.
That's why I would never blindly trust flatpaks or snaps. With snaps I think that's more unlikely than with flatpaks because you don't need to take care of as much dependencies on your own as maintainer (you can actually use .deb packages inside snaps). But the same mindset should still apply.
So if anything I would mostly trust the packages coming from my distribution and their maintainers. Because most distributions rely on open-source software here. Therefore you could verify whether anything sketchy runs with sudo privileges but also the maintainers of your distribution do that (in theory).
With flatpaks and snaps I have noticed as maintainer/developer that you package can encounter manual validation. But because of their configuration complexity, it's far more likely an attacker could put malicious code inside without them noticing. Also this validation is not mandatory for all releases.
13:40 I like that actually... makes deleting simple... so many times I would delete something and a bunch of files related to that application are just still on the computer.
Where is the Manjaro Linux games link, I don't see it anywhere in the description box
AUR packages has no option to install separated for example in systemd-nspawn container?
Woulda liked to see a little bit on chaotic-aur, cuz there seems to be some confusion around as to what exactly it is.
I'm glad about Flatpak, because I prefer Debian, but in the past I had to use PPAs for things, and Debian didn't allow those for security reasons, but Flatpak is great. On two of my machines I run Mint's LMDE 6, and my old Chromebook I modified the UEFI/BIOS to run Linux on is now running Debian 12.2 Cinnamon, and it runs great.