- cross-posted to:
- linux@programming.dev
The Flatpak is already packaged and works well. It just needs to be maintained from a person that joins the Inkscape community.
This would allow further improvements like Portal support and making the app official on Flathub.
Update: One might have been found!
Flatpak is not the future
./configure && make && sudo make installis not the futureWell… of course only time will tell, but the fact that we’ve been doing that for sooo long… (me for ~20 years?) would imply that it might just be around for longer than snap/flatpak/etc
Of course, sometimes it’s disguised as
yay -S…
What is ?
I’d say flatpak isn’t the future because it’s already here and seems to be universally accepted as the cross-distro package manager.
I do like how the Nix package manager handles dependencies, but it’s not suitable for app developers packaging their own apps because of its complexity.
If a better flatpak comes around I’d use it too, but at least for graphical apps I don’t know what it’d have to do to be better. In my opinion, flatpak is a prime example of good enough, but not perfect and I’d be surprised if there was a different tool with the same momentum in 15 years (except snap, but they seem too Ubuntu specific).
Snap is shit. I started using flatpak because apt didn’t support apps that I wanted and snap only supported ancient releases. .deb is annoying too and .appimage I don’t like to have the files hanging there
Ubuntu may have convinced some proprietary developers, but Snaps are shit and devs know that I think
I left Ubuntu when apt wouldn’t let me install a native package. It just would redirect to a broken snap.
(except snap, but they seem too Ubuntu specific).
For what it is worth you can install Snap on most distros. https://snapcraft.io/docs/installing-snapd
But you can’t run your own snap repo
Not officially but people have managed to reverse engineer it before in order to host their own - https://forum.snapcraft.io/t/lol-an-open-source-snap-server-implementation/27109
Whilst I do get the sentiment (and in no way do I support Canonical in keeping it proprietary), how likely is it that alternative Snap repos are going to show up if they did make it possible? Even with Flatpak where it is encouraged and documented I don’t think I’ve heard of anyone setting up a Flathub alternative of any significance.
elementary has their own repo for their system apps
I didn’t know about the self-hosted snap stores, thanks for pointing it out!
And I wasn’t aware of the Elementary thing with Flatpak! Admittedly I hadn’t really thought of it in that way, I was thinking something more akin to F-droid where there are a couple of extra repos you can add which have applications not on the main one due to slightly looser requirements. But making it specifically for apps for that ecosystem in particular makes a lot of sense.
Fedora also has their own flatpak remote, which only includes flatpaks build from Fedora rpms.
but you shouldnt because snap’s "strict confinement’ sandbox feature does not work without the legacy patches to Apparmor that ubuntu uses.
No idea
Apt or distro package manager of choice.
Those need root and don’t isolate apps from the base system
Yet curiously they’re far more secure. Huh.
No they aren’t
It completely invalidates the Android security model if something can arbitrarily bypass restrictions.
Thankfully we don’t have to follow the dumb Android security model on desktops.
on Qubes we still have security through compartmentalization, yet all systems have root access (even passwordless sudo)
They lack packages
it sure seems like it though
i mean, they’ll never replace system package manager, but for desktop applications, flatpak is honestly quite good
wrong answer sound
Why is the flatpak not verified on flathub? Hmm
From the conversation it seems to be a similar situation to the project I’m with is in. The flatpak is essentially community maintained rather than being directly supported by the team. To become verified it needs to be done so by a representative of the maintainers of the software. To be verified it doesn’t have to have a team member involved in it but this is a requirement Inkscape seem to have imposed.
For us we just aren’t in a position to want to support it officially just yet, we have some major upgrades coming to our underlying tech stack that will introduce a whole bunch of stuff that will allow various XDG portals etc. to work properly with the Flatpak sandboxing model. To support it now would involve tons of workarounds which would need to be removed later.
Thank you for all your hard work and explanation 🙏👍
Thanks for the valuable insight.
Wait till you learn that your flatpak client doesn’t verify anything it downloads
*'til
But the lack of verification and validation is a huge risk to flatpaks. As someone formerly involved with securing OSes, this kind of thing was scary back then and doubly scary since it entered its “don’t confirm; just get in, loser” phase.
😱 so I guess install via appimage?? Package manager? 🤷 🤯 brain malfunction. Im thinking don’t download or install until you verify the download with a hash and hopefully signature if they exist 🤷 use fedora? Which has better security? 🤷🤯
Many developers sign their AppImages, but its up to you to verify it
!boinc@sopuli.xyz flatpak also needs a flatpak maintainer! Your work would help people contribute their spare computational power to scientific research. If you are passionate about fighting cancer, mapping the galaxy, etc this is an awesome way to contribute to that effort in a very force multiplying way.