What use to be the PPA that allowed Ubuntu users to use native .deb packages for Firefox has recently changed to the same meta package that forces installation of Snap and the Firefox snap package.

I am having to remove the meta package, then re-uninstall the snap firefox, then re-uninstall Snap, then install pin the latest build I could get (firefox_116.0.3+build2-0ubuntu0.22.04.1~mt1_arm64.deb) to keep the native firefox build.

I’m so done with Ubuntu.

  • ebits21@lemmy.ca
    link
    fedilink
    English
    arrow-up
    116
    arrow-down
    1
    ·
    1 year ago

    Yeah they’re all in on snaps. Vote with your distro choice.

    • Hominine@lemonine.hominine.xyz
      link
      fedilink
      English
      arrow-up
      29
      ·
      1 year ago

      What I don’t get is why. What with the recent Red Hat debacle one would think Canonical would make a stronger case as opposed to force feeding the issue.

        • SALT@lemmy.my.id
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          1 year ago

          haha… ubuntu on enterprise doesn’t even touch 5% of the market, where 90% of it is RHEL and 5% another is Windows Server and some OSX… so… I don’t think canonical is dumb enough

          *please read, enterprise market, not hobbyist. Hobbyist doesn’t make money for ubuntu. Well if the hobbyist is a decision maker in enterprise, they probably will have effect, but the problem is, most of them opt in RHEL/Clones

            • SALT@lemmy.my.id
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 year ago

              You can look into fortune 500 report on Server stack, and self published red hat report. Red Hat claims is higher, but I will say, it should be at max 90%, not 95% as Red Hat Claims.

              https://fortune.com/2013/05/06/how-linux-conquered-the-fortune-500/#:~:text=Today more than 90%25 of the Fortune 500,Hat%2C the largest vendor of Linux support services.

              https://www.redhat.com/en/about/company

              Seems they revise it. hem… the fly-er I got for Red Hat academy promotion written is 95% in 2019… strange…

              But anyway, you can see anywhere, on any business medium high, mostly use Linux.

              Azure, 100% backed by Red Hat in their Infra, even Microsoft doesn’t deny or agree with it. AWS 100% EL based (old times RHEL, nowdays Fedora), Linode, Scaleway, Contabo, Hetzner, BiznetGio, Aliyun (even their Aliyun/Alibaba Linux is RHEL), OVH, etc. so I will say it’s high enough… that almost entire infrastructure rely on Red Hat Engineering. At least if Red Hat gone, CentOS Stream code still there, Fedora Code still there. The community can continue to develop it.

              Ubuntu only popular and first class only on Digital Ocean. No other cloud providers make ubuntu first class other than DO. Sure enough Ubuntu/Debian is there, you can install it, but, it’s not entirely first class as RHEL/Clones

              Hate it or love it. Red Hat still the king of mission critical system except in Europe, where SUSE is leading, but SUSE itself is well… have same or near identical to Red Hat… so… welp… kind like in same EL boat.

              Some will say data like this https://www.enterpriseappstoday.com/stats/linux-statistics.html#The_Most_Popular_Linux_Distribution is more re presentable for general mass, but I don’t think it’s for enterprises…

    • neutron@thelemmy.club
      link
      fedilink
      arrow-up
      22
      ·
      1 year ago

      I’m afraid they’ll break off Debian one day. Supporting snap is one thing, sabotaging well established user cases (apt installing deb, not being a snap prozy) is another.

      • SALT@lemmy.my.id
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        On my corporate laptop, because they require ubuntu to… well spy on us, I wrote a interface in front of snap to works like flatpak… as snap forcing through on everything I work on…

        At least I tried to disable it. and failed, so I wrote a piece of junk code to accomodate my flatpak muscle memory

      • Omega_Jimes@lemmy.ca
        link
        fedilink
        arrow-up
        6
        ·
        1 year ago

        The Pop_Shop gives you the option via a little drop down of flatpak/Deb. I’m not sure if the option is flagged by application developers or system76.

      • Dubious_Fart@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        I recently went to Nobara, not a Deb/Ubuntu fork, but its literally been the easiest, smoothest Linux install/usage experience of my life.

    • wile_e8@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      So, as someone that’s been on flavors of Ubuntu/Linux Mint for me personal computer since Breezy Badger, any good distro recommendations? I’ve been using Ubuntu Mate and upgrading in place for the last ~5 years, so I’ve mostly avoided Snaps, but I’m looking to upgrade my computer and I’m probably going to need a fresh install. I’d like to stay on the Ubuntu/Debian tree, but I’ve been using RHEL on my work computer for a while now, so I’m not totally unfamiliar with that distro branch.

      Also, should I be as concerned about Flatpaks as everyone seems to be concerned about Snaps?

      • NaN@lemmy.sdf.org
        link
        fedilink
        English
        arrow-up
        16
        ·
        edit-2
        1 year ago

        Linux Mint doesn’t do snaps, you can add them but they are more flatpak friendly out of the box (software manager supports deb and flatpak install and upgrades). They also have a Debian edition that is nearly identical once installed.

        For stuff like Firefox and other areas Ubuntu is pushing snaps, Mint builds their own deb.

        That is to say, if you liked Mint there’s not a big reason not to use it.

      • Transient Punk@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        11
        ·
        1 year ago

        I was on Ubuntu for almost ten years. The snap BS really started bugging me a few years ago, and I started distro hopping to find a new home.

        If you’re really wanting to stick with an Ubuntu derivative, you could try Pop!_OS. They remove Snaps.

        I ended up settling on Manjaro. Access to the AUR is pretty awesome.

        • Eldritch@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Manjaro and aur are not a good idea. I ran manjaro for a year or two. Things from the aur were constantly breaking and causing problems because of the manjaro repositories. If they were even able to be installed at all. There are many reasons not to use Manjaro. But if you want to use the Aur. Check out endeavor os. Very straightforward simple easy to install Arch. The Aur works perfectly and doesn’t break randomly. Because they use the Straight Up Arch repositories with just slightly different configs

          • Transient Punk@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Interesting. I’ve been running Manjaro for two years now and I’ve found it to be extremely stable on my computer and my partners computer. I haven’t had any trouble with AUR packages breaking either.

            • Eldritch@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              Even the manjaro team discourages their users from running things from the Aur. It’s not a guarantee. Some things will work okay for a long time. But due to the fact that Manjaro is not Arch. There will be problems with many things. It will be a bit of a crap shoot as to what and for how often. But it is something that even they acknowledge.

      • rknize@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        I hear ya and have recently been scaling-back my personal use of Ubuntu. I am a long-time Debian user for servers (since around the time potato was released), but always found it far too “long in the tooth” for use on a desktop. When Ubuntu first came out, it filled that gap perfectly and it was always my recommendation to people that wanted/needed to use Linux and needed it to “just work”. This is especially the case with laptops. However, times have changed and vanilla Debian is actually a viable distro as long as you are not on the bleeding edge hardware-wise and/or don’t want/need the very latest desktop software.

        For my personal desktop, I’ve actually been using Linux Mint since around the time Ubuntu switched to Unity. From the moves Mint has been making lately, it seems that they are also wary of Canonical (i.e. having to revert things like snap out of their Ubuntu base). Mint has always been hedging their bets through their LMDE release, so I would not be surprised if they cut over vanilla Debian as their base sometime soon. I have LMDE on some older machines and it works great (they are still based on bullseye, last I checked).

      • Trojan Ham@sh.itjust.works
        link
        fedilink
        arrow-up
        6
        ·
        1 year ago

        I was a Xubuntu user for about 15 years but have an old EeePC running Debian.

        I just recently moved my main, home computer (10+ yo EliteBook) to Debian 12 and am very happy. I will be soon moving my amateur radio “shack” computer (bought last year) to Debian as well.

        Forcing Snaps and Snaps’ terrible usage of disk space (in my experience) is what made me move. The annoying Firefox update warning only served to aggravate me further.

        I do use a couple Flatpaks (did with Ubuntu as well) but it was my choice - not a requirement. I haven’t had any disk use problems or bad experiences with them.

      • SALT@lemmy.my.id
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        Flatpak won’t replace RPM on Fedora, so, use Fedora… and be happy, or Nobara for gaming

      • Thwompthwomp@lemmy.world
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        I can’t comment on specifics. I’m back in linux after several years away in mac land. The snap experience is awful, and confusing. I have not had the same experience with flatpaks. They seem to act more like regular apps that you update. The issue with snap is that firefox will say the snap needs to update, and that the update is pending warning my I only have days (or hours) to use it, but no way to actually do the upgrade. Then it will say its upgrading, but nothing happens. I just keep using firefox, and every once in a while it may say something like the update failed (I honestly can’t remember, since I just ignore any notification with the word ‘snap’ in it since they’re all meaningless). Eventually, when I quit firefox, it might update and quit pestering me. But how knows? Maybe it won’t upgrade, and then I’ll open it again and it won’t be upgraded.

        Flatpaks, I can just update in the package GUI (Discover for me, since KDE) alongside other updates, and we roll on.

        Distro-wise, I dunno :/ I like ubuntu cause its more standardized in terms of software availability — most things will support an ubuntu package. However, I’m really considering just jumping into debian and going with the rolling releases.

      • joe@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Check out VanillaOS. I think it’s pretty neat. Their webpage doesn’t really get into the benefits as much as I think they should, but a very quick summary is that it leverages distrobox and some custom package manager to allow you to seamlessly install and run packages from other distros. It’s also kind of an immutable OS (but not really). It lets you pick which types of apps you want during the install (snaps, fltapak, AppImage, etc)

        I am not super in the loop about why people are so against snaps, but I don’t like the centralized nature of them, and if that’s also the general concern, then flatpak should be fine, since it’s decentralized.

        I saw a couple youtube videos about VanillaOS; I could certainly find you one of them if you want to know more.

      • bitwolf@lemmy.one
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        1 year ago

        Imo avoid Mint. If you like apt/debs PopOS.

        If you don’t care about debs Fedora is an awesome distro. I’ve used it for several years and upgrades never go bad.

  • LiveLM@lemmy.zip
    link
    fedilink
    English
    arrow-up
    75
    arrow-down
    1
    ·
    1 year ago

    Imagine having to fight your OS to do what you want. True Windows experience.

    • danielfgom@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Yes exactly. This is the main problem. It’s one thing to offer Snaps as an alternative, but to force them on users is not the Libre/FOSS way at all.

      I switched away to Mint and I’m very glad I did. I’m in control and it works perfectly. Fantastic distro. No Snaps BS and it uses less RAM and is faster than Ubuntu.

      I would encourage all Ubuntu users to switch to Mint. You won’t regret it.

  • Lvxferre@lemmy.ml
    link
    fedilink
    arrow-up
    57
    ·
    edit-2
    1 year ago

    You know what, enough is enough. Snaps run like shit in my system (IDK/DC why), I hate companies forcing their shit down my throat, and I was planning a clean reinstall anyway from Ubuntu 20.04 to 22.04. Might as well use the opportunity to go back to Debian. Or Mint. Or Mint Debian Edition. Who knows.

    Next on the news, Ubuntu (“humanity”) gets renamed to Amasimba (“shit”). /s

      • SALT@lemmy.my.id
        link
        fedilink
        English
        arrow-up
        12
        ·
        1 year ago

        TempleOS and give it a try. The prophet Terry will be smilling from the Heaven TempleOS

      • Lvxferre@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        I toyed with the idea of gentoo. Not because I want a rolling distro, but because of that 4chan meme.

        • msage@programming.dev
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          1 year ago

          Gentoo is very good actually, specially if you have a modern CPU.

          I tried it on my desktop, and I never want anything else.

      • RaivoKulli@sopuli.xyz
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Redistribution, reverse engineering, disassembly or decompilation prohibited without permission from the copyright holders.

        no

    • cloudy1999@sh.itjust.works
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      After using it since Lucid Lynx 10.04, I switched from Ubuntu to Mint last weekend. I’m lazy about distros these days, and I really didn’t want to switch, but Firefox instability was driving me nuts. The web browser must be reliable, IMO. It’s a fundamental requirement for a desktop OS, and this problem didn’t exist before snaps.

  • CaptainJack42@discuss.tchncs.de
    link
    fedilink
    arrow-up
    38
    arrow-down
    2
    ·
    1 year ago

    There’s a simple reason why Mozilla/canonical does this and that is security fixes. Due to the difference in support cycles of Firefox and Ubuntu LTS versions fixes would have to be manually backported to the system Firefox version and newer versions won’t run due to library dependencies. Snap solves all of that.

    Don’t get me wrong though, snap is still terrible, but other than flatpak or doing the work of backporting it’s the only option to get security fixes to Ubuntu

  • iopq@lemmy.world
    link
    fedilink
    arrow-up
    36
    ·
    1 year ago

    I warned you guys. “It’s so easy, just do these three steps if you don’t like snaps” but then later they tighten the vise

    • wim@lemmy.sdf.org
      link
      fedilink
      arrow-up
      9
      ·
      1 year ago

      Yeah. I switched away from Ubuntu for all this crap.

      I moved to Fedora for my laptop & desktop, and Debian for my home server. I’m considering switching everything to Debian eventually, but there’s a couple dedicated repos that make using Fedora on my laptop much easier for now.

      • tool@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I’m considering switching everything to Debian eventually, but there’s a couple dedicated repos that make using Fedora on my laptop much easier for now.

        I’d recommend against that. Debian is fantastic for a server, but I think it leaves a lot to be desired as a workstation OS as compared to Fedora.

        You can get it there/make it that way, but Fedora is just better from a user experience/convenience perspective out of the box.

        • wim@lemmy.sdf.org
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I don’t know. I like Debian. My home server also doubles as a desktop sometimes and it does a good job.

          I’m mostly not super interested in cutting edge versions. I run a newer kernel and mesa than default Debian, but the rest is just fine. I’m fine with Firefox ESR, and lagging a little bit behind the state of the art.

  • aport@programming.dev
    link
    fedilink
    arrow-up
    35
    ·
    1 year ago

    There are several high quality community run distributions which aren’t beholden to corporate tools.

  • Dagamant@lemmy.world
    link
    fedilink
    arrow-up
    24
    ·
    1 year ago

    I stopped using Ubuntu because of snap a while ago. I tend to run Linux on older machines and flat packs tend to take much longer to load than native apps. I get that they have their purpose but I would prefer to choose to use rather than be forced. I’m currently trying out POP_OS! and it’s a welcome flavor of Ubuntu

  • Linuturk@lemmy.onitato.com
    link
    fedilink
    arrow-up
    23
    ·
    1 year ago

    I like the approach Pop OS takes. Their software store lets you choose between deb or flatpak when you install software. I’ve had issues with flatpak versions of some software, and flipping to the deb package usually fixes it.

    • Nick@lemmy.world
      link
      fedilink
      English
      arrow-up
      13
      ·
      1 year ago

      Fedora does the same thing where you can choose between RPM or Flatpak. The only flatpak package I’ve ever had problems with was OnlyOffice, and the issue was that the scaling was blown way out of proportions. Switching to the RPM version resolved that.

      • Solar Bear@slrpnk.net
        link
        fedilink
        English
        arrow-up
        20
        ·
        1 year ago
        1. Flatpaks are usually fresher than point release distro packages
        2. Flatpaks are distro-agnostic
        3. Flatpaks are easily containerized for increased security and privacy
        4. Flatpaks can guarantee you have a known-good dependency chain directly tested by the developers/maintainers themselves
        5. Flatpaks can be installed and managed entirely in userspace
        • qyron@sopuli.xyz
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          All of that is good but you are overlooking the small detail that installing flatpack implies using up a lot more disk space than just pulling a distro package.

          I can point one specific example with libre office: 3.9GB for the pack vs 785MB for the .deb.

          We can argue disk space nowadays is cheap but overloading a machine with duplicated packages also goes against the main goal of running a Linux.

          When I first started using it, one of the talking points was that Linux kept the system clean of clutter and that improved longevity for the hardware and delivered stability by not having unnecessary and unused or orphaned and redundant libraries and dependencies.

          With flatpacks we get the latest and greatest - I’m a debian fan and I hurt for not getting more up to date software - but we are carting in a ton of junk that should not be necessary.

          And the container/sandbox part is not that great, apparently. Debian wiki links to this to further educate/alert on the down sides of flatpacks. Debian is not the ultimate bearer of truth but they do move a lot of respect.

          • Solar Bear@slrpnk.net
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            1 year ago

            I can point one specific example with libre office: 3.9GB for the pack vs 785MB for the .deb.

            You already have most of the major dependencies installed natively as they are depended on for many other packages, and you’re not including the space they take up as part of installing the native package, but you are including them as part of the flatpak.

            When I first started using it, one of the talking points was that Linux kept the system clean of clutter and that improved longevity for the hardware and delivered stability by not having unnecessary and unused or orphaned and redundant libraries and dependencies.

            Flatpaks literally improve this. The core system itself remains extremely minimal and lean when you use containers, in both the server and desktop space. This greatly improves stability and longevity. We all know how much of a pain it is to do a point release upgrade on a system with tons of installed software. Flatpaks do not have this problem because they are independent of the system and each other.

            but we are carting in a ton of junk that should not be necessary

            It is necessary, and it’s not junk.

            Debian wiki links to this to further educate/alert on the down sides of flatpacks.

            Much like Debian packages, the Debian wiki is stale and outdated.

            • qyron@sopuli.xyz
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              I’m learning as I go. Having imput on my talking points is always a good thing.

              I remember dipping my feet into the Linux pool, through Debian, searching online for a given tool/program, just to get disappointed as I wouldn’t have it or the version available from the repositories was extremely outdated or some library required to run it would be as well.

              And back then I remember thinking it would be great to have some way to get access to more recent software versions with all the necessary dependencies to run it from a realiable source.

              But one thing I always thought should be obligatory was that during installation of such programs, only the resources absent from the system would be added to the installation/system and any other resource bundled would be automatically discarded, thus saving disk space and avoiding redundant libraries present on the system.

              Do flatpaks have such working structure?

              I am not a programmer of any sort and up until now, everything single information I’ve read states these sources throw every necessary resource it require for running into the system storage, regardless if some/all are already available per the system or other programs.

              For me, this implies if I run 12 different programs that share, let’s say 2 libraries, for the sake of this conversation, and such libraries already exist in the base system, by using flatpaks to install each program I’ll be adding 24 redundant files to my hard drive.

              For someone that usually runs entry level hardware, as I do, the storage getting full(er) translates into an heavier, sluggish system. Not to mention that only this year, I’ll be finnally running a machine with more than 500GB of storage. Storage space is a concern for me.

              When I read on my distro “app store” that installing Libre Office from a flatpak would require 3.9GB after installed versus less than 1/4 of that if opting for the repo pack, the math wasn’t hard to make.

              Where am I missing here? What am I failling to understand regarding flatpacks?

              Easier system maintenance is a plus, per your words. I’m sold on that point.

              • Solar Bear@slrpnk.net
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                1 year ago

                But one thing I always thought should be obligatory was that during installation of such programs, only the resources absent from the system would be added to the installation/system and any other resource bundled would be automatically discarded, thus saving disk space and avoiding redundant libraries present on the system.

                Do flatpaks have such working structure?

                It’s possible, but rarely allowed because that would produce instability. Linux programs are built to rely on a specific version of a library. Depending on how much actually changes, you can sometimes get away with using a different version than the one it expects, but the more it changes the riskier it gets.

                One of the major goals of flatpaks was to create a way for developers to ship one build that was guaranteed to run the same regardless of distro or environment. The isolation is very much the point. It does use more storage space, but in most cases it’s not enough to matter. When storage space is at a premium, yeah, you generally want to avoid containers. They trade space for stability.

                Pretty much everything in the Linux space is converging on this concept. Desktop is moving to immutability with flatpak apps. The server space has been entirely taken over by containers. Even Valve has shipped a separate Linux runtime for as long as they’ve officially supported it, and they’re progressing on deeper containerization. You can direct it to run against your native packages instead of the runtime, but it’s rarely a good idea.

                The point is that it gives developers a single target that they can all rely on, instead of having to account for 20 distros with multiple still-supported versions each. And believe me, these efforts have made Linux so much easier as a user as well. It used to be that lots developers only targeted Ubuntu. Trying to get anything to run on another system was off like pulling teeth. Now, you can almost always expect to find a flatpak instead which runs on any distro.

                • qyron@sopuli.xyz
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  1 year ago

                  You mind if I poke the subject for a little more? It is opening a new understanding for me.

                  Please keep in mind I’m not a programmer, to any degree.

                  As per what you are explaining, flatpaks working remembers me of a flower blooming on a tree: it uses resources provided by it, adds functions to it but doesn’t alter it in a significant fashion.

                  But again on the space saving and version controlling.

                  Let’s take a given flatpak, where 50 libraries are shipped with it to ensure it works properly, on any given distro.

                  As you already said, library versions between distros can vary wildly but would it be that difficult to have a script running pre installation (I think “connection” is more adequate to describe the process at this point) to check for what already available required resources exist on the system to avoid redundancies?

                  I can understand that by having this sort of an homeostatic environment aids in assuring a given program will be capable of running on any machine but I can’t shake the intuition that at some point this will backfire. It’s not hard to imagine software to be kept relying on older, perhaps unsafe or not as streamlined versions of given libraries just because the developer is not that motivated to make whatever changes necessary to keep up to date with the new versions, as their software already runs as expected.

                  I’ll risk it and try it.

        • Fonzie!@ttrpg.network
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago
          1. Some software is on the Flathub instead of on Debian’s repos, so sometimes the choice is between Flatpak, AppImage and Snap.
        • cmeerw@programming.dev
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Flatpaks can guarantee you have a known-good dependency chain directly tested by the developers/maintainers themselves

          What does known-good mean? What if a security vulnerability is found in one of the dependencies. With an old-style distribution there is a security team that monitors security reports and they will provide a fixed package. With flatpaks it’s not clear to me if those developers will monitor each dependency for security vulnerabilities and how they will handle that. Will users even be informed about a security issue, will a fix be backported or will it only be available in the latest version?

          • Solar Bear@slrpnk.net
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            What does known-good mean?

            Known-good meaning a tested and working configuration approved by the developers/maintainers.

            What if a security vulnerability is found in one of the dependencies. With an old-style distribution there is a security team that monitors security reports and they will provide a fixed package.

            Flatpak is just another model of distribution. There isn’t really anything that needs to change here. The bugs are fixed upstream and they get pushed via the method of distribution, which is Flathub in this case.

            The security team in a given distribution is charged with getting upstream fixes backported and shipped. There’s no need for this role because they’re just shipped directly in most cases.

            With flatpaks it’s not clear to me if those developers will monitor each dependency for security vulnerabilities and how they will handle that.

            The developers are usually the ones doing the fixes in the first place.

            Will users even be informed about a security issue, will a fix be backported or will it only be available in the latest version?

            Well, fixes don’t normally need to be backported because flatpaks are usually fresh. They’re just built normally in most cases.

            For notifications, you’d have to follow the relevant projects directly.

            • cmeerw@programming.dev
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Known-good meaning a tested and working configuration The bugs are fixed upstream and they get pushed via the method of distribution, which is Flathub in this case. Well, fixes don’t normally need to be backported because flatpaks are usually fresh.

              There are a few assumptions in here in order for that to work: the known-good version needs to be the latest upstream version (otherwise you might not have the latest security fixes) and users need to be comfortable always using the latest flatpak version. Some users might be more comfortable staying on a known stable version for some time.

              For notifications, you’d have to follow the relevant projects directly.

              Right, and each project will have its own way of handling security issues (particularly when it comes to older versions). Will they point out that versions x - y of their flatpak are affected by a security issue in component z?

      • Linuturk@lemmy.onitato.com
        link
        fedilink
        arrow-up
        8
        ·
        1 year ago

        When a project doesn’t publish a deb or other native package, or when the flatpak is much newer and has features you need.

      • astray@lemm.ee
        link
        fedilink
        arrow-up
        5
        arrow-down
        2
        ·
        1 year ago

        Flatpacks include the dependencies with the application. So different flatpacks may have the same libraries over and over, wasting space. RPM/DEB install just the application and each dependency is a separate package, and packages that use the same dependency will share the one copy. So flatpack is better for consistency when running the app because everyone is running the same dependency version, and space isn’t as much of an issue anymore with nearly everything having more than enough storage.

        • SALT@lemmy.my.id
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Flatpak share dependencies when they have same version, so they aren’t wasting space. e

  • Moobythegoldensock@lemm.ee
    link
    fedilink
    arrow-up
    35
    arrow-down
    12
    ·
    edit-2
    1 year ago

    Hot take: PPAs suck and snaps/flatpaks are better.

    With PPAs, inevitably some repo that hasn’t been updated since 2015 causes dependency conflicts and you have to sit there and troubleshoot, or pick between the software you need and actually having an OS that’s not EOL. With snaps, you can keep your decade old dependencies all bundled up and still upgrade your system even if the package maintainer has abandoned it.

    • moonpiedumplings@programming.dev
      link
      fedilink
      arrow-up
      40
      arrow-down
      1
      ·
      1 year ago

      The issue people have with snaps isn’t the containerization or the bundles, but the proprietary backend. There is no way to point the snaps at a different store other than the one canonical controls. Canonicals forcing snaps on people pisses a lot of people off because it’s a blatant power grab, an attempt to get people dependent on something they have control over in a microsoft-esque move. Flatpaks and docker don’t have that issue.

    • oats@110010.win
      link
      fedilink
      arrow-up
      19
      arrow-down
      1
      ·
      1 year ago

      Hot take: it doesn’t feel nice to have a change forced.

      It should be the personal preference of the user to decide whether to use native or snap/flatpak. If native package manager decide to not support the package any longer it would be better to make user aware and stop maintaining app, than to install a snap package. This is a user’s decision.

      Also this can have far reaching consequences. Imagine you cannot use/install snaps on your machine due some reason, what now?

    • Rambler@lemmy.ca
      link
      fedilink
      arrow-up
      12
      ·
      1 year ago

      I tried so hard to embrace snaps and flatpak. I really did. But the snap service kept bogging down. Installs specifically of Firefox were ponderously slow to start up. And ultimately I ended up with regular installs, PPAs, snaps, and flatpaks all together with their own daemons, update paths, and quirks sucking up my system bandwidth and emotional resources. System was constantly slow. Felt like I was running Windows.

      I flipped over to endeavours, really enjoying it. Feels like Ubuntu did in the earlier years. Great support community, lots of choice, but a straightforward path to just using your system if that’s what you’re there for. And the same computer runs a good 25% faster.

    • lloram239@feddit.de
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      PPAs suck, no doubt. But the thing is, if snap is so superior, just switch your whole distribution over to it and be done with it. Don’t do this underhanded switcheroo with individual packages spread over so many years.

      The crux here is ultimately that snap just doesn’t look to be up to the task of replacing .deb, otherwise they’d have already done it. But they still want their proprietary appstore, so they have to make snap relevant by force.

    • GenderNeutralBro@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      Hot take: PPAs suck

      Agreed. I’d rather install manually than use a third-party PPA. I’ve had way too many problems, especially when it comes time for an OS upgrade.

      snaps/flatpaks are better

      I see this as a false dichotomy. The point of a distro is to have a wide array of stuff tested and available in official repositories. If the official repositories only contain half-assed snap ports, what’s the point? I either suffer with a shitty Firefox or jump through more hoops than ever before to install it from external sources? Ugh.

      I’m on Ubuntu again, and I’ve had it up to my eyeballs with snaps. When the time comes to upgrade again, I’m either going back upstream to Debian, or downstream to a de-snapped Ubuntu derivative.

    • Dagamant@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Yes, that is the acceptable use case. Aging, I maintained software in a usable form. Not “we’re showing off our container engine so everyone has to use it now”.

        • PseudoSpock@lemmy.dbzer0.comOP
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          EndeavourOS. It’s available for Arm64. Has firefox, has chromium, has vivaldi, and even has a widevine plugin builder in their AUR repo for the first two.

          For UTM hypervisor, select the Arch for ARM from their gallery and install it. Then follow the instructions for Parallels to EndeavourOS it. Oh, expand the disk and filesystem first, though.

          It’s quite a step back in time for an installation process, though. Even after getting it installed and setup for KDE Plasma, still need to install a lot of things:

          • NetworkManager
          • git base-devel
          • man-pages man-db
          • dnsutils
          • LibreOffice Plus all the things one installs for customization on any Linux… preferred shell(s), if not bash, shell customizations and completions, various cli’s you’ll want or need, your favorite IDE, browsers, browser extensions, programming languages, ansible, terraform, helm, kubectl, podman and or docker, etc etc.
  • Seltsamsel@feddit.de
    link
    fedilink
    English
    arrow-up
    22
    arrow-down
    3
    ·
    1 year ago

    LibreWolf is a Firefox fork with features removed which we don’t want (Telemetry, Pocket, …) and a few (privacy) features enabled (which can be deactivated if they’re too annoying). I didn’t had any issues with Firefox extensions as well.

    I’m currently using it on Debian and it runs smoothly. Recent Ubuntu versions are also supported and you can install them via your package manager, see here.

    • hornedfiend@sopuli.xyz
      link
      fedilink
      arrow-up
      6
      arrow-down
      1
      ·
      1 year ago

      I’ve recently distro hopped and the new distro came with Firefox preinstalled (had arch before but with xfs and wanted btrf snapshots).

      Do you think its telemetry is so bad? I want to help Mozilla to some extent to keep them working on Firefox as I think Librewolf isn’t showing much usage or support for Firefox itself.

      • nestEggParrot@lemmy.sdf.org
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        You shouldbea able to turn off from settings. More options are present in the config. You can find github guides doing more hardening for sedurity and privacy.

        Not sure about librewolf specifically but most of these firefox forks do these initial setups for you and maybeave a couple of addons preinstalled. You would still be using firefox. Beyond crash reports and some reduced usage metrics turning them off should hinder firefox much.

  • LeFantome@programming.dev
    link
    fedilink
    arrow-up
    17
    ·
    1 year ago

    Time to switch to Mint ( or Debian ). I have not like Ubuntu for a while but this forced match to snaps seems too much.

    I use Arch myself. I have been considering trying Debian Stable with Distrobox / Arch. The stability of Debian with a totally current and massive package inventory ( thank you AUR ) sounds like perhaps the best of all worlds.

    • NaN@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      11
      ·
      edit-2
      1 year ago

      TIL about desktop-file-edit.

      I’ve been doing desktop files by hand for years.

      My favorite thing about the Mozilla binary is that it auto updates just like Windows, as long as you have write permissions.

        • NaN@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Their script has a really good example of using the “proper” tools to create, validate, and install the desktop file automagically. The tools themselves are likely already installed.