104
Active AUR malicious packages incident
(archlinux.org)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 12 Jun 2026
104 points (100.0% liked)
Linux
13931 readers
429 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 3 years ago
MODERATORS
All that a flatpak is is a distro-agnostic release of a package. They contain all the binaries and libraries to run on any distro. They're also sandboxed from the rest of your OS unless you give them permission to interact with it. Being that they contain everything for all of Linux means slightly larger file size, but that's not so much of a problem as it was in the old days.
I install flatpaks via terminal, same as I do for official repos stuff and the AUR. I was never a fan of GUIs for really anything on Linux other than my file browser, but especially not for updating or installing packages. There's too many prompts and dependencies.
The separate libs is indeed my concern.
I like using my optimized system packages. I like how they’re all built against each other, especially for some things where performance depends on certain libs.
But, probably more importantly, my OS partition gets pretty tight, and I want to reduce duplicated libs where possible. I could probably do something about that (like put Flatpak on a separate drive), but I guess I also have a bad experience with docker taking tens or even hundreds of gigabytes and tons of RAM for simple projects.
EDIT: …I didn’t meant to go on an anti flatpak rant. I’ve used it on other systems. TBH I might try it soon, but most everything I need is in my distro repo anyway. Or something I install/build manually.
All good! You sound like you're on the right path. I have like 3 or 4 flatpaks installed hahaha