173
Is there a downside to Flatpak?
(lemmy.world)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
IMO yes but it might not be an issue for you, flatpaks work like windows standalone executables where each app brings all their dependencies with them, the advantage is the insane stability that method provides, the downside is the huge size the app will ultimately take, flatpaks are compressed and they don't really bring all their dependencies with them (because they can share runtimes) but the gist of it is a flatpak is usually much heavier than a system (.deb .rpm .PKG) package.
If you are ok with tweaking I recommend nix pkgs as they work on any distro and only take slightly more space than system packages. I have a terrible connection and low disk space, flatpaks aren't something I can use on the long run.
Oh and if you're wondering flatpak >>>> snap > appimages (IMO)
No thats appimage. Flatpaks run on shared libraries and even different runtimes containing the same packages share those using deduplication
https://gitlab.com/TheEvilSkeleton/flatpak-dedup-checker
A Flatpak is exactly as heavy as a system app, just that on the system you already have some libraries installed.
Initial download size is bigger, okay. And in general more downloads, I guess the deduplication happens on the disk.
Its like, shared runtimes but also not. Its a bad situation tbh.
I didn't know we were ranking the horsemen of the apocalypse. Leave room for shitty supply-chain victims like cpan/composer/npm and other irresponsible shortcut tools that throw security out the window.
In the case of NPM (don't know enough about the others) it's not a general purpose package manager, it's only for node related packages.
And yes I think ranking them is relevant Appimages are pretty terrible security wise(let's download random executables on the internet yayyy!), snaps are getting better but used to be really terrible and to be fair NixPkgs aren't that safe either.
Flatpaks are pretty secure, they work well, the stack is fully open source and allows you to host your own flatpaks repos, as well as manage sandboxing parameters. If only they were lighter I could easily see them become the "Linux executable format"
I think using AppImage like Flatpak is silly. It is perfect for keeping some programs on a USB drive for example, but not as a way of installed software.