741
submitted 5 months ago by renzev@lemmy.world to c/linuxmemes@lemmy.world
you are viewing a single comment's thread
view the rest of the comments
[-] jj4211@lemmy.world 9 points 5 months ago

Flatpack can be centrally managed, it's just like a parallel distribution scheme, where apps have dependencies and are centrally updated. If a flatpack is made reasonably, then it gets library updates independent of the app developer doing it.

"App image" and " install from tarball" violate those principles, but not snap or flatpack.

[-] NaibofTabr@infosec.pub 1 points 5 months ago* (last edited 5 months ago)

Um, if it's "parallel" (e.g. separate from the OS package manager) then it's not centrally managed. The OS package manager is the central management.

There might be specific use cases where this makes sense, but frankly if segregating an app from the OS is a requirement then it should be fully containerized with something like Docker, or run in an independent VM.

If a flatpack is made reasonably, then it gets library updates independent of the app developer doing it.

That feels like a load-bearing "if". I never have to worry about this with the package manager.

[-] jj4211@lemmy.world 3 points 5 months ago

Define "the OS package manager". If the distro comes with flatpack and dnf equally, and both are invoked by the generic "get updates" tooling, then both could count as "the" update manager. They both check all apps for updates.

Odd to advocate for docker containers, they always have the app provider also on the hook for all dependencies because they always are inherently bundled. If a library has a critical bug fix, then your docker like containers will be stuck without the fix until the app provider gets around to fixing it, and app providers are highly unreliable on docker hub. Besides, update discipline among docker/podman users is generally atrocious, and given the relatively tedious nature of following updates with that ecosystem, I am not surprised. Even best case, docker style uses more disk space and more memory than any other option, apart from VM.

With respect to never having to worry about bundled dependencies with rpm/deb, third party packages bundle or statically link all the time. If they don't, then they sometimes overwrite the OS provided dependency with an incompatible one that breaks OS packages, if the dependency is obscure enough for them not to notice other usage.

this post was submitted on 05 Jul 2024
741 points (93.7% liked)

linuxmemes

21281 readers
294 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 2 years ago
    MODERATORS