202
submitted 2 months ago by KaKi87@jlai.lu to c/linux@lemmy.ml

On Debian-based distros, when an app is available as a DEB or an AppImage (that doesn't self-update), but no APT repository, PPA or Flatpak, the only option is to manually download each update, and usually manually check even whether there are updates.

But, what if those would be upgraded at the same time as everything else using the tools you're familiar with ?

dynapt is a local web server that fetches those DEBs (and AppImages to be wrapped into DEBs) wherever those are, then serves these to APT like any package repository does.

I started building it a few months ago, and after using it to upgrade apps on my computers and servers for some time, I pre-released it for the first time last week.

The stable version will come with a CLI wizard to avoid this manual configuration.

Feedback is welcome :)

you are viewing a single comment's thread
view the rest of the comments
[-] cqst@lemmy.blahaj.zone 1 points 2 months ago* (last edited 2 months ago)

Why does Debian-Ubuntu not provide a simple command for this?

You aren't supposed to add repos. Ever. https://wiki.debian.org/UntrustedDebs

Apt is not built with security in mind, at all. The partial sandboxing it does do is trivial to bypass. Adding a repo is basically a RAT Trojan on your computer.

An example is signal-desktop

Yeah don't use signal. They restrict freedom 3 by making distribution difficult. Thats why they trick you into using their RAT repo.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842943

The least bad option is the unofficial flatpak.

[-] JubilantJaguar@lemmy.world 3 points 2 months ago

Apt is not built with security in mind, at all. The partial sandboxing it does do is trivial to bypass. Adding a repo is basically a RAT Trojan on your computer.

OK. I suppose this is the correct answer.

The least bad option [for Signal] is the unofficial flatpak.

Unless I'm missing something, here we will disagree. Secure or not, FOSS principle-respecting or not, if I'm choosing to install software by X then I'm going to get it straight from X and not involve third-party Y too.

[-] cqst@lemmy.blahaj.zone 0 points 2 months ago

Unless I’m missing something, here we will disagree. Secure or not, FOSS principle-respecting or not, if I’m choosing to install software by X then I’m going to get it straight from X and not involve third-party Y too.

Source code is like a recipe. Getting your food from the chef who made the recipe is fine, but getting it from another chef who... followed the same exact recipe is no different.

This is how the linux software distribution model works, distro maintainers are a CHECK on upstream.

this post was submitted on 06 Sep 2024
202 points (99.5% liked)

Linux

48376 readers
1992 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS