The future of Flatpak
lwn.net
At the Linux Application Summit (LAS) in April, Sebastian Wick said that, by many metrics, Flat [...]
  • e8d79@discuss.tchncs.de
    7·
    6 hours ago

    Reading that Flatpak is struggling to merge new features is concerning. Flatpak is a really important project for getting commercial developers on board. I don’t want to go back to unpacking .deb files built only for Ubuntu 12.04 to install an application and I want closed source apps to be sandboxed.

  • RegularJoe@lemmy.world
    25·
    15 hours ago

    “Wick started his talk by saying that it looks like everything is great with the Flatpak project, but if one looks deeper, “you will notice that it’s not being actively developed anymore”. There are people who maintain the code base and fix security issues, for example, but “bigger changes are not really happening anymore”. He said that there are a bunch of merge requests for new features, but no one feels responsible for reviewing them, and that is kind of problematic.

    –OOF.

  • Aku@lemm.ee
    121·
    15 hours ago

    1. a great, interesting article. thanks.

    2. “Like, you bind something on localhost and suddenly all applications can just poke at it”. He gave the example of AusweisApp, which is an official authentication app for German IDs that can be used to authenticate with government web sites. It exposes a service on the local host, which makes it available to all Flatpak applications on the system.

    This is some of the stuff that I feel like we really need to take a look at. I’m not sure if this is like directly exploitable, but at the very least it’s kind of scary.

    Over the years i noticed that germany has ugly software and websites. in austria its different.

    1. Another awkward spot the project finds itself in, he said, is with NVIDIA drivers. The project has to build multiple versions of NVIDIA drivers for multiple runtimes that are supported, and that translates to a great deal of network overhead for users who have to download each of those versions—even if they don’t need all of the drivers. (This complaint on the Linux Mint forum illustrates the problem nicely.)

    obligatory NVIDIA, FUCK YOU!

  • 5714@lemmy.dbzer0.com
    42·
    13 hours ago

    How long do you think until Flatpak is replacing packages? I really don’t like the current stultifying trend of the combination of Flatpak and immutability.

    • LeFantome@programming.dev
      1·
      11 minutes ago

      I do not want Flatpak to replace distro packages.

      I use both pacman and apk and they are both far better package managers than Flatpak is. Apk 3 is awesome. And I do not want sandboxes for native packages.

      The role of Flatpak is as a distribution method for app developers to target Linux as a platform with a single build. It is a place to get things that may not be in my distro repos. It can be a method for commercial distribution. It is the cure for the “fragmentation” problem that makes it difficult to develop software for Linux.

      I hate snaps but snaps could actually be used to replace packages. You could distribute GCC as a snap. In its current form, Flatpak is only targeting GUI applications

      • vrighter@discuss.tchncs.de
        31·
        9 hours ago

        not op but here’s my reasons: I want my apps to be able to talk to each other. So flatpak is just in the way. Also, I don’t see the point of immutable distros. I could boot off of btrfs snapshots years ago. Immutability gives me absolutely nothing of value either

        • HayadSont@discuss.online
          3·
          9 hours ago

          I want my apps to be able to talk to each other. So flatpak is just in the way.

          This is (at least somewhat of) a legit concern. But is mostly directed towards Flatpak’s limitations in its current implementation.

          Also, I don’t see the point of immutable distros. I could boot off of btrfs snapshots years ago. Immutability gives me absolutely nothing of value either

          Have you ever wondered why openSUSE started working on (what would eventually become) Aeon while they had previously pioneered the BTRFS + Snapper workflow with Tumbleweed? I believe you may find the point of immutable distros in there 😉.

          • nico198x@europe.pub
            2·
            7 hours ago

            I dig immutability for servers, grandma, and productivity laptops.

            I think it fills a nice niche in the Linux ecosystem, even if I still prefer my custom prime desktop.