- cross-posted to:
- linux@programming.dev
- linux@lemmy.ml
- cross-posted to:
- linux@programming.dev
- linux@lemmy.ml
It is noteworthy that builds of Chrome, VLC, Dolphin, Steam and Spotify are created by third-party enthusiasts not associated with the main projects.
What great news, that’s why there is no trust in Flathub.
Why don’t you open an feature request on their git if you have an issue with volunteer work.
It’s funny thinking this guy uses a distro package manager potentially with unofficial patches applied to the package.
I mean it is still miles ahead of snaps and the snap store
I’d prefer to see downloads per country per capita.
Right? “Oh look, country with huge population has more downloads than country with small population!”
Does that count for when an OS is wiped and reinstalled or a nerd has like 3 computers and keeps OS flipping?
In that case you should use user-install flatpaks and separating and reusing your /home partition
I went a step further and have user-installed flatpaks with a custom flatpak directory so everything installs on a separate small hard drive. If the whole system goes down (usually due to my testing things!), I can reinstall set up the custom flatpak and everything works again. In theory. But it borks inter-flatpak communication (flatseal cannot find any other flatpaks and is thus unusable). I moved over to distrobox (which has its own issues, but works better for the OS wiped/reinstall scenario).
I’m sorry
Lol, what a pointless map.
It’s impossible to tell at a glance which countries have more or less downloads, other than a couple of countries with a slightly lighter colour.Yeah, they could have applied a logarithm or something.
And included a legend, such as a colour bar
Also, no novelty - strong reject, no revision possible 🙂↔️
What do you mean?
Such a Rev2!
Flatpak’s usecase for me is Alpine Linux and other distributions that use musl or other libc implementations. I don’t love it, I think its cli interface and the way you add flatpak servers to be obtuse and annoying, but it is useful for getting glibc dependent software.
Another alternative is distrobox and bedrock linux.
FOSS keeps winning it’s Insane!
Google is better at advertising anyways. No sane being has ever heard of flathub. Qndroid has billion downloads every week.
I imagine the largest mobile phone operating system on the planet has a few more downloads than one of the several available package managers for the comparatively very small desktop Linux audience, yeah. This is the Linux community, not the Android or Google community, so I’m not sure what you’re yapping away about or why.
edit: i wanted to know how many devices run android and according to this it’s three billion so you’re wrong anyway lmao
MVP
As a professor I have to say… the site admin skipped the class that taught them to include always the color bar.
I’m gonna be honest I’ve never had a flatpak version of something ever work properly.
There was even one popular media player that only came in flatpak form or otherwise build from source.
So obviously, for no reason at all, it barely functioned compared to other applications I had already tried.
Congrats to you people put there somehow running things like Steam with no problems lmao.
I’m gonna be honest I’ve never had a flatpak version of something ever work properly.
As someone once involved with OS Security, I beg you not to use FlatPaks.
Why?
Flatpak is not perfect security-wise but is a step in the right direction
You can’t just make a statement like this without giving a hint of evidence or justification
Your system might be messed up
Here only the core OS and the basic part of the DE is from the Linux repository. The rest are all flatpaks.
I have like 20 flatpak software products running without any problem for 2 years now.
I still not as good as native package
Good is relative tbf. I’ve had issues installing something natively while installing flatpak just worked
Sure yeah but its what we have. I’m personally rooting for nixpkgs but they might be too complicated to setup for the average Joe.
Great opportunity to inject malware to so many vulnerable peeps then
You could say that with any program distribution. At least flatpaks are containerised.
Nah. Most distro package managers verify their packages authenticity with cryptography since the early noughts
Crazy, how our “free world” is centralized
Touche. Centralized and un-mirrorable.
Unmirrorable? The whole thing, including the configs are open source?
Unmirrorable
Yes, unlike apt repositories, it wasn’t designed to be mirrored around, run isolated servers etc.
Flatpak was designed to be decentralised, Flathub is just the main repository offering flatpaks and yes, probably 99% of all Flatpak applications are downloaded via the main repo but it is technically possible to just launch your own if you are unhappy with the main repo. The Flatpak team literally has this info page for hosting a repository
I for example, am taking AAGL from their own flatpak repo because they are not offering their launcher via the main one (even tho they also tell you to link the main repo - I guess for dependency reasons - but theoretically you could open your own repo and throw all dependency related packages in there or am I getting something wrong here)
I agree with everything you said, however there are a few details.
it is technically possible to just launch your own [repo]
The ability to create repositories ≠ from mirror existing ones.
Unlike apt repositories Flatpak ones aren’t simply a directory tree with a bunch of files that can get mirrored using rysnc or other efficient means, it’s a clusterfuck of HTTP-only requests that need to be backed by specific metadata and there aren’t tools to manage those.
flatpak create-usb
may be promising but the name says its all - the priority wasn’t to create a way to mirror repositories but a quick and dirty hack for some situation.theoretically you could open your own repo and throw all dependency related packages in there or am I getting something wrong here
Theoretically yes, in practice things are bit more nuanced. That tools only considers your current architecture, it’s a pain to get dependencies in an automated way and most of the time you’ll end up with broken archives. You’ll also need to hack things a lot.
Ah, thx for the explanation :)
Flathub is not the entirety of Free World, just a little small slice of the pie. You can say Flathub is quite centralized. But our Free World have so much more. Every country will have a certain focus of what is freely available. It’s an optional server and package format. You are free to install it or use another free package. Nothing crazy here.
Still no proper way to mirror the thing and have it working offline / on internal networks. Great job self-hosters and sovereign citizens ;)
Offline/internal network installs can be handled with
flatpak create-usb
- https://docs.flatpak.org/en/latest/usb-drives.htmlOne can distribute flatpaks along with their dependencies on USB drives (or network shares, etc.) which is especially helpful in situations where Internet access is limited or non-existent.
Cache/mirroring would be great for those who need it.
Edit:
Thinking about it, I wonder if there’s enough “core features” with ‘create-usb’ that its just matter of scripting something together to intercept requests, auto-create-usb what’s being requested and then serve the package locally? If a whole mirror is required, it may be possible to iterate over all flathub packages and ‘create-usb’ the entire repo to have a local cache/mirror? Just thinking “out loud”.
Thinking about it, I wonder if there’s enough “core features” with ‘create-usb’ that its just matter of scripting something together to intercept requests, auto-create-usb what’s being requested and then serve the package locally?
The issue is that… there aren’t enough “core features”. It doesn’t even handle different architectures and their dependencies correctly. It wasn’t made to be mirrored, nor decentralized.
Apt for instance was designed in a much better way, it becomes trivial to mirror the entire thing or parts and for the end tool it doesn’t even matter if the source is a server on the internet, a local machine, a flash drive or a local folder, all work the same.
Apt is a package manager. Flatpak is an app format that happens to have a package manager. It isn’t designed to manage a OS.
You absolutely can as Flatpak can run completely local. You can create a custom repo if you want.
Did you ever try doing that with public packages?
You can but I wouldn’t
Flatpaks are not centralized, Flathub is. You can have your own repo.
Yeah sure, just try to mirror Flathub into your repo.
You can but there would be little point. Fedora has its own repo for instance.
I don’t get it. Why would you store all of it? I mean, you can but… why?
Because…
- Universities might want to locally host a mirror in order to waste less bandwidth and provide faster downloads;
- Large companies usually like to host internal mirrors for the same reasons as above and also so they can audit and pick what packages will be available for their end users;
- Flathub is slow af for some people;
- Local country-specific mirrors are always faster;
- In some countries not everyone can access the official flathub;
- One might be dealing with airgapped networks and systems for sensitive work and you want to have ways for your end users to install flatpaks;
- Fastly, their CDN might go down at any point (like Cloudflare sometimes does) and you’ll end up with nothing;
- Flathub itself may be subject to a cyberattack and their service might get crippled for a days or weeks and you’ll have nothing as well;
For what’s worth Debian archive repositories are about 5 TB and people actively mirror then in universities, companies, cloud providers etc.
The question here isn’t “why would you” but rather “why would I be unable to do it”. Their actively gatekeeping their repository in a futile attempt to be the single and central point of flatpak distribution - much like what Apple does with the App Store.
Awesome! Love it!