• corsicanguppy
    link
    fedilink
    arrow-up
    12
    arrow-down
    7
    ·
    10 months ago

    Oh god, how bad flatpak is. I say this as someone who used to head up a security group for an OS.

    • brian@programming.dev
      link
      fedilink
      arrow-up
      17
      arrow-down
      2
      ·
      10 months ago

      do you have anything to back this up other than a fuzzy claim of authority? so far when I see people say things like this they’re always talking about a handful of since fixed vulnerabilities early on in the project

      • nickiam2@aussie.zone
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        10 months ago

        Every time I update my flatpak apps I get a warning about deprecated libraries. I don’t think flatpak is the issue but rather apps being able to not update really old libraries that could have security patches available. Does anyone know of a way to force these old libraries to update?

        • 0x4E4F@sh.itjust.worksOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          10 months ago

          On Flatpak? Probably not. You update those libraries, even manually, and things will most probably break.

          One of the many reasons I don’t like Flatpak. You really don’t have any control over how these packages are delivered. What the package maintainer did, that is it. But there’s a new version. Nope, not if the package maintainer doesn’t update.