I don’t understand what problem they are meant to solve. If you have a FOSS piece of software, you can install it via the package manager. Or the store, which is just a frontend for the package manager. I see that they are distribution-independent, but the distro maintainers likely already know what’s compatible and what your system needs to install the software. You enjoy that benefit only through the package manager.

If your distro ships broken software because of dependency problems, you don’t need a tool like Flatpak, you need a new distro.

  • corsicanguppy
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    They

    • add a second source of package truth to the host, introducing uncertainty in content. So they…
    • risk consistency in that you can’t be sure quickly from where something came.
    • add an out of band repo-like entity with no signed manifest of exact contents so you can’t validate your install down to the file level
    • encourage dependency hell
    • break any sort agreements as vendors can all refuse to support people with this oob spooge, at the drop of a hat (happened to me with moreutils)

    Really, from a build/release standpoint, from an os security standpoint and from an escalation/support standpoint - three jobs I held on the OS/distro side - they’re all just toxic and valueless.

    But the kids think they’re neat, so in a world where they rewarded systemd with more than ridicule, I guess #thisIsFine.