undefined | Better HN

0 pointskd9135y ago0 comments

>There is no downside to Flatpak's support for multiple repositories and ability to self-host repositories.

There are always tradeoffs. I would argue there are advantages for having a trusted party vetting my software repos. It's why I even use Ubuntu because I trust Canonical to make some sane decisions when vetting their repositories.

You give multiple repository support and suddenly users have to one find a way to add another repo, and second there is no way of removing software from those repositories if they do end up malicious.

Which is why I brought up the webupd8 java instance having root access to thousands of machines.

>users can optionally add more repositories if they choose to do so.

Ubuntu is the version of Linux designed to be used by your grandmother. They want to make it as easy as possible for users to install trusted/safe software from both proprietary/free vendors.

It's kind of telling that Mozilla/Microsoft/Spotify/Jetbrains released software as a snap long before it is even possible on flatpak but nevermind that. I don't think you can even get VSCode, Spotify or Intellij on Flatpak.

0 comments

8 comments · 4 top-level

commoner5y ago· 2 in thread

> You give multiple repository support and suddenly users have to one find a way to add another repo, and second there is no way of removing software from those repositories if they do end up malicious.

> Ubuntu is the version of Linux designed to be used by your grandmother. They want to make it as easy as possible for users to install trusted/safe software from both proprietary/free vendors.

By default, GNOME Software and KDE Discover only use the Flathub repository. Your grandmother won't be adding other repositories to the Flatpak client. Users who don't add any extra repositories will use Flathub, which is a trusted source of software that runs on an open source server.

> It's kind of telling that Mozilla/Microsoft/Spotify/Jetbrains released software as a snap long before it is even possible on flatpak but nevermind that. I don't think you can even get VSCode, Spotify or Intellij on Flatpak.

https://www.flathub.org/apps/details/com.visualstudio.code

https://www.flathub.org/apps/details/com.spotify.Client

https://www.flathub.org/apps/details/com.jetbrains.IntelliJ-...

kd913OP5y ago

None of those 3 links are provided by Microsoft, Spotify or Jetbrains. Yes they are there, but they are published from 3rd parties. Why exactly do you think that is?

The microsoft, spotify and Jetbrains software comes directly from their respective publishers. Problems are supported and debugged directly. That is a major difference.

cosmojg5y ago

> Why exactly do you think that is?

Canonical very publicly collaborated with these companies to get their software on the Snap store while Flathub has been handled in a more free-for-all manner. If you build it, they will come, and all that. Moreover, I'm not so sure Red Hat is as explicitly interested in monopolizing the Linux application ecosystem as Canonical, especially since their acquisition by IBM. Maybe IBM has other ideas, but we likely won't see similar marketing efforts on that front in the near future.

michaelmrose5y ago· 2 in thread

Can we not pretend that the single source nature is anything other than a money grab? It's pretty clear that all you have to do to ensure grandma doesn't add sources is make adding it require the cli.

kd913OP5y ago

You can watch the discussions from Popey, Martin Wimpress etc... It's pretty clear from their perspective that they built the tech from users/devs first approach.

Do you really think Canonical is looking for money over here? If so do please precisely explain in the short-term how exactly you think they are gonna achieve that.

Do you think they are suddenly going to be able to dominate the entire 100% Linux desktop software market and charge 30%? Do you think a company like Microsoft/Spotify/Jetbrains would just roll over with that? I don't imagine they can do that considering Red Hat/Suse market position. Nor do I see the total Linux Desktop applications being a blip at all on their revenue streams.

Last I checked, they are still providing infrastructure to the Linux community for free. They still have more market share then the rest of the Linux distros combined. That and without them, Linux Mint wouldn't be operating as they do now.

Frankly they don't deserve the hatred the FOSS community throws at them and you are being somewhat disingenuous by presenting them as such.

commoner5y ago

The FOSS community opposes Snap because its server is closed source and forces vendor lock-in to Canonical, among other reasons. This is fairly simple to understand and not "disingenuous".

2 more replies

kelnos5y ago

> They want to make it as easy as possible for users to install trusted/safe software from both proprietary/free vendors.

Canonical deciding that Ubuntu won't allow third-party Snap repositories is completely orthogonal to open sourcing their Snap server and/or making it easy for people to develop alternatives. They can perfectly well do both.

addicted5y ago

Your first argument is an argument against using Linux at all.

j / k navigate · click thread line to collapse

0 comments

8 comments · 4 top-level

commoner5y ago· 2 in thread

> Ubuntu is the version of Linux designed to be used by your grandmother. They want to make it as easy as possible for users to install trusted/safe software from both proprietary/free vendors.

https://www.flathub.org/apps/details/com.visualstudio.code

https://www.flathub.org/apps/details/com.spotify.Client

https://www.flathub.org/apps/details/com.jetbrains.IntelliJ-...

kd913OP5y ago

None of those 3 links are provided by Microsoft, Spotify or Jetbrains. Yes they are there, but they are published from 3rd parties. Why exactly do you think that is?

The microsoft, spotify and Jetbrains software comes directly from their respective publishers. Problems are supported and debugged directly. That is a major difference.

cosmojg5y ago

> Why exactly do you think that is?

michaelmrose5y ago· 2 in thread

kd913OP5y ago

You can watch the discussions from Popey, Martin Wimpress etc... It's pretty clear from their perspective that they built the tech from users/devs first approach.

Do you really think Canonical is looking for money over here? If so do please precisely explain in the short-term how exactly you think they are gonna achieve that.

Frankly they don't deserve the hatred the FOSS community throws at them and you are being somewhat disingenuous by presenting them as such.

commoner5y ago

The FOSS community opposes Snap because its server is closed source and forces vendor lock-in to Canonical, among other reasons. This is fairly simple to understand and not "disingenuous".

2 more replies

kelnos5y ago

> They want to make it as easy as possible for users to install trusted/safe software from both proprietary/free vendors.

addicted5y ago

Your first argument is an argument against using Linux at all.

j / k navigate · click thread line to collapse