A new ‘app store’ is expected to ship as part of Ubuntu 23.10 when it’s released in October — and it’ll debut with a notable change to DEB support.

  • Rikudou_Sage@lemmings.world
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    Tldr: the new store only supports snaps, deb support will come later. OP, please provide summary next time if you link to clickbait articles.

    • z3bra@lemmy.sdf.org
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Deb support will come later, but:

      If the same piece of software exists in the Ubuntu repository and the snap store the new store will only make it possible to install the snap version.

      So the title is on point IMO.

  • Recant@beehaw.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    Why is Ubuntu pushing snaps so hard? Is there objectively a benefit to them apart from Flatpak?

    It seems like an odd hill to die on.

    • entropicdrift@lemmy.sdf.org
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      There’s a benefit to Canonical, the corp that maintains Ubuntu, which is that while snaps are open source tech, the server for the snap store is closed source and snap can’t be configured to point at another store.

      In other words, it’s about centralized control.

      There are some advantages to the tech itself, like live auto-updating, which is good for security-critical server apps, but over all I’m not a fan.

      • Recant@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        I don’t think that the board members are sitting there and pondering how they can exercise more control on the user via snaps.

        The auto updating is a nice benefit but it doesn’t seem like a big enough benefit to allocate so many developer man hours into. I would think that Canonical would realize that the developers time is better spent making features the users want.

        But what do I know? I’m just someone posting on Lemmy not a Canonical board member haha

    • Random Dent@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Canonical is just weird like that, it seems. They tend to pick something and fixate on it really hard (Eg. Unity desktop, Mir, that convergent phone thing, now Snaps) and work on it until it’s almost really good, then they get fixated on the next shiny thing and dump whatever they were doing to go chase that instead.

    • Auzy@beehaw.org
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      It could be like the old RPM vs DEB arguments. Technically, one could have argued at the time that RPM was explicitly singled out in the Linux Standard base.

      However, these days, DEB certainly feels more common (although, from my understanding, Redhat/Slack is big in enterprise, so i’m not actually sure which is more common).

  • Auzy@beehaw.org
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Honestly not sure why it matters, provided the store is full. Both are similar to end users

    • thatsnothowyoudoit@lemmy.ca
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Snaps I get, but Ubuntu? Aside from an asinine application process to get hired a Canonical, they did a lot to push for a more straightforward Linux desktop experience. Their time has passed, but cancer is a bit too much for me, considering all the fantastic offshoots.

      Context: I came to Ubuntu from Gentoo. Debian before that and a brief flirt with the hot fantastic mess that was Mandrake when I first discovered Linux.

  • MrFagtron9000@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Why do Linux nerds that care about this sort of stuff hate snaps so much?

    Is it the concept of snaps / flatpaks that is the issue or snaps specifically because Canonical is behind them?

    I know literally nothing about how they work except I installed the VLC snap and it’s fine.

    I couldn’t install Parsec (a remote desktop game streaming app) because of a missing dependency (an old version of lib-something codec that wasn’t in my newer version of Ubuntu). I spent like an hour trying to figure out how to take the 18.04 version and add it to 22.10. I don’t know Linux at all so I wasn’t making much progress. Someone, not the developers of Parsec, made a flatpak and it magically worked.

    I was afraid that because the flatpak was made by some random guy I couldn’t really trust it. I looked inside the flatpak and it’s seems to be nothing except for the Parsec deb coming straight from the official Parsec URL and that libcodec thing that was causing a problem.

    So from my perspective, not knowing the technical details or politics, what’s the problem?

  • code@lemmy.mayes.io
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    This is why im on the hunt for a new distro. Looking at pop and fedora right now. Kinda prefer deb cause thats been my env for 15 yrs

    • Recant@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      I would recommend using Linux Mint. It is Ubuntu without Gnome Shell and snaps. They use Flatpak instead. I have been enjoying it ever since I jumped ship from Ubuntu about 2 years ago.

    • EddyBot@feddit.de
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      1 year ago

      I’m kinda baffled people would jump ship because of this matter
      Snaps have been a thing for 7 years and before that Canonical did similar really weird things (Amazon shopping lense a decade ago anyone?)

      anyone who really cares already uses something else

    • BuoyantCitrus@lemmy.ca
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      1 year ago

      Aren’t you sorta trusting whoever wrote any package you install with root? I mean, you should have that attitude anyhow as packages have a huge attack surface so privilege escalation bugs are way more common than remote execution but still, flatpak and snap at least offer a bit of a sandbox which might improve…

    • Avid Amoeba@lemmy.ca
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      edit-2
      1 year ago

      APT is not good at managing dependency hell. This is a common problem for all package managers that don’t typically bundle dependencies. You can get 30000 open source packages from trusted sources having a maintainer working on each to all share the same dependencies for an OS release. That’s what Debian does. However it’s a lot of work and that works increases significantly when you try to do it for a piece of software across OS releases.

      Read - it’s difficult for LibreOffice or Mozilla to ship a new version of their software that works on several Debian or Ubuntu releases. It’s also difficult for maintainers to do that.

      You could of course include dependencies in debs, but then you’re increasing the security attack surface of the OS, because there’s no sandbox around those bundled dependencies. Bundling dependencies requires sandboxing to be safe. Otherwise whenever there’s a security hole in one library in package X, package X might patch it, but the same library might exist in another 50 packages on the system unpatched.

      This is a solved problem. It was done in Android, iOS, BlackBerry 10 and probably others. All OSes that had to deal with more than 30000 packages, open source or proprietary, from trusted or untrusted sources. Bundle non-system dependencies and confine in a sandbox. Snap’s been doing this ever since it was called Click. Flatpak didn’t have the sandbox part for a while if I’m not mistaken. I’m not sure what its current sandbox state is.

      There are other issues with APT/deb but managing dependencies without sandboxing is probably the most fundamental one since dependency management is one their fundamental purposes.

  • CassiniWarden@infosec.pub
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    I’ve been using more and more flatpaks lately on arch and fedora based distros, i have no idea how snaps compare but seems similar? Seems an odd push from Ubuntu, but could make more sense than deb packages for non techy users perhaps?

    • Avid Amoeba@lemmy.ca
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Ubuntu / Canonical were working on Snap for some years when Flatpak came on the scene. They’ve been shipping Ubuntu bits using it since 2016. In addition to the legacy, Snap is more versatile than Flatpak in that it can be used to package pretty much anything, including system bits. It’s also had a secure sandbox from the start. Changing to Flatpak would be a functionality downgrade for Canonical and Ununtu maintainers using Snap. In addition Flatpak can be used along with Snap on Ubuntu so there’s no need to not use both for whoever finds that useful. Snap lets Ubuntu ship software using less work, which means more up-to-date bits in Ubuntu. Users can install other software via Snap or Flatpak, whichever they find more useful.

    • ISMETA@lemmy.zip
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      A big issue for me with snap is, that the server side software is proprietary. So it really really does feel like they are trying for lock-in

          • Avid Amoeba@lemmy.ca
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Because it’s extra work to make it open source and few outside of Canonical are interested in contributing. Open sourcing an existing component and maintaining it as such has non-trivial overhead. In that case that work is better spent on other, higher priority items. My guess is that they’ve gauged that the cloud end being open source won’t move the needle on who uses Snap and Ubuntu so they’ve deemed it low priority. Personally I’m using Debian and Ubuntu and therefore Canonical has root on some of my systems. Given I can implement a cloud end for Snap, it bares very little importance to me that today the cloud end isn’t open source since it’s run by the folks that have root on my system anyways as well as supply all other packages on my Ubuntu systems. In fact we don’t even know what the cloud end for the apt repos is. It could easily be Sonatype Nexus. For me the important bit is the client and installer side of Snap since I can’t implement that in a relatively small amount of time. :)