• TheGrandNagus@lemmy.world
    link
    fedilink
    English
    arrow-up
    176
    arrow-down
    3
    ·
    5 months ago

    The tone here is surprisingly negative. Personally I’m happy with the efforts of the Flathub team 🤷

    • HouseWolf@lemm.ee
      link
      fedilink
      English
      arrow-up
      75
      arrow-down
      1
      ·
      5 months ago

      As a newer Linux user I really like flatpaks.

      I don’t use them for most things I install but proprietary apps I want sandboxed or programs that have weird issues with dependencies I grab the flatpak.

    • ayaya@lemdro.id
      link
      fedilink
      English
      arrow-up
      35
      arrow-down
      5
      ·
      edit-2
      5 months ago

      For me on Arch, Flatpaks are kinda useless. I can maybe see the appeal for other distros but Arch already has up-to-date versions of everything and anything that’s missing from the main repos is in the AUR.

      I also don’t like how it’s a separate package manager, they take up more space, and to run things from the CLI it’s flatpak run com.website.Something instead of just something. It’s super cumbersome compared to using normal packages.

      • nossaquesapao@lemmy.eco.br
        link
        fedilink
        arrow-up
        19
        ·
        4 months ago

        I also prefer to get my software from the distro’s repos, but for software from third parties, flatpak adds a security layer, making it more secure when compared, for example, to aur.

      • Mactan@lemmy.ml
        link
        fedilink
        arrow-up
        5
        arrow-down
        2
        ·
        5 months ago

        fwiw those simple names exist, you just haven’t added it to your PATH

    • priapus@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      2
      ·
      5 months ago

      Agreed, flatpaks are great for desktop apps. I use Nix for the majority of my packages, but I use flatpak for proprietary for the sandboxing.

      • Possibly linux@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        4
        ·
        5 months ago

        I honestly prefer Ansible. It can do lots of configuration and setup and install flatpaks.

        • corsicanguppy@lemmy.ca
          link
          fedilink
          English
          arrow-up
          4
          ·
          5 months ago

          I honestly prefer Ansible.

          I use Ansible all day. For work. Oh, god, is it sad compared to everything else in the space. RedHat had the choice between two in-house products and they chose poorly.

          It can do lots of configuration and [set up] and install flatpaks.

          We had that 20 years ago, just with a different product. The state of the art is now two generations newer.

          • Possibly linux@lemmy.zip
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            2
            ·
            4 months ago

            Well I know Ansible and it works for my needs. I briefly used Nix and it was worse. Ansible is nice because you can just install ansible and then apply a playbook.

  • lemmynparty@lemmings.world
    link
    fedilink
    arrow-up
    50
    ·
    4 months ago

    Lol, what a pointless map.
    It’s impossible to tell at a glance which countries have more or less downloads, other than a couple of countries with a slightly lighter colour.

  • theshatterstone54@feddit.uk
    link
    fedilink
    arrow-up
    48
    arrow-down
    3
    ·
    5 months ago

    North Korea: 316 downloads

    Interesting…

    In all seriousness, in both my home country and the country I live in, the number of downloads surpasses the population numbers which is kinda insane.

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      37
      ·
      5 months ago

      I think they count every download of every package, every version, every time. It’s not the number of unique users or even packages.

      If you install 3 apps you might need to download 3 versions of graphics driver, 3 versions of desktop environment libraries and so on, It won’t count as one user installing 3 apps, it will show up as 10 -20 downloads. And that’s just the initial install, every time you update them it counts another 10-20.

    • luciferofastora@lemmy.zip
      link
      fedilink
      arrow-up
      34
      arrow-down
      1
      ·
      4 months ago

      Right? “Oh look, country with huge population has more downloads than country with small population!”

  • biribiri11@lemmy.ml
    link
    fedilink
    arrow-up
    35
    arrow-down
    1
    ·
    edit-2
    5 months ago

    To everyone saying you can’t mirror a flatpak repo… you’re absolutely right. There should be a far easier way to set up your own mirror without needing to build everything from scratch. That being said, if you wanted to try to make your own repo with every one of flathub’s apps, here you go:

    https://github.com/flathub

    https://docs.flatpak.org/en/latest/hosting-a-repository.html

    Edit: Some did get a flathub mirror working. The issue is that a. Fastly works good enough and b. There is no concept of “packages” on the server side. It’s just one big addressed content store because of ostree, and syncing is apparently difficult? Idk, not being able to sync the state of content is like the entire point of ostree…

    https://github.com/flathub/flathub/issues/813

      • biribiri11@lemmy.ml
        link
        fedilink
        arrow-up
        14
        ·
        5 months ago

        It’s not about funding. Many prefer mirrors because the main instance isn’t globally available (the GitHub issue I linked, for example, is all about people trying and failing to access flathub in China) or because they can’t for compliance reasons (many businesses already mirror stuff like epel, too, which is what throws off Rocky’s stat counters). Neither of those issues can be assessed by throwing more money at a CDN.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          7
          ·
          edit-2
          4 months ago

          Well that isn’t the fault of Flathub. If a country or organization blocks it that’s a local issue. This is especially true in China where they need to control the movement of information. Blaming flathub and Flatpak for censorship is frankly unfair.

          Just to be clear I do not support Chinese Authoritarianism

          • biribiri11@lemmy.ml
            link
            fedilink
            arrow-up
            12
            ·
            5 months ago

            I’m not sure if anyone said it was the fault of flathub. My point is that, regardless of fault, accessibility to the main instance is an issue for several reasons, and a good way to solve it is to build a system for mirrors.

            • Possibly linux@lemmy.zip
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              9
              ·
              4 months ago

              Your bypassing restrictions that could get you in trouble. Tor is the right answer in that case. However, bypassing restrictions can have dire consequences.

              • biribiri11@lemmy.ml
                link
                fedilink
                arrow-up
                8
                ·
                4 months ago

                There are existing mirrors for Fedora and Ubuntu packages in China, which are used because mirrors in other countries are often blocked. I’m sure there are no legality issues—the issue in the case of flatpak and china in particular is that China blocks Fastly because Fastly does not host any POPs in China. This is why Cloudflare, for example, has their own network in China that international users can pay to use. There’s no legal issues here, just logistical. Besides, as previously shown, people do (with great difficulty) managed to bring up their own flatpak mirror without any consequences for a few years now.

                Besides, there shouldn’t be legality issues for businesses wanting to host their own mirrors for compliance issues.

                • Possibly linux@lemmy.zip
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  4 months ago

                  I just think Flathub shouldn’t get involved with Chinese attacks on human rights. The Chinese version of things lack proper encryption and are heavily censored. You can’t use things like normal Wikipedia or Ticktok.

                  China isolates there own people. You can’t blame Flathub for attacks on freedom. As for mirrors your welcome to create your own repo based on Flathub. However, it is never going to be officially enforced. Flathub is very careful with user safety.

          • TCB13@lemmy.world
            link
            fedilink
            English
            arrow-up
            7
            ·
            4 months ago

            Oh no, this is Flatpaks’ fault because they made this twisted repository system instead of doing sane things and then it is Flathub’s fault as well because they aren’t opening their storage to rsync or other sane syncing methods.

  • JRaccoon@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    27
    ·
    5 months ago

    Sorry to ask, I’m not really familiar with Linux desktop nowadays: I’ve seen Flatpak and Flathub talked about a lot lately and it seems to be kinda a controversial topic. Anyone wanna fill me in what’s all the noice about? It’s some kind of cross-distro “app store” thingy?

    • Lettuce eat lettuce@lemmy.ml
      link
      fedilink
      arrow-up
      75
      ·
      edit-2
      5 months ago

      Flatpak is a universal application packaging standard for Linux. It allows devs to create a single application that gets bundled with all necessary dependencies including versioning.

      These apps run in their own semi-isolated “container” which makes immutable distros possible. (Distros like Fedora Silverblue that are effectively impossible to break by installing or removing critical system files.)

      This means that a Linux app doesn’t have to have a .deb version, an .rpm version, or be pre-compiled for any other distros. A user can simply go to Flathub, (the main repository for Flatpak apps), download the flatpak, and install it on their distro of choice.

      It’s quickly becoming the most popular way for users to install apps on Linux because it’s so easy and quick. But there are a few downsides like size on disk, first party verification, per-distro optimizations, and the centralization of application sources. That’s why some users aren’t fully endorsing or embracing how popular they are becoming.

      • JRaccoon@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        17
        ·
        edit-2
        5 months ago

        Cool, thanks for the explanation.

        a single application that gets bundled with all necessary dependencies including versioning

        Does that mean that if I were to install Application A and Application B that both have dependency to package C version 1.2.3 I then would have package C (and all of its possible sub dependencies) twice on my disk? I don’t know how much external dependencies applications on Linux usually have but doesn’t that have the potential to waste huge amounts of disk space?

        • Lettuce eat lettuce@lemmy.ml
          link
          fedilink
          arrow-up
          30
          ·
          5 months ago

          Essentially yes, if you start using lots if older applications or mixing applications that use many different dependency versions, you will start to use lots of extra disk space because the different apps have to use their own separate dependency trees and so forth.

          This doesn’t mean it will be like 2x-3x the size as traditional packages, but from what I’ve seen, it could definitely be 10-20% larger on disk. Not a huge deal for most people, but if you have limited disk space for one reason or another, it could be a problem.

          • brachypelmasmithi@lemm.ee
            link
            fedilink
            arrow-up
            4
            arrow-down
            3
            ·
            4 months ago

            It CAN get pretty wild sometimes, though. For example, Flameshot (screenshotting utility) is only ~560KB as a system package, while its flatpak version is ~1.4GB (almost 2.5k times as big)

            • j0rge@lemmy.ml
              link
              fedilink
              arrow-up
              6
              ·
              4 months ago

              Flameshot is 3.6MB on disk according to flatpak info org.flameshot.Flameshot

              • brachypelmasmithi@lemm.ee
                link
                fedilink
                arrow-up
                3
                ·
                edit-2
                4 months ago

                Weird, the software manager (using LM 21.3) reports 1.1GB dl, 2.4GB installed (which is different from when i checked yesterday for some reason?). flatpak install reports around 2.1GB of dependencies and the package itself at just 1.3MB

                EDIT: nvm im stupid, the other reply explains the discrepancy

        • qaz@lemmy.world
          link
          fedilink
          arrow-up
          6
          ·
          4 months ago

          Most dependencies are bundled in the “runtime” images, and it uses file deduplication to reduce the size of the dependencies, but it’s still a little more than a normal package manager.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          3
          ·
          5 months ago

          Flatpak as a dependency system that allows use of specially packaged library type flatpaks. This significantly reduces the needed disk space.

        • mrvictory1@lemmy.world
          link
          fedilink
          arrow-up
          3
          arrow-down
          3
          ·
          4 months ago

          Not necessarily. GNOME and KDE dependencies and “base system” for flatpaks to run in are flatpaks themselves so apps that depend on them will not use duplicated dependencies. Storage usage may not be as efficient as using a traditional package manager but you don’t install a new OS per app either.

      • sir_pronoun@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        5 months ago

        What about those apps using out of date libraries? Wouldn’t that become a security issue - since containers usually aren’t that secure, right? And all app developers would have to update their container libraries separately, instead of just updating the system libraries?

        • Allero@lemmy.today
          link
          fedilink
          arrow-up
          5
          ·
          4 months ago

          As containers are isolated - it’s mostly a security issue for the container itself. It may become an issue, though, if the container is allowed to freely interact with filesystem, for example.

          Apps like Flatseal allow you to easily control such variables using a GUI instead of tinkering in the terminal.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          5 months ago

          So if a library is out of date you can just update it. As far as containers go they are fine for security as bubblewrap is pretty solid.

      • CaptainSpaceman@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        5 months ago

        Interesting breakdown, thank you.

        Do you happen to know if the containerization is similar to docker containers? Or more like android apps?

        • lightnegative@lemmy.world
          link
          fedilink
          arrow-up
          14
          ·
          edit-2
          5 months ago

          It’s more like android apps from early versions of Android before the permissions became user-managable.

          It won’t prompt you to give the application access to certain permissions, all the permissions are predefined in the manifest by whoever published the application to flathub. When you run the application you just hope it won’t cause too much havoc (you can of course verify the permissions before running it, but I guarantee most people won’t)

          Flatpak supports sandboxing but due to how most desktop applications want access to your home folder, network etc many apps simply disable it.

          Regardless of the level of sandboxing applied to the app, Flatpak is a great way for a developer to package once run anywhere. Prior to Flatpak, if you wanted to support multiple distros, you had to build a package for each distro or hope somebody working on that distro would do it for you.

          Inb4 AppImage was here first. And if you mention Snap then GTFO

          • Lettuce eat lettuce@lemmy.ml
            link
            fedilink
            arrow-up
            6
            ·
            5 months ago

            Appimage is probably the most similar to a naked .exe in Windows. They are useful for small apps or simple indie games, but I prefer Flatpaks for my everyday big applications.

            Agreed, Snaps are like Flatpaks but worse because locked down back end and Canonical’s sketchy nature. Imagine a really delicious pastry that anybody can make and sell, then imagine the same pastry but only one bakery in the world can make and sell it. Which would you prefer? Lol

          • Possibly linux@lemmy.zip
            link
            fedilink
            English
            arrow-up
            2
            ·
            5 months ago

            Keep in mind there are certain permissions that can lead to a sandbox escape. These permissions are banned on Flathub but can still be used by flatpaks files and custom repos.

        • Lettuce eat lettuce@lemmy.ml
          link
          fedilink
          arrow-up
          6
          ·
          edit-2
          5 months ago

          I’m not an expert, but from my understanding, more like android apps.

          They aren’t totally isolated like a docker or LXC container would be, but they are generally self-contained.

          The Linux Experiment has a really great vid that goes into detail on all common packaging formats in Linux including Flatpaks:

          Linux Packaging Formats Explained

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      3
      ·
      5 months ago

      Was controversial when it was new and full of problems. Now it is mostly the standard for apps.

      • JRaccoon@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        4 months ago

        Well, just by looking at responses in this thread, the controversy most definitely still exists. Some seem to like it and others hate it fiercely.

    • shapis@lemmy.ml
      link
      fedilink
      arrow-up
      6
      arrow-down
      2
      ·
      edit-2
      5 months ago

      Most of the issue is that they’re unreliable. Sometimes the app will work. Sometimes it doesn’t. Sometimes you have to fiddle blindly with flatseal settings, which ones? Who knows? Guessing is part of the fun.

      It’d be a great thing if it just worked.

      • Pasta Dental@sh.itjust.works
        link
        fedilink
        arrow-up
        6
        arrow-down
        1
        ·
        4 months ago

        In over 3 years of daily flatpak use (of multiple apps) I’ve never had a single reliability issue with flatpak, the only ones being caused by me because I was trying out settings in flatseal that the app didn’t like. On the flip side I’ve found native packages to be broken more often than not, with .Deb files sometimes just not working and throwing an error or something. Package managers are better for sure but I’ve had dependency issues that I have never experienced with flatpak.

        • oldfart@lemm.ee
          link
          fedilink
          arrow-up
          3
          ·
          4 months ago

          Good for you for not having any problems mate! I’m sure this invalidates the parent poster’s problems.

    • prunerye@slrpnk.net
      link
      fedilink
      arrow-up
      3
      ·
      5 months ago

      I don’t hate flatpaks, but flatpaks require more disk space than the same apps from traditional repositories, and they only support a handful of the most common default themes. Since I only ever use older and slower computers, my disk space is limited, and I like to rice my desktop, I personally avoid them. But your use-case may differ.

    • Vilian@lemmy.ca
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      4 months ago

      yes it’s cross distro, it’s controversial becaune some people don’t want to install apps with their own libraries or dependecies, and some apps are not oficial so they break with the flatpak sandbox

    • shekau@lemmy.today
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      4 months ago

      Flatpak is the best - thats all you need to know!!!

      But seriously, apart from obvious things other people have said, I would like to add that the HUGE advantage of flatpak is that each app is using its own dependencies, this way you can avoid dependency hell, which is mostly time-consuming and hard to fix.

  • eveninghere@beehaw.org
    link
    fedilink
    arrow-up
    25
    ·
    5 months ago

    As a professor I have to say… the site admin skipped the class that taught them to include always the color bar.

  • mlg@lemmy.world
    link
    fedilink
    English
    arrow-up
    18
    arrow-down
    4
    ·
    5 months ago

    I’m gonna be honest I’ve never had a flatpak version of something ever work properly.

    There was even one popular media player that only came in flatpak form or otherwise build from source.

    So obviously, for no reason at all, it barely functioned compared to other applications I had already tried.

    Congrats to you people put there somehow running things like Steam with no problems lmao.

  • SendMePhotos@lemmy.world
    link
    fedilink
    arrow-up
    10
    ·
    4 months ago

    Does that count for when an OS is wiped and reinstalled or a nerd has like 3 computers and keeps OS flipping?

      • Spiffyman@slrpnk.net
        link
        fedilink
        English
        arrow-up
        3
        ·
        4 months ago

        I went a step further and have user-installed flatpaks with a custom flatpak directory so everything installs on a separate small hard drive. If the whole system goes down (usually due to my testing things!), I can reinstall set up the custom flatpak and everything works again. In theory. But it borks inter-flatpak communication (flatseal cannot find any other flatpaks and is thus unusable). I moved over to distrobox (which has its own issues, but works better for the OS wiped/reinstall scenario).

  • ssm@lemmy.sdf.org
    link
    fedilink
    arrow-up
    9
    ·
    4 months ago

    Flatpak’s usecase for me is Alpine Linux and other distributions that use musl or other libc implementations. I don’t love it, I think its cli interface and the way you add flatpak servers to be obtuse and annoying, but it is useful for getting glibc dependent software.

  • TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    16
    arrow-down
    8
    ·
    5 months ago

    Still no proper way to mirror the thing and have it working offline / on internal networks. Great job self-hosters and sovereign citizens ;)

    • ᗪᗩᗰᑎ@lemmy.ml
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      2
      ·
      edit-2
      5 months ago

      Offline/internal network installs can be handled with flatpak create-usb - https://docs.flatpak.org/en/latest/usb-drives.html

      One can distribute flatpaks along with their dependencies on USB drives (or network shares, etc.) which is especially helpful in situations where Internet access is limited or non-existent.

      Cache/mirroring would be great for those who need it.

      Edit:

      Thinking about it, I wonder if there’s enough “core features” with ‘create-usb’ that its just matter of scripting something together to intercept requests, auto-create-usb what’s being requested and then serve the package locally? If a whole mirror is required, it may be possible to iterate over all flathub packages and ‘create-usb’ the entire repo to have a local cache/mirror? Just thinking “out loud”.

      • TCB13@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        5 months ago

        Thinking about it, I wonder if there’s enough “core features” with ‘create-usb’ that its just matter of scripting something together to intercept requests, auto-create-usb what’s being requested and then serve the package locally?

        The issue is that… there aren’t enough “core features”. It doesn’t even handle different architectures and their dependencies correctly. It wasn’t made to be mirrored, nor decentralized.

        Apt for instance was designed in a much better way, it becomes trivial to mirror the entire thing or parts and for the end tool it doesn’t even matter if the source is a server on the internet, a local machine, a flash drive or a local folder, all work the same.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          6
          ·
          5 months ago

          Apt is a package manager. Flatpak is an app format that happens to have a package manager. It isn’t designed to manage a OS.

          • TCB13@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            ·
            edit-2
            4 months ago

            Because…

            • Universities might want to locally host a mirror in order to waste less bandwidth and provide faster downloads;
            • Large companies usually like to host internal mirrors for the same reasons as above and also so they can audit and pick what packages will be available for their end users;
            • Flathub is slow af for some people;
            • Local country-specific mirrors are always faster;
            • In some countries not everyone can access the official flathub;
            • One might be dealing with airgapped networks and systems for sensitive work and you want to have ways for your end users to install flatpaks;
            • Fastly, their CDN might go down at any point (like Cloudflare sometimes does) and you’ll end up with nothing;
            • Flathub itself may be subject to a cyberattack and their service might get crippled for a days or weeks and you’ll have nothing as well;

            For what’s worth Debian archive repositories are about 5 TB and people actively mirror then in universities, companies, cloud providers etc.

            The question here isn’t “why would you” but rather “why would I be unable to do it”. Their actively gatekeeping their repository in a futile attempt to be the single and central point of flatpak distribution - much like what Apple does with the App Store.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      3
      ·
      5 months ago

      You absolutely can as Flatpak can run completely local. You can create a custom repo if you want.

  • Frostbeard@lemmy.world
    link
    fedilink
    arrow-up
    8
    arrow-down
    2
    ·
    edit-2
    4 months ago

    What’s the issue? I installed mint because I know fuckall about Linux, and tbh it’s a dice toss if I have used the Flatpak option not knowing what the actual difference between them are

    • Liz@midwest.social
      link
      fedilink
      English
      arrow-up
      12
      ·
      4 months ago

      Flatpak “containerizes” the program, which makes it more secure and less able to accidentally mess up other programs. Fuck if I know how it works.

      Also you don’t have to type in your password every time you want to update the program, so that’s nice.

    • SimplyTadpole@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      8
      ·
      4 months ago

      Honestly, you don’t have to worry about what others say, you should use what works best for you. Personally I find them to be nice and comfortable to use, myself 😅

    • Chloë (she/her)@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      3
      ·
      4 months ago

      I’ll add upon what others have said here, for me the main downside is the size they take on disk since they don’t really share dependencies (they do but not as efficiently as native or nix packages) so they take a lot of room and take a while to update. Otherwise they’re amazing IMO and you should use them! :)

    • Petter1@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      4 months ago

      Thing is, if your flatpak software needs something not in its container, it gets a little complicated, because first you have to realise what exactly the problem is and secondly you have to use something like flatseal to give it access to wathever it needs to work (no real help there)

      So this was what took me back to pacman (or better said yay)