Today I had a client drop round as she wanted to use signal which is a rival to whatsapp. On linux mint .
No problem, software repository but signal is not in the available apps, whatsapp and telegraph is available.
There was a stage where google chrome was not in the repositories but chromium was. You could go to the google site direct and download it no problem and it worked fine.
So who chooses whats in the store ?
How is it controlled ?
Are things removed ?
Just as a bit of background on my experience in france.
No body uses whatsapp, then 2 or 3 weeks later, its the best thing since sliced bread (not baguette as they would never give up bread)
Then everyone moved to telegram, but that is russian so we dont use that, now the net and french press are knocking whatsapp and saying everyone needs to change to signal.
We had similar with virus control on windows with avast, avira, avg … the french press took a dislike and shout it from the roof tops.
I use whatsapp on my phone and tablet but very very rare on linux.
To install signal takes a bit of doing and its all command line stuff until you run it then you need your phone or tablet to sync it.
I saw the same bouncing around to different apps in the US a year ago or so. Word of mount and the press. WhatsApp is owned by Facebook/Meta and that doesn’t sit well with some people. That kind of started the distro app hopping.
SoftMaker Office (German) is also so finicky. A different office suite than MS Office, LibreOffice, and WPS Office, which works quite well, performs fantastically… and yet you need to go to the CLI to install the paid version.
WHY can’t they use the GUI methods used to add repositories in the various distributions?
Can’t some standard be devised so you click on an url to download a spec file which will add the repository for your distribution? Then each distribution can simply implement a tool which will do the job. I think it’s even possible with a simple script (well, the script would need to sanitize its input) and the relevant version of the dialog program - if even that.
The user could simply download a file with instructions for each supported package format. Then the tool could simply scan the file for the correct package format and automagically add the repository and any other relevant information.
json, yaml, xml, all are excellent - well, xml is a bit verbose - for the purpose.
Another tool could be developed to generate the file for those providing the application, so they don’t need to hand edit it every time they change something.
Note: this idea is something completely different than a universal package manager front-end. The idea is to merely take away the manual work of adding a repository and get a universal standard in it.
Seems like that would be useful and my first thought is, it shouldn’t be super hard to do.
But it also sounds a lot like the early days of Windows users downloading random software off the internet. It’s always a tradeoff between convenience/simplicity and security.
Yes i agree users change their minds based on reports right or wrong on internet site recommend entries many of which are paid for just like the magazine items many years ago.
I use mostly debs, some snaps, and some flatpaks. The flathub site has a “verified” logo for software where the publisher has been verified. Those should be safe to use for sure. I’ve used others that are not marked as verified but have large number of installs.
I think part of the answer to that is the developer has to submit their package to each distro for inclusion in the repo. With so many distros that is a lot of work. Some developers opt to avoid that work by only going as far as a github site or a private web page. Then the distro has to decide whether to do the packaging work themselves.
Only Debian and Gentoo seem to do this extensively.
The Flatpak thing is like a distro-independent repo. Its packages are self contained, like snaps or appimages, but superior in my opinion.
Wherever you get packages from, you have to trust the people who put them together.
A package install can introduce malware.
Some distros (eg MX) have a gui repo manager as well as a gui package manager.
In think this is what you are advocating, but you want it to be universal.
How would that cope with packages in a repo having to comply with the package format of the distros package system?
Same here. It is my understanding it is a community built flatpak when developer does not have the resources (or won’t) offer one. Take for instance, Proton Mail Bridge. It is unverified, built by the Proton user community and I use it in some distros like Mint that includes updating the flatpaks with the system updates.
I do not use Snaps, but if a .deb is available, I usually do that.
I am not sure who decides what goes in the software centers on each distro, but I do know that TeamViewer used to be available in Mint and now it is gone from everywhere. Not sure why.
I have also added some to the repositories and later kept getting 404 errors. So that is not always an option.
Anydesk is still in the store but since they decided to start forcing 30-360 seconds “must watch” ads in the desktop app before you can use it, I uninstalled and switched to No Machine. And on MX Linux, it was in the repository.
So even if it is in the store, it’s not always FOSS. And those that are FOSS are often overused and just not an option for RDP. I tried Rustdesk and it worked once. After that, the servers were too overloaded. They ask that you host your own.
But Flathub is a simple store just for flatpaks. You can search for the app, and they give you the commands for install, remove & start from terminal. It is universal so that if you don’t have a “store” in your distro, you can install it easily.
As for Debian, AFAIK the developer of the app should contact Debian Developers, package the app according to Debian rules. Then the package is examined by the Deb.Devs, and if it found compatible, eligible, safe, etc., they add it to the unstable repo. It takes some amount of time to reach the stable repos.
Sometimes an app which is not maintained, thus impossible to compile and package, gets removed from the repository.
This is for the “official” repo, but you can always have other repos added.
Now I don’t know where I saw it, but I could swear some printers installer scripts did almost exactly that… without jsons or xmls, though, the script had some if…then clauses to determine the packaging system and act according to that.
Wish I could remember more precisely…
Yes, but here you have to trust the creator of these instructions and the related package repo.
Personally, I prefer the explicit way, then I know what’s happening. But TBH, we have to trust the keys and the repo anyway.
My Brother printer has that sort of installer. Basically .deb and .rpm files, and some instructions.
It is possible to unpick the .deb file, work out what it does, then do the equivalent thing in a non-debian distro, eg I have done it in Void.
If you add a new item of software, no matter which, when you update your system it also updates that software. But if you install from somewhere else such as a trusted site or flathub does that get updates at the same time. .
The installation of signal adds a line to the resources to do that but does other software do the same ?.
I normally only use the standard repositories as I dont need anything outside of this resource…
Snaps are scheduled to check for updates four times a day by default. You can manually check with sudo snap refresh --list and then apply any updates with sudo snap refresh.
Flatpaks don’t update automatically but can be updated with flatpak update.
I think I’ve read that some “software centers” or whatever do update flatpak automatically with other updates too. Linux Mint and Elementary OS are the two.
Pop OS also updates flatpaks in the Pop Shop. BUT, when you use that to do your updates (instead of command line) you will sometimes encounter errors relating to flatpaks so that update fails. But which flatpak has the issue is difficult to determine sometimes with so many runtimes. I do know they advise you to then run the flatpak update manually and then flatpak uninstall --unused and even flatpak repair --user to get things resolved.
That’s why I hesitate to use flatpaks. Updating via the package manager is my preferred method as well as removing unused/unneeded items. But if you can only find the flatpak version of software you need, most distros require manual updating.