Basically title.

I’m wondering if a package manager like flatpak comes with any drawback or negatives. Since it just works on basically any distro. Why isn’t this just the default? It seems very convenient.

  • TCB13@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    9 months ago

    Yes, I love it and don’t get me wrong but there are many downsides and they all result from poor planning and/or bad decisions around how flatpak was built. Here are a few:

    • Poor integration with the system: sometimes works against you and completely bypasses your system instead of integrating with it / using its features better. To me it seems more like the higher levels are missing pieces to facilitate communication between applications (be it protocols, code or documentation) and sometimes it is as simple as configuration;
    • Overhead, you’ll obviously end up with a bunch of copies of the same libraries and whatnot for different applications;
    • No reasonable way to use it / install applications offline. This can become a serious pain point if you’re required to work in air gapped systems or you simply want to level of conservation for the future - it doesn’t seem reasonable at all to have to depend on some repository system that might gone at some point. Note that they don’t provide effective ways to mirror the entire repository / host it locally nor to download some kind of installable package for what you’re looking for;
    • A community that is usually more interested in beating around the bush than actually fixing what’s wrong. Eg. a password manager (KeePassXC) and a browser (Firefox/Ungoogled) both installed via flatpak can’t communicate with each other because developers seem to be more interested in pointing fingers on GitHub than fixing the issue.

    Flatpak acts as a restrictive sandbox experience that is mostly about “let’s block things and we don’t care about anything else”. I don’t think it’s reasonable to have situations like applications that aren’t picking the system theme / font without the user doing a bunch of links or installing more copies of whatever you already have. Flatpak in general was a good ideia, but the system integration execution is a shame.

    • Beej Jorgensen@lemmy.sdf.org
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      The double-edged sword of isolation.

      On the one hand, poor communication between apps and waste of storage.

      On the other, relative safety from malicious applications, or from otherwise-safe applications built on top of a thousand libraries none of which have been audited by the dev.

      I don’t know how it’s going to go down, but I suspect something will come along to address these issues and snatch the market away from Flatpak.

      • TCB13@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        9 months ago

        but I suspect something will come along to address these issues and snatch the market away from Flatpak.

        I believe it could only be fixed by a team from GNOME or KDE, they’re the one in a position to develop something like Flatpak but deeply integrated with the system instead of trying to get around it.

        For what’s worth Apple did a very good job when it came to the isolation and containerization of desktop applications, but again only possible because they control both sides.

        Apple enforces a LOT of isolaton, they call it sandboxed apps and it is all based on capabilities, you may enjoy reading this. Applications get their isolated space at ~/Library/Containers and are not allowed to just write to any file system path they want.

        A sandboxed app may even think it is writing into a system folder for preference storage for example - but the system rewrites the path so that it ends up in the Container folder instead. For example under macOS apps typically write their data to ~/Library/Application Support. A sandboxed app cannot do that - and the data is instead written beneath the ~/Library/Containers/app-id path for that app.

        And here’s how good Apple is, any application, including 3rd party tools running inside Terminal will be restricted:

        I bet most people weren’t expecting that a simple ls would trigger the sandbox restrictions applied to the Terminal application. The best part is that instead of doing what Flatpak does (just blocking things and leaving the user unable to to anything) the system will prompt you for a decision.

        I believe this was the best way to go about things but it would require to get a DE team to make it in a cohesive and deeply integrated with the system. Canonical could do it… but we all know how Canonical is.

  • Snoopy@jlai.lu
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    9 months ago

    There is some drawback. The main one : app can’t communicate with each other.

    Example firefox and his extension keepass. As keepass can’t communicate with firefox, you have to open both apps and switch their windows.

    You can use flatseal to manage communication between apps but that’s not an easy process and may prove a security issue if you don’t understand the technical jargon.

  • twoshoes@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    9 months ago

    I’ve used flatpak for a while because it’s the default ob Fedoras GUI Software Center, but I’ve recently switched back to dnf and native packages where I can.

    The thing is, that I have a shitty 500GB SSD with a shitty 50Mbit Internet connection (which is closer to 30Mbit because my house still has lead cables instead of copper). So downloading 300+ MB of libraries for a 2MB Program is just not feasible for me.

  • kugmo@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    9 months ago
    • overly verbose way to launch them in terminal
    • can sometimess not even respect your gtk/qt theming
    • sandboxing/permission system can lead to you trying to figure out which directory you need to give access to when you want to save file if it wasn’t preconfigured
    • uses its own libraries and not system libraries, want to play the hit new AAA game with steam flatpak? get fucked it requires a mesa commit that was merged 8 hours a go and you’re stuck on 23.0.4 and can’t use the git release.

    Flatpak probably has it’s specific uses like trying to use one piece of proprietary software that you don’t trust and don’t want to give it too much access to your system, or most GUI software clients having an easy way to install Discord on your Steam Deck (no terminal usage, Linux is easy yay), but native packages 99% of the time work better.

  • QuaffPotions@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    1
    ·
    9 months ago

    As a basic end-user I have not been too happy with my experience with flatpaks. I do appreciate that I can easily setup and start using it regardless of what distro I’m using. But based on standard usage using whatever default gui “app store” frontends that usually come with distros, it tends to be significantly slower than apt, for instance, and there seems to be connection problems to the repos pretty often as well.