|
|
|
|
|
|
by mmarx
3428 days ago
|
|
|
> It's distinct from docker in this way, it tries to define a line between core and app dependencies, to get the best of both worlds. I.E. critical components are updated ASAP by the disro security team, but apps are free to use a specific version of a library (e.g gnome, qt) that they want to use, rather than being stuck on the distro maintained version. And then as soon as an app decides to not use the base version of a library, it will still be vulnerable when you update the base snap, so you still need to check every app for updates. That's not an improvement at all. |
|
|