| > meaning that they are not updated with security fixes in any systematic manner. Interestingly, that exact thing was always my worry about Snap (or Flatpack) as well. Sure, big-name software such as Spotify will keep their Snap package well in order; they've got both the incentive and manpower to do so. (Incidentally, they could also use this manpower to build distro-specific packages). But what about all the little open-source hobby projects? They'll be packaged with whatever library version happens to be latest at the time. And then, be updated whenever the hobbyist dev finds the time and inclination. So on my system I might have a huge zoo of different versions of the same library, with various bugs or vulnerabilities. If they all used the same system-wide library, at least they would all be fixed at the same time (when the library maintainers publish an updated .deb). To me, Snap and the like feel like they're essentially the same as static linking, except more opaque. |