[bawolff]

What he's saying is true, but also i think the app-store type approach that apt-get provides is a major benefit.

With windows i have to find some random program, hope its not malware, possibly pay for it, etc. With linux, i have reasonable assurance that packages (from main repos) aren't evil, they are free (as in beer), and i can easily search through and find something for my usecase. I can't really do that in windows.

[hs86]

Having a system-wide package manager where nearly all libraries are dynamically linked also has its drawbacks.

A seemingly minor update might cause a huge cascade of dependency updates which causes common Linux distributions to tend to one of these two extreme solutions: Either fix all packages in place and freeze their version numbers or just "give up" and update everything all the time. Both solutions feel like compromises to me.

Other end-user OSes don't act like this. On Android/iOS/macOS/Windows, I can have the latest 3rd party software without having to deal with intrusive updates to the OS infrastructure all the time. The BSDs handle this better, and maybe something like Ubuntu LTS + Nix on top of it might be a way around this.

[formerly_proven]

> On Android/iOS/macOS/Windows, I can have the latest 3rd party software without having to deal with intrusive updates to the OS infrastructure all the time.

That's not really true. The .NET runtime isn't redistributable, and so has to be installed on the host OS, which usually works but not always (and pre-Windows 10, newer versions of .NET required a bunch of KBs, which meant that Windows Update was actually working and able to install those, which fairly frequently broke on Windows 7 due to the lack of Service Packs). Nowadays this is less of a problem, due to improved .NET compatibility and .NET 4.x coming pre-installed on Windows 10. Which honestly is great - you can compile and run .NET 4.x programs on any Windows 10 machine. Granted, it's some relatively outdated version by now, but it is still very nice to have a "proper" programming language out of the box, and also the ability to compile to small .exe's.

Similarly, MSVC runtimes (except the installers are redistributable, but you are still in the situation of "have to globally install it").

[alkonaut]

In what way is the runtime not redistributable?

The old one “.NET Framework” is an OS component but has enough compat that you can always upgrade it.

The newer one (net5+) is typically fully bundled with each app so no sharing.

MSVC also went this way - you bundle them rather than take a dependency on a system wide runtime. These two (.NET and c++ runtimes) were basically the last shared libs on windows, and it’s now basically obsolete tech (.NET 4.X) or no-longer-recommended deployment method (Msvc).

[formerly_proven]

You are right, but there are still a lot of applications reliant on the "old ways".

[pjmlp]

Given that the new way for SxS was introduced in Windows XP, the old way is a long time ago.

[yjftsjthsd-h]

Right, Windows is totally stable and an OS update would never break basic functionality [0] or delete peoples' files [1].

[0] https://arstechnica.com/gadgets/2021/03/blue-screen-of-the-d...

[1] https://arstechnica.com/gadgets/2018/10/microsoft-suspends-d...

[skohan]

I totally agree. This is one of the things that makes Windows feel like a second-tier OS to me compared with Linux and Mac. If I have to do something "tech-y", on Linux or Mac, I look for it in the package registry. I trust that action would probably have been taken by the community if it were doing something malicious, and usually I can find the project on github and peruse the source if I really want.

By contrast on Windows, it usually means finding some GUI-based utility on some sketchy website filled with ads, and maybe a fake download button. Probably it's freemium, so during the task maybe I have to dodge several calls to action to upgrade to the paid version. And then a week later, maybe I check the task manager, and find out it's gone and set itself to run in the background at startup, doing god knows what, without asking.

It's just one of the ways that Windows feels less like it's my computer.

[guhidalg]

Right, because sourcing a ruby file to install homebrew on macOS is what “real” operating systems should do.

[cpach]

It might not be pure, but IME it works very well.

[disgruntledphd2]

If curl |sh was good enough for my father, then it's good enough for me ;)

[candiodari]

uh ... doesn't brew support windows ?

https://chocolatey.org/ https://brew.sh/2019/02/02/homebrew-2.0.0/

Also in general I would say windows is not lacking for software registries. Or software.

https://portableapps.com/apps

[hayleox]

The problem is that there are always going to be a ton of apps that aren't in the repos. The repos contain the top hundred apps that have a million user each, but they don't contain the top million apps that have a hundred users each. The repos get you most of the way there, sure, but they can't possibly provide every app that every user wants.

[cturtle]

Its not the right solution for everyone, but the AUR on Arch Linux has been wonderful for managing those "hundred users each" applications.

[zeta0134]

The AUR is wonderful. Ubuntu's support for PPAs comes in at a close second, though less from a tech standpoint and more because of Ubuntu's massive community. Both provide a middle ground, inbetween the ideal of the package manager (which almost always works) and the frustration of trying to build the software from source. With the AUR, someone else has resolved most of the kinks for me already, and that's time saved that I can really appreciate.

[pjmlp]

Strange, because I can do it,

https://www.microsoft.com/en-us/store/apps/windows

https://chocolatey.org/

[worble]

The fact that people just listed 4 competing tools shows exactly why this is a problem:

2 of them are essentially community run, and could theoretically at any time be taken over by a hostile (or even just an incompetant) entity and be used to distribute malware. Not that this couldn't happen through an official channel, but it's certainly far less likely.

Since the software distribution is not even, I currently have to check choco, scoop and winget for updates. It's slow and irritating, and if I need to uninstall or check a package, I need to figure out which tool I installed it with.

The software that does crossover between package managers can cause compatability issues. Just today I accidentally broke Rider since I had the .NET Core runtime installed through choco, but the .NET Core SDK installed through scoop.

I get they're trying to finally fix this through WinGet, but I can't help feel it's too little, too late.

[pjmlp]

RPM Red-Hat, RPM SuSE, deb, tar balls, snap, flatpak, nix, ....

Yeah, thankfully it doesn't happen on GNU/Linux.

[bawolff]

Yeah, but the average debian user just uses apt. Other people do other things, but as a debian user my experience is basically just one place, which is what matters.

[pjmlp]

For the developers it matters, and maybe they won't care to deal with deb, though luck.

[jayd16]

>The fact that people just listed 4 competing tools shows exactly why this is a problem

yum, apt, snap, flatpack, probably more?

[cfn]

Or https://scoop.sh/

[teuna]

https://github.com/microsoft/winget-cli

[encryptluks2]

Chocolatey is like 10x slower than Linux package management.

[smackeyacky]

Also the worst named package manager ever. I wanted to play with an RTOS for an embedded system a few weeks ago an the first step was "install chocolatey".

Not knowing what it was, I had to spend some time reading about chocolatey.

I know it must be some 3rd generation pun or something but it really put me off going any further. Names are important.

[bawolff]

Indeed, windows is moving in that direction. Back in the windows XP era, it really did feel revolutionary.

[pjmlp]

It is orthogonal to this discussion, but had Windows NT offered a serious POSIX environment I would never bothered with Linux to start with.

[ssivark]

The two aren’t mutually exclusive! The package repo need only be a list of “endorsed” applications/binaries once they’ve been packaged. The fact that it requires so much work on the package maintainers’ part (essentially duplicating the effort for every distribution) is the main problem being pointed out — and that is original to what you’re expressing.

[atatatat]

> With linux, i have reasonable assurance that packages (from main repos) aren't evil

Fallacy.

https://blogs.sap.com/2020/06/26/attacks-on-open-source-supp...

[sgc]

Except that all my packages are out of date, and manually install a ton of stuff because of missing features or unpatched bugs. But it's a good first start.