[account-5]

Can someone explain why I'd use snap or flatpak over the distros repo or manual install for something not in the repo or unavailable via adding a repo? Apart from auto-managed updates.

Snap and flatpak are massive compared to "traditional" packages.

[nvrspyx]

Snap is terrible in every sense, so you should never use it in my opinion.

As for Flatpak, I'd say use it if you need a more up-to-date version of a piece of desktop software than is in your distro's repository or desktop software that isn't in your distro's repository at all.

For example, I use the Firefox flatpak on Fedora to have the most up-to-date version (98.0.2) since the current version of Firefox on Fedora (98.0.0) was giving me some issues like crashing when downloading something and choppy gifs.

I also use it for some proprietary software like Spotify and a game called Vintage Story. Adjusting their sandbox permissions with Flatseal is useful in this case.

[saidinesh5]

The big one being - when you install just an application, you don't want it to accidentally pull in the wrong dependency and destroy the rest of your system. This is a big problem when you use ppas or .debs directly from the app developer and accidentally update say libc or gtk. Another example: an application you use brings in a python-xyz package that conflicts with the same package you installed with pip install.

Also updating the system shouldn't accidentally break the application you use either. On rolling release distros this can be a pain. You'd typically want the application that the application developer tested properly (as opposed to relying on your package manager's "testing"). The packagers can introduce bugs while repackaging an application for X distro. My Cura was broken for so long on Arch linux that i gave up and started using their AppImages instead.

Depending on your distro, you also have to deal with headaches like XYZ software is only available on Ubuntu 20.04. Tough luck that you are running 18.04 on your laptops. (last week i had to deal with this problem with clang)

In addition to being self contained with all the dependencies, these solutions offer some level of sandboxing too.

On Arch, AUR usually does a nice job of packaging binary only applications, so i rarely need to use flatpack/snap/appimages but on other distros that can be a pain.

[emerongi]

Flatpak's benefits:

- Cross-distro packaging (no need to provide N package formats - this one runs on all distros)

- Faster update cycle for each app, if the package is maintained by the original developers

- Sandboxing

- Better compatibility all around, as the package runs the same on all distros (as opposed to some too-old or too-new module breaking something on X distro)

- Some other goodies, like checking new releases of the source on Github etc

Flatpak's drawbacks:

- Modules are not shared, which can result in somewhat larger packages and potential vulnerabilities

- Many packages are community-maintained by people who are not necessarily experts in the Linux ecosystem. Distro-provided packages usually have tighter requirements

Personally, I use Flatpaks for the sandbox. I restrict all apps very heavily.

[ryukafalz]

> Better compatibility all around, as the package runs the same on all distros (as opposed to some too-old or too-new module breaking something on X distro)

I wish this were the case, but as a Flatpak user on Guix System I don’t think it’s entirely true. Flatpak apps still do seem to rely on some bits of the system, and they break in interesting ways when they aren’t where the app is expecting them to be.

[bubblethink]

Snaps are an attempt to move away from the distro managed software concept to the windows/android like vendor managed software paradigm. It removes the intermediate distro layer between third party vendors and users. It can also improve security in theory, but there are a lot of caveats to that currently.

[cbmuser]

Flatpak is incredibly useful for installing proprietary software.

I use it for Spotify, Zoom, Slack among others.

Installing and updating Flatpak apps for proprietary software works very well.

[AnIdiotOnTheNet]

In my experience "manual install for something not in the repo" applies to a whole lot of software, especially if "latest version isn't in the repo" counts, and also usually means "compile it from source yourself". Frankly I think that's a pretty ridiculous ask, and the fact that Linux Desktop hasn't had a good story for installing software outside of the repo has been one of the main factors keeping me from liking it over the past 2 decades.

There have been a lot of 'universal package' standards over the years, and honestly Flatpak isn't the best one, but it is the one that the community finally seems willing to adopt to a degree that actually makes it worthwhile. Snap, however, is the worst of these formats, and by a wide margin, that I can recall ever existing. It's amazingly bad and extremely user-hostile.

[_0w8t]

In theory one gets better security. Distribution or manual apps can access and modify everything the user can do. Flatpack and Snap tries to address that with a security model similar to mobile apps.

In practice for many apps the security protection is non-existent or very limited for compatibility reasons. So for now the benefits is indeed mostly a store model and auto updates.

If one really needs to run an untrusted app a VM is probably the only practical way. It is also possible to run apps in various containers, but truly secure setup is rather nontrivial with those.

[emerongi]

Flatpak apps usually come with quite open privileges, however the user can completely configure this themselves and restrict the access of an application to quite a reasonable degree. Unless you distrust the sandbox of Flatpak, I don't see a need for containers.

[AnIdiotOnTheNet]

Worth noting that Flatpak's sandboxing is using the same container functionality of the Linux kernel as all the various other container tools. If containers are secure enough than so is Flatpak, assuming you've tweaked the applications sandbox settings to your liking.

[542458]

Over manual install - snap/flatpak is typically way faster and easier to install and configure. Installing Nextcloud manually if you’re not familiar with the process is an hour or more of setting up all the essential and optional dependencies. It’s a few seconds of snap install nextcloud.

Over distro repos - no dependency version hell.

I don’t really love snap/flatpak (too much “magic”, hard to tweak installs) but I see why they get used.

[raffraffraff]

Basically because a lot of open source software isn't packaged for each distro. Take Joplin for example: not in the repos and not packaged into a nice .deb file. Distributed as an AppImage.

[stjohnswarts]

- disk space (in most cases) is cheap

- they are always up to date and therefore statistically more likely to have security holes fixed

- that are (to an extent) sandboxed by default and give you a lot of control over that.

- for developers it's much easier than maintaining hundreds of fixes for different distro peculiarities. Therefore (for the user) they are able to spend more time on the app itself rather than compatibility

[hotpotamus]

I'd be curious to hear a good explanation as well from someone who knows more about this than me. My feeling (and feelings/suspicions are all I've really got) is that there are 2 factors driving it - maintaining repos is mundane work, and containers are fashionable again.