[AnIdiotOnTheNet]

Uh, wouldn't you, as the user, rather have the power to determine for yourself which version you'd like to stop upgrading at? That certainly sounds a lot better than letting a bunch of unpaid third party volunteers determine that for you, which is how the distro/repo model works.

[mook]

> Uh, wouldn't you, as the user, rather have the power to determine for yourself which version you'd like to stop upgrading at?

Given that I'm not using Linux From Scratch, I'd say no: part of the reason I'm choosing a distribution is because I want to make somebody else deal with tracking updates (including security). I recognize that this comes with downsides (e.g. sometimes new versions have new bugs).

I kind of miss the pre-internet times when shipped software is, well, shipped and static, and typically bundled all of its dependencies outside the OS (which was just listed on the box). On the other hand, I'm typing this on a smartphone that couldn't exist in that model…

[orev]

You do have the power. You can compile from source to any version you want. The caveat is that it breaks the primary reason most people use distributions—to get a set of packages that are consistent with each other.

[im3w1l]

Consistency is a non-issue for me. Reason I don't do it is because neither the update nor the uninstall experience are standardized and good.

I guess what I would really want is a) manually built packages install into opt and use a mechanism like update-alternatives to get things into PATH or wherever they need to be. b) Possibility to track an https endpoint for information about new releases. Could be something as simple as a text file of all versions with url of tarball and a flag for whether the version has known security issues.

[AnIdiotOnTheNet]

> You do have the power. You can compile from source to any version you want.

Yeah, that's all that really needs to be said about that. And people wonder why the Year of the Linux Desktop never arrived.

[jerf]

No, that is not a relevant reason. There are people who have pinned their Windows versions, there are people who bypass Steam's autoupdates to run old versions of games, this is a general computing problem not a Linux problem. If you want to be particular about the version of something you're running you're not going to be able to rely on systems which were designed to remove that consideration from you, period. Nobody has ever promised that Linux or any other OS would just make all versions of everything work together all the time and you have the total freedom to pick anything with no consequences.

[yjftsjthsd-h]

> And people wonder why the Year of the Linux Desktop never arrived.

Because every time it did, people moved the goalposts.

[striking]

This is the opposite of a YotLD problem, it's because Linux users do not usually participate in automatic updates that they consider this a problem. Windows and macOS and Android and iOS are all automatically updated and nudge users into updating more frequently than automatically.

[AnIdiotOnTheNet]

No, the point is that distro/repo model has a terrible user experience for installing applications. Sure, it works fine for the very narrow case of only wanting to install exactly what is in the repo, but the second you step outside of that everything gets needlessly complicated.

I, for one, am grateful that things like FlatPak and AppImage are finally gaining traction and I hope the trend continues.

[pooper]

> unpaid third party volunteers

I struggle with this question as well but a small nit here is the folks at Fedora or Debian are not third party. They are a trusted source for me.

I don't know what would be a good solution. Being available on flathub is a good start but I'd argue it is not enough. I'm going to say the proper solution is the same that I advocate Google Play and Apple App Store to follow:

1. require developers to submit source code and machine readable build instructions

2. the store should build the application (fat binaries, differential small updates, whatever, the app store is in charge)

3. ...

4. Profit?

[wmf]

3. The store does little or no testing so users would have been better off with official binaries

[yjftsjthsd-h]

In general, I trust the folks running the distro more than the folks writing the software in the first place. If nothing else, they provide/enforce a second pair of eyes to sanity check things before they get shipped.

[erik_seaberg]

The distro also gets to choose a graph of known-good non-conflicting dependencies each time they cut a stable release. If the original author is catering to users who don’t use package databases, he won’t know what they may have available.