Ubuntu 23.10’s New Software App Will Demote DEBs (Apparently) - eviltoast

A new ‘app store’ is expected to ship as part of Ubuntu 23.10 when it’s released in October — and it’ll debut with a notable change to DEB support.

  • Rikudou_Sage@lemmings.world
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    Tldr: the new store only supports snaps, deb support will come later. OP, please provide summary next time if you link to clickbait articles.

    • z3bra@lemmy.sdf.org
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Deb support will come later, but:

      If the same piece of software exists in the Ubuntu repository and the snap store the new store will only make it possible to install the snap version.

      So the title is on point IMO.

    • mfn77@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      It’s not a click bait per se. Even after deb support they will use only snap for applications that has a snap package and only debs if it hasn’t got any snap package afaik.

  • Recant@beehaw.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    Why is Ubuntu pushing snaps so hard? Is there objectively a benefit to them apart from Flatpak?

    It seems like an odd hill to die on.

    • entropicdrift@lemmy.sdf.org
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      There’s a benefit to Canonical, the corp that maintains Ubuntu, which is that while snaps are open source tech, the server for the snap store is closed source and snap can’t be configured to point at another store.

      In other words, it’s about centralized control.

      There are some advantages to the tech itself, like live auto-updating, which is good for security-critical server apps, but over all I’m not a fan.

      • Recant@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        I don’t think that the board members are sitting there and pondering how they can exercise more control on the user via snaps.

        The auto updating is a nice benefit but it doesn’t seem like a big enough benefit to allocate so many developer man hours into. I would think that Canonical would realize that the developers time is better spent making features the users want.

        But what do I know? I’m just someone posting on Lemmy not a Canonical board member haha

    • Random Dent@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Canonical is just weird like that, it seems. They tend to pick something and fixate on it really hard (Eg. Unity desktop, Mir, that convergent phone thing, now Snaps) and work on it until it’s almost really good, then they get fixated on the next shiny thing and dump whatever they were doing to go chase that instead.

            • optissima@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              A corporation is operated through a series of set rules, which dictate how it runs. It is structured in a way that is tangible, whereas the structure of the human mind is currently only theorized. I am reluctant to use terms like ADHD to describe corporations because that is prescribing a list of abstracted properties to them which we can definitely see that it doesn’t have internally. Unless the there is a set of unchanging principles that is the list of ADHD symptoms, no, not ADHD.

    • Auzy@beehaw.org
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      It could be like the old RPM vs DEB arguments. Technically, one could have argued at the time that RPM was explicitly singled out in the Linux Standard base.

      However, these days, DEB certainly feels more common (although, from my understanding, Redhat/Slack is big in enterprise, so i’m not actually sure which is more common).

    • UnfortunateShort@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      Because they controll snaps. Their backend is proprietary and they do not support any other way of distribution.

      Now there are some objective benefits to Snaps compared to Flatpaks, at least so I was told. Apparently they offer significantly better documentation and integrate more tightly with the system, allowing you to do more stuff with them.

      This was a while back tho, I don’t know where Flatpak stands today

  • Auzy@beehaw.org
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Honestly not sure why it matters, provided the store is full. Both are similar to end users

    • thatsnothowyoudoit@lemmy.ca
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Snaps I get, but Ubuntu? Aside from an asinine application process to get hired a Canonical, they did a lot to push for a more straightforward Linux desktop experience. Their time has passed, but cancer is a bit too much for me, considering all the fantastic offshoots.

      Context: I came to Ubuntu from Gentoo. Debian before that and a brief flirt with the hot fantastic mess that was Mandrake when I first discovered Linux.

  • MrFagtron9000@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Why do Linux nerds that care about this sort of stuff hate snaps so much?

    Is it the concept of snaps / flatpaks that is the issue or snaps specifically because Canonical is behind them?

    I know literally nothing about how they work except I installed the VLC snap and it’s fine.

    I couldn’t install Parsec (a remote desktop game streaming app) because of a missing dependency (an old version of lib-something codec that wasn’t in my newer version of Ubuntu). I spent like an hour trying to figure out how to take the 18.04 version and add it to 22.10. I don’t know Linux at all so I wasn’t making much progress. Someone, not the developers of Parsec, made a flatpak and it magically worked.

    I was afraid that because the flatpak was made by some random guy I couldn’t really trust it. I looked inside the flatpak and it’s seems to be nothing except for the Parsec deb coming straight from the official Parsec URL and that libcodec thing that was causing a problem.

    So from my perspective, not knowing the technical details or politics, what’s the problem?

    • fruitywelsh@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      The snap store is proprietary, flatpaks handle the graphical app space better, OCI containers handle the service space better, and really high reported load times.

      Flatpaks are awesome IMHO.

    • EddyBot@feddit.de
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      1 year ago

      I’m kinda baffled people would jump ship because of this matter
      Snaps have been a thing for 7 years and before that Canonical did similar really weird things (Amazon shopping lense a decade ago anyone?)

      anyone who really cares already uses something else

  • Raincloud@beehaw.org
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    The Fedora software app has been promoting flatpaks over native packages, even not displaying that native packages are available even if they are, requiring the command line tool to access some native packages. So I don’t see how this is fundamentally different.

    • erwan@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      The fundamental difference is that flatpak is a good system, adopted by many distributions.

      Snap sucks and only Ubuntu uses it.

      They’ll do like their Unity UI, wait many years until they realize their mistake then drop it.

      • bankimu@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        edit-2
        1 year ago

        I hate that they also SEO’d the hell out of major search engines to show snap setup and installation instructions when anyone searches for installing a package. E.g. “arch install firefox” leads to https://snapcraft.io/install/firefox/arch which is downright dishonest marketing.

        • inverimus@lemm.ee
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          On google it’s the 4th result for me even in private mode which seems pretty reasonable. The first result is the firefox archwiki page.

          • bankimu@lemm.ee
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            I beg to differ. I think it’s very harmful.

            • There as absolutely no reason for anyone in Arch to use snap to install something mainstream like Firefox. Same goes for other OS’s like Fedora etc. (which are all mined in similar way, just change it to /fedora for instance).
            • The page presents itself as if it’s the only choice, and can easily scam someone who’s just getting into Linux into installing snap. I think it’s designed for that purpose. Arch links to the package, but not step by step guide (which is on Arch), but this can easily lure people into installing snap and being none the wiser the it’s not the default package manager for their distro.
            • It’s 4th for Firefox, but I’ve seen it as the top result for some other packages. Probably Google caught up, or probably for packages not mainstream as Firefox it still shows snap as number one result.
    • Avid Amoeba@lemmy.ca
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      edit-2
      1 year ago

      APT is not good at managing dependency hell. This is a common problem for all package managers that don’t typically bundle dependencies. You can get 30000 open source packages from trusted sources having a maintainer working on each to all share the same dependencies for an OS release. That’s what Debian does. However it’s a lot of work and that works increases significantly when you try to do it for a piece of software across OS releases.

      Read - it’s difficult for LibreOffice or Mozilla to ship a new version of their software that works on several Debian or Ubuntu releases. It’s also difficult for maintainers to do that.

      You could of course include dependencies in debs, but then you’re increasing the security attack surface of the OS, because there’s no sandbox around those bundled dependencies. Bundling dependencies requires sandboxing to be safe. Otherwise whenever there’s a security hole in one library in package X, package X might patch it, but the same library might exist in another 50 packages on the system unpatched.

      This is a solved problem. It was done in Android, iOS, BlackBerry 10 and probably others. All OSes that had to deal with more than 30000 packages, open source or proprietary, from trusted or untrusted sources. Bundle non-system dependencies and confine in a sandbox. Snap’s been doing this ever since it was called Click. Flatpak didn’t have the sandbox part for a while if I’m not mistaken. I’m not sure what its current sandbox state is.

      There are other issues with APT/deb but managing dependencies without sandboxing is probably the most fundamental one since dependency management is one their fundamental purposes.

    • BuoyantCitrus@lemmy.ca
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      1 year ago

      Aren’t you sorta trusting whoever wrote any package you install with root? I mean, you should have that attitude anyhow as packages have a huge attack surface so privilege escalation bugs are way more common than remote execution but still, flatpak and snap at least offer a bit of a sandbox which might improve…

  • code@lemmy.mayes.io
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    This is why im on the hunt for a new distro. Looking at pop and fedora right now. Kinda prefer deb cause thats been my env for 15 yrs

    • Recant@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      I would recommend using Linux Mint. It is Ubuntu without Gnome Shell and snaps. They use Flatpak instead. I have been enjoying it ever since I jumped ship from Ubuntu about 2 years ago.

  • CassiniWarden@infosec.pub
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    I’ve been using more and more flatpaks lately on arch and fedora based distros, i have no idea how snaps compare but seems similar? Seems an odd push from Ubuntu, but could make more sense than deb packages for non techy users perhaps?

    • Avid Amoeba@lemmy.ca
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Ubuntu / Canonical were working on Snap for some years when Flatpak came on the scene. They’ve been shipping Ubuntu bits using it since 2016. In addition to the legacy, Snap is more versatile than Flatpak in that it can be used to package pretty much anything, including system bits. It’s also had a secure sandbox from the start. Changing to Flatpak would be a functionality downgrade for Canonical and Ununtu maintainers using Snap. In addition Flatpak can be used along with Snap on Ubuntu so there’s no need to not use both for whoever finds that useful. Snap lets Ubuntu ship software using less work, which means more up-to-date bits in Ubuntu. Users can install other software via Snap or Flatpak, whichever they find more useful.

    • ISMETA@lemmy.zip
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      A big issue for me with snap is, that the server side software is proprietary. So it really really does feel like they are trying for lock-in

          • Avid Amoeba@lemmy.ca
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Because it’s extra work to make it open source and few outside of Canonical are interested in contributing. Open sourcing an existing component and maintaining it as such has non-trivial overhead. In that case that work is better spent on other, higher priority items. My guess is that they’ve gauged that the cloud end being open source won’t move the needle on who uses Snap and Ubuntu so they’ve deemed it low priority. Personally I’m using Debian and Ubuntu and therefore Canonical has root on some of my systems. Given I can implement a cloud end for Snap, it bares very little importance to me that today the cloud end isn’t open source since it’s run by the folks that have root on my system anyways as well as supply all other packages on my Ubuntu systems. In fact we don’t even know what the cloud end for the apt repos is. It could easily be Sonatype Nexus. For me the important bit is the client and installer side of Snap since I can’t implement that in a relatively small amount of time. :)