Flatpaks don't solve shit.
same shit as any package manager with dependency hell.
pack the goddamn app with related deps and call it a day.
stop promoting this garbage.

>>108141004
Flatpak, Appimage, Snap... all solutions in search of a problem. Keep that shit off my system.

>developer only distributes DEBs

>>108141004
>fedora
no thanks, also flatpaks is a cope to a broken architecture.
Nix is also better

>>108141004
You're going to upset the tinkertrannies.

>>108141004
>The Linux desktop is solved forever.
Yep, stable as fuck! System apps separated from user apps. Being able to rollback and managing flatpaks with: flatseal and warehouse for permissions, freezing or even rollbacks. It just sucks that you still have to install system packages for some stuff, like qemu/kvm, waydroid, or kernel modules.
>>108141029
>Flatpaks don't solve shit.
They do lol. You ever wondered why Discord officially supports flatpak? Why nvidia ships a flatpak now? or t*legram? They just need to package it once, no dependency hell and available for every distro. Also most FOSS apps are now verified on Flathub: Kdenlive, OBS, GIMP, Libreoffice etc. I bet you are an Arch troon and you prefer repackaged shit. Supply chain ACK

>>108141037
>I rather want to install proprietary software via sudo into my root filesystem
kill yourself

>>108141529
>nooo not my root filesystem
do you really think it makes a difference if it's installed in /opt/ or ~/.local/troonpack retard

>>108141513
>nvidia ships a flatpak now
you still need the native drivers anyways, it's just extra useless bloat

>>108141606
Yes, 100%. Unless you use something like firejail. Hey /g/tard, I love Gnu/Linux and I love package managers, but think about it, why does iOS, MacOS, Android, ChromeOS etc install shit in userspace? On top of that even proper sandboxed? I know that some people say Flatpak sandboxing is a joke (which is not true btw, depends entirely on the permissions set by the dev, or you have to do it yourself). But I feel like there is no reason at all, to install something like Discord with root. I don't mind something Like ROCm being installed with root, because I get it, it needs it.

I'm retarded, how do I make flatpak vscode have access to a podman container/toolbox?

>>108141004
i was a fan until i found a package i wanted it didnt have
but now i think i could manage with nix and homebrew. maybe i'd give fedora sericea a try at some point

>>108141652
>installed as root
what matters is how it's running, discord runs as my user not as root so where it is installed changes nothing, and by default most flatpaks just give access to your home directory for access to your user folders so it literally changes nothing. sure if you are paranoid and lock everything down with flatseal but then half of the shit will be broken anyways.

>>108141004
why would I use something that takes extra steps to install anything that isn't packaged as a flatpak? just use regular Fedora.

>>108141691
>fedora sericea
Nta and idk shit but isn't installing everything in root what ultimately causes dependency issues and potential conflicts that fuck up the base OS?

File: 1767625336674162.jpg (42 KB, 618x597)

42 KB JPG

>>108141004
>install a distro
>then install another containerized distro on top of your distro
>GNOME devs hate other distros and want to take over package distribution on desktop linux
>then fall for GNOME devs' lies about "muh security" and "muh sandboxing"
>even though most apps on flathub aren't even sandboxed at all
If you are doing all this then you might as well go all the way and install GNOME OS. Why do you even need Fedora, lol. Fedora is bloat.

Just make everything portable.

>>108141728
dependency hell is pretty much a non issue, if a package still depends on an older version the distro can just keep this older version around until the package depending on it gets updated.
eg libfoo is at version 3, nothing stops the distro to package libfoo2 required by some package.
they won't conflict since api breaking library updates have new versions.

>>108141004
>Silverblue
Kek, you are like a baby. If you are not making your own immutable image using bootc then you are no different than a Winjeet who discovers Arch Linux and immediately starts bragging about the AUR. All these image based "distros" like Bazzite, Aurora, Bluefin and whatever the fuck are simply Fedora Immutable with someone else's opinion of what should be shipped in the image.

On second thought...I'm glad for you, buddy. You don't have to have an opinion of your own. You don't need to choose for yourself. Just let others make your choices for you. I'm sure that makes you super """"productive"""""

>>108141847
this nigga doesn't build his own yocto images and make a cluster of sbc's to run a parallelized cloud instance.
look at this shitter
i bet xir uses arch
what a shitter and a retard

>>108141878
i use my custom anonOS immutable distro built using bootc and nix
you lost ya bitch
im the real gigachad here

>>108141004
How do the drivers work? What if you need to install Nvidia drivers? They can't possibly prepackage all of the drivers and in order to install drivers, you need to edit the immutable parts of the OS.

>>108142194
No one cares about Nvidia. Fuck Nvidia. Fuck you too while we are at it. Fuck you.

>>108142194
Easy, rpm-ostree install the official nvidia drivers. Immutable doesn't mean you can never layer anything onto the system.

>>108142296
Does that mean you end up reinstalling the nvidia drivers every time you update, because your changes rebase onto the new image? It seems like a clean way of doing it but probably quite painful if you use something like cuda which takes ages to install.

>>108141004
Fagdora isn't good. Was never good. Will never be good.
If you're not using Ubuntu, you're a homosexual. That is all.

>>108142194
>nVidia
If you're dumb enough to fall for overpriced shit hardware because of marketing, you're too stupid to be on Linux. Go back to Windows where you belong and never come here again.

>>108142557
>buying a gpu you can't even use for general compute in the ai era
no, rocm is not a competitor to cuda.

>>108142660
NTA but wut? I use a 7900XT for stable diffusion, running LLMs, and fine tuning just fine. What are you on about?

>>108141004
>>108141513
unfortunately flatpak is improperly architected as it does not generalise well to all application types. for example, trying to get an ide to integrate with non-sandboxed components is painful.

>>108141529
it doesn't save you from this risk, at least not on a traditional major distro. and immutable distros are painful when you have special needs, e.g. needing to manually intervene during os installation to support niche hardware that won't boot the installed system otherwise.

>>108141680
case in point.

>>108141819
if your distro is sane, that works. but if you use arch you're fucked on this front, unless you want to butcher your system and peace of mind with aur.

>>108141847
based.

>>108142550
holy denialbro. fedora is in the top 5 distros of all time.

>>108142760
>needing to manually intervene during os installation to support niche hardware
Stop installing shit hardware no one ever heard of because you think it makes you edgy and cool. That will solve that problem, but there is no cure for your Downs Syndrome

>>108142773
bro thinks he cooked with this one

>>108142781
bro put his peepee in your anus with that one. you lost.

>>108142825
>highlights the reason why immutable isn't the default os type
>somehow loses
uh, okay

i think you mean Kinoite

Recently I've been looking at Fedora and openSUSE closely. Not any immutable versions, just Fedora 43, openSUSE TW.
There is a big push against the idea of using any third party repositories, like flatpak has to be the solution for every single one of your problems. No codecs? Don't use third party repositories. Use a flatpak video player, a flatpak browser, a flatpak this and that instead.
At the point at which you have to do that, isn't it better to just use one of these atomic distros? It seems just so very stupid to me. Like they're seeing a problem and their fix is this big flatpak up your ass. Some of these people are staunchly against third party repositories. The hyperbole goes as far as to say "yeah if you use Packman, 50 strangers have full access to your system". Like it's a huge security nightmare. I'm checking the teamspeak flatpak right now on the store. It's a "high risk" application, well I shouldn't download it then, right? Let's see what's high risk... oh, at the top the number 1 most DANGEROUS feature about this is that it uses X11.

I wanted to try openSUSE Kalpa, but 2 years later people still say it's an Alpha.

>>108143407
>There is a big push against the idea of using any third party repositories
>Flatpak
Ignore these. RPMFusion and Packman work.
>At the point at which you have to do that
But you don't have to.
>The hyperbole
You're kinda answering your own question at this point.
>Like it's a huge security nightmare
RPMFusion and Packman are trusted by Fedora and openSUSE users.
>the number 1 most DANGEROUS feature about this is that it uses X11
Because untrustworthy software can keylog you via X11 protocol. Solution: don't use untrustworthy software.

>>108143410
Atomic is a meme. There is a reason traditional distros are still the dominant paradigm.

>>108143407
The security risk warning on flathub is just because they are very strict when it comes to FOSS, proprietary programs get a warning as well and the x11 warning is like the other anon said "le keylogger".
>>108143438
>Atomic is a meme.
Honestly, depends. I think most of the people could daily drive an atomic distro. This stuff is only annoying, if you need more low level stuff. It updates automatically, applies the update on reboot, if it fails, it automatically jumps an image back. User applications are not affected, because they are "le flatpak". it's just annoying for kernel shit. I hate fedora for implementing such a good rollback feature just for the atomic spins, at least openSUSE TW has it ootb.

>>108143438
While I think the rest is just all bullshit people trying to push solutions for problems that don't really exist, isn't there a still prevalent problem with these repos going out of sync? Mostly coming from packman.
I'm not bothered by having to wait a few days or even weeks for an update, I'm allowing extra "vendors", to replace what openSUSE provides, I guess it should be expected. My issue is -if- I had a more automatic method of updating (such as transactional updates), I'm very confused about the automatic process. If I allow it to change vendors with updates, does that mean it's more prone to break shit? If I don't, does that mean I will have to manually update those specific packages that come from packman?

>>108143407
Yes, this is true. I will just go ahead and throw a name of a person who is majorly responsible for this. Michael Catanzaro, he is part of the Fedora Workstation SIG. He is also the person who pushed for wanting on-by-default telemetry in Fedora Workstation recently.

If you make a RPM of a GNOME libadwaita application and try to submit it to the official Fedora repositories after following the best practices and even offer to be a maintainer for the app as well, he will throw a melty and block your package. His idea is that unless a GNOME libadwaita application is part of the "core GNOME apps that we ship by default", you should just use the Flatpak from Flathub instead and there is no need for a native RPM package for such an app.

RPMFusion will not accept such apps either, they cry about maintainence all the time.

You best bet is to add it to the Terra repository (yet another 3rd party repo from literal whos but Bazzite seems to ship it by default) or maintain a COPR repo.

If you don't like Flatpak, you shouldn't use Fedora. Simple as.

>>108143485
>The security risk warning on flathub is just because they are very strict when it comes to FOSS
They have literally two guys reviewing the security of all the packages on Flathub and one of them is a pajeet who lives in India.
>https://github.com/flathub/flathub/commits/master/
All commits by a single person named bbhtt
>https://bbhtt.in/about/

>>108143570
Yeah I'm probably going to skip Fedora for now. I was somewhat interested in this Terra repo but I don't think it's worth thinking much about it. It's weird that Bazzite would use a third party repo like that. I don't really like anything involving politics around Fedora, these people seem like a bunch of fucking weirdos and don't even seem to agree with each other.

>>108143601
Help them out then? They put the source on Github precisely because it's transparent (unlike Canonical's snapd which has zero people looking at it).
There's nothing stopping you jumping in to review a pull request and leaving a comment.

>>108143661
The only person who is actually decent and doesn't act like a fucking cultist is Neal Gompa. If it weren't for his presence on Fedora KDE SIG and FESCo then Fedora KDE edition would probably never have become a "main version" alongside GNOME. He is also an excellent package maintainer.

GNOME devs like Catanzaro threw a melty when promoting KDE to be the primary Fedora version was first proposed.

Did you know that Syncthing is almost an year out of date in Fedora's official repos? It is so bad that there are over 20 known CVEs of medium to high severity on Bugzilla.
>https://bugzilla.redhat.com/show_bug.cgi?id=2355938#c25
Brilliant distro.

>>108143679
This is simply not true. Not just any rando can jump in and become lord reviewer for mighty Flathub. You have to kiss ass of the GNOME gods on their matrix channels before they will accept you. Who are you? A GNOME dev or a super fanboy? If it is so easy then why don't you help them out? Try it and then come back to tell me how it went. Until then, shut the fuck up.

>>108143570
Great post. Thanks for this info.

>>108143485
>I think most of the people could daily drive an atomic distro
Don't get me wrong, I like the idea of a transactionally updated OS in theory. It is just a less robust system that works in less use cases than a traditional distro.
>I hate fedora for implementing such a good rollback feature just for the atomic spins, at least openSUSE TW has it ootb
Agreed. It is a big reason for why my next Linux install will be Tumbleweed and not Fedora.

>>108143496
>isn't there a still prevalent problem with these repos going out of sync?
Yes, they go out of sync. But it gets fixed up quickly. I think it is less of a problem on Fedora than openSUSE as the former is a non-rolling and non-snapshot release model.
>If I allow it to change vendors with updates, does that mean it's more prone to break shit? If I don't, does that mean I will have to manually update those specific packages that come from packman?
You can disable auto-update for vendored Packman and let the GUI warn you when an auto-update for the base OS fails. It's not ideal, but no OS is.

>>108143729
YES YOU CAN. They don't restrict comments. Go to the pull request or issue page or commit and leave a comment.
If you're pointing out a serious security issue then they will thank you.

>>108143720
lmao what a shitshow, syncthing is so easy to package what a joke. it's literally
>go run build.go -goos linux -goarch "$GOARCH" -no-upgrade build
>go run build.go -no-upgrade install
>install -Dm755 bin/syncthing "$1/usr/bin/syncthing"
>install systemd service files
anyone recommending fedora is a braindead moron

>>108143737
Are you being intentionally stupid or what? "Reviewing" doesn't mean dropping a random comment as a random user. Only bbhtt and one other guy can make commits to the Flathub repository because those two are the "official" reviewers. This isn't like reviewing your favorite anime on MyAnimeList you stupid fuck.

>>108143747
The funniest part is that there is no "Syncthing Flatpak" package on Flathub either that they can use as an excuse this time.

>>108143757
Yes, they are the only people with merge writes. They're not going to just hand that over to some rando from 4chan.
Your comment wasn't about that though, it was about security. You can absolutely go and review that and point out all of the issues yourself.

>>108143770
There are multiple.
https://flathub.org/en/apps/search?q=syncthing

>>108143773
Semantics. You are definitely a GNOME dev or a mentally ill GNOME fanboy tranny. I simply pointed out that there are literally two people reviewing the packages on the Flathub repository. That is their review team, a pajeet. Randos dropping random comments on random pull requests and issues doesn't count as reviewing. Shut up.

>>108143781
retard these are not the syncthing daemon, only tray indicators

>>108143790
I think you don't know what code review actually entails. Anyone can do that. Yes, the faggot pajeet may ignore you and then you get post a screencap to 4chan and leddit showing how incompetent they are. That's a win for you.
>>108143793
The GTK app definitely includes the daemon, I use it myself. No idea about the others though, they may just be indicators for the web UI.

>>108143781
There are only 3, actually. Syncthing GTK has had no commits for more than 4 years
https://github.com/kozec/syncthing-gtk
It is definitely out of date.
The other two are packages for tray icon which probably install the pre-built binary from Syncthing's Github page if I take two seconds to check the Flathub manifest files.

>>108143796
That's not the real upstream. Despite the namespace still being that (because changing that is a pain and I don't know if flatpak even has a mechanism to change that without deprecating it and publishing it under a different name) they're using a maintained fork.
https://github.com/flathub/me.kozec.syncthingtk/blob/c9920f1d518f5baab73a7f0555eb6836acfa999a/me.kozec.syncthingtk.yaml#L106

>>108143796
./syncthing --version
syncthing v1.27.3 "Gold Grasshopper" (go1.25.6 linux-amd64) flatbld@76ab452bfb4c 2011-11-11 11:11:11 UTC [noupgrade]
1.27.3 released on Feb 6, 2024, enjoy your 2 years old syncthing lol

>>108143806
>https://github.com/flathub/me.kozec.syncthingtk/blob/c9920f1d518f5baab73a7f0555eb6836acfa999a/syncthing.yaml#L26
LMAO

>>108143813
meant to quote >>108143794

>>108143813
>>108143814
See:
https://github.com/syncthing-gtk/syncthing-gtk/issues/102#issuecomment-3540260609

Not a Flatpak issue. Looks like the upstream app developer needs to fix it. Yes, I agree that's a problem. At least it is sandboxed though which limits the potential impact of CVEs.

>>108143818
> syncthing --version
syncthing v2.0.14 "Hafnium Hornet" (go1.25.6 linux-amd64)
I run my own distro and can have up to date packages, so why can't flatroons and fedoratroons do the same lmao

>>108143822
>why can't flatroons and fedoratroons do the same lmao
Because the GTK app literally doesn't work with newer Syncthing. If you have patches then please submit them upstream.

If you're not using the GTK app then you're probably better off using a container instead if you want up-to-date Syncthing. I have servers running with Syncthing that way and they are all up-to-date and have zero issues with it.

>>108143794
>>108143818
>The GTK app definitely includes the daemon, I use it myself
So you are running Syncthing version 1.27.3 which is even older than the official Fedora repos.
Here are all the CVEs you are exposed to.
>https://bugzilla.redhat.com/buglist.cgi?component=syncthing&product=Fedora

This is the great "Flathub security" you have been harping about in this entire thread. Buddy, you just got EXPOSED.

>A-At least I still have sandboxing...
hahahahaha
BWBAHAHAHAHAHA
The Flathub package ships with full file system read/write access. LMAO.

File: Screenshot_20260214_100832.png (341 KB, 1410x1190)

341 KB PNG

>>108143832
>The Flathub package ships with full file system read/write access. LMAO.
Wrong.

>>108143832
I use syncthingtray, the gtk app is abandonware

>>108143827
>use containers
Keep moving the goalposts. No, I don't need to run podman containers to install syncthing. I just need an up-to-date package from my distribution's repository which every popular distro except Fedora already provides.
>>108143840
>Wrong.
Buddy, stop embarrassing yourself already.
https://flathub.org/en/apps/me.kozec.syncthingtk
It says right there under "Potentially unsafe" > Full filesystem read/write access. This is what Flathub ships by default. A 2 year old unverified pacakge with a useless sandbox.

>>108143857
Fair enough.

>>108143858
And you can change that. Notice how it says "User files (read only)"

>>108143865
Irrelevant. Defaults matter. Flathub ships crap abandonware.

>>108141004
You should try that Project Bluefin's distroless GNOME OS nonsense, if Flatpak on immutable GNOME is all you need.
https://github.com/projectbluefin/dakota

>>108143871
Flathub ships what the developer ships. If upstream is crap abandonware then so will the Flatpak be.

>>108143865
you lost when you admitted you use a two year old version of syncthing with known security issues

>>108143880
In a sandbox, yes, which is more than can be said for you and your distribution package.

>>108143893
>muh sandbox (which is not even on by default) magically solves all 20 high severity CVEs
okay friend :)

>>108143893
the daemon still has network access and access to the files you are sharing so I rather run the upstream version without a meme sandbox than a two year old version full of CVEs

>>108143902
>>108143907
Irrelevant. If I had 20 high severity zero days I could own your distribution package with ease. I but you're not even using an SELinux or AppArmor policy for it.

>>108143913
And since there is no sandbox then I could then access any file I wanted and NOT just those that you are sharing.

>>108143733
>You can disable auto-update for vendored Packman and let the GUI warn you when an auto-update for the base OS fails. It's not ideal, but no OS is.
Ideally if it sees an issue with updates (like having to switch vendors, which isn't what I would want to do I guess because it'd be hopping between packman and official repos constantly) I would want it to just cancel updates maybe until next day when it runs again or whatever. That's primarily what I would want it to do.
I saw this article on how to get some sort of automatic update system that doesn't involve offline updates
https://lowtechlinux.com/2025/07/15/enabling-automatic-updates-on-opensuse-tumbleweed/
It seems neat but I still don't understand what course of action it takes when it's unable to switch vendors (if it updates everything else, if it stops updating or what exactly).

>>108143913
keep cooping with your meme sandbox, my syncthing daemon runs on my vpn so no you couldn't even access it.

>>108143927
>My P2P service runs through a VPN so nobody can ever see me
How thick are you?

>>108143929
so enlighten me retard, how do you access the syncthing daemon that's only listening on an internal vpn ip?

Holy shit. Just finished reading this entire thread. This thread is the perfect example of how much GNOME/Flatpak/Flathub fanboys lie shamelessly.

>>108143943
You don't if they can't speak out to the relay servers but in that case then how does an insecure Syncthing ever even affect you? You could run whatever version you like.

All this fucking autism is making me wanna stay on arch

the guy who got btfo'd in this thread is that one obnoxious anon who keeps making threads about fedora + kde being the super based redpill btw

>>108141004
I use Aurora and it is best fucking OS experience since Windows 98. I absolutely love it, and inb4 some incel comes up, yeah I do actually work with the fucking thing and make fat stacks with my web apps, so fuck you.

>>108143951
I don't know about that, it looks like he exposed you as the brown subhuman retard who has no clue how code review works.

File: hecomesfromthelanddownunder.png (209 KB, 469x592)

209 KB PNG

>>108141004
You are wasting potentially over ten thousands of kilobytes of RAM with that Flatpak crap. compile everything locally

>>108144093
Kek. Hoy shit you are still seething.
>brown subhuman retard
Yep. That is who you are bbhtt.

>>108144079
Aurora is just pozzite without the gaming shit isn't it

>>108141004
heckin chungus fosserino by a 200 billion dollar corporation with 300000 employees, what a fucking joke

>>108141207
fpbp, /thread

>>108144189
Pretty much, yes. Honestly, all these """distros""" are actually just a single distro with different packages. Imagine if I install Fedora Workstation and then I decide I want COSMIC instead of GNOME. So I remove GNOME and install COSMIC instead. Now suddenly I have a new distro. I can even give it a new name and design a cool logo for it.

I don't understand why Bazzite got so popular. If normies needed a good gaymin-ready distro, they should have gone for either CachyOS or Nobara Linux (which is maintained by GloriousEggroll).