Nearly 2000 packages affected now.

I’m starting to become sceptical of pacakge managers as a concept.

    • insurgentrat [she/her, it/its]@hexbear.net
      link
      fedilink
      English
      arrow-up
      11
      ·
      18 days ago

      I for one love having to rely on dozens or hundreds of independent developers for security updates, unmaintained notifications, and code audit.

      So much better than subscribing to one mailing list and running one regular update operation that removed deprecated software.

      • hello_hello [undecided, comrade/them]@hexbear.netM
        link
        fedilink
        English
        arrow-up
        6
        ·
        18 days ago

        Flathub is not as spartan as you think it is, but it certainly isn’t perfect. App developers still have to submit their software to moderators who have written guidelines to adhere to and there is a verification and trust system built in place.

        Also all app developers have to stay reasonably up-to-date to shared flatpak runtimes that are controlled by the flathub maintainers and receive security updates.

        I think both OS package managers and flatpak can co-exist, especially considering how flatpak was the staging ground for the new portals system and a permissions model akin to what android has had for years.