How is it possible, that Signal still only provides a .deb package and no .rpm, or even better AppImage or Flatpak? There is an unofficial Flatpak but is it secure?

    • Hirom@beehaw.org
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      6 months ago

      They can’t possibly provide a package for every distro.

      Signal’s model, ie keep tight control over development and distribution of the client, and the absence of federation, it well suited for Apple/Google’s stores, but not at all for open-source and Linux’ ecosystem.

      • ulkesh@beehaw.org
        link
        fedilink
        English
        arrow-up
        7
        ·
        6 months ago

        You are right. They can’t for every distro.

        But fedora/rhel, Ubuntu/debian, and arch-based distros are the most commonly used. So they can provide official packages for those, and/or as the OP said, provide an official flatpak.

        And to be fair, it’s a nice-to-have to have a better sense of trust, but given the unofficial ones are open source, it’s quite likely any maliciousness would be rooted out very quickly.

        • TimLovesTech (AuDHD)(he/him)@badatbeing.social
          link
          fedilink
          English
          arrow-up
          2
          ·
          6 months ago

          Or, if you are running one of those distros you could just take the .deb and repackage it for whatever distro you’re running. Expecting a project to package for every distro, and then be required to support them for every release is a lot of work. And unfortunately some people have no issues expecting from others, but baulk at the idea of doing it themselves.

        • Hirom@beehaw.org
          link
          fedilink
          arrow-up
          3
          ·
          6 months ago

          Yes, AppImage can run on more distro.

          Still AppImage has disadvantages over DEB: No auto-update, No/less system integration, Bigger install packages.