Yes. You can always build from source; If need be

FLOSS used to include the ability to build software. Perhaps that’s not important anymore but now a days some developers don’t attend problems with their build recipes because they only consider what they release through binaries, whether on flatpak or whatever other binary repository they like. At least I dislike that, it’s ok to me some or most users would prefer to grab a bloated binary rather than building anything, but that doesn’t mean forgetting about those actually wanting to build from source, or wanting to use shared libraries and software from their distros, actually that’s a requirement for free/libre software repositories. Not sure if the tendency is to move the gnu+linux users into app stores like the ones on windows, now ubuntu snaps, android play store and the like. Sure there’s more security with sandboxing, but nothing one can’t get with firejail, and if wanting MAC as well then firejail + apparmor for example.

At any rate, just my little rant. And if you’re wondering, I use AUR on Artix, and I really hope I won’t have a need for a flatpak stuff.

it comes down to how you use your system. if you’re fine using is as described and you’re on a distro that gets newest versions, keep on truckin’.

for me, I hate rebooting. I like to leave my system and return to it, be it laptop or desktop, and continue where I left off. sometimes that goes on for days, sometimes weeks. that’s virtually impossible when updating both system and app stuff constantly, e.g. new kernel, mesa, plasma, whathaveyous.

so I keep my system stuff that’s handled with the package manager and my app stuff separate. almost all of my GUI apps are flatpak and they are on a systemd timer so they get updated daily. my systems don’t bother me with update alerts, don’t do shit in the background and that’s how I like it. once a month or so I do a system upgrade and reboot.

I never use flatpaks and am doing just fine. I don’t want my packages to be installed from a bunch of different places; I want it all managed by one package manager, which for me is my distro package manager. I’ve never noticed a problem arising out of not using flatpaks; everything I want is either already packaged for me, or I can make a package myself.

Flatpak is supposed to “just work” everywhere.

I personally like flatpak and its build system. Flatpak applications are sandboxed by default and don’t require root during any part of installation, reducing the risk of malicious/broken software damaging the host. They also are available for basically any base distro, meaning i can use the same apps if a ever distrohop and i can even just copy over the config folders as if nothing happened.

If there is nothing appealing on flatpak, then sure. But for me it was really appealing and I still ignored it because you need to download big files at the beggining. But later on i started using it for steam and all because that thing is better staying as user-installed files in some form of permission sandbox

It really only makes sense to me when your distro is older or doesn’t have the software you want. I fully prefer native packages too, though, but I use Flatpak on phone.

Sure you can! Just run alias flatpak=snap and you’ll be golden.

(I’ll show myself out…)

It depends a bit on perspective and use-case, really. A flatpak’d application can be a fully-featured (all dependencies bundled) package in order to be portable. However, most flatpaks you might commonly encounter don’t quite do this. A good portion of the libraries may be distributed in common runtime packages. This will be the case if you use flatpaks from Flathub or Fedora. There still can be bundled libraries with vulnerabilities, but in many cases, there are basic dependencies from external, common library sets.

As far as varying dependency versions, a developer may be on a host with either newer or older dependencies than expected by the user, but as long as the developer’s application (and any unique libraries) are compiled against a common runtime as previously mentioned, it does make distribution to a wide variety of distros (LTS, 6-month, and rolling alike) relatively easy.

In comparison to OCI images (the kind of images that make up Docker, Podman, and a good portion of Kubernetes container images), flatpaks are a bit less extreme. Flatpaks contain much the same kind of files and structure that a standard distro package would, but simply get sandboxed into their own environment (via bubblewrap). Additionally, flatpaks don’t necessarily need system-level access for installation and usage (full userland confinement). It heavily depends on host environment and configuration, but typically OCI containers are a full, minimal, immutable filesystem structure run in a virtual environment. Not quite a virtual machine, as (in Linux anyway) they are run on the host (almost always in a sandbox) without extensive virtualization capabilities being needed. The general difference in security capabilities depends on the differences in sandboxing between a flatpak behind bubblewrap and an OCI container’s runtime sandboxing. There is also the notion with OCI containers being able to run as virtualized users, including root. With OCI containers that can obtain root access and a flaw in the sandboxing of say Docker in its standard rootful mode could allow for root level processes in the sandbox to act upon the host.

From what I can think of in comparison, there is the big problem with Flatpak in that it really isn’t suitable for packaging command-line applications: only GUI applications and libraries. OCI container images are often tailored for running web apps and other persistent CLI applications

Can I ignore flatpak indefinitely?

Sure, at least until software you want to use is flatpak only, e.g. Bottles

Just use Nix. It can run all the packages on whatever platform. It has the largest repository of software & are some of the most up-to-date.

You’re just not the target user.

The whole OCI mindset is geared towards absolute noobs like me, and cloud native devs that develop inside containers on a daily basis.

Take me for example. I use Bazzite, it’s the first distro I couldn’t break. On top of that, flatpaks, appimages and brew are my only options for software. Since Bazzite is an atomic distro (think immutable ) I could also use Distrobox but I don’t want to deal with it.

Everything just works for me, I don’t care about anything. I broke so many distros before. Sure, I don’t control every nut and cranny but I don’t want to.

If you know how to not break your stuff then that’s great, but I don’t, and I don’t want to learn that. I just want to learn other things.

I mostly do. 99.9% of the software I use is a Debian package. Well on Debian anyway. I do have one AppImage.

Yes you can. I do. If a software does not offer build instructions, which is rare, I just do not use it.