Snap packages have a larger install size, run slower, increase resource usage (so more RAM and CPU cycles), the snap store is a closed source system so you get things like Cryptocoin wallet scams , and personally, I think conceptually snap system leads to poor library maintenance long term
I dislike it for all the technical reasons you listed but could live with it despite that.
The entire reason I don’t install Ubuntu distros for Anyone anymore is that you can tell it specifically you want a deb and it can decide, no, no you don’t, and reinstall snapd and that app as a snap.
That’s ridiculous and against what I view Linux should be.
Having a closed source backend isn’t the reason for malicious packages. There’s a clear distinction between official and unofficial packages, and flathub isn’t immune to this either.
In comparison to flatpak, each runtime (core[number]) is supported for 10 years, so developers aren’t pressured to update it if the app keeps working. The side effect is that over time you will end up with a few extra core snaps on your system but the peace of mind for the maintainers is worth it imo.
We have an entire universe (from snaps up to univere-scale k8s setups) derived from “it works on my machine, so we’ll ship my machine”.
How much bad software isn’t being shook out because it’s kept alive in a container with just the right dependencies to prevent it from activating bugs and bad assertions?
Snap packages have a larger install size, run slower, increase resource usage (so more RAM and CPU cycles), the snap store is a closed source system so you get things like Cryptocoin wallet scams , and personally, I think conceptually snap system leads to poor library maintenance long term
I dislike it for all the technical reasons you listed but could live with it despite that.
The entire reason I don’t install Ubuntu distros for Anyone anymore is that you can tell it specifically you want a deb and it can decide, no, no you don’t, and reinstall snapd and that app as a snap.
That’s ridiculous and against what I view Linux should be.
Having a closed source backend isn’t the reason for malicious packages. There’s a clear distinction between official and unofficial packages, and flathub isn’t immune to this either.
In comparison to flatpak, each runtime (core[number]) is supported for 10 years, so developers aren’t pressured to update it if the app keeps working. The side effect is that over time you will end up with a few extra core snaps on your system but the peace of mind for the maintainers is worth it imo.
We have an entire universe (from snaps up to univere-scale k8s setups) derived from “it works on my machine, so we’ll ship my machine”.
How much bad software isn’t being shook out because it’s kept alive in a container with just the right dependencies to prevent it from activating bugs and bad assertions?
It’s also a smaller ecosystem than say flatpak, so it gets less use and less checks on it. Seems less well maintained than APT as well.