https://flathub.org/statistics
Right? "Oh look, country with huge population has more downloads than country with small population!"
To everyone saying you can’t mirror a flatpak repo… you’re absolutely right. There should be a far easier way to set up your own mirror without needing to build everything from scratch. That being said, if you wanted to try to make your own repo with every one of flathub’s apps, here you go:
https://github.com/flathub
https://docs.flatpak.org/en/latest/hosting-a-repository.html
Edit: Some did get a flathub mirror working. The issue is that a. Fastly works good enough and b. There is no concept of “packages” on the server side. It’s just one big addressed content store because of ostree, and syncing is apparently difficult? Idk, not being able to sync the state of content is like the entire point of ostree…
https://github.com/flathub/flathub/issues/813
Sorry to ask, I'm not really familiar with Linux desktop nowadays: I've seen Flatpak and Flathub talked about a lot lately and it seems to be kinda a controversial topic. Anyone wanna fill me in what's all the noice about? It's some kind of cross-distro "app store" thingy?
Flatpak is a universal application packaging standard for Linux. It allows devs to create a single application that gets bundled with all necessary dependencies including versioning.
These apps run in their own semi-isolated "container" which makes immutable distros possible. (Distros like Fedora Silverblue that are effectively impossible to break by installing or removing critical system files.)
This means that a Linux app doesn't have to have a .deb version, an .rpm version, or be pre-compiled for any other distros. A user can simply go to Flathub, (the main repository for Flatpak apps), download the flatpak, and install it on their distro of choice.
It's quickly becoming the most popular way for users to install apps on Linux because it's so easy and quick. But there are a few downsides like size on disk, first party verification, per-distro optimizations, and the centralization of application sources. That's why some users aren't fully endorsing or embracing how popular they are becoming.
Cool, thanks for the explanation.
a single application that gets bundled with all necessary dependencies including versioning
Does that mean that if I were to install Application A and Application B that both have dependency to package C version 1.2.3 I then would have package C (and all of its possible sub dependencies) twice on my disk? I don't know how much external dependencies applications on Linux usually have but doesn't that have the potential to waste huge amounts of disk space?
Essentially yes, if you start using lots if older applications or mixing applications that use many different dependency versions, you will start to use lots of extra disk space because the different apps have to use their own separate dependency trees and so forth.
This doesn't mean it will be like 2x-3x the size as traditional packages, but from what I've seen, it could definitely be 10-20% larger on disk. Not a huge deal for most people, but if you have limited disk space for one reason or another, it could be a problem.
It CAN get pretty wild sometimes, though. For example, Flameshot (screenshotting utility) is only ~560KB as a system package, while its flatpak version is ~1.4GB (almost 2.5k times as big)
Flameshot is 3.6MB on disk according to
flatpak info org.flameshot.FlameshotWeird, the software manager (using LM 21.3) reports 1.1GB dl, 2.4GB installed (which is different from when i checked yesterday for some reason?).
flatpak installreports around 2.1GB of dependencies and the package itself at just 1.3MBEDIT: nvm im stupid, the other reply explains the discrepancy
on a desktop it might not be significant but I tried using flatpak apps on a device with very limited root emmc storage (16 GB) and ran out of space really fast. Its really common to see a couple multi-hundred-megabyte library downloads for each new app IME.
I like them for some stuff but there are glaring issues that I don't like. I've posted about it before, poor integration of apps/not getting the right permissions is a big problem, the people packaging them don't often do as good of a job as someone like a distro maintainer.
But admittedly my experience using it probably isn't representative (pop os through their shop and arch on a mobile device). Neither were amazing, but not having to compile shit myself or install with an untrusted shell script was nice for some apps. Without some significant improvements it's not a good replacement for a distro's package repos but it might be a good way to broaden the available applications without having to maintain 10x more packages.
It's not quite that simple.
Each package can choose one from a handful of runtimes to use, each of which include common dependencies (like gnome or qt libraries), and if multiple flatpaks use the same runtime, that runtime is only downloaded once.
It is less space efficient than your typical package manager, but brings other benefits like sandboxing.
Flatpak is the best - thats all you need to know!!!!
But seriously, apart from obvious things other people have said, I would like to add that the HUGE advantage of flatpak is that each app is using its own dependencies, this way you can avoid dependency hell, which is mostly time-consuming and hard to fix.
Most of the issue is that they're unreliable. Sometimes the app will work. Sometimes it doesn't. Sometimes you have to fiddle blindly with flatseal settings, which ones? Who knows? Guessing is part of the fun.
It'd be a great thing if it just worked.
I guess mileage varies here because flatpaks have always just worked for me. I only use flatseal to revoke excessive permissions.
Flatpak's usecase for me is Alpine Linux and other distributions that use musl or other libc implementations. I don't love it, I think its cli interface and the way you add flatpak servers to be obtuse and annoying, but it is useful for getting glibc dependent software.
You're complaining about corporate fundings. Without them, a lot of open source tech would definitely not be as advanced as it is today. Since everything's open source, anyone can just fork a project when some "malicious megacorp" "hijacks" the project. Funny how a similar case happened "the good way" recently with Redis/Valkey, but the other way around.
There's always some doomers only seeing potential bad futures in awesome stuff, huh?
Well you do you. I don't see the point in hating open source software made by them, you're not paying them unlike with regular products and boycotting them.
It is noteworthy that builds of Chrome, VLC, Dolphin, Steam and Spotify are created by third-party enthusiasts not associated with the main projects.
What great news, that's why there is no trust in Flathub.
Why don't you open an feature request on their git if you have an issue with volunteer work.
It's funny thinking this guy uses a distro package manager potentially with unofficial patches applied to the package.
Great opportunity to inject malware to so many vulnerable peeps then
You could say that with any program distribution. At least flatpaks are containerised.
Nah. Most distro package managers verify their packages authenticity with cryptography since the early noughts
