• Yuu Yin@group.lt
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      2
      ·
      edit-2
      1 year ago

      I can keep Firefox bleeding edge without having to worry that the package manager is also going to update the base system, giving me a broken next boot if I run rolling releases.

      On Nix[OS], one can use multiple base Nixpkgs versions for specific packages one wants. What I have is e.g. 2 flakes nixpkgs, and nixpkgs-update. The first includes most packages including base system that I do not want to update regularly, while the last is for packages that I want to update more regularly like Web browser (security reasons, etc).

      e.g.

    • TheBelgian@lemmy.ml
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      1 year ago

      Flatpak is kind of bringing the BSD mindset of base system versus end-user apps to Linux.

      What must one not read. The reason is that FreeBSD develop and maintains the whole base system: kernel + system related frontend and because it’s a clean architecture. For the isolation they had jails before containers was a thing.

      Flatpak was not about sandboxing, this aspect is quite recent. It is a response to how bad the CI-pseudoCD was for Gnome and to build/deploy apps based on gnome-stack easily. For proprietary product, I still have to see it a proprietary product not available outside flatpak…

      Don’t get me wrong, it’s good that Flatpak tackle the sandboxing question that was not what was sold previously. Also, I use official repos and mainly FOSS. Flatpak won’t prevent a supplychain attack. So my trust remains the main repos.