|
Sapozhnik posted:http://kmkeen.com/maintainers-matter/ What if I'm installing random crap from the Debian repo and "getting raw dogged"? In short: computers are a land of contrasts
|
# ? Nov 28, 2021 23:16 |
|
|
# ? Apr 25, 2024 06:51 |
Mr. Crow posted:What if I'm installing random crap from the Debian repo and "getting raw dogged"?
|
|
# ? Nov 28, 2021 23:21 |
|
Cybernetic Vermin posted:good thing linux distros don't allow arbitrary non-sandboxed applications in their package managers mystes fucked around with this message at 23:43 on Nov 28, 2021 |
# ? Nov 28, 2021 23:37 |
|
shoeberto posted:Not having easy access to a package manager is probably my biggest frustration when I have to use Windows. It feels dumb to have to go to a website to download an exe in 2021. winget seemed to work fine enough for me
|
# ? Nov 29, 2021 00:02 |
|
Your post is the first time I've heard of that. Good on Microsoft for making it. I'm still gonna complain about Windows but I'm glad that it exists.
|
# ? Nov 29, 2021 15:28 |
|
shoeberto posted:Your post is the first time I've heard of that. Good on Microsoft for making it. you probably want to install chocolatey instead / as well winget has ~3k packages, chocolatey has been around for a lot longer and has ~9k they also appear to play 'well' with each other, e.g. i have only one copy of stuff like sumatrapdf, teamviewer, mpc-hc on my pc but both package managers allow me to upgrade them, which seems super weird to me but maybe ms signed an agreement with the guys that run chocolatey.org
|
# ? Nov 29, 2021 16:03 |
|
NihilCredo posted:you probably want to install chocolatey instead / as well chocolatey just wrapping the same package api for stuff that is in there anyway perhaps?
|
# ? Nov 29, 2021 16:56 |
|
Chocolatey just wraps around whatever shitbinary the vendor provides. You can try to recognise already-installed applications (if they are not using MSI) manually in a script inside the package, but I haven't seen many that do. If the vendor ships an MSI MS' own package manager recognises the product code and does an upgrade. The package quality on chocolatey's community repo is pretty spotty, reflecting the terrible situation on Windows with garbage binary installers. If everyone used MSIs (MS included, ffs), you could build a proper package manager pretty easily. But you can't, because you can't repackage proprietary software into a reliable software repository.
|
# ? Nov 29, 2021 17:30 |
|
yeah, the teamviewer 'package' is just 'download and run teamviewer_setup.exe with the /s silent install flag', i use it because it's nice to upgrade it automatically with everything else as part of 'gsudo choco upgrade all -y' instead of doing it manually but like someone upthread said, at the end of the day using third-party packages always means rawdogging third-party code in your home directory. using a package manager just adds the thinnest pretense of a condom. if you want actual protection, use docker or sandboxie this is my work laptop though so i don't really care if some choco package steals my user data: feel free to spam my work email and track my stackoverflow browsing history all you like for my personal stuff, i won't touch windows anymore outside of a vm
|
# ? Nov 29, 2021 17:49 |
|
Antigravitas posted:Chocolatey just wraps around whatever shitbinary the vendor provides. You can try to recognise already-installed applications (if they are not using MSI) manually in a script inside the package, but I haven't seen many that do. this is all because Microsoft didn’t include an installer builder with their dev tools
|
# ? Nov 29, 2021 17:53 |
|
Orca.exe in the windows sdk should be enough for anyone
|
# ? Nov 29, 2021 18:07 |
|
carry on then posted:lmao, "1 click away" linux tech tips getting owned by a broken package was pretty much the quintessential linux experience
|
# ? Nov 29, 2021 21:04 |
|
Rufus Ping posted:Orca.exe in the windows sdk should be enough for anyone ive used orca to fix or modify packages and its great that it works, but theres so much scripted bullshit in MSI packages that orca cant really help you with
|
# ? Nov 29, 2021 21:06 |
|
if your package system contains scripts its a piece of poo poo
|
# ? Nov 29, 2021 21:06 |
|
shaggar was right
|
# ? Nov 29, 2021 21:09 |
|
Rufus Ping posted:Kind of hilarious that macs have their own little third-party paid shitware ecosystem like windows used to. People don't see anything wrong with having to buy and install proprietary tools to add missing features to the OS Microsoft bulldozed and paved over a large part of the software ecosystem where small devs could support themselves. It was some real robber baron/monopolistic poo poo.
|
# ? Nov 29, 2021 21:30 |
Shaggar posted:if your package system contains scripts its a piece of poo poo
|
|
# ? Nov 29, 2021 21:35 |
|
Please dont remind me this is supposed to be a safe place
|
# ? Nov 29, 2021 21:39 |
|
BobHoward posted:linux style package management is unironically the #1 reason why linux can't have good software what, you mean it might be useful to manage the operating system itself independently from stuff layered atop it?
|
# ? Nov 29, 2021 21:46 |
|
BlankSystemDaemon posted:isn't debians packaging system entirely based on a multitude of shell scripts, each with their own set of duplicate variables for everything under the sun? idk. the only linux i have to deal with is ios
|
# ? Nov 29, 2021 21:47 |
|
"what do you mean the distro maintainer won't let me infest end users' computers with malware this is literally Stalinism" it's always the fruit company employees itt lol
|
# ? Nov 29, 2021 21:49 |
|
The best part is the excellent documentation. Do you use debuild? Or debhelper? Or dpkg-buildpackage? Or maybe bzr-builddeb? What about git-buildpackage we use git? Or pbuilder? Christ I hate the Debian packaging ecosystem
|
# ? Nov 29, 2021 21:49 |
|
yeah the actual packaging mechanism (as opposed to the policy) behind debs and rpms and script-based packages in general is kinda lovely due to historical inertia, no argument there. dropfile directories and suchlike features are more prevalent these days (i.e. you can throw configs and startup hooks into /etc/whatever.d/ instead of running sed over some arbitrary-format /etc/whatever.conf) so one could conceivably make a new scriptless packaging standard that's side-effect free.
|
# ? Nov 29, 2021 21:54 |
|
except you need to maintain backwards compatibility with all the existing non-dropfile mechanisms and even the dropfile systems typically have some kind of single-file cache that gets rebuilt and sooner or later you're going to have to work around some kind of weird bug and then you're right back to the current situation with RPM -- mostly just a file archive with an occasional script that is an immediate sign of code smell
|
# ? Nov 29, 2021 22:23 |
|
Mr. Crow posted:Christ I hate the [...] packaging ecosystem
|
# ? Nov 29, 2021 22:34 |
|
The insane thing about Debian's packaging is all the weird automagic helper tools and magic files that do magic things to somehow munge some random pile of code into a file tree below the debian/ directory. It sucks, but you can feel the weight of tens of thousands of packages being packages by a glorified Makefile. I actually like Gentoo's ebuilds.
|
# ? Nov 29, 2021 22:37 |
|
Sapozhnik posted:"what do you mean the distro maintainer won't let me infest end users' computers with malware this is literally Stalinism" nobody said anything remotely like that the reason it's hard for linux to have good application software is that the distro & package-manager model wastes an incredible fraction of the limited FOSS supply of labor hours on pointless bikeshedding exercises which make life harder on app authors. if you want to ship software for linux, you have to deal with countless "downstreams" loving with your software for usually bad reasons, failing to take up new versions for no good reason, having inconsistent library versions from each other, having different release schedules from each other, and so on. shipping software for linux sucks, if you want to have more and better software on linux this needs to be fixed there's no need to be a fruit company computer haver (me) or employee (eschaton) to recognize the rot. all that i wrote above is stuff i got clued into by a blog post written by a prominent linux dev. (i forget which and i seem to have misplaced my link, sigh.) trying to strawman this into "you just want to distribute malware easier" is dumb and self-defeating
|
# ? Nov 29, 2021 23:43 |
|
i like pacman and AUR. I’ve had problems maybe twice since 2006; with dnf too many times to count. apt is fine if you like software from 100 years ago.
|
# ? Nov 30, 2021 00:15 |
|
mawarannahr posted:i like pacman and AUR. I’ve had problems maybe twice since 2006; with dnf too many times to count. apt is fine if you like software from 100 years ago. Software from 100 years ago is the only good software op
|
# ? Nov 30, 2021 00:22 |
|
package managers are like filesystems, there's good ones and there's new ones
|
# ? Nov 30, 2021 00:30 |
|
Armitag3 posted:Software from 100 years ago is the only good software op it really is the essence of unix
|
# ? Nov 30, 2021 00:32 |
|
mawarannahr posted:i like pacman and AUR. I’ve had problems maybe twice since 2006; with dnf too many times to count. apt is fine if you like software from 100 years ago. Dnf owns sorry for your wrong opinion
|
# ? Nov 30, 2021 01:01 |
|
Mr. Crow posted:Dnf owns sorry for your wrong opinion it’s really really really slow. guess you love wasting your life
|
# ? Nov 30, 2021 01:16 |
|
BobHoward posted:nobody said anything remotely like that Better software? Sure. More software? Not necessarily, it depends very much on the software. I'm shitposting belligerently, yes, but nonetheless there is a kernel of sincerity to the point I'm trying to get across. Debian maintainers can be obstinate sometimes yes, they are flawed people. You do have to have something at least slightly wrong with your brain to want to be a volunteer package maintainer because god knows it doesn't bring fame, riches, or even a shred of gratitude. When the system works right then it works very well, a maintainer is an invaluable advocate for the user's interests.I'm paraphrasing that Maintainers Matter article at this point but adware and spyware simply does not exist in mainstream Linux desktop environments as a direct consequence of the existence of maintainers, not just because the whole stack is free software or open source or whatever; that's necessary, but not sufficient. Adware did exist in Ubuntu at one point, but that's the exception that proves the rule: Ubuntu as an organization does not exist to advocate its users' interests, is a commercial venture which places its own commercial interests first and its users interests second. Also the main reason why distro-packaged software tends to have maintenance problems is because there are problems in the upstream software itself. Perhaps it embeds outdated forks of third-party software libraries. Perhaps it uses a screwy build system. Perhaps it pulls in a hundred tiny lovely libraries via some cesspit like npm that came from god knows where. It is no coincidence that these traits are commonly found inside commercial software, because commercial software does not consider these traits to be defects. "Move fast and break stuff" is the order of the day, and first mover advantage is everything. Clean up enough bugs to keep pulling in money from users later, but if you don't make it to market before your competitor does then there won't be a later. Security holes? No company has ever gone bankrupt from security holes. Use a judiciously-chosen set of reputable dependencies, use a standard build system, make regular time-based releases, follow platform conventions. Do that and distributors will not get in your way. And yes this is a rather idealistic attitude especially in light of how capriciously some open source devs break things regardless, but I do feel like average code quality is improving and things aren't quite such a wild west in the Linux space any more. It would be nice if open source projects took automated testing and CI and such more seriously though, that's one aspect of software development that has a puzzling lack of maturity in the free software space.
|
# ? Nov 30, 2021 01:16 |
|
Sapozhnik posted:Better software? Sure. More software? Not necessarily, it depends very much on the software. I'm shitposting belligerently, yes, but nonetheless there is a kernel of sincerity to the point I'm trying to get across. Debian owns and I’d never use arch for anything that isn’t my personal computer for these reasons. it works and has worked for a long time. and it’s not owned by IBM lmao
|
# ? Nov 30, 2021 01:22 |
|
Armitag3 posted:Software from 100 years ago is the only good software op Hey, this poster seems to have the y2k bug. Debian Bullseye was released in 2021, but they're interpreting it as 1921. Can the Armitag3 maintainers please patch this?
|
# ? Nov 30, 2021 02:15 |
|
mawarannahr posted:i like pacman and AUR. I’ve had problems maybe twice since 2006; with dnf too many times to count. apt is fine if you like software from 100 years ago. The AUR is one of the only good parts of using archlinux.
|
# ? Nov 30, 2021 02:57 |
|
i like guix you can get whatever software version you want, including multiple incompatible versions of the same package. you can compile from source or get binaries, can pack software for other users/PCs (inc other architectures), can archive and import packages for other guix users, can make images (inc docker images), install poo poo in an environment and then just nuke it when you odn't need it. you can declare your system packages and config so all you need to do is read a file and everything installs just how you want it. pretty sure nix is basically the same. these two package managers make other linux pakcage managers look like turds
|
# ? Nov 30, 2021 04:18 |
|
nixpkgs is like if you hired a bunch of fp weenies to maintain freebsds ports tree. there is no honor to be had there
|
# ? Nov 30, 2021 05:13 |
|
|
# ? Apr 25, 2024 06:51 |
|
Apt for life. The Windows app store is so lovely that when you go to install teams on a Windows10 laptop it just takes you to the team's website. Yes, a link to a website in the store. Anyway that's my Windows app store story.
|
# ? Nov 30, 2021 05:53 |