Firefox made some progress with this lately but it's still not good enough to allow me to fill it in.
Apart from this particular package, I use flatpak. So it's not like I'm "happy" about snaps, but I'm happy that the snap repository has the tools I need.
In terms of that Adobe Acrobat Reader snap, how am I supposed to trust that the container is a maintained, trustworthy, and official version of the application? That looks to me sketchy to use as to my knowledge Acrobat Reader hasn't be released on Linux in over 9 years, and shouldn't be used/trusted given the large number of potential vulnerabilities...
This is the reason I don't trust snaps, as I have 0 way of auditing it. I know that there is a "verified" mechanism in snapcraft, but not all apps that are "official" or "trusted" have that tag, such as MusicBrainz Picard, published by the MusicBrainz team, so the only way I know they support it is going back to the official website, which also offers a more conventional PPA that is also easier to audit and trust given the GPG key processes in place there, which _should_ be a bit more trustworthy.
Is that code the same as the one the other commenter linked? Not sure, doesn't seem to be a way to tell, as you've mentioned. (That was quite a surprise to me, even Flatpak's Flathub has a little "see details" link to GitHub.) But it would make sense as Adobe has indeed not maintained Acrobat for Linux in many years.
I am fine with using snaps on my desktop systems (mostly) but it is not very appealing to me on servers. It would be interesting to know if there are any big projects using it successfully, maybe I'm missing out?
The certbot let's encrypt agent is unfortunately stuck in a Snap package, at least last I tried setting it up.
Always feels like Snap has been pushed by some invisible proprietary influence, not organic growth due to it being a good idea. I never saw anything wrong with package managers or a reason I should like Snap. My experience is that I've only been forced to use it against my will.
I was also very annoyed by that and supporting legacy servers with letsencrypt, and then I found acme.sh script to replace certbot:
https://github.com/acmesh-official/acme.sh
Simple and light without big dependencies as running in bash! I would recommend it a thousand times!
I need to say that I really despise snap apps. I don't get why I should use them, I never felt the need for a bloated app package with awful startup times...
On Ubuntu (last time I used it with a GUI, something like 1.5 years ago) the calculator app was a snap app. The f*ing CALCULATOR app! And it took longer to open the calculator than Firefox or VSCode.
I started hating Ubuntu for pushing snap so strongly, and this time I didn't forgave them...
Which is why I'm back to Debian testing. It was the forced "upgrade" to firefox using snap that finished me, as it wanted to eat my carefully sculpted profile.
I'm guessing because it's impossible to inject files into? It used to be, and was annoying because the browser I was using you needed to put widevine in a specific location, but it was impossible to do so. They say it's for security, but to an end user it was just an annoyance.
Right. And that same utterly braindead constraint prevents it from scaling to - or handling at all - many commercial unix environments. Just... unimaginably little vision.
I should add that it doesn't even work on my home network, where home directories are mounted over NFS - and not into /home/$user - /home was never guaranteed, that's what $HOME is FOR. I just can't believe how broken snaps are.
Never really felt any problems with performance, theming works, and more confinement > no confinement. Guess what, it's 2020, it would be nice to have some restrictions for what rogue desktop apps can access on the desktop.
From a development experience, it's a million light years better and safer than setting up ppas, dealing with launchpad. It directly integrates with CI, and hence can be pushed to all relevant Ubuntu OSes. Quite nice in particular being able to get the latest version of Firefox as soon as updates come out.
Also having actual software from vscode, slack, spotify, jetbrains stuff is quite nice. Jetbrains especially as they didn't offer a repo in the past.
Oh and I especially like multipass, and being able to use docker. Especially when Docker lags behind supporting the newer repos.
I also find it very handy for switching between channels (such as for firefox and nodejs).
I was initially happy, but the papercuts added up to unbearable. When I was powerless to stop the force upgrading of one of my packages, it was the last straw for me. I really wish AppImage were taken more seriously because it is fantastic (but I know doesn't have sandboxing).
I've moved to flatpak for almost all of my apps, but for some hacky repackaged stuff like zoom the snap seems to work fine while the flatpak just doesn't for me on fedora.
A year or two ago when I was using Ubuntu I liked them for certain things like jetbrainse IDEs. Easy to install, easy to keep updated. I think for desktop apps they weren't bad. I also used LXD, an otherwise very fine system, with snaps and it was a disaster due to cluster members auto-updating in an uncontrolled manner. So that wasn't great.
I don't use Ubuntu anymore so don't have a current opinion.
After years of being a "cloudy" systems engineer who no longer gets to play with actually Linux (not really) the Qualys security advisory was an enjoyable read.
This is my analog to my wife's Agatha Christie books. It reminds me why I loved computers back in the '80s and chose this career. The feeling that these complicated systems are fallible, and that if you study them carefully and play then like a chess board, you can crack them open.
30 comments
[ 3.6 ms ] story [ 71.8 ms ] threadhttps://snapcraft.io/acrordrdc
Which I need when I have to declare my taxes in Romania since it's done via a PDF file that can't be opened and filled in with any other tool:
https://static.anaf.ro/static/10/Anaf/Declaratii_R/Aplicatii...
Firefox made some progress with this lately but it's still not good enough to allow me to fill it in.
Apart from this particular package, I use flatpak. So it's not like I'm "happy" about snaps, but I'm happy that the snap repository has the tools I need.
This is the reason I don't trust snaps, as I have 0 way of auditing it. I know that there is a "verified" mechanism in snapcraft, but not all apps that are "official" or "trusted" have that tag, such as MusicBrainz Picard, published by the MusicBrainz team, so the only way I know they support it is going back to the official website, which also offers a more conventional PPA that is also easier to audit and trust given the GPG key processes in place there, which _should_ be a bit more trustworthy.
Is that code the same as the one the other commenter linked? Not sure, doesn't seem to be a way to tell, as you've mentioned. (That was quite a surprise to me, even Flatpak's Flathub has a little "see details" link to GitHub.) But it would make sense as Adobe has indeed not maintained Acrobat for Linux in many years.
https://www.playonlinux.com/en/app-2653-Adobe_Acrobat_Reader...
Always feels like Snap has been pushed by some invisible proprietary influence, not organic growth due to it being a good idea. I never saw anything wrong with package managers or a reason I should like Snap. My experience is that I've only been forced to use it against my will.
Simple and light without big dependencies as running in bash! I would recommend it a thousand times!
https://man.openbsd.org/acme-client.1
It's probably also a reasonable alternative.
On Ubuntu (last time I used it with a GUI, something like 1.5 years ago) the calculator app was a snap app. The f*ing CALCULATOR app! And it took longer to open the calculator than Firefox or VSCode.
I started hating Ubuntu for pushing snap so strongly, and this time I didn't forgave them...
They usually give up on their NIH missteps after a year or two(see upstart, mir, unity, etc), but they're really dug in on this one.
Never really felt any problems with performance, theming works, and more confinement > no confinement. Guess what, it's 2020, it would be nice to have some restrictions for what rogue desktop apps can access on the desktop.
From a development experience, it's a million light years better and safer than setting up ppas, dealing with launchpad. It directly integrates with CI, and hence can be pushed to all relevant Ubuntu OSes. Quite nice in particular being able to get the latest version of Firefox as soon as updates come out.
Also having actual software from vscode, slack, spotify, jetbrains stuff is quite nice. Jetbrains especially as they didn't offer a repo in the past.
Oh and I especially like multipass, and being able to use docker. Especially when Docker lags behind supporting the newer repos.
I also find it very handy for switching between channels (such as for firefox and nodejs).
I don't use Ubuntu anymore so don't have a current opinion.
https://www.qualys.com/2022/02/17/cve-2021-44731/oh-snap-mor...
This is my analog to my wife's Agatha Christie books. It reminds me why I loved computers back in the '80s and chose this career. The feeling that these complicated systems are fallible, and that if you study them carefully and play then like a chess board, you can crack them open.