• 1 Post
  • 42 Comments
Joined 2 years ago
cake
Cake day: June 15th, 2023

help-circle

  • Gecko@lemmy.worldtoLinux@lemmy.mlWhy does nobody maintain PPAs anymore?
    link
    fedilink
    arrow-up
    7
    arrow-down
    1
    ·
    edit-2
    7 months ago

    Jia Tan liked your comment

    Without the traditional distribution workflow […]

    You are aware that the xz exploit made it into Debian Testing and Fedora 40 despite the traditional distribution workflows? Distro maintainers are not a silver bullet when it comes to security. They have to watch hundreds to thousands of packages so having them do security checks for each package is simply not feasible.



  • As someone who owns a PinePhone I can tell you that a lot more work needs to be done first. postmarketOS is ok but being Alpine based means you have to forever deal with all the issues that come with it including its primitive package manager. And mobian also kept breaking ever other half a year or so requiring manual config changes etc.

    What we need IMO, is a more reliable spin like Fedora, maybe even something immutable like Silverblue to ensure the stability required for a daily driver device while also being quick to deploy the latest versions of releases.

    There’s also the whole app ecosystem aspect but between advances in Waydroid and convergent GTK apps, I’m more concerned about the underlying base OS than the app ecosystem ^^