My Issues with Flatpaks & Snaps

Forward

This post is a companion article of sorts to my video about Flatpaks & Snaps of the same name. That particular video resulted in a lot of comments and tweets so I’d like to explore the issues I listed in the video here.

The video (and this article) is a bit of a retrospective on another video I did in 2017 when Snaps & Flatpaks were all the rage. Bold claims were made these new formats and about how they were going to “replace” traditional software repositories. In fact, Flatpak still claims that it is “The future of apps on Linux” on their website (as of the time of this article).

Now let’s talk about the issues I believe are holding these two formats back in terms of general adoption in the Linux Desktop community.

Styling

Styling is by far the most common complaint about these two formats. The problem seems to be that package applications do not have access to the system styles (mah security!) so they have to package styling themselves.

For Snaps, this issue can be solved a couple ways:

1. Using a non-strict confinement setting (classic is most common)
2. Packing your application styling with your app.

For Flatpaks, this issue has been mostly solved by the inclusion by an application style Flatpak. As in, the styling is included on the system by a seperate Flatpak. It’s an interesting approach that seems to work well.

Quality Control

Because of the decentralized nature of both Snaps & Flatpaks, there’s no quality control outside the purview of the developer or packager. This means you have no way of knowing if the application you are installing will be buggy or even secure.

The same argument could be said about traditional software repositories, however if we use the AUR as an example, a buggy or insecure package would be detected by users quickly and if the offense is serious enough, it will be removed from the AUR entirely.

The semi-official Snap store follows a somewhat similar approach though since the user base is smaller and, it may be more difficult to surface issues from apps downloaded from there. Take a recent debacle with bitcoin miners hidden in Snaps as an example.

Flathub is a common source for Flatpak apps and most apps listed there link back to a Github/Gitlab repo which users can submit issues for. However if a particular malicious application was listed on Flathub, it would be up to the maintainers to take it down.

Versions

Similar to the Quality Control issue, versioning tends to be all over the place.

Developers often write code for an application and leave the packaging & distributing up to the community.

This approach is practically the same with Snaps & Flatpaks but the communities are much smaller so there’s fewer people packaging apps and keeping them up to date.

This isn’t necessarily a flaw in the design of either format, it’s a reality of having yet another packing format and distribution method.

Updates

Snaps are elegant in how they keep apps up to date — they use a daemon that listens for upstream updates and updates apps accordingly. On the flip side, this may lead to undesirable side effects, such as an update modifying core functionality of an app.

Updates for Flatpaks involve using an application such as Gnome-Software, or using the Flatpak cli.

If you’re using Gnome-Software to manage your Flatpaks, you will end up with duplicate entries for your applications (one from Flathub, one from your repos).

Using the Flatpak cli to update applications is fine but you need to enter your password for each application. Never mind that you’re running yet another command to keep your system up to date.

Summary

Ultimately, Snaps and Flatpaks do not replace your distributions software repositories. At best, they at best augment it. For Linux distributions without big default software repositories, using Snaps or Flatpaks can be really useful for installing applications that wouldn’t otherwise be available.

From my experience, the quality of Snaps and Flatpaks lag behind applications that have been packaged and distributed for Linux distributions.

It’s worth pointing out that this article and the video are focused on _desktop_ usage of Snaps and Flatpaks. Snaps have a very valid use case for servers & embedded devices, and the Ubuntu Core distribution is based around this.

Finally, an honorable mention goes to AppImage, which was not discussed in the video or this article. Stay tuned for a future video about AppImage!