How is it possible, that Signal still only provides a .deb package and no .rpm, or even better AppImage or Flatpak? There is an unofficial Flatpak but is it secure?

  • Hirom@beehaw.org
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    5 months ago

    They can’t possibly provide a package for every distro.

    Signal’s model, ie keep tight control over development and distribution of the client, and the absence of federation, it well suited for Apple/Google’s stores, but not at all for open-source and Linux’ ecosystem.

    • ulkesh@beehaw.org
      link
      fedilink
      English
      arrow-up
      8
      ·
      5 months ago

      You are right. They can’t for every distro.

      But fedora/rhel, Ubuntu/debian, and arch-based distros are the most commonly used. So they can provide official packages for those, and/or as the OP said, provide an official flatpak.

      And to be fair, it’s a nice-to-have to have a better sense of trust, but given the unofficial ones are open source, it’s quite likely any maliciousness would be rooted out very quickly.

      • TimLovesTech (AuDHD)(he/him)@badatbeing.social
        link
        fedilink
        English
        arrow-up
        2
        ·
        5 months ago

        Or, if you are running one of those distros you could just take the .deb and repackage it for whatever distro you’re running. Expecting a project to package for every distro, and then be required to support them for every release is a lot of work. And unfortunately some people have no issues expecting from others, but baulk at the idea of doing it themselves.

      • Hirom@beehaw.org
        link
        fedilink
        arrow-up
        4
        ·
        5 months ago

        Yes, AppImage can run on more distro.

        Still AppImage has disadvantages over DEB: No auto-update, No/less system integration, Bigger install packages.