Why are we suggesting Snap

28 Replies

We’ve recently started suggesting to use snap to install Notepadqq, and some of you weren’t happy about it. Why don’t we push towards traditional packages?

There are a lot of reasons here, in a blog post which is actually against snap: http://kmkeen.com/maintainers-matter/.

This seems weird. How can we use a post against snap to justify the fact that we suggest our users to use snap?

In short, that blog post is saying that systems like snap are bad because they shift the packaging work from the maintainers of the target distribution to the upstream developers. Why is this bad? Because Maintainers Provide Consistency:

Maintainers also shield users from developers, offering a layer of quality control. At the very least, all the software in a distribution should play friendly with any other piece of software in the repositories. Maintainers are responsible for that, as well as choosing a subset of the (subjectively) best software FOSS has to offer.

And that makes sense. The only problem is, we don’t have the resources to build the packages for all the different distributions ourselves. We could concentrate on a few ones, like we’ve done with our PPA. But:

  • it is, for us, impossible to check every version of every distro for compatibility with our software
  • we’ve had a lot of problems in the past with issues in the PPA packages exactly for this reason, and users weren’t happy
  • still, a lot of distros wouldn’t have official packages.

So, what we chose to do is to focus on snap in order to ensure to make Notepadqq reliably available to most of the people.

What can YOU do?

A lot of independent people decided to create a Notepadqq package for their distribution. You can and should use them, if available. There are none for Debian, though. Or Ubuntu.

If you want to do something, there is an open Debian Request For Packaging (RFP): let them hear you by telling why you’d love to have a Debian package for Notepadqq at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=740809.

Thanks!

0 0 vote
Article Rating
Subscribe
Notify of
guest
28 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Gerhard
Gerhard
1 year ago

i would prefer flatpack as the free alternative to snap

1
Reply
Kenneth
Kenneth
1 year ago

Linux Mint deliberately disabled Snap by default. Though they allowed Snap to be re-enabled, one should be curious as to why.

https://blog.linuxmint.com/?p=3906

If using the Snap platform essentially allows installing software without your knowledge (it has the root password), have we not broken the most important security feature of Linux, that without the root password, nothing can be installed that will compromise your system. The Windows world is plagued with computer viruses for this very reason, stuff constantly being installed in the background without your knowledge.

I think their concern is valid, and I will respect their opinion about the usage of Snap. Why not continue on with Flatpak?

1
Reply
julian
julian
2 years ago

Maintainers also shield users from developers, offering a layer of quality control. At the very least, all the software in a distribution should play friendly with any other piece of software in the repositories. Maintainers are responsible for that, as well as choosing a subset of the (subjectively) best software FOSS has to offer.

And that makes sense.

No, it doesn’t make sense at all. Snap was invented to render software packages independent from each other. And it does it very well. With Snap, every piece of software plays friendly in both a repository and a user’s system because of the package isolation it offers.

0
Reply
Heidi
Heidi
2 years ago

Just found out there is a snap package, but it’s from 2018. Is it legit now still though?

Thanks.

0
Reply
Matthias
Matthias
3 years ago

One of the core aspects of Snap is hidden in plain sight and as so often ignored in both blog posts:

It is non-free.

9
Reply
foboz
foboz
3 years ago

Nice. Installed snap, installed the Notepadqq snap, ran Notepadqq. Looked good. Then I tried to access a file from a NFS location – oh, wait since Notepadqq is running in a snap container, I can’t do that. Are you kidding me? I am able to run it directly from where snap put the binaries, but this is a lot of hassle for a text editor.

Last edited 3 years ago by foboz
6
Reply
Miljan Mitrovic
Miljan Mitrovic
4 years ago

Snap is trash. Its a security risk for any and all snaps which are not updated. If a library X has a security hole in v1.0 and its devs fix it in v1.1, what would you like better? A) Distro pushes v1.1 and breaks some application or B) Distro pushes v1.1 but you application still has a bundled v1.0 exposing you to vulnerability and giving you no option to fix and even no knowledge that the vulnerable library is on your system.
If you answer B you have no business being on Linux.

Snaps are a sick product of a limited mindset that only knows how to deal with containerization. A veritable return to 1980s and ROM cartridges.

15
Reply
julian
julian
2 years ago
Reply to  Miljan Mitrovic

The problem of dependency hell is well-known. Snap is new innovative packaging technology developed to address this problem. Other similar packaging methods are Flatpak and AppImage. Flatpak is just a packaging method but AppImage is more convenient. Even packaging as a Docker image works much better than Flatpak. From my experience, Snap is the best, Docker is more multi-platform, AppImage is the most convenient from a user’s perspective, and Flatpak is useless. If you aim for package independence, Snap is the best choice you can make.

-1
Reply
Giskard
Giskard
4 years ago

Cannot install snap in classic mode anymore.

data@ASUS-LAPTOP:$ snap install --classic notepadqq 
Warning: flag --classic ignored for strictly confined snap notepadqq

notepadqq 1.4.8 from Daniele Di Sarli (danieleds) installed
1
Reply
spacefiddle
spacefiddle
4 years ago

Nothing I did got the Snap install to recognize any printer.
Uninstall, install PPA, 10 seconds later run program, every network printer is available and ready.
I understand you have a small team, but Snap is not ready for production. By a long shot. It would be better to just say you can’t support every platform – and encourage others to become packagers – than to “recommend” something which breaks horribly for many people simply doesn’t work right.

13
Reply
Anon
Anon
5 years ago

this snap thing sucks, I have just installed it, notepad can not read 777 files, I can’t tun it as sudo. Really sucks. I delete it and install as PPA

13
Reply
puttyman
puttyman
5 years ago

“There are none for Debian, though. Or Ubuntu.” But there’s a package for Fedora and Arch (ಸ‿ಸ)

0
Reply
Scott
Scott
5 years ago

So I read Kyle Keen’s blog post. Unless I missed it, he totally left out the biggest issue with leaving it up to the Maintainers.. They usually only update packages for security fixes, not for feature additions (distribution policy).

This is why you get stuck with old versions of apps with distros like RedHat and Debian / Ubuntu.

Users want to run the latest version of your product. Not the 4 year old version because your distro wants to hold back some dependency.

SNAP fixes most of this. But beware, it’s a gauntlet of issues writing your YAML file. Theming and app icons come to mind.

0
Reply
Jason
Jason
5 years ago
Reply to  Scott

Yeah, the reason I ended up building from source is that Notepadqq just wasn’t using my theming settings and it looked like garbage, not to mention my non-snap build launches MUCH quicker than the snap version due to less levels of abstraction. It’s unfortunate the author has basically given up on his PPA because a lot of applications still distribute updates using them and are generally quite reliable, since they use the system-supplied package management tools. The author seems quite stubborn in his support for snap and doesn’t seem to think our concerns are worth anything. Oh well, at least the source builds fine.

2
Reply
bumbaaz
bumbaaz
5 years ago

I’d like to share my experience with snap+notepadqq.

I installed notepadqq using snap and the application was unusable. When saving a file i couldn’t browse in some directories (i saw /var but i couldn’t see /var/www, for example). Trying to open the “unaccessible” file from the command line, notepadqq opens an empty document…

Also, i experienced a problem similar to the one here: https://github.com/notepadqq/notepadqq/issues/797.

I uninstalled using: sudo snap remove notepadqq, then i installed through PPA. Everything works fine. Just saying… please keep up the great work, notepadqq is a great tool. I would reconsider suggesting snap, at least as long as the reliability is so shaky :)

Cheers to everyone

4
Reply
Daniel Di Sarli
Author
Daniel Di Sarli
5 years ago
Reply to  bumbaaz

Thanks. We’re working to provide additional installation methods

0
Reply
Scott
Scott
5 years ago
Reply to  bumbaaz

The /var folder you were in was a fictional one created by the SNAP environment. You would need to run the SNAP unconfined (aka classic) mode to edit files in your true /var/www folder.

I suggest a classic confinement SNAP (JetBrains does it for their IDE).

0
Reply
Peter
Peter
5 years ago

Dear developers

I used Notepadqq because I am used to Notepad++ but I won’t be using it anymore on Ubuntu as long as I can only install it with Snap on Ubuntu, without using questionable sources for the program. I have no bias in any way pro or con Snap, it simply doesn’t work as it is now because I have to wait more than 2 seconds (i5-750, 1333 MT/s DDR3, good SSD) before the program opens. That is unacceptable for a small text writer which does open fast on Arch. Snap is not mature yet, maybe that a recent CPU kind of masks the problems, my older CPU shows it immediately and obviously.

Kind Regards

12
Reply
fhw
fhw
5 years ago

The following packages have unmet dependencies:
snapd : Depends: systemd (>= 204-5ubuntu20.20) but it is not installable
E: Unable to correct problems, you have held broken packages.

so no snap or notepadqq for me.

1
Reply
tosi
tosi
5 years ago

I avoid snaps like a nondescript brown paper bag on fire on my porch just after the doorbell rang.

Why? Because just like the nondescript paper bag, there may be unwanted things inside when you try to stomp it out.

Canonical has been pushing through snaps payware as if it was open-source software without any indications that it might be such. It’s a deceptive and most unwelcome practice. I have nothing against payware, but I do despise the practive of deceit.

12
Reply
Scott
Scott
5 years ago
Reply to  tosi

And PPAs are better how? c’mon. One bad PPA on your system and it’s compromised. A non classic confined SNAP provides some protection although they are a lot of trouble getting setup.

And downloading a some-app.tar.gz from a website and running make install.. What did the installer do? Did you read every line of the install process? Blindly running sudo on anything is like giving somebody else your PIN to go get money out of your bank account for you.

That said, it is the confinement that prevented someone from seeing into /var/www. Get classic confinement (no confinement) and that problem goes away.

What are your thoughts on Flatpak?

0
Reply
Tom Atkinson
Tom Atkinson
3 years ago
Reply to  Scott

Ah yes, that reminds me of the old days. Download a million .tar.gz files and 90% of the time fail to compile for some unknown reason. I think the best thing about AppImage and I assume Snap is the ability to concurrently run the same app in different versions. But generally, I can see that using PPA’s is more efficient due to the shared libraries.

0
Reply
maverick74
maverick74
5 years ago

Why not AppImage?

10
Reply
Jason
Jason
5 years ago
Reply to  maverick74

Agreed on this. Snaps is a Canonical invention originally intended for Ubuntu, and while there seems to be some work in expanding its use for other distros…we’ve already have a distro-independent solution in the form of AppImage for quite some time. It’s quite sad it’s not more popular since it avoids the issue of a Ubuntu-specific release. I guess Canonical just have more marketing muscle and too many Linux devs aren’t aware of alternatives.

0
Reply
danieleds
Author
danieleds
5 years ago
Reply to  maverick74

We had AppImage, take a look here if you want to help bring it back: https://github.com/notepadqq/notepadqq/issues/817

0
Reply
Scott
Scott
5 years ago
Reply to  maverick74

AFAIK, AppImage doesn’t auto-update. On systems with infrequent Internet access, this can lead to apps with serious security issues being used.

0
Reply
na0341
na0341
3 years ago
Reply to  Scott

Well – everything has it’s costs. In short, AppImage:
» is a static binary
» can be directly executed (no install)
» allows the use of multiple versions of the same programm
» depends on system librarys (on those also installed on the build system (which therefore are considered to be basic))
» can be right – restricted (planned feature)

In my opinion it is good for development & testing use. But for everyday use I’d prefer to manually “install” it (copy to /opt/ & create launcher)¹.

@Scott Yes, but:
» we’re talking about a text editor
» AppImages can have internal updaters (or update checkers)

» If the AppImage Developer² get better support & attention – we’d most likely already have such features for AppImage

¹ Reference for the “installing” process: https://linux.palemoon.org/help/installation/
² Read more: https://de.wikipedia.org/wiki/AppImage

1
Reply