|
On 06/16/2016 01:30 PM, Matthew Miller
wrote:
Definitely true for third party packages that currenly require pip/npm/rubygems/(curl | sh :), but you seem to be saying that Flatpack will be preferable even when there's an existing Fedora package. I think this needs to be well justified: security is a mixed bag (RPMs can have sandboxing via SELinux and otherwise, and containers/flatpacks complicate security updates), and other aspects also seem to have balancing pros and cons.On Thu, Jun 16, 2016 at 01:12:07PM -0400, Ben Rosser wrote:ship pip, npm, etc? Where I become uncomfortable, and the reason I chimed in on this thread initially, is with the idea that these new containerized packaging systems are in some way *superior* to traditional packaging. Or at least that's what I read between the lines of the proposal to allow upstreams to ask for their flatpaks or whatever to be shipped in place of RPMs.I think that once the full sandboxing / portal system is in place, there _will_ be a tangible reason to prefer Flatpak. |
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
