Announcement

Collapse
No announcement yet.

Ubuntu To Get Its Own Package Format, App Installer

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by oleid View Post
    At least GTK+ can't/shouldn't be linked statically.
    Because a Program ship his own dependency doest mean its static linked.
    Last edited by Nille; 05-08-2013, 01:51 PM.

    Comment


    • #17
      Originally posted by Nille View Post
      Because an Program ship his own dependency doest mean its static linked.
      Sure. I never stated that.

      Comment


      • #18
        Originally posted by TheOne View Post

        Look at windows, old executables of the win 95 still work on win 7/8,...
        Exe's are dangerous how many people owned a win 95-7/8 machine that was infected or compromised by downloading a exe of the web?

        I don't exactly care the format of the packages so much as long as the switch doesn't burn the distribution of Linux packages system we already have in place (as to a more download and open me package format).

        user space packages are a good idea for certain things that's for sure, especially the more that outside sources are supplying .debs and the likes.

        Comment


        • #19
          Originally posted by Ericg View Post
          Well the upside is... everything is self-contained. They're using static libs, not shared libs, so to take this package and use it on debian or arch or fedora should (in theory) mean just copying the folder to the other distro, and running it.
          Downside is 1000 copies of same library.

          Comment


          • #20
            Originally posted by nightmarex View Post
            Exe's are dangerous how many people owned a win 95-7/8 machine that was infected or compromised by downloading a exe of the web?
            What makes ELF executables more safe?

            Comment


            • #21
              Originally posted by LightBit View Post
              What makes ELF executables more safe?
              Its not Windows ... *scnr*

              Comment


              • #22
                Originally posted by LightBit View Post
                Downside is 1000 copies of same library.
                And in 1990 i'd agree...but this is 2013, storage is cheap. I can (and did) go out and get a 1TB external USB3.0 HDD for $75, so who cares? They're all being kept in their own app's folder so its not even like theyre all flooding /usr/lib

                Comment


                • #23
                  Originally posted by TheOne View Post
                  Look at windows, old executables of the win 95 still work on win 7/8, we don't have that flexibility on the linux world unless you recompile the whole world again. Even mac bundles are flexible enough.

                  It is true that applications will end larger in size since all of them will ship with it's own libraries but at least the developer has some more flexibility.

                  Anyway this decision has its pros and cons
                  This is fantasy - no, they don't. A LOT of win95 exes stop working on NT and later. A lot of XP executables do not run on vista and up.
                  The reality is "stable API", which means a MESS of libraries of different versions.
                  1st ms take on mess - do nothing - result: dll hell
                  2nd ms take on mess - prevent replacing system dlls - result: a lot of software does not run, many software just packages "dynamic libraries", that are actually locally placed.
                  3rd ms take on mess - for every application, create isolated library space, aka winsxs. Result: HUGE folder of mess dlls.

                  The mess cons:
                  No one knows when it breaks.
                  When ms adds something, it inevitably break others.
                  Due to statically compiled software nobody really cares, the whole security hell is right here.
                  Due to "universal" API, even old viruses work on newer systems.

                  Pros:
                  software MAY work on next patch, or maybe NOT.

                  I don't get Canonical here, the whole LSB is about creating proprietary applications - kinda like "I compile & obfuscate this crap one time, and then I want it to bring money, I don't care about how it works".

                  I smell Canonical is starting to lay fundament for unmantained-type proprietary in userspace here. : (

                  Originally posted by Ericg View Post
                  And in 1990 i'd agree...but this is 2013, storage is cheap. I can (and did) go out and get a 1TB external USB3.0 HDD for $75, so who cares? They're all being kept in their own app's folder so its not even like theyre all flooding /usr/lib
                  No its not, how much does 1TB SSD cost? Plus poluting the inode space is hardly improving any performance.
                  Why to keep them in own folder? For what reason? How about updating them? Or should they be left unupdated and buggy/insecure.
                  Last edited by brosis; 05-08-2013, 02:15 PM.

                  Comment


                  • #24
                    This move is actually pretty good. I really dislike Ubuntu so having Canonical detach their claws from Debian - which I use - is great news. Even better, since they are now, supposedly, alpha testing static linking, which isn't a terrible idea*, they'll might actually accomplish something useful and more importantly, be too busy to mess up anything else. Maybe they'll even stop that Mir nonsense.

                    *Static libs aren't a terrible idea. They have their pros and cons, but with modern hard-drives hitting the terabytes, it's mostly pros. Only problem is the security issues with deprecated libraries. But, with proper versioning (since dependencies are less of an issues and no longer take precedent), you really lose little to nothing.
                    When it comes to dynamic packaging, .debs are superior to .rpms on purely technical merits while arch's packaging is just superfluous. The problem is that .debs are hard to package and maintain properly so the developers always preferred rpms.

                    Of course, it's all talks and rumours right now. For all we know it's just some half lame hybrid monstrosity that interbreeds static and dynamic libraries; Solving nothing and adding yet another packaging system for devs to ignore.
                    Last edited by c117152; 05-08-2013, 02:13 PM. Reason: typos

                    Comment


                    • #25
                      They're not reinventing the package manager, they're reinventing something less interesting, and which already exists. It's called Steam.

                      Comment


                      • #26
                        Originally posted by frign View Post
                        Who didn't expect this? Most Ubuntu-.deb-packages aren't compatible with other Debian-distributions anyway, so it was just a matter of time for them to do their own bullshit.
                        It might be only one more symptom of the NIH-syndrome, but I consider this even a dangerous tactic which most Debian-developers already warned us about.
                        Try reading. Its obvious you have no idea what your talking about. Another failure of the public education system.
                        Last edited by dh04000; 05-08-2013, 02:18 PM.

                        Comment


                        • #27
                          Originally posted by Ericg View Post
                          And in 1990 i'd agree...but this is 2013, storage is cheap. I can (and did) go out and get a 1TB external USB3.0 HDD for $75, so who cares? They're all being kept in their own app's folder so its not even like theyre all flooding /usr/lib
                          Imagine you are developing software and you want to build packages and test them on as many OSes as you can (different distributions, x86, ARM, x86_64 ...). You would probably install them in virtual machine and I am pretty sure 1TB won't be enought.
                          And it's not only about storage. You have to update all copies, if vulnerability is found.

                          Comment


                          • #28
                            Originally posted by pankkake View Post
                            They're not reinventing the package manager, they're reinventing something less interesting, and which already exists. It's called Steam.
                            Or Apple's package management system.

                            Comment


                            • #29
                              I have no idea why people are getting thier panties in a bundle. This will apply to a very small subset of package on the ubuntu desktop and the phone/tablet. The post-release/after package freeze apps.

                              Use case with imaginary examples:

                              Say I'm developing an applications that uses dependency A and B. I use dependency A version 6 and dependency B version 3. Let's say I'm trageting my application to Ubuntu 12.04 and Ubuntu 13.04 post release. But these releases of Ubuntu have thier own version of dependencies.

                              Ubuntu 12.04: A6 and B2
                              Ubuntu 13.04: A7 and B3

                              My application could not work on either, and thus not be added to thier repo's post-release. Thus with the new package installer, I could provide the verisons of my dependencies in the installer and have my application work on both versions.


                              Dev wins, users wins. Stop whining.

                              Comment


                              • #30
                                Originally posted by c117152 View Post
                                When it comes to dynamic packaging, .debs are superior to .rpms on purely technical merits
                                Specific reasoning for this? Because I've only heard the opposite with developers citing the fact that doing delta-updates are almost impossible on debs while on rpms its very easy, as just one example.

                                Comment

                                Working...
                                X