But they're using NSWindow for more than just decorations right, it's used for all OS interaction. Whereas GTK would be needed *just* for decorations, while everything else can be handled by lower-lever interfaces - X calls or Wayland protocol calls or even KMS/GBM calls. And even GTK isn't actually needed if Mutter devs implement the xdg-decoration protocol.

You could use GTK/GDK for interactions too, in which you'd have the benefit of supporting anything GTK/GDK supports and wouldn't need to implement any display server protocols. As far as I understand though, GTK right now doesn't make this as easy (or performant) as Application Kit/Cocoa does though.

You could also directly talk to the Quartz compositor if you really wanted to, but I don't think that's recommended and it's a private API.

This is probably never going to happen, and it's equally politics and technical reasons as to why. Mutter has gone down the macOS route, that the compositor shouldn't be drawing parts of applications and that applications should interface via the native toolkit. Something like libdecoration might help though for applications that want to interface directly with the display server without linking GTK, which is a compromising solution.

Exactly! Sometimes they end up packaging pretty much the whole OS with the program in the AppImage... which results in a binary that is up to 3 times bigger than even their macOS counterparts (see LMMS).

I never thought they used FUSE for the mounting process...

Does it matter? Developers in macOS/Windows land also bundle those libraries with their apps, and nobody complains?...

Flatpak: Forced sandboxing
Snap: I'm not sure
AppImage: Can be sandboxed, but done by application
Windows executable: Same as AppImage
macOS bundle: Best choice. Can be sandboxed, done by system.

I wish they would go the macOS way...
Like, dropping the AppImage to some apps directory and that's it...

Not only it is a bad practice, but also is Average Joe-unfriendly. Who thought having to "make it executable" was a good idea?
I mean, any Windows user normally just downloads their app and runs it... like no need to "make it executable" or any of that stuff...


I really hate mentioning them, but I think Apple made the best application packaging scheme ever...

It means that, barring a buggy or badly designed viewer tool (I'm looking at you, MS Office macros), it's safe for an average Joe to just blindly double-click a file that was sent to them.

so they did https://github.com/AppImage/appimaged/
If I'm not mistaken appimaged looks for a default firejail profile and loads it if exists

and no, no FUSE were needed to mount squashfs last time I checked. That guy speaks gibberish
Usually the problem is not the AppImage but firejail profiles. If an app won't start with provided profile it's pita to figure out why.

And I like separation of concerns here - appimage for packaging and firejail for sandboxing. Both parts can be used independently.

Well macOS and Windows have stable ABIs (less so for macOS lately) and you can always be 100% sure what's going to be on a users system. If a Windows or mac app was shipping its own copy of OpenSSL, then yeh I would still think that's bad.

Yeh. Their entire system is set up and designed around it though.

I'm not speaking jiberish, https://github.com/AppImage/AppImageKit/wiki/FUSE literally states "AppImages require FUSE to run. Filesystem in Userspace (FUSE) is a system that lets non-root users mount filesystems."

So please take back your comment.

This my friends, is how ransomware was born.

sorry, I can't because
so ALL appimages I have are mounted as loop devices

You said FUSE wasn't needed to mount them, which it is unless you have a daemon running as root mounting them. You accused me of lying which I wasn't, you were just being rude.

me:

you:

I guess I made that up.