I know sandboxing and bundling are different terms.

What if I really really do not want to sandbox my app?

I can't believe 10 users think that "recompiling" and "accepting the API breakage" is the right way. Wow.

Please tell me how in the freaking world can a "normal human being" (who doesn't know how to program, or even run make) fix code that is broken due to API breakage.

I'll counter your question with one of my own. Why would you even care if it was sandboxed or not? It's transparent to you. That's like worrying about the compression algorithm the Linux kernel is using.

You misunderstand what I meant by "universal". I meant one source of all packages on a system. Yes, you can still manually compile and install packages, or install them from binary blobs, but I'd argue in a well functioning well set up system ONLY packages handled by the package manager in the system, which keeps them up to date and patched should be used. All software on a system, one package manager.

Also, did I mention that the packages and package managers themselves quite often break? These large volumes of packages are maintained by volunteers, and if one slips up, it can cause dependency conflict nightmares. Or what happens if one goes rogue and inserts a package that installs an application with a back door? It has happened.[/quote]

No one is saying Apt or any other package manager is perfect. And yes, I understand things are a lot more convenient for developers if they can use one binary blob including all dependencies for all flavors of linux. I'd argue that the downsides to this type of distribution model FAR outweigh the minor convenience benefits. it's giving up a lot of what makes Linux great in exchange for some minor convenience for developers. No thanks.

I disagree. I'd argue this is a leap backwards in efficiency (now you are going to duplicate dependencies for every installed package) as well as for security. Now we have to trust individual package maintainers to include the latest patched dependencies in their packages rather than having the system keep track of and update dependencies system wide when needed.

And yes. SystemD was also a huge leap backwards. As is Netplan. And Wayland.

Just give me a eternally maintained version of Ubuntu Server Edition 12.04 LTS, and I'll be much happier. Don't mess with perfection. Upstart, IF up/down, Apt, no GUI tools to mess with. Perfect.

One reason: filesystem access. Please tell me if it is possible to have full filesystem access from my sandboxed app's Open File dialog.

Flatpak has this "Portals" thing, but no, I mean, direct filesystem access.

Snaps have been able to share libraries for years now. For instance, if you want, you can use the gnome-3-28-1804 snap as the Gnome runtime for your app.

This has not been true since 2015. Snapd have supported shared dependencies for years now. The problem is that people just keeps repeating mantras as if nothing in the software world ever changes.

This is exactly what Snapd is. A snap is a squashfs which can either contain all its libraries or use libraries from another snap for shared dependencies. You can have several versions of Gnome, for instance and you can install several copies of the same app of the same version of different versions.

Oh thanks for letting me know! So I assume updates to the calculator on ubuntu don't need to download 200mb anymore? That's nice

I wouldn't have to, no. It is the packager of the app/snap who decides whether to use shared dependencies or to bundle them. Snapd is still a young system and it still has a ways to go, but unlike Flatpak and AppImage, it is designed to be a full package management system and is used as such on Ubuntu Core.