One of the strongest points of Linux is the package management. In 2025, the world of Linux package management is very varied, with several options available, each with their advantages and trade-offs over the others.

One of the strongest points of Linux is the package management. In 2025, the world of Linux package management is very varied, with several options available, each with their advantages and trade-offs over the others.

  • IngeniousRocks (They/She) @lemmy.dbzer0.com
    2·
    8 hours ago

    Ehhhh I disagree that package managers handle cleanup correctly, I’ve certainly had tons of dotfiles left in ~/ mucking things up when reinstalling apps, even those that have been purged by package managers.

    The package manager, much like the windows installer/uninstaller, relies on the developer to be responsible in declaring how the package is meant to be managed. If users have manual steps at installation, they will have manual steps at uninstallation as well.

  • Harold@feddit.nlEnglish
    121·
    16 hours ago

    Nix (and more specifically, NixOS) made me switch to Linux as my daily driver.

    I had been using Windows since 3.11 as my daily driver, MS DOS before that. This was for web browsing, gaming, and development. Linux was my sandbox on the side, and mostly server OS throughout the years.

    Goes to show how powerful packagemanagers can be, it made me make the full switch after ~30 years. I love how my OS is now idempotent/declarative.

    • Laser@feddit.org
      8·
      16 hours ago

      NixOS as the first Linux distro is an interesting choice, definitely not bad, but probably not what most people would go for

      • Harold@feddit.nlEnglish
        3·
        12 hours ago

        Oh it certainly wasn’t the first I have ever used.

        Debian, Ubuntu, Kali, and more.

        This is just the first one that has made me ‘want to make the shift’, so to speak.

        I specialize professionally in hyper automation of all sorts of things. Long time user of PowerShell, custom built C++/C#/Java backend services. More recently also utilizing Python and Rust.

        The declarative nature of NixOS (incl. Flakes, idempotent ❤️) is what I love about it. Although I am well aware it can be quite daunting for those that prefer imperative scripting, or even ClickOps.

  • Phoenixz@lemmy.ca
    19·
    22 hours ago

    Wow, something positive about Linux package managers?

    I’ve been hearing nothing but bitching and moaning for the past 10 years for no reason, to the point where I’m suspecting that this is Microsoft sponsoring a bunch of assholes to keep posting negative things about Linux.

    Package managers are awesome and always have been afaiac.

    • Omega@discuss.online
      2·
      18 hours ago

      These package managers are essentially the utopic vision of what apple and Microsoft wishes it could be

    • vga@sopuli.xyz
      1·
      16 hours ago

      Perhaps the message is changing now, after they have kind of caught up finally. How long did it take, 20 years?

  • LeFantome@programming.dev
    392·
    1 day ago

    Flatpak is literally installing a second Linux distribution on your machine, just without a kernel. All the dependencies right down to the C library are installed in the Flatpak environment. This why you can run a Glibc Flatpak on a musl distro.

    Microsoft could support Flatpak “natively” on Windows. It could use the same kernel and GUI glue that WSL uses but you have no need of specifying a distro or getting to the command-line. The experience could just be that you go into Flathub, install and remove apps, and everything would just work.

    Apple could do the same with macOS.

    If they did that, Flatpak could be a universal app distribution method on all three systems. Devs would only have to create and maintain a single version if they wanted.

    Microsoft will not do that of course. If it really was a brainlessly simple alternative application store, they could OS/2 themselves and loose control of the platform.

    Too bad though. It would be cool. No reason it could not be done independent of Microsoft of course but it would never be as popular if it was not built in.

  • dkc@lemmy.worldEnglish
    232·
    1 day ago

    In 2025, the package manager and frequency of updates are the only real differences between most distributions. I’ve been enjoying Flatpak for years now and hope it continues to build momentum. It offers the possibility of shared effort between distributions who depend on legions of volunteers constantly updating debs/rpms/whatever.

    It feels like one of the last hurdles to eliminate so much of the duplicated effort associated with all these distributions.

    • TerHu@lemm.eeEnglish
      2·
      4 hours ago

      i very much agree for graphical programs, though i feel like cli tools should partially be an exception. i don’t really want my tmux to be a flatpak i think 😅

  • Fonzie!@ttrpg.network
    4·
    1 day ago

    I’m just happy my boi nix got a shoutout.

    I love having a packages file and a lock file, both user-specific rather than system-wide, offering reproducibility, stability and a good, central place where I can see what I did to debug.

  • GalacticGrapefruit@lemmy.world
    351·
    2 days ago

    Don’t mind me, being a casual user since 2014 taking down notes as I’m reading the debates in the comments.

    But I finally found out why Steam kept crashing. Snap broke it. I forced it to run as a flatpak, and now it works exactly as intended. Literally what made me finally switch from Ubuntu to Mint.

    • nshibj@lemmy.world
      32·
      1 day ago

      Linux Mint is based on Ubuntu. Wouldn’t it be better to go for one of the distributions everything else is based on? Debian or Fedora?

      • razorozx@lemm.eeEnglish
        111·
        1 day ago

        Mint doesn’t natively shove down snap down your throat though 🙂

        • nshibj@lemmy.world
          4·
          1 day ago

          Good to know, thanks. I’m fairly new to Linux and reading that this or that distro is based in Ubuntu always makes me wonder how much they share (and why they don’t base those distros on Debian, being the mother of Ubuntu)

          • TerHu@lemm.eeEnglish
            1·
            4 hours ago

            having used a variety of distros, i can recommend linux mint. ubuntu used to put a lot of effort into keeping debian based distros very modern before it fell off and became something i really don’t like, and now mint has taken its place. mint takes from ubuntu what is an improvement/ modernisation over debian and strips out all the crap. mint therefore is a major, if not the driving, force that maintains modern snaps (with debian maintaining very very stable ones)

            so, mint is cool :D

        • Mike@lemm.ee
          3·
          1 day ago

          I thought Fedora didn’t either? That’s a Ubuntu exclusive I think (not sure!). In any case, its a couple lines on the terminal and it’s gone.

          • razorozx@lemm.eeEnglish
            1·
            9 hours ago

            Yeah, Ubuntu is the only culprit here. They sneakily swapped out apt with snap packages when trying to use apt. So while you think you’re using a package from apt, it’ll swap out to using Snap. Pretty scummy.

            Fedora is fine.

  • LordKitsuna@lemmy.world
    5210·
    2 days ago

    pacman is the best and I’ll stubbornly refuse to entertain any other opinion. It’s in my experience the least likely to just randomly rip the system to shreds. I don’t know if it has more through prechecks or what bit I’ve had debian and Fedora (apt and dnf) rip the system asunder trying to jump multiple major versions in an update of a system that hadn’t been online in a long time.

    I don’t care if jumping multiple releases at once “isn’t supported” it shouldn’t be that frail and arch will happily update something many years behind as long as you update the keyring.

    Even in the event your system somehow does get hosed you can fix almost everything by just chrooting in, grabbing the static pacman binary, and running “pacman -Qqn | pacman -S -” I’ve recovered systems that had the entire /bin wiped (lol oops moment with a script) and as far as i know apt and dnf have no equivalent easy redo all.

      • matcha_addict@lemy.lolEnglish
        31·
        16 hours ago

        Anyone looking for the best package manager needs to look only at portage/emerge and nix

    • Max-P@lemmy.max-p.me
      24·
      2 days ago

      Pacman just does a lot less work than apt, which keeps things simpler and more straightforward.

      Pacman is as close as it gets to just untar’ing the package to your system. It does have some install scripts but they do the bare minimum needed.

      Comparatively, Debian does a whole lot more under the hood. It’s got a whole configuration management thing that generates config files and stuff, which is all stuff that can go wrong especially if you overwrote it. Debian just assumes apt can log into your MySQL database for example, to update your tables after updating MySQL. If any of it goes wrong, the package is considered to have failed to install and you get stuck in a weird dependency hell. Pacman does nothing and assumes nothing, its only job is to put the files in the right place. If you want it to start, you start it. If you want to run post-upgrade, you got to do it yourself.

      Thus you can yank an Arch system 5 years into the future and if your configs are still valid or default, it just works. It’s technically doable with apt too but just so much more fragile. My Debian updates always fail because NGINX isn’t happy, Apache isn’t happy, MySQL isn’t happy, and that just results in apt getting real unhappy and stuck. And AFAIK there’s no easy way to gaslight it into thinking the package installed fine either.

      • Aatube@kbin.melroy.org
        13·
        2 days ago

        If you want to run post-upgrade, you got to do it yourself.

        That’s just wrong. Pacman has hooks, and easy hooks are one of the reasons Pacman is loved. In a normal weekly upgrade I see Pacman run over 30 hooks. I do not think simply not updating user-modified config files is just the bare minimum needed.

        I think this boils down to Arch’s philosophy: the users should know their system, and when something could break things, don’t assume things and do it automatically; have the user do it instead. Thus when shipping config updates to a user who had already changed their config, Arch does not overwrite the configs and instead ships the updated vanilla config with a .pacnew suffix. The user is expected to review such pacnews, a process that’s just like normal git merge conflicts when you use the pacdiff tool.

        • Max-P@lemmy.max-p.me
          8·
          2 days ago

          In that specific context I was still thinking about how you need to run mysql_upgrade after an update, not the regular post upgrade scripts. And Arch does keep those relatively simple. As I said, Arch won’t restart your database for you, and also won’t run mysql_upgrade because it also doesn’t preconfigure a user for itself to do that. And it also doesn’t initialize /var/lib/mysql for you either upon installation. Arch only does maintenance tasks like rebuild your font cache, create system users, reload systemd. And if those scripts fail, it just moves on, it’s your job to read the log and fix it. It doesn’t fail the package installation, it just tells you to go figure it out yourself.

          Debian distros will bounce your database and run the upgrade script for you, and if you use unattended upgrades it’ll even randomly bounce in the middle of the night because it pull a critical security update that probably don’t apply to you anyway. It’ll bail out mid dist-upgrade and leave you completely fucked, because it couldn’t restart a fucking database. It’s infuriating, I’ve even managed to get apt to be incapable of deleting a package (or reinstalling it)/because it wanted to run a pre-remove script that I had corrupted in a crash. Apt completely hosed, dpkg completely hosed, it was a pain in the ass.

          With the Arch philosophy I still need to fix my database, but at least the rest of my system gets updated perfectly and I can still use pacman to install the tools I need to fix the damn database. I have all those issues with Debian because apt tries to do way too fucking much for its own good.

          The Arch philosophy works. I can have that automated, if I asked for it and set up a hook for it.

      • Kajika@lemmy.ml
        313·
        2 days ago

        you have a very limited understanding of flatpack if you think you can use it to install your init system.

    • IsoKiero@sopuli.xyzEnglish
      153·
      2 days ago

      I have absolutely zero experience on pacman, but I could argue the very same with dpkg/apt with the same arguments. The Debian kind, not the abomination Ubuntu ships with today.

      as far as i know apt and dnf have no equivalent easy redo all

      It’s similarily possible (dpkg --get-selections, some sed/cut/awk wizardry to cut unnecessary stuff from the output, xargs to apt install --reinstall on that and you should be good to go, maybe there’s even a simpler way to achieve that) with Debian.

      But that’s just me. I’ve been with Debian for quite a while. Potato was released 2000, but I think I got my hands on it 2001/2002 and I’ve been a happy user since. And even if I’ve worked with pretty much any major distribution (RHEL, CentOS, SuSe, Ubuntu and even Slackware back in the day) around I still prefer Debian because that’s what I know and learned over the years on how to fix things if something goes sideways.

      • LordKitsuna@lemmy.world
        3·
        2 days ago

        I think the missing key there is the independent statically built binary for apt that does not depend on pretty much any part of the base system actually functioning. That’s what I couldn’t find, is there one and I just suck at Google?

        • IsoKiero@sopuli.xyzEnglish
          1·
          2 days ago

          I don’t think there’s one at least in official repositories. But if you’re missing libc6 one might argue that your system is not in any functional state anyways.

    • Aatube@kbin.melroy.org
      7·
      2 days ago

      Agreed. The normal pacman CLI does have a comparatively much higher learning curve though compared to e.g. APT. It’s not that hard to learn either but when you’re scrolling over a long-ass manpage, you do not immediately realize from the headers which whizz by in a flash that -S (alias for --sync) is for installing from repos, -Ss is for searching from repos, -S does not by itself “synchronize” with repos by pulling newest repo package metadata because well that’s not what we’re “synchronize”-ing with and you have to add the “y” flag, -Su (remember to add “y”!) is for upgrading all packages instead of -U (alias for --upgrade), and -U is for installing a local package. Compare that to the APT/dpkg system’s apt install, apt search, apt update, apt upgrade, and dpkg -i.

      Admittedly APT does need one to get behind the fact that there are different commands and that “update” and “upgrade” are different, but that’s way less to remember (especially since apt is meant to be the interface for everything a user should do) compared to remembering pacman’s interesting definitions of database, query, sync, upgrade, and maybe files, while the only definition unlikely to be guessed with APT IIRC is update vs upgrade. You’re far more likely to need a pacman cheatsheet than an apt cheatsheet.

      But in the end, let’s all love libalpm, and the actual code behind that pacman interface.

      • vinnymac@lemmy.world
        3·
        2 days ago

        Pacman has many of the same issues git does. The DX is lacking, but all of the tools you need are there, and it’s reliable despite the lackluster experience.

      • nanook@friendica.eskimo.com
        2·
        2 days ago

        @Aatube @LordKitsuna @Tea There are some things I’d like pacman to do automagically that it doesn’t, like update the list of archives when they change. Tried to install a package the other day and it kept throwing 404 errors because I had a stale list of archive sites. It didn’t tell me that, it didn’t fix it automatically.

    • Mike@lemm.ee
      21·
      1 day ago

      I think because other distros don’t have half the issues Arch has, pacman isn’t as important in keeping the system “stable”.

      But I understand why someone using Arch would be fascinated by pacman.

  • pineapple@lemmy.mlEnglish
    11·
    2 days ago

    Thanks for posting that was really informative i was always intending on learning more about package managers at some point. What I wonder is when you want a package and it’s available as both a dnf package and a flatpack which one should you chose?

      • pineapple@lemmy.mlEnglish
        3·
        1 day ago

        Appimmages seam a lot like reverting to the old way of downloading packages like the installers you see in Windows and macos are appimages somehow better or different?

      • BaconIsAVeg@lemmy.mlEnglish
        43·
        22 hours ago

        Native, Containers, Appimages. Flatpak not in a million years.

        I really don’t know how to feel about all the Mint/flatpak supporters. It feels like a swarm of Windows refugees that have no interest in learning about the existing culture.

        Flatpaks, Gnome, KDE, they’re all just bloat. Back in the 90’s, Unix/BSD/Linux were everything that Windows wasn’t. Fast, stable, infinitely flexible. I cherished grepping for Exim config settings in /etc rather than searching through 250 management console tabs for MS Exchange.

        I run Arch and nearly everything I need is available as a package or in the AUR, except for the real niche apps that I can grab via cargo/pip/npm/podman. Occasionally however I find some app I’m interested in and they only support Ubuntu or Flatpak, and I feel like it’s getting worse so it’s not like I can just ignore it.

        • vga@sopuli.xyz
          31·
          16 hours ago

          I’ve been using Linux (also Arch, several years, happily!) since 1996 and for a long time I’ve wondered why every software I run gets access to every file I have.

          Flatpak is one way to fix that.

          is available as a package or in the AUR

          Oh okay, I see. You don’t perhaps care about programs reading the files of other programs. Well, that’s fine, everybody has their own threat models.

        • cyphear@lemm.eeEnglish
          92·
          22 hours ago

          Ah, typical Arch user response. “Everything is bloat. Stop having fun.” If it works for somebody else, let them. I get where you’re coming from, needlessly adding things because you can, leads to enshittification. But, trying new ways of doing things is the whole point. If it works and the majority of people use it then it succeeded. Bloat or not, if it gets new users to switch then it’s a net positive. Plus, Gentoo>Arch. If you don’t use custom flags and debloat the kernel you’re argument is invalid.

          • BaconIsAVeg@lemmy.mlEnglish
            2·
            18 hours ago

            If it works for somebody else, let them.

            If it was just another method of distribution I wouldn’t care. When it becomes the only or preferred method, then I care.

            If market share is your only metric for success, then I don’t know what to say. Look at the amount of threads/people stating “this basic thing didn’t work so it had to be the distros, switching distros solved my problem rather than trying to diagnose it”. Your idea of a “net positive” is a group of computer-illiterate Windows users who are now computer-illiterate Linux users, congratulations.

            And Gentoo? I remember drobbins from when we were on the Stampede Linux team and he was a dick then, apparently he still is. I wouldn’t touch Gentoo with a 10 foot pole.

            • cyphear@lemm.eeEnglish
              3·
              17 hours ago

              There are different types of users. Those who want something to work out of the box and those who like to put in the work to make the os into something personal. Usually, at least with the people I’ve come across, if you give them something the “works” but if they can tinker and make it better they’d learn. Now, not everybody is like that. Some just want to browse the Internet and play games. Flatpak, while not perfect, is a solution to a problem. Not everybody wants to adjust config files and/or configure wine bottles for every game.

              As for your comment about drobbins… I can’t argue. The greatest thing about Linux is the freedom to use what ever distro works for your needs. If switching from one because it doesn’t do what you want, by all means, switch. But, if you are more computer literate and like to learn about how the os actually works; it doesn’t matter which distro, you can figure out how to fix the problem and contribute to the community so others can fix it too.

  • vermaterc@lemmy.ml
    20·
    2 days ago

    Pretty good article, went into some technical stuff, which surprised me as in Linux world I’m used to articles discussing changes in wallpapers between different distro releases :D

    • Onno (VK6FLAB)@lemmy.radio
      3·
      2 days ago

      Wallpaper, yeah, there’s a lot of that going around. The main feature discussed with the recent new release of apt discussed colour as the primary new feature. No mention of any actual substantive changes or reference to the impact on apt-get et al., or even a link to the detailed change log.

  • jagged_circle@feddit.nlEnglish
    47·
    1 day ago

    Shame they didn’t mention that homebrew is a security nightmare and will happily download maliciously modified code

    Edit: omg then the author claims flatpak is better for security?!? It has the same nightmare security issues.

    • Fonzie!@ttrpg.network
      12·
      1 day ago

      Shame they didn’t mention that homebrew is a security nightmare and will happily download maliciously modified code

      That’s so true, I was missing this part! With homebrew you’re at the mercy of whoever put the package out there, much like with installers (and nix to be fair)

      Edit: omg then the author claims flatpak is better for security?!? It has the same nightmare security issues.

      LMAO no‽ Flatpaks can be verified, and you can choose not to install unverified flatpaks (which you should!) They are also containerised pretty well by default, in case they’re malicious!

      • jagged_circle@feddit.nlEnglish
        2·
        19 hours ago

        Flatpaks can be verified. Compare that to apt packaged, which must be cryptographically signed.

        That’s why flatpak isnt secure. If you use it, you might end up running malicious code. Because, unlike most Linux repo package managers, it doesn’t require packages to be cryptographically verified as authentic.

  • kixik@lemmy.ml
    1214·
    2 days ago

    I’ve tried in the past flatpak packages, they are terrible in many senses the proponent (vast majority AFAIK) don’t say, among them:

    • They create huge static binaries
    • One gets many libraries embedded in the static libraries or local static libs to the package which are often repeated among many static binaries, even the same version of them. This is totally avoided when building against dynamic native libraries.
    • When installing a pletora of static dependencies for a package, lets say liri, a bunch of the stuff it requires might already bi installed natively in your system, but they need the static deps locally part of the package.
    • Care must be applied, there are statistics available about abuse on vulnerabilities infection on pypi, npm and so on, this no different on these packagers repos/hubs.

    Good that they provide an alternative way to install packages not available in your distro repos, but for that user repositories building against native libraries are a much better option, like AUR in the case of Arch, and even their binary packages coming from other distros or from upstream might be even better than those universal static binaries providers.

    There are political aspects involved in the past claim from the proponents, and it’s that in their view gnu+linux echo-system should become like the windows one, where everyone company or org (to them doesn’t matter) should be able to provide their binary packages, and then there’s no reason to think of anyone being able to build their staff.

    There’s a tendency actually on providers on those hubs, to ignore problems on people who tries to build their stuff on their own, claiming they only support those universal packages. Which to me it’s dangerous, since it goes in detriment to the ability to build and distribute the software, which might not be due to licenses, but rather practical reasons. This might actually be against the licenses they use, but now a day who cares, right, it’s available on that packager repo…

    Lastly one argument provided in favor of the apps coming from those universal packages is sandboxing. But there’s firejail which can be install on most gnu+linux distributions, and comes with profiles for a pletora of apps, and if sandboxing is not enough, it can easily be combined with apparmor, or if you prefer selinux might be used… No need for those universal packages to have a sandboxed experience.

    One final note, so far gnu+linux has been characterized by having a diversity, which is good, that diversity offers people options to choose from, and a lot of different solutions for different purposes. Not so long ago the claim was that it was not good, that meant fragmentation, and fragmentation is bad for adoption and maintenance. I see it the other way around, this diversity allows for choosing for what aligns better with the user intends, like easy to use, or rolling release, or as vanila as possible, or as up to date as possible, or as hardened as possible, etc, etc. Systemd is another example of this universalization intended. Perhaps some distros prefer to be a shell for systemd and get packages just from universal packages, that’s bad news to me.

    Of course having universal packagers present an oportunity for corps and orgs to also provide stuff on the gnu+linux platform, but in my mind the best would be for them to offer free/libre and open source software, that would build on any system and be provided by any packager that wants to offer it. Though I believe that to be too idealistic perhaps. Jeje.

    • LeFantome@programming.dev
      6·
      1 day ago

      To understand how to interpret these complaints, we need to understand that Flatpak works by essentially installing a second set of libraries for your apps to run on. The apps run in a container (much like Docker) on top of these libraries. Flatpak uses the kernel and display server from your main distro but otherwise Flatpak is like a second distro unto itself.

      So, if you only install a Flatpak app or two, it is very true that they will require quite a large number of support libraries to run (just like running one app on your distro is more distro than app space wise). However, as you add more apps, they they resuse the libraries that the first apps installed.

      Because Flatpak installs all its own support libraries, the apps run the same on all distros (which is the point).

      So, Flatapak does duplicate the libraries on your system out of necessity. Because your Flatpak apps does not use any of the libraries from your host system. However, they are only installed once inside the Flatpak environment.

      The comments about vulnerabilities are neither here nor there. You have to trust your distro. You have to trust Flatpak (as a second distro). Both are subject to vulnerabilities and supply chain attacks but neither more than the other. Flatpaks are technically after as the container environment they run in “sandboxes” your Flatpak apps. In practice though, they require enough permissions that the sandbox is trivial to escape. So not much difference.

    • chunkystyles@sopuli.xyzEnglish
      8·
      1 day ago

      There’s a good deal of misinformation here. The main part being disk space. While it is true that flatpak apps will take up more space, it’s not nearly as bad as you think it is. There is a lot of really good optimization going on under the hood that you don’t see. Dependencies are de duplicated. I’m no expert on it, but I believe that dependencies also have delta changes from one version to the next.

      Regarding apps not supporting building of the source, you should get over that or do the work of supporting it yourself. Open source is a hard, usually thankless job.

      • kixik@lemmy.ml
        11·
        23 hours ago

        I installed liri-shell, and some other apps some time back, and totally disliked the experience. Too many duplicated stuff, which was totally unnecessary. While I can, I void universal packagers.

        I’m not complaining about open source, I’ve been using FLOSS for so many years now. The thing with developers only supporting universal packages distributed binaries is that the build recipes might be too tight to them, or not explicitly exposing all dependencies, and several other things. I have no issues building and installing software. So that’s not it. All I said was that to me closing bugs because not using the universal package supported is sort of crazy, being open source and supposedly being able to build and distribute. I didn’t say I couldn’t support myself.

    • Ashley@lemmy.caEnglish
      111·
      2 days ago

      cons:

      • dependencies

      we get it and don’t care. they’re convenient and work well.

      • kixik@lemmy.ml
        2·
        23 hours ago

        I know most don’t care. I initially stated most people don’t agree with me. This is just my take on universal packages in general. I really like and appreciate the typical shared libraries native to most distros. It’s OK we disagree, I only hope we don’t end up with empty shells with systemd and everything else on app stores…