One of the strongest points of Linux is the package management. In 2025, the world of Linux package management is very varied, with several options available, each with their advantages and trade-offs over the others.

  • jagged_circle@feddit.nlEnglish
    47·
    1 day ago

    Shame they didn’t mention that homebrew is a security nightmare and will happily download maliciously modified code

    Edit: omg then the author claims flatpak is better for security?!? It has the same nightmare security issues.

    • Fonzie!@ttrpg.network
      12·
      1 day ago

      Shame they didn’t mention that homebrew is a security nightmare and will happily download maliciously modified code

      That’s so true, I was missing this part! With homebrew you’re at the mercy of whoever put the package out there, much like with installers (and nix to be fair)

      Edit: omg then the author claims flatpak is better for security?!? It has the same nightmare security issues.

      LMAO no‽ Flatpaks can be verified, and you can choose not to install unverified flatpaks (which you should!) They are also containerised pretty well by default, in case they’re malicious!

      • jagged_circle@feddit.nlEnglish
        2·
        19 hours ago

        Flatpaks can be verified. Compare that to apt packaged, which must be cryptographically signed.

        That’s why flatpak isnt secure. If you use it, you might end up running malicious code. Because, unlike most Linux repo package managers, it doesn’t require packages to be cryptographically verified as authentic.