(I have been running an ungoogled-chromium for a while (ca. a year
ago?), however at that time their chrome wasn't extremely stable so I
gave up again. Does anybody have experience using it recently?)
(I have been running an ungoogled-chromium for a while (ca. a year
ago?), however at that time their chrome wasn't extremely stable so I
gave up again. Does anybody have experience using it recently?)
(Using chromium only as fallback browser if necessary):
Since the removal of chromium from Debian was announced I gave UngoogledChromium
on flatpak a try and it runs very stable so far.
Same here. And they are now following security updates closely (in the
past, there could lag two or three weeks behind). Flatpak compiles it
from source (while UngoogledChromium let contributors compile it and
publish the binary because GitHub CI does not allow such resource-heavy build).
On Tue, Dec 07, 2021 at 10:45:27PM +0100, Vincent Bernat wrote:
Flatpak compiles it
from source (while UngoogledChromium let contributors compile it and publish the binary because GitHub CI does not allow such resource-heavy build).
You mean th builds of the Flatpk stuff are not properly controlled? But instead uncontrolled done by contributors?
Flathub generally requires builds to be done on Flathub'sAre you sure about that? Is there a policy?
infrastructure, from source code if possible, in the same way Debian generally requires builds to be done on buildds, from source if
possible.
At least one package on Flathub is built on third-partyThe Flatpak package for the Signal desktop app is literally built by downloading and unpacking the binary deb from the vendor. https://github.com/flathub/org.signal.Signal/blob/master/org.signal.Signal.json
infrastructure
and directly contributed as binaries even though it is open-source.
The only example I'm aware of is Firefox, which is built by
Mozilla's CI and provided to Flathub as binaries.
I believe what Vincent meant is that the generic non-Flatpak binaries provided by the "Ungoogled Chromium" project are compiled on unknown
machines and require trusting their submitters, whereas the Flatpak
binaries provided by Flathub are compiled from the same source
code provided by the "Ungoogled Chromium" project, but compiled on
Flathub infrastructure.
❦ 7 December 2021 23:35 GMT, Simon McVittie:
I believe what Vincent meant is that the generic non-Flatpak binaries
provided by the "Ungoogled Chromium" project are compiled on unknown
machines and require trusting their submitters, whereas the Flatpak
binaries provided by Flathub are compiled from the same source
code provided by the "Ungoogled Chromium" project, but compiled on
Flathub infrastructure.
Yes.
On Tue, 2021-12-07 at 23:35 +0000, Simon McVittie wrote:
Flathub generally requires builds to be done on Flathub's
infrastructure, from source code if possible, in the same way Debian generally requires builds to be done on buildds, from source if
possible.
Are you sure about that? Is there a policy?
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 296 |
Nodes: | 16 (2 / 14) |
Uptime: | 82:17:05 |
Calls: | 6,658 |
Calls today: | 4 |
Files: | 12,203 |
Messages: | 5,333,425 |
Posted today: | 1 |