Do you think ppa's are bad ?
Welcome, Guest.
“Theory and practice sometimes clash. And when that happens, theory loses. Every single time.” ― Linus Torvalds

Author Topic: Do you think ppa's are bad ?  (Read 2691 times)

Offline eronis

  • Full Member
  • ****
  • Posts: 139
Do you think ppa's are bad ?
« on: February 02, 2017, 05:07:04 PM »
What do you guys think about ppa's ? Are they insecure ? Or unreliable ?
The Linux philosophy is 'Laugh in the face of danger'. Oops. Wrong One. 'Do it yourself'. Yes, that's it. --Linus Torvalds

Offline Kalthrix

  • Staff Member
  • ********
  • Posts: 1295
Re: Do you think ppa's are bad ?
« Reply #1 on: February 02, 2017, 05:31:30 PM »
I've got to be honest, I have mixed feelings on PPA's. I can see why they would be good as it allows the community to essentially connect with individual repositories in order to download an application developed by a sole dev or team of devs. This allows for the application to be maintained separately instead of relying on the community as a whole (granted there is enough interest) to maintain the software. However, it has it's drawbacks. What would have been its strength in that it is a separate repository maintained by a team of devs is also its weakness. Typically, what ends up happening is that the developer(s) either slow down on development which may make the application or package incompatible with newer software (which is being released all the time), therefore making the application unreliable or flat out not work. Alternatively, the devs lose interest in the project and decide to abandon it altogether which brings me to my next point.

Unless you do some digging around to see whether a project is still active or not, you may not know at first glance whether or not a repository is still being maintained until you decide to attach it and try to install "x" application to find that it is missing dependencies or crashes only to find at a later time that it was discontinued. You don't see this on other distros such as Manjaro because the software is essentially maintained actively by the community or in-house by the Manjaro team. Same can be said for the Arch User Repository which essentially brings together what would have been in a number of different PPA's into a single library which is by far more convenient for the community and allow for ease of access and installation. Essentially, that is another gripe when it comes to PPA's is that they would have to be individually added in order to have access to different software, whereas all you would have to do from the standpoint of installing software from the AUR is to run Yaourt and basically download/buildwhatever software you are after all in one go instead of adding PPA's and then having to refresh repo list, then try to download and install "x" application.

I'm also sure there are security concerns with them as there are less visibility on individual PPA's which in turn makes it difficult to verify whether or not the software contained within "X" PPA is safe or malicious (granted there aren't many malicious programs on Linux), but they still exist. You would be surprised.

Offline CwF

  • Elite Member
  • *****
  • Posts: 421
Re: Do you think ppa's are bad ?
« Reply #2 on: March 06, 2017, 01:20:52 PM »
yes, they are a shot in the dark. I have digested content from a few ppa's and redid as a deb or just manually modded, so I adopt the upkeep. To have a ppa in sources.list is likely not a good idea.

Offline sapphire

  • Full Member
  • ****
  • Posts: 122
Re: Do you think ppa's are bad ?
« Reply #3 on: March 17, 2017, 03:29:37 AM »
The better question would be "Do you need PPA"
"Can you live on Ubuntu without add ppa like on Debian?"
If you can it's already answered yourself that you don't need.
If you can't then it's pointless to doubt ppa. I mean you need it
are you going to swallowing your pride with agony between demand vs so-called insecurity?

But there's one thing for sure PPA are bad for Debian making FrankenDebian that is. lol
« Last Edit: March 17, 2017, 08:11:14 AM by sapphire »
"Arch Way"?! All ways here are "My Ways!"

Offline gregorylock

  • Contributor
  • *******
  • Posts: 845
Re: Do you think ppa's are bad ?
« Reply #4 on: April 07, 2018, 09:43:08 PM »
I find myself using PPAs quite a bit.  I haven't had a whole lot of trouble with the one's I hook up to.  It's just that currently my distros don't have the software I need in the repos.  I know that simplescreen recorder is going to be added in the very near future to Linux Mint.  At least I think it will added to Linux Mint once it makes the switch to ubuntu 18.04.

Offline Spatry

  • Benevolent Dictator
  • Administrator - Sysop
  • **********
  • Posts: 5602
  • Cup of Linux Founder
    • Cup of Linux
Re: Do you think ppa's are bad ?
« Reply #5 on: April 08, 2018, 01:00:03 AM »
The only problem with PPA's is that they have a tendency to clutter much like those plastic shopping bags that never biodegrade! In principle the PPA is similar to adding a custom repository to an Arch distribution. Since Arch has the AUR, that pretty much negates the need for custom repos since everyone knows they can list their pkgbuilds there. When I used Ubuntu based distros, I would add PPA and forget about them... over time I would have a collection of PPA for software I tried but did not like and then I had a messy PPA list because I could not remember what programs came with each PPA...

Speaking of those non-biodegradable shopping bags... the path to HELL is lined with them up to a foot deep! I keep telling Mum that whenever she saves 30 bags after a trip from the grocery store!
Windows assumes the user is an idiot... Linux DEMANDS Proof!

Offline gregorylock

  • Contributor
  • *******
  • Posts: 845
Re: Re: Do you think ppa's are bad ?
« Reply #6 on: April 09, 2018, 09:51:36 AM »
The only problem with PPA's is that they have a tendency to clutter much like those plastic shopping bags that never biodegrade! In principle the PPA is similar to adding a custom repository to an Arch distribution. Since Arch has the AUR, that pretty much negates the need for custom repos since everyone knows they can list their pkgbuilds there. When I used Ubuntu based distros, I would add PPA and forget about them... over time I would have a collection of PPA for software I tried but did not like and then I had a messy PPA list because I could not remember what programs came with each PPA...

Speaking of those non-biodegradable shopping bags... the path to HELL is lined with them up to a foot deep! I keep telling Mum that whenever she saves 30 bags after a trip from the grocery store!

You like experimenting with software.  I don't do much experimentation.  Partly because I don't have time for it.  I agree that PPAs can clutter things up if your not careful.  I learned with kid3 that I couldn't have one PPA hooked up to my system or it would downgrade some files that kid3 required.  Fortunately I didn't like the program I was experimenting with anyways.  The program got the boot and the files got reset back to what they should be.  I'm hoping that more developers will start using snappy more.  I like the idea of software being self contained when I need to test.

Offline swarfendor437

  • Jr. Member
  • ***
  • Posts: 80
  • Not f'd:You won't find me on facebook/social media
Re: Do you think ppa's are bad ?
« Reply #7 on: April 14, 2020, 12:45:09 PM »
PPA's aren't all bad - it's just being able to learn the good from the bad. Personally there should be some room for PPA's but no room for snapd or flatpak. I just came across this interesting closed thread on manjaro's forum:
https://forum.manjaro.org/t/how-to-remove-completely-snap-flatpak-and-appimage-from-manjaro/92844/3
Iv'e used Feren OS with Cinnamon which uses flatpak and ended up with an almost unusable root partition as the flatpak.cache was filling it up with no way of removing it. I just recently tried Makulu Flash, now based on Ubuntu instead of Debian - I went to uninstall Google Chrome but it would not let me - said i needed a freedesktop account - I looked at removing snapd only to be warned it would take the whole system with it. My sentiment is with the poster on that closed manjaro thread. I have stated that if snapd in Ubuntu gets fed through to Zorin I will leave it and go to Fedora, only to realise that they use flatpak.
Why fix what ain't broke Canonical/fedora community? Synaptic is for me the best and simplest package manager to use. And don't get me started on systemd either - I've had to go through the whole rigmarole of sorting out my SoundBlaster Audigy RX with a fresh install of FerenOS x64 KDE Plasma 5.18 desktop. My current bugbear being simultaneous stream becoming the default sound module on every boot!