this post was submitted on 24 Nov 2023
1199 points (95.0% liked)

linuxmemes

21393 readers
1264 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS
     
    you are viewing a single comment's thread
    view the rest of the comments
    [–] gnuplusmatt@reddthat.com 21 points 1 year ago (4 children)

    winget install Google.Chrome

    Windows has a package manager like a big boy OS these days

    [–] puppy@lemmy.world 16 points 1 year ago (2 children)

    WinGet is an AppGet rip-off without even a mention of the original creator. I'm still salty about that.

    [–] redcalcium@lemmy.institute 14 points 1 year ago (1 children)

    Microsoft offers to buy out AppGet and had its developer join them, but then ghost him once they realized the dev is also Sonarr dev.

    [–] MNByChoice@midwest.social 2 points 1 year ago (1 children)

    Sorry is AptGet something other than Debian's "apt get"?

    [–] Corgisocks@programming.dev 5 points 1 year ago (1 children)

    AppGet was a package manager for windows.

    [–] Klear@lemmy.world 1 points 1 year ago (1 children)

    Are you the original creator?

    [–] puppy@lemmy.world 2 points 1 year ago

    Nah just thought he was treated very poorly by Microsoft.

    [–] slimarev92@lemmy.world 4 points 1 year ago (1 children)

    Yeah, but it's mid at best. Many apps open a GUI installer even with winget. Also updates for many apps don't work (if the app doesn't save its version properly in the registry).

    [–] Pantherina@feddit.de 4 points 1 year ago

    I mean its still Windows, they dont package anything thats the job of the apps.

    [–] Synthead@lemmy.world 2 points 1 year ago (2 children)
    [–] lemann@lemmy.one 4 points 1 year ago (1 children)

    I wonder how its packaged too, is winget firing off an MSI in the background with a silent flag?

    [–] slimarev92@lemmy.world 4 points 1 year ago* (last edited 1 year ago) (1 children)
    [–] Synthead@lemmy.world 3 points 1 year ago (1 children)

    Interesting. Not much of a package manager, then 🤔

    [–] DmMacniel@feddit.de 7 points 1 year ago (1 children)

    It downloads a package, it installs a package and then offers to remove that package. How is it not a package manager?

    [–] Synthead@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

    A package typically includes the program and its data inside the package. It's not just an install script. Imagine if Chrome's MSI installer was simply a wrapper that also downloaded the browser. Imagine if there was a vulnerability with this, and it downloaded and installed something else. Since the package didn't include the program files, it wouldn't be able to tell if they were genuine. It only fetched the MSI, which was a download that initially passed the expected checksum (if it even does that).

    Additionally, file lists help ensure that programs and packages don't conflict with one another. What if you wanted Chromium and Chrome at the same time. Can you do that? Simply wrapping an MSI doesn't guarantee that. Perhaps there are conditionals in an installer that includes a vendored library under some circumstances, which would make them conflict.

    What about package removals? Some programs leave a bunch of junk behind in their uninstaller. Typically, since packages very often contain their own files, they simply delete their files when they're being upgraded or removed. If a package manager puts full trust in an MSI to always be exactly correct, then it loses complete control over correctly managing file removals.

    I could go on and on, with more examples, but "run this binary installer" is the Wild West of putting software on your system. This is mostly the status quo on Windows, but this is a very poor standard. Other operating systems have solved this problem with proper packaging for decades.

    When building a package from sources, it makes sense to wrap installers, but then you produce a package that is typically distributed by a mirror. These packages would then by downloaded by you, and contain the source of truth that is trusted to be what it is and that it'll do what it's supposed to do without any doubts to consistency and security.

    [–] auf@lemmy.ml 2 points 1 year ago

    Either the community on GitHub, or someone inside Microsoft.

    You can find their repository here (I think most people here are not interested in it tho lol)

    I have packaged some software for winget back when I was still using Windows, and yes it runs msi ( or exe ) silently under the hood. Installation processes that are usually done on GUI are automated just like how Homebrew does.