Notices by space monster boyfriend (itspomf@chitter.xyz)

@faoluin agreed, and I can't help but suspect that it stems from developers not wanting to maintain their own dependencies, since it's "so much easier" to just ship with what works.

Problem is, this means being reliant on the maintainer to handle vulnerabilities and updates, and based on my time in the software industry, that means your stuff might as well already be compromised.

So can someone explain why on earth everyone is moving to binary blobs for linux via flatpak/snap which just sounds like the hell of npm all over again?

Particularly when all distros already have built-in package managers which can resolve *and* maintain dependencies with very simply commands?

Because personally, "sandboxing" is a pretty thin excuse when it comes with significant caveats (and even more dependencies).