>Exactly the kind of projects that are likely not to release a new snap for every vulnerable library they are using.
You're conflating two separate problems. Just because a project doesn't have the resources to support all of the different packaging schemes doesn't mean it's not maintained. Rebuilding a snap or Docker container is a trivial exercise. As long as the project isn't abandoned it would take minimal effort to keep it up to date.
If these small projects can get out to the wider world then they have a chance of developing a community of users. It's that community that will motivate the developers to maintain and update their work. Should a project be abandoned, any vulnerabilities exposed over time are isolated from the larger system. That isolation is one of the main selling points of these things so, if that fails, we've got bigger problems.
Snaps, containers, or whatever could be very helpful for small projects that don't have a team of packaging gurus. There are hundreds of useful apps collecting dust on github or on the developer's hard drive because packaging requires too much expertise. There are four or five different packaging systems each with their own steep learning curve. Add to that the three major init systems to support and the effort to distribute your project can exceed the work it took to develop in the first place.
http://www.perfectpod.com/coll...
Been using these for years. The filter includes a top cover so no grounds or sediment get out. There's a spring in the bottom to compress the grounds so the brew isn't too weak. I've brewed maybe a thousand cups and the plastic holder is still like new. Just all-around good engineering.
Slashdot Mirror
>Exactly the kind of projects that are likely not to release a new snap for every vulnerable library they are using.
You're conflating two separate problems. Just because a project doesn't have the resources to support all of the different packaging schemes doesn't mean it's not maintained. Rebuilding a snap or Docker container is a trivial exercise. As long as the project isn't abandoned it would take minimal effort to keep it up to date. If these small projects can get out to the wider world then they have a chance of developing a community of users. It's that community that will motivate the developers to maintain and update their work. Should a project be abandoned, any vulnerabilities exposed over time are isolated from the larger system. That isolation is one of the main selling points of these things so, if that fails, we've got bigger problems.
Snaps, containers, or whatever could be very helpful for small projects that don't have a team of packaging gurus. There are hundreds of useful apps collecting dust on github or on the developer's hard drive because packaging requires too much expertise. There are four or five different packaging systems each with their own steep learning curve. Add to that the three major init systems to support and the effort to distribute your project can exceed the work it took to develop in the first place.
http://www.perfectpod.com/coll... Been using these for years. The filter includes a top cover so no grounds or sediment get out. There's a spring in the bottom to compress the grounds so the brew isn't too weak. I've brewed maybe a thousand cups and the plastic holder is still like new. Just all-around good engineering.