You can update as often as you like, but that does not ensure users will get that update, nor does traditional packaging make it safe to install the update (no rollbacks, maintainer scripts run as root and have full access to the filesystem, library mismatches, etc).
I'm all for debs and rpms, but they seem best suited to providing the base system.
Snapcraft (https://snapcraft.io) | Senior Software Engineer | REMOTE | Full time
The Snapcraft team at Canonical (Ubuntu) are trying to make it easy to deliver app updates to all Linux-based cloud, IoT, and desktop systems safely (confinement, rollbacks) and automatically.
We're motivated by making developers' lives easier. We want to see people spend time on what makes their app unique and interesting, not on packaging. We also understand that developers currently face an impossible choice between few updates to lower the risk of breakage and frequent updates to lower the risk of compromise.
The open position is for a Senior Software Engineer. We want someone with years of war stories building developer tools to help re-architect the core of Snapcraft (https://github.com/snapcore/snapcraft). It needs to integrate deep into Python, Node, Ruby, Electron, and others so that releasing your app for tens of millions of Linux users is a natural extension of setup.py or npm run.
I work for Canonical, but I also share maintainership of some snaps. From an automatic email I received recently:
“A scan of this snap shows that it was built with packages from the Ubuntu archive that have since received security updates. The following lists new USNs for affected binary packages in each snap revision:
…
Simply rebuilding the snap will pull in the new security updates and resolve this. If your snap also contains vendored code, now might be a good time to review it for any needed updates.“
Yes, you don’t get that library update everywhere all at once, but this gives each vendor a chance to make sure that update actually works with their app.
Canonical’s Snapcraft (https://snapcraft.io) makes it possible to deliver app updates to all of Linux automatically, eliminating the long tail of supported releases and complex install instructions.
With thousands of applications on the platform from over a thousand developers, including well-recognised names like Spotify, Slack, and Microsoft, the Snapcraft team’s mission is to uphold a high bar of quality as well as predictable, intuitive behaviour.
We are looking for an experienced software engineer with background in developer tools to join our globally-distributed, home-based team.
Sincerely curious why you think a squashfs of the app contents (without any additional operating system bits) running under seccomp and apparmor is a hack? What do you think is the ideal solution?
It's packaging and delivery for Linux desktop, server, and IoT apps. As elsen mentioned, updates happen automatically and roll back if unsuccessful. Automated review covers most cases and the format is simple yaml, so you can quickly push something up that you can install from anywhere.
We are seeking an experienced Developer Advocate to join a small team helping developers get up and running with the Snapcraft platform for Linux application delivery (https://snapcraft.io) and Ubuntu Core, the optimised version of Ubuntu for IoT (https://ubuntu.com/core).
The key challenge of the role is improving the onboarding experience of snapcraft.io. Sample activities include writing guided material for popular languages and frameworks, running email campaigns, and architecting documentation.
Strong technical writing skills are a must. Candidates familiar with the needs and terminology of the popular language communities will be preferred.
Canonical | Developer Advocate | Work from home | Full-time
I'm looking for an experienced Developer Advocate to join a globally-distributed team driving advocacy for Snapcraft (https://snapcraft.io) and the optimised version of Ubuntu for IoT (https://ubuntu.com/core).
You can quickly piece together a snapcraft.yaml, push it to GitHub, and turn on auto builds and publication (https://build.snapcraft.io). Then anyone can install your package with a single command - no PPA/repo needed.
This is exactly right. Debs, snaps, and flatpaks will happily coexist. The upstream gets to choose which works best for them while still supporting users of all distros.
I think snaps + Debian stable could be that solution. You get the stability of Debian at the system level with the reliability of app updates from snaps.
Hi, Evan from the Snapcraft team here. We're really excited to launch https://build.snapcraft.io today. It'll automatically build and publish your software every time you push a commit to GitHub.
You can then promote any build as a release, installable on the tens of millions of Linux systems that already support snaps.
We're growing the Robotics team at Canonical (the company behind Ubuntu):
* Robotics Engineer: https://boards.greenhouse.io/canonical/jobs/1535166
* Robotics Security Engineer: https://boards.greenhouse.io/canonical/jobs/1550997
* Robotics Developer Advocate: https://boards.greenhouse.io/canonical/jobs/1541376