• ghariksforge@lemmy.world
    link
    fedilink
    arrow-up
    39
    arrow-down
    1
    ·
    1 year ago

    I admit AUR was a huge reason why I made the move to Arch. But with Flatpak gaining more and more traction, the benefits of AUR are shrinking fast.

    • iusearchbtw@lemmy.sdf.org
      link
      fedilink
      arrow-up
      18
      ·
      1 year ago

      The AUR still has a lot of niche software that hasn’t been Flatpakked, but yeah. Flatpaks are way more convenient, especially for large software where AUR compilation can take a long time.

      • methodicalaspect@midwest.social
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Agreed. DaVinci Resolve Studio and Blackmagic hardware drivers are examples of that kind of niche software that I use on a regular basis. The only supported route for that stuff is RHEL/CentOS, and those don’t seem particularly well-suited to my main machine’s other purpose, which is games. If someone’s already done the legwork to solve the problem for Arch, and the build files check out, why reinvent the wheel?

        Additionally, it’s the only distro I could get Resolve Studio working on with an AMD GPU consistently.

        For the most part, though, the official repos and Flathub give me what I need.

      • methodicalaspect@midwest.social
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        Agreed. DaVinci Resolve Studio and Blackmagic hardware drivers are examples of that kind of niche software that I use on a regular basis. The only supported route for that stuff is RHEL/CentOS, and those don’t seem particularly well-suited to my main machine’s other purpose, which is games. If someone’s already done the legwork to solve the problem for Arch, and the build files check out, why reinvent the wheel?

        Additionally, it’s the only distro I could get Resolve Studio working on with an AMD GPU consistently.

        For the most part, though, the official repos and Flathub give me what I need.

    • Luminance6716@lemmy.one
      link
      fedilink
      arrow-up
      6
      arrow-down
      1
      ·
      1 year ago

      I do really like AUR, but agree Flatpak is a good alternative. I can’t stand snap, snap packages just feel slower.

    • Don't Ask My Name@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Main reason I like the AUR is for really niche packages that aren’t in any main repos. Smaller github projects, forks of main projects that fix bugs, basically anything that you would otherwise have to compile from source is on the AUR. And while you still might have to compile it, it’s all setup and managed for you, which I really like.

    • constantokra@lemmy.one
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I tried arch and got rid of it after a couple months because of the aur. Do people just not check out what they’re installing? Every time I wanted a new software i’d have to check it out to make sure it was legit, and every time I updated i’d have to check the diffs to make sure it was still legit. Otherwise, who knows what you’re actually installing.

      • ghariksforge@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        you don’t have to use AUR if you don’t want to.

        Often the AUR file is very short and just a link to a repo.

      • Ashley@lemmy.ca
        link
        fedilink
        arrow-up
        9
        ·
        1 year ago

        Chatgpt didn’t do a great job of contrasting them. Flatpak is also transparent

          • LoudWaterHombre@lemmy.dbzer0.com
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Flatpak acts like its virtualizing the applications, AUR shipped binaries are build by trusted arch users. Those eco systems operate on totally different levels, there are (more) audits in AUR.

            Flatpak or god forbid even Snap are fucked up software distribution platforms you should only use as last resort and when the software you are trying to get is not available on your OS repository/package manager and should be simply avoided.

            • CrypticCoffee@lemm.ee
              link
              fedilink
              arrow-up
              0
              ·
              1 year ago

              Ah, it’s subjective. You trust AUR users rather than flatpak users. Flatpak and snap are hardly comparable. The flaws of Snap are not the flaws of Flatpak. You also prefer binaries to sandboxed apps. You’re old school?

              • LoudWaterHombre@lemmy.dbzer0.com
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                It is not subjective. Its not any AUR user, there are big streams tested especially for that certain system by trusted people before releasing.

                And for the record, your sandboxed apps are also binaries and to set it straight, flatpak is mostly not really virtualizing your app. It’s complete garbage, have a look at how flatpak achieves this “virtualization” and how it’s implemented in 9 out of 10 flatpaks.

  • unix_joe@lemmy.sdf.org
    link
    fedilink
    arrow-up
    26
    arrow-down
    4
    ·
    1 year ago

    The setup is kind of a kind of a logical fallacy here. More people are using Debian and RPM based distributions than Arch Linux. That being said:

    Arch Linux has the AUR because at the time it was developed, the standards for distributing software on Linux were either RPM or DEB repositories. AUR was a necessity because one could get software on those distributions from the official vendor, but nobody was supporting Arch Linux. So it was a stopgap, an equalizer for one outlier platform.

    It’s hardly the first such repository: FreeBSD ports and NetBSD pkgsrc predate the AUR by over a decade. Slackpkg predates AUR by a couple of years as well, though possibly not slapt-get. Gentoo has portage. Anyway, they took an idea that was already well-established, and catered it to a distribution that had fewer software options than major distributions.

    These days it’s still the same scenario: a placeholder, to equalize what’s available for Arch Linux users versus other distributions.

    People use Arch because it is a rolling release with a well-documented wiki. AUR is a nice perk, but hardly the main reason that people are using Arch Linux, given that other similar systems have existed for older distributions and operating systems for longer.

    • Nayviler@lemmy.ca
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      I don’t believe the setup is a fallacy, the AUR is one of the main reasons I use Arch. Sure, other distros may have similar systems in place, but the number of packages available on these systems just doesn’t compare. I did a brief amount of research, according to the FreeBSD manual, there are “over 30,000” ports available. In comparison, there are over 90,000 packages available on the AUR, and all of those are in addition to the ~13,000 packages in the official Arch repositories. If I want to obtain a piece of software, even if it isn’t in the arch repos, odds are, someone has already gone through the trouble of figuring out how to build/package it, and has added the PKGBUILD to the AUR.

      This way of doing things is so much more elegant compared to how things are done on Debian or Red Hat-derived distros, where the solution to the problem of a piece of software not being in the official repos is to either (1) scour the internet and try to find if the developer maintains a repo for your distro, (2) look to see if a third party has packaged the software for your distro, and hope and pray that they maintain it, or (3), compile the package yourself, after manually hunting down all the various libraries the application needs, determining what they’re packaged as for your particular distro. The third solution doesn’t handle updates at all, unless the application’s developer has built-in an update checker into it.

      Things are getting better as snaps and flatpaks gain popularity, but both of those systems have lots of issues of their own, and arguably aren’t anywhere near as good as a proper native package for your distro. Flatpaks don’t really work for CLI tools. Snaps are stupidly slow. Both snaps and flatpaks still struggle with theming. Applications installed with either take up way more space than their natively-packaged equivalents.

      • MischievousTomato@lemdro.id
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        Things are getting better as snaps and flatpaks gain popularity, but both of those systems have lots of issues of their own, and arguably aren’t anywhere near as good as a proper native package for your distro. Flatpaks don’t really work for CLI tools. Snaps are stupidly slow. Both snaps and flatpaks still struggle with theming. Applications installed with either take up way more space than their natively-packaged equivalents.

        Flatpaks would beat native packages if they didn’t have a trillion papercuts and issues. I’m on NixOS because I want to avoid using flatpak.

          • MischievousTomato@lemdro.id
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            I dont have links in hand, but I remember the flatpak devs saying they targeted/care about desktop gui apps. It’s one of the reasons why I won’t use flatpaks anytime soon if ever

      • atomkarinca@lemmygrad.ml
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        1 year ago

        quantity doesn’t always mean quality and when the subject is aur, i wouldn’t count that as a metric. there are lots of orphaned packages, packages that have their source / binary / git versions, older libraries etc.

        it USED TO be a nice repository, i don’t why. but it’s one of the main reasons i’m keeping away from arch because i cannot trust those packages anymore.

      • unix_joe@lemmy.sdf.org
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Fair arguments. The AUR is huge compared to the operating systems that inspired it (no idea how packages/metrics are counted between different operating systems but it’s safe to say that more packages exist for Linux than in the FreeBSD realm), and it solves a problem that the Debian/Red Hat distributions are being faced with now that Flatpaks are essentially another packaging system ON TOP of whatever they have used for decades.

    • ycnz@lemmy.nz
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Yeah, the Arch Wiki is incredible, even as a non-Arch user, it’s such a valuable source of knowledge.

  • JustADirtyLurker@lemmy.ml
    link
    fedilink
    arrow-up
    16
    ·
    1 year ago

    The majority of other distros value package managers that allow for complex graph evaluation of dependencies, and the ability to roll back. This is granted with rpm and Deb, but not for pkgsource, which is a pretty lightweight format compared to those.

    As for AUR, the major distros (Ubuntu, Debian, Fedora) support 3p repositories as well. The main concern is security. IIRC one of major complaints for AUR in the past was that it didn’t foresee a strongly secure distribution system.

  • Fryboyter@discuss.tchncs.de
    link
    fedilink
    arrow-up
    15
    ·
    edit-2
    1 year ago

    when it’s the main reason why so many people use Arch Linux?

    AUR is one reason why I use Arch. But not the reason. Besides AUR, Arch has many other advantages from my point of view. Like for example the wiki that also users of other distributions use. Or the many vanilla packages. Or that you can easily create your own packages through the PKGBUILD files. Or that, based on my own experience, Arch is quite problem-free to use despite the current packages.

    One reason why other distributions don’t have something like AUR could be that AUR is not an official offering, so no verification is done in advance either. Thus, it has happened at least once that someone has manipulated PKGBUILD files in bad faith (https://lists.archlinux.org/pipermail/aur-general/2018-July/034151.html). The Wiki does not warn against the use for nothing.

    However, it is much easier for the user to check the files in the AUR in advance than it is, for example, with ready-made packages in an unofficial PPA.

    With https://build.opensuse.org and https://mpr.makedeb.org there are also at least two offers that are somewhat similar to AUR.

    • webjukebox@mujico.org
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      1 year ago

      Arch has many other advantages from my point of view. Like for example the wiki that also users of other distributions use.

      I remember when started using #! and then Debian with Openbox. It didn’t matter what problem I had, the answer and solution were always in the Arch Wiki.

      Now I am full Arch user.

  • shotgun_crab@lemmy.world
    link
    fedilink
    arrow-up
    15
    arrow-down
    1
    ·
    1 year ago

    openSUSE has OBS, Fedora has COPR, and I’m pretty sure both Gentoo and NixOS have similar stuff. Do Ubuntu’s PPAs count? Flatpaks and AppImages are also similar, although they are more limited and they aren’t exactly “standard” packages.

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      1
      ·
      edit-2
      1 year ago

      PPAs are fundamentally flawed. Since each repository is separate, they only care to maintain consistency internally, plus the packages of the Ubuntu version they were based on.

      Adding a PPA and using its packages on your system takes your dependency tree into a “cul de sac” where only that PPA is reliable.

      But of course people use multiple PPAs so what happens is that the dependency tree grows increasingly unrecoverable.

      Eventually you get the dreaded “requires X but cannot be installed” errors which pretty much mean you’ve hit a dead end. You can recover your system from it (aptitude can provide solutions) but they are extremely invasive, basically come down to uninstalling and reinstalling thousands of packages to bring your tree back to a manageable state.

      • shotgun_crab@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        1 year ago

        I admit I haven’t used Ubuntu in years, so I didn’t think they were that bad. Thanks for the info, it made me learn a dependency hell scenario I never thought about before.

        • Balder@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          It’s basically one reason I stopped using Ubuntu.

          I wanted to use the up to date version of FFMPEG, had to download the binary from the website. Wanted to install some program that needed the latest version of KDE, had to install a PPA which updated a LOT of packages and at the end it would break many other apps installed from other PPAs.

          At some point I realized using Arch was just much less work than worrying myself about all the dependencies that could break when you don’t stick to what’s available in their official repositories.

        • lemmyvore@feddit.nl
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          Debian technically has the same issue but people who want Debian usually stick to stable + backports so it’s less frequent.

          Yeah that’s why distributions which put all their community packages in one place with the same dependencies are more resilient in this respect.

          Arch’s AUR is not perfect either, you can have packages that list dependencies badly or replace core packages so you can still mess up but in a different way.

          NixOS seems to have hit on a very robust formula that lets packages coexist with minimal friction.

    • Molecular0079@lemmy.world
      link
      fedilink
      arrow-up
      5
      arrow-down
      2
      ·
      1 year ago

      OBS and COPR don’t even come close to the AUR in terms of ease of use. AUR is one searchable index, OBS and COPR are more like separate repositories that you have to find and add manually. There’s multiple people building the same packages and you have to figure out which one you want to rely on. You also can’t easily edit the packaging instructions and rebuild a package if it doesn’t work for you.

      • Lemmy.ml@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        There’s opi which does the whole search-and-add-repos thing for you, for OBS. Not sure if there’s something similar for COPR.

        It’s still separate repositories, though, I’ll grant you that.

    • nikoof@feddit.ro
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      I’ve been on NixOS for about a week now and I can say I’ve got access to pretty much all of the packages I was using on Arch just from nixpkgs. I even found it quite easy to package stuff myself!

  • iopq@vlemmy.net
    link
    fedilink
    arrow-up
    9
    ·
    1 year ago

    NixOS has NUR, but it’s not necessary because they take everyone’s pull requests in the official repo. I’ve been maintaining the software I use myself on the official nixpkgs, so I don’t need to use the NUR.

  • restarossa@infosec.pub
    link
    fedilink
    arrow-up
    7
    ·
    edit-2
    1 year ago

    Don’t know. The AUR is a big reason I use Arch. Obviously there’s PPAs/OBS or whatever but they’re not implemented nearly as well, I don’t need to go searching for new repos with the AUR or messing with repo priorities (fun times on Suse…) since everything is in the one place and there’s procedures for taking over orphaned packages. I use about twenty or so packages from it, many of them not packaged for any other distro. Personally not interested in using Flatpak since two package management systems is not my idea of KISS. Poor man’s AUR :).

  • LoudWaterHombre@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    16
    arrow-down
    9
    ·
    1 year ago

    AUR is definitely not the reason people choose arch haha

    Fellow Linux folks, this direction is one of the main problems and you know it very darn well.

  • Mayoman68@lemmy.world
    link
    fedilink
    arrow-up
    9
    arrow-down
    2
    ·
    1 year ago

    Because the AUR is a pretty low quality repo. Not sure if anything has changed since 2 years ago, but last I used arch, the AUR was full of broken, abandoned, and unbuildable packages. The Debian repos, fedora+rpmfusion, etc, provide a comparable number of software packages with substantially higher quality, hence no need for the AUR. Fedora actually has COPRs which suffer from the same quality issues as the AUR for similar reasons.

    • Don't Ask My Name@lemmy.ml
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      Thing is, the AUR isn’t really meant to be your primary repo. You can really get anything into the AUR.

      The reason why I love it so much is because if I need a package that’s not in the main arch repo (which tbh isn’t many), then I don’t need to bother going to some github page and compiling from source, I can just find it in the AUR and it’s all done for me. I did this with things like goverlay and it’s one thing that I immediately miss when I distro hop away from something arch-based.

  • HakFoo@lemmy.sdf.org
    link
    fedilink
    arrow-up
    10
    arrow-down
    4
    ·
    1 year ago

    Asbestos undies on.

    I don’t think AUR is a feature, but more of a hazard indicator. If the distributor isn’t packaging so many important things that most users have to turn to external services regularly, they’re lying down on the job.

    • yoevli@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      1 year ago

      I think you misunderstand the typical use case for the AUR. It’s generally used to install fairly niche software that might fly under the radar of distro maintainers. For example, I have CoreCtrl, a utility for managing AMD GPUs, on my install via the AUR. I’m not aware of any distro that packages it currently because it’s just too niche of a use case right now for maintainers to pay it any mind.

      • NaN@lemmy.blahaj.zone
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        I think initially it was because the distro repositories were fairly small, agree now it is often a lot of niche stuff now which is one reason people who don’t use the AUR don’t really miss it either.

        That package is in Fedora and Debian testing/Sid and the next Ubuntu. There is also an Ubuntu ppa for the and it’s on the opensuse build service.

      • Don't Ask My Name@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Yeah if the AUR can stop me from having to compile even just one package from instructions on a github page (like with corectrl, which I also use lol), then it’s enough for me to keep using arch. I will say, AUR is in the normal arch repo I think? But there’s other packages I’ve used in the past that I can’t find in there, like specific versions of mangohud or gamescope, goverlay, etc.

        AUR still means you gotta compile sometimes, but it’s so much less of a hassle to just search the AUR and hit go then to mess around compiling something manually.

      • HakFoo@lemmy.sdf.org
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I guess I was baffled when FVWM of all things was an AUR package. To me, that’s something that’s been available in the mainstream package set on almost any full-sized x86/x86-64 distribution made in the last 25 years. I suppose it’s not popular these days, but you sort of expect it to materialize because it was checked into auto-build processes in the late Clinton administration and never removed.

    • restarossa@infosec.pub
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      1 year ago

      Well that would apply to any distro I’ve used… they’re all going to have things that aren’t in the main repos. It’s a feature for Arch in that on nearly every other distro it’s probably going to be more of a pain to install them.

  • treadful@lemmy.zip
    link
    fedilink
    English
    arrow-up
    11
    arrow-down
    5
    ·
    1 year ago

    AUR is really not that great? Who moves to Arch for it? It’s been my main OS for I don’t even know how long but AUR has been my primary pain point. PKGBUILD is cool and useful useful. AUR however, is untrusted (or rather shouldn’t be trusted), often out of date, sometimes requires compilation, and doesn’t even have any good pacman wrappers since yaourt (that I’m aware of).

    Am I missing something?

    • chaorace@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      11
      ·
      1 year ago

      doesn’t even have any good pacman wrappers since yaourt (that I’m aware of).

      paru is cool

        • gbin@lemmy.ca
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          I have an hard time moving out of yay… TBH if AUR could be installable from pacman it would be awesome

          • gfrewqpoiu@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            1 year ago

            It is technically possible to install paru through Cargo which you can get just from pacman by installing rust and you can install pikaur through PIP. Both can mess with your systems packages though so I do not recommend it.

            • gbin@lemmy.ca
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Oh thank you for the tip, I forgot paru was written in rust and of course rustup is on ally machines (btw?) ;)

    • Fryboyter@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      1 year ago

      AUR however, is untrusted (or rather shouldn’t be trusted), often out of date

      So basically like a PPA which are used by many users of Ubuntu. The only difference is that the PKBUILD files used to build the packages are easier to check than the final packages in a PPA. And that’s exactly what is a big advantage for me.

      sometimes requires compilation,

      This is often because a project does not offer ready-made packages that can be downloaded from Github, for example. There are also people who do not trust ready-made packages from unknown third parties. I wouldn’t necessarily download and execute a binary file from a Dropbox of a user I don’t know. Compiling is the safer way if the source code is downloaded from a more trustworthy source.

      and doesn’t even have any good pacman wrappers since yaourt (that I’m aware of).

      Personally, I don’t think aurutils, paru and yay are bad. I currently use aurutils myself. But as far as AUR helpers are concerned, everyone has their own preferences. That’s why there are so many ;-)

    • djrubbie@lm.bittervets.org
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      Yeah, AUR isn’t great because it’s engineered as a second class citizen given the necessity of third-party tools like yaourt, and that the whole process of installation can’t be done directly through the first-party tool (pacman), such that updating the main packages can trivially cause third-party packages to suddenly stop working. ArchLinux offers just one way - their way - when it comes to dealing with software versions and if the user happens to depend on some thing they want to keep around, tough luck, and hope that future upgrades don’t force a breakage that requires a recompilation which may no longer work.

      That runs completely opposite to Gentoo, where the first-party repositories are defined the exact same way as third-party repositories, and that updates to first-party libraries generally don’t immediately break existing binaries because the distribution was built with recompilation requirements from upgrade breakages in mind. Since third-party packages are treated no differently (no second class citizen treatment), their first-party tool (emerge) can manage the complete lifecycle of “third-party” packages in the exact same manner (as opposed to needing any third party tools to manage the build). This alone reduces the mental bandwidth for the end-users that are managing their set of required packages for their systems. All this flexibility is ultimately part of the various reasons that got me to switch from Arch back to Gentoo.

  • shirro@aussie.zone
    link
    fedilink
    arrow-up
    5
    ·
    edit-2
    1 year ago

    Many distros have independent community generated package repositories though most aren’t on official infrastructure. Ubuntu has PPA which is close. I try and avoid AUR as much as I can. It is a potential attack surface and packages are sometimes poorly maintained and break. I like it for system stuff and I mostly review the PKGBUILD. It seems like a good way for software to find a path into the official repos. There was a lot of resistance from me initially but for most desktop applications flatpak has proven to be a better solution.