• henfredemars@infosec.pubEnglish
    24·
    3 months ago

    Really should keep that PPA use to a minimum. They’re potentially a source of not just instability but possible malware as you’re putting a lot of trust in whoever maintains that resource.

    • jim3692@discuss.online
      4·
      3 months ago

      When I use Debian/Ubuntu, I prefer installing missing/outdated software from Nix package manager or Flatpaks.

      This way, I can keep a stable core, while being able to enjoy all the latest versions of the apps that I need.

    • manxu@piefed.socialEnglish
      3·
      3 months ago

      Especially because there is no way to limit the packages installed from a PPA AFAIK. If the PPA has a “new” version of NGINX, or of libc, or of Wayland - you get it, too!!!

      • henfredemars@infosec.pubEnglish
        2·
        3 months ago

        Absolutely. Ideally you should have zero PPAs. There’s definitely a cost for using this feature. Most commonly it comes in the form of instability when you end up with incompatible or broken packages because the maintainer wasn’t playing an active enough role. YMMV!

      • zorro@lemmy.worldEnglish
        1·
        3 months ago

        You can set packages from a particular repo to a lower priority so that they are only installed when you expressly ask for them

          • zorro@lemmy.worldEnglish
            2·
            3 months ago

            https://wiki.debian.org/AptConfiguration#Using_pinning

            The company I work for has a apt repo that both has some tools I like to install, but also maintains super new versions of certain libraries and kernels with configs that would break my laptop.

            So I have the priority set low enough that if a package exists in any other repo it it preferred over my companies version.

            Also sorry for the slow reply I forgot to check my messages 😄

            • manxu@piefed.socialEnglish
              1·
              3 months ago

              No worries, been there! And thank you very much, it will save me tons of time sifting through updates on the VMs that need PPAs!

    • thorhop@sopuli.xyz
      1·
      3 months ago

      I think Fedora’s COPR carries on the torch, besides Arch’s AUR. But generally, yeah, avoid PPA’s like the plague. It’s been garbage for years now. You’d be better off actually compiling the software yourself.

    • bleistift2@sopuli.xyzEnglish
      9·
      3 months ago

      update pulls the metadata about your packages (to see if there are new versions, and which), while upgrade applies the patches.

      • Zwiebel@feddit.orgEnglish
        10·
        3 months ago

        I’ve never understood why the update part isn’t included in the upgrade command, since upgrade is useless without it

        • IngeniousRocks (They/She) @lemmy.dbzer0.com
          1·
          3 months ago

          Upgrade will upgrade the system to whatever is newest in your package cache. If, for example, you’ve just performed a partial upgrade and put yourself into an unsupported state, running upgrade without first running update will put your system back in line with itself.

          There probably almost never a reason for this, but its the equivalent of running pacman -u which under normal circumstances you will never do

          • Zwiebel@feddit.orgEnglish
            3·
            3 months ago

            See you perfectly explained why it should be an option to do this but not the default way

  • Randelung@lemmy.world
    4·
    3 months ago

    Upgraded three systems to Debian 13 in the last few days. Went without a hitch. One Proxmox, one media server and player, one workstation.

    Wayland still doesn’t work, but that’s apparently because of the noVideo drivers.

  • Laser@feddit.org
    3·
    3 months ago

    The second y in Syyu is almost always unneeded and just wastes time and bandwidth. Is i remember correctly, it only makes sense when for example you switch mirrors

  • jim3692@discuss.online
    3·
    3 months ago
    nix flake update
nixos-rebuild --switch --flake .

# Just to keep an update history
git add flake.lock
git commit -m "update"

    This may seem like too much work, but it guarantees an all-or-nothing procedure. If some package is broken, the entire upgrade process is canceled, and the system remains in the state that it was.

    I have had a couple of partial upgrade cases on Arch. It was not fun live booting to repair it, every time this happened.

    • NorthWestWind@lemmy.world
      2·
      3 months ago

      The only difference is that -Syyu forces the database to update

      To explain what database means in short, it tells pacman what packages are available in different repos (e.g. core, extra). In some rare cases, the time of the database update may be incorrectly marked, and pacman would not know there are new packages/versions. -Syyu should be used in this case.