Linux

the apt version.

My personal rule of thumb is that if it interacts with the OS or filesystem deeply, native is probably better. E.g. IDEs, cli programs, browsers, Steam etc.

Apps that do a simple things are likely to work perfectly fine on flatpak.

But the problem is that there are outliers in each case. You should pick one and be ready to switch if things don't work properly.

The gist is probably:

• If you just want it to work: grab it from Debian's own repos.
• If you desire sandboxing with both its positives and (potential) negatives: grab it as a flatpak
• If you desire a more up-to-date package: grab it as a flatpak

I would go with Debian package but for me the primary consideration is how much I care about having the latest version of given software. Often I don’t really care that much. Although it needs to be said that I’m on Debian testing.

I'd go with the Debian package. That's tied into the system. You get nice updates, there's more eyes on what the upstream developers do, sometimes the Debian maintainers disable things like tracking, fix vulnerabilities in libraries. It's smaller, less permission issues... It's just safer and more convenient...

I'll go for Flatpak once there's some benefit. For example the sandboxing which is great to have for proprietary software. Or if the package isn't available in the Debian repositories, and the alternative would be some third-party repo or deb file downloaded from a random website. And in rare cases when I need a specific version and the Debian maintainers are stuck with an old release.

I generally prefer system native packages to flatpaks, just cause I've had a lot of issues with flatpak permissions. I suppose for something like a tux game permissions wouldn't matter much lol

Stable package > back port package > flatpak/snap.

Basically I want everything as stable as possible unless I have a particular need for a newer feature.

The main things I run from flatpak/snap are browsers and the Minecraft launcher because they are both regularly updated.

I'm still not a Linux expert myself, but I'm gonna take a shot at answering this question as I understand it so maybe others can help correct me. I use Arch (btw) but the ideas should still apply,

You'll want to use the Debian packages for anything foundational to your system. These packages are tested to work with the distro and can be considered a part of it, just ones you haven't installed yet. This would be important for something like bluez bluetooth (or whatever Debian uses).

Aside from the space issues you mentioned, this is less important for heavy apps that sit on top of everything else, like a game. Especially if you're on a slower moving distro like Debian this may be ideal for more updated versions.

Usually I go: distro repo (HIGH PREFERENCE), AUR (not really an option for you), Flatpak, AppImage, whatever other jank manual install is available (but only as a last resort if I really need the thing and there's no other option, I like a tidy system). I find this offers the best stability and as someone who obsessively updates their system every day because they're a bored tech nerd, I've had better stability on 3 years of Arch than I have with Windows (but that's a low bar)

You are on the right track. Installing Debian packages don't require password to access shared libraries but to write into system wide directories. That way you don't need to install every software separately for every user. Flatpacks are 'self sufficient' packages and thus often way bigger, since they don't generally share resources.

From security point of view there's not much difference in every day use for average user. Sandboxed flatpacks can be more secure in a sense that if you harden your system properly they have limited access to the underlying system, but they can be equally unsafe if you just pull random software from a shady website and run it without any precautions.

Flatpacks tend to have more recent versions of the software as they can 'skip' the official build chain and they don't need to worry about system wide libraries. Tradeoff is that the installations are bigger and as flatpacks run on their own little sandbox you may need to tinker with flatpack environment to get access to files or devices. Also if you install flatpacks only for your user and you have multi-user setup other users of the machine can't access your software, which might be exactly what you want, depends on your use case.

Personally I stick with good old Debian packaging whenever possible, I don't see benefits of containers like flatpack on my own workstation. Newer software releases or using software not included in official repository are pretty much the only exceptions when flatpacks make more sense to me.

But there's a ton of nuances on this, so someone might disagree with me and have perfectly valid resons to do so, but for me, on my personal computer, flatpacks just don't offer much.

I'd say if the version is the same, go with the Debian packages and then fall back to the Flatpak one if it doesn't work.

The 260MB of storage for Flatpak is a bit misleading though. If you have other flatpaks installed, it's smart enough to deduplicate the files and share them.

Another thing to consider is xdg compliance. If you're really picky about having a nice clean home directory and the program likes to vomit files into it, Flatpak keeps that contained in its sandbox. Not something to worry about for most people though.

On Debian I would choose Flatpak because it will be generally much more up-to-date than native packages (which becomes even further true the longer through the release cycle we are).

Before going to Flatpak just for newer versions of software, consider APT pinning. You can actually use testing or Sid packages on more stable versions of Debian while still keeping the advantages of Debian-specific packages.

I’m not sure you need a password to access the shared libraries. Then basically all programs would need a password to run.

Personally I don’t like flatpaks because of the duplication of libraries. But you should do whatever you feel like. Both have merit.

For desktop things, appimage is my preference. Then flatpak then debian repo.

For cli things, if its a really old school low level utility then debian repo, otherwise nix.