What have you found bad about bash arrays? I have some simple usage of those (in bash) and they work fine.
You added the Flatpak repo as a "system" repo with:
flatpak remote-add flathub https://dl.flathub.org/repo/flathub.flatpakrepo
As such, the downloaded applications are stored by the system in /var like you said.
If you run installs as user installs, eg:
flatpak --user install com.example.appname
Then the application is stored in your home directory, not in /var.
You can also add the Flatpak repo as a "user" repo, eg:
flatpak --user remote-add flathub https://dl.flathub.org/repo/flathub.flatpakrepo
Now all installs will behave as if you passed --user to the install command. All installs will go to your home directory, none will go to /var
It's fine. I give my systems a 20G or 30G root file system.
If you use Flatpak then make sure you do user installs. If you add the remote as a user remote then all installs are user installs.
If you use VMs then create a storage pool for the disks in your home filesystem. I create a /home/libvirt/ for this.
Basically just be mindful not to fill your root filesystem.
aiui apt will compare downloads from repositories against the repository signing key, whereas downloading a deb and installing it manually with dpkg bypasses that.
So theoretically the Debian website could get compromised and provide you a malicious deb package. That has happened to other Linux distros before so it's not entirely unrealistic.
Practically I think that's very unlikely.
I know apt has the --download option if you'd like to fetch deb packages on the commandline, though I'm not sure if apt compares the package with the key during this process. I hope it does. You could probably run apt in verbose mode and hopefully see this happen.
Some references:
I don't care but it's annoying that they won't put a normal application name into $PATH.
There is a denied GitHub Issue for it but I can't be bothered finding it. It'll never happen so it doesn't matter.
It is pretty nice but ultimately it's just Debian with a slightly different package set and a theme. You can boot the regular live image and set the theme to Adwaita-dark and there's not really much difference.
Only if I can drive the spaceship with a Logitech wireless controller.
Vita for me, does everything I want.
I love following these Chinese handhelds but there is always one deal-breaker which turns me off in each device. Maybe they'll get it right one day.
I owned a GP2x back in the day, that was a fun device at the time. Playing portable SNES was unheard of but I could do it.
Not really, there are already "quantum proof" encryption algorithms that systems are already moving to.
It won't be an apocalypse where all your personal data is suddenly available at the click of a button. You need to be a billionaire launching a new social network to get that level of privacy invasion.
I'm all for defederating corporations.
The fediverse is already a reaction which is intentionally anti-corporate. Most of us are here because we don't want another Twitter or Reddit or Instagram or Facebook or whatever.
Considering how Google killed XMPP, by the time the harm was done, it was too late to exclude them.
The fediverse is not for corporates. Keep them out.
If you run your scripts through https://shellcheck.net it'll pick up things like this. Also available as a Linux package for offline use.