I recently moved my work machine from Windows to Linux and chose Debian Trixie + KDE Plasma for the stability. The advice is that if stability is your priority, you should try to avoid breaking Debian. I understand that adding third-party sources can cause dependencies conflicts, and must be avoided at all costs. I also understand that Flatpaks, AppImages, Snaps, and Docker/Podman images are safe because they don’t interfere with the system dependencies. So far, so good. What I don’t understand is what happens with other ways of installing software (eg .deb, tarballs).
I know it’s a contentious subject but if stability is the priority, how would you rank different methods? I may be wrong but my take is:
Debian repository > Flatpak > Appimage > Docker/Podman > Snap > tarball
To be avoided: .deb for Debian > .deb for Ubuntu > PPAs
Eg Viber is available as an official AppImage (with certain bugs), unofficial flatpak (with other bugs), and an official .deb for Ubuntu (which is probably a bad idea for Debian anyway). Viber support told me they don’t support my OS.
I daily drive Debian and have a few loose .deb packages and tarballs installed. Also enabled the Librewolf repo. It mostly comes down to an issue of manageability and possible conflicting dependencies. The ones I have installed don’t introduce any dependencies, so they’ve been trouble-free and have survived the Bookworm to Trixie upgrade. They are installed as a last resort option in the absence of a satisfactory equivalent via the official repo, Flatpak, or AppImage.
Loose .deb packages can be installed and uninstalled like any other normal Debian package, but won’t be automatically updated and don’t have any compatibility guarantee. Tarballs are nothing more than a collection of files, which may need to be placed in system directories. You’re on your own for those since there’s no standard and automated way to manage them and it’s possible to overwrite important system files if unpacked and copied in blindly. It’s a good idea to keep a manual record of what was put where in case any issues with them pop up down the road.
My personal ranking:
Official Debian repo > Flatpak > AppImage > Docker/Podman > Snap >> Reputable and known compatible third-party repo > Loose Debian .deb > tarball > Loose Ubuntu .deb >> Unfamiliar third-party repos and PPAs
There are certain occasions where a loose .deb or tarball won’t hurt, but sticking to options further up the list closes off the biggest routes of breaking Debian.
This ranking is very close to how I see this. Anything after Docker/Podman is out unless I absolutely need an application in which case keeping a record of dependencies is a good idea. But I want to know the work system will absolutely start in the morning hours from a deadline. Avoiding single points of failure is another way of course (ie multiple systems, OSes, backups, password managers etc).