What are NPM and Flatpak?

By | September 20, 2021

What is npm?

According to ABLOGTOPHONE, Npm is a package manager for software solutions that is used in the JavaScript runtime environment Node.js. The associated freely available repository now comprises several hundred thousand entries.

Npm The letters were originally an acronym for ” Node Package Manager” – that is, for a solution to package software in the same JavaScript – Runtime environment. However, the acronym was so memorized that the original name was finally given up completely – the three letters became the official name.

How npm works

The central component of npm is the repository , the so-called “npm registry”. It is available under a free license for professional use for the purpose of software development . For “private” projects it is also possible to access a commercial version.

A repository is a directory of stored digital objects. Code packages can be found here. These come mainly from npm users who wanted to make their own software available. To do this, they had to pack and transfer their software using npm.

Put simply, npm is nothing more than an automated and relatively intelligent packaging system: It recognizes what is to be packed, selects the appropriate packaging and gets to work. Then an entry is created in the library.

The practical use works via the following modules:

  • The CLI client allows the software to be downloaded and installed.
  • The content of a package must be written in JSON.
  • “Name” and “Version” must exist in the definition file. There are no other mandatory conditions.
  • In addition, npm also offers dependency management.

Problems in using npm

The package manager was published in 2010 by Isaac Z. Schlueter. It is now managed by npm Inc., which belongs to Microsoft, but the character of the solution has not changed. It is mainly developed and maintained by users. This creates two central problems.

First, security is critical. It is easy to import malicious code. This happens over and over again. Since dependencies are also managed via npm, the consequences are particularly explosive.

Second, a person can damage the overall functioning of the manager. This happened in 2016. Because of a disagreement, one of the developers deleted his collected entries from the repository. As a result, numerous packages could no longer be compiled because they were dependent on the deleted data.

What is Flatpak?

Flatpak is a software solution that is used to distribute and virtualize desktop apps. It is written for Linux. It quickly gained wide acceptance and is also used for widespread programs.

Flatpak is a Linux software that is used to virtualize desktop applications. These can also be shared using the solution. Flatpak gives developers a sandbox in which the application runs in isolation. Numerous libraries are made available via the environment in order to take dependencies into account. If these are not sufficient, the app can be equipped with these and played out.

The advantages of Flatpak

Flatpak offers various advantages for everyday use:

  • An app can be used for all Linux desktop distributions.
  • Future Linux versions will not cause any problems, as Flatpak itself is simply adapted.
  • Integrated tools also allow testing and optimization during the actual development process.
  • The apps are proven to be extremely stable.

Flatpak doesn’t have any real disadvantages. However, it is clearly not a solution for average private use. It is software that was specially designed for professional use in the context of app development . According to the provider’s will, Flathub should also be used for distribution. This is a separate AppStore for the applications as flat packs. This is a limitation for the later distribution that not all developers should agree with.

The story of Flatpak

In 2014 Lennart Poetterring published a specialist article about the possible uses of app containers in Gnome (a Unix environment). At that time Flatpak had been around for seven years. But so far the software solution has not developed the strengths that set it apart from the competition.

This changed with Poettering’s idea – Freedesktop.org adapted Flatpak to the proposed concept. In the meantime it was named xdg-app. The software developed into an alternative to the previous standard solution Snappy and eventually overtook it. Flatpak was able to score with greater flexibility.

Applications available as Flatpak

There has been a great deal of interest in certain desktop apps as Flatpaks. The background is the idea of ​​writing your own extensions or integrating the applications into a larger project. Examples are:

  • GIMP
  • LibreOffice
  • KDE Plasma5
  • Blender

These apps are available as Flatpaks via Flathub. Firefox, Spotify or, for example, Skype also had unofficial versions for a long time that were made freely available on the Internet. The first two have also been included in the meantime. This speaks for a growing acceptance of the store.

What is Flatpak