It’s fairly random when a problem pops up. You could be fine for another 6 months to a year, but generally the possibility is there every update.
As for getting updated software, I’ve personally been able to get the latest versions of all the apps I use on Debian thanks to flatpak, which is as simple as adding the flathub repo.
I fundamentally dislike the concept of flatpacks. It’s fine and/or necessary for immutable distros, but I see little point in loading every dependency individually for every app. It’s fine for an app or two, but adds up to a lot relatively quickly when used as the default system. To each their own I guess, but I’m very happy with the ecosystem of the huge, up-to-date native repo + availability of the AUR.
I can’t say I’ve ever actually witnessed those things presenting as a problem on my system, personally.
One advantage (imo) of flatpak over the AUR at least, is that flatpaks can have a verified status, which makes them as safe as using a distro package (sometimes more so, since they can be sandboxed), where as each AUR package should be manually inspected to avoid the potential for malware, as recently occurred on there. Without knowledge on what to look for in an AUR build script, it can be a potentially unsafe source.
Debian + Verified flatpaks offers good security for the widest range of packages for the least effort, at least in my experience.
It’s fairly random when a problem pops up. You could be fine for another 6 months to a year, but generally the possibility is there every update.
As for getting updated software, I’ve personally been able to get the latest versions of all the apps I use on Debian thanks to flatpak, which is as simple as adding the flathub repo.
I fundamentally dislike the concept of flatpacks. It’s fine and/or necessary for immutable distros, but I see little point in loading every dependency individually for every app. It’s fine for an app or two, but adds up to a lot relatively quickly when used as the default system. To each their own I guess, but I’m very happy with the ecosystem of the huge, up-to-date native repo + availability of the AUR.
I can’t say I’ve ever actually witnessed those things presenting as a problem on my system, personally.
One advantage (imo) of flatpak over the AUR at least, is that flatpaks can have a verified status, which makes them as safe as using a distro package (sometimes more so, since they can be sandboxed), where as each AUR package should be manually inspected to avoid the potential for malware, as recently occurred on there. Without knowledge on what to look for in an AUR build script, it can be a potentially unsafe source.
Debian + Verified flatpaks offers good security for the widest range of packages for the least effort, at least in my experience.