Results 1 to 9 of 9

Thread: software from the community repositories safe?

  1. #1

    Post software from the community repositories safe?

    Hello

    I'm new to Opensuse and I;ve got a question on the community repositories. I want to install software like Keepassxc 2.30, Mediathekview and clamtk. Can I install those applications from the different community repositories safely without that my desktop is being compromised.

    I thank you for your answers!

  2. #2

    Default Re: software from the community repositories safe?

    The easiest thing is to install only the single software, choosing at the first Yast screen not to keep the repository.

  3. #3
    Join Date
    Sep 2008
    Posts
    2,997

    Default Re: software from the community repositories safe?

    yes it's safe and while somebody might suggest using the 1-click installer to install software from 3rd party repo's and then selecting not to keep the repo's I'd suggest the opposite add those repositories with zypper or yast and then install the apps you want with zypper or yast while keeping the repo's, by keeping the repositories active you'll get any software updates that are published by just installing the rpm you won't get updates
    just keep the number of extra repositories to a minimum to the ones you really use if you don't use software from a repo remove it.

  4. #4

    Default Re: software from the community repositories safe?

    With Yast there is also the possibility of giving priority to the repositories.
    By default they are set to 99, if you add a Community Repository you put it at 100 so it does not have priority over the official ones
    What version of Opensuse are we talking about?

  5. #5
    Join Date
    Jun 2008
    Location
    Groningen, Netherlands
    Posts
    19,985
    Blog Entries
    14

    Default Re: software from the community repositories safe?

    One warning: the distro itself is openqa tested, as a whole. The community repos arent't. The documentation is clear about those repos: use at own risk. Of course, the community will try to help you, if issues arise, but please note the difference.
    Last edited by Fraser_Bell; 14-Apr-2018 at 15:23. Reason: fix important typo
    ° Appreciate my reply? Click the star and let me know why.

    ° Perfection is not gonna happen. No way.

    https://en.opensuse.org/openSUSE:Board#Members
    http://en.opensuse.org/User:Knurpht
    http://nl.opensuse.org/Gebruiker:Knurpht

  6. #6
    Join Date
    Nov 2013
    Location
    Kamloops, BC, Canada
    Posts
    3,974

    Default Re: software from the community repositories safe?

    Quote Originally Posted by smily01 View Post
    Hello

    I'm new to Opensuse and I;ve got a question on the community repositories. I want to install software like Keepassxc 2.30, Mediathekview and clamtk. Can I install those applications from the different community repositories safely without that my desktop is being compromised.

    I thank you for your answers!
    Knurpht points out important info, and I would like to add that using the Community Repos can have risks. It helps if you are aware of any work done by the Repo owner and what stage they are at, as well.

    Many of the home repos are by some very experienced Packagers and Programmers, while there are also quite a few by other people just starting out in OBS and learning what to do.

    It could well be a first experimental work by someone.

    Of course, it is very unlikely that anyone in the home repos have any malicious intent, but unintended mistakes and glitches can happen when a person is learning and starting out.

    As Knurpht said, weigh the options, and if you run into trouble, just come here for help.
    -Gerry Makaro
    Fraser-Bell Info Tech
    Solving Tech Mysteries since the Olden Days!
    ~~
    If I helped you, consider clicking the Star at the bottom left of my post.

  7. #7
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,393
    Blog Entries
    2

    Default Re: software from the community repositories safe?

    You might want to consider what you mean by "Community Repository,"
    The current website https://software.opensuse.org/search unfortunately has confused the terminology.

    Traditionally, "Community" has meant an organized group of people working with a common purpose, and especially in software likely working on a single project or an umbrella of projects.
    The newly misleading use of "Community" in our openSUSE software currently does not mean this, "Comminity" only refers loosely to individuals contributing to OBS. There is no organization, and each individual is more likely working alone than as part of an organized effort.
    Instead "Experimental" now seems to include various types of what more traditionally is known as organized "Community"

    Examples
    Packman seems to be no longer considered a Community repository.
    Our own openSUSE repos like servers, development languages, and officially sanctioned technologies like Ruby and Python are no longer considered Community repositories.

    But,
    If I were to set up an OBS repo for my own personal efforts, that would be considered a Community repo.

    So,
    In terms of the hierarchy of trusted repo sources, I currently consider our openSUSE definition of a "Community" repository as the least reliable and safe. That does not necessarily mean that the repo contains malicious software, it mostly means that the software is least reviewed, least tested and if there are other sources I would prefer almost anything before one of these repos... But will still consider these repos vastly better than something with unknown or unverifiable origin.

    I'd encourage openSUSE to revise this change in terminology ASAP but am not holding my breath.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  8. #8
    Join Date
    Sep 2008
    Posts
    2,997

    Default Re: software from the community repositories safe?

    yes I don't quite understand the reasoning for the new layout on
    https://software.opensuse.org/search
    what it calls community repo's are in fact user repo's and while some of them are repositories of software developers there's nothing community in them, while I do use software from some of them I do it with care as they are user repositories and can contain experimental features
    yet the official extra opensuse repositories (for example kde:extra or gnome:apps) are filed under experimental when they contain vanilla code with zero experimental features?
    it's just beyond me why they changed the old UI it was simple and functional the new is confusing

  9. #9
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,393
    Blog Entries
    2

    Default Re: software from the community repositories safe?

    Am also contemplating the simple possibility that the website code is reversed...
    Everything in "Community" should actually be in "Experimental" and vice versa.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •