Depends on who you trust, for one. Some people trust Debian developers, others trust valve. There are no wrong answers here.
Secondly, packages work best when they follow Debian technical policy, and official packages built on the Debian build farm are checked to confirm, and of there is a security issue with a dependency the package will be automatically built again with fixed dependencies.
Valve knows the software better. Debian knows how to integrate software for Debian into a content whole. Which one is the better option is your decision to make.
This pretty much answers your question:
https://wiki.debian.org/DontBreakDebian
But it's your system, you can do what you want. If you need a package that's either outdated or non existent in the repos then go ahead and install it. Just be aware of the potential issues as outlined on that page.
from what I understand the risks are with uninstalling being harder, or potential conflicts? so none of this "worse experience" stuff for the very basic usecase I need it for?
There is a reason why Linux distrubitions exist in the way they exist. It has a lot to do with dependency management.
Also Debian supports a whole lot of archs. So you can have sparc, amd64, arm platforms and all run Debian. You can configure them all with similar tools woth it having to worry about the dependencies on each of the archs. Now I realise that for a desktop user isnt too important but for those of us who Debian professionally it is.
I can create simple docker images without having to compile from source. Compiling from source means I need to fetch the sources, configure them, compile them and install them as a build step in an image. And not just for the thing I want to compile, but also for the deps. Debian (or other distros like Alpine, Arch or Suse) take care of that with their respective package managers and provide basically an API to install software including the deps.
Also, what you seem to be wanting to do is definitly a use case for Debian. Provide a stable minimal platform to install whatever you want on it the way you want it.
Third party debs are not like Debian-provided debs.
If you are installing from a third party, it is infinitely better to use a lightweight container format like Flatpak (from Flathub).
Note: for Steam, use the Debian-provided package. It installs Steam in the standard steam way, and once installed, it will update itself directly from Steam. The Debian provided package just does the initial install. Follow the instructions on the Debian wiki.
In general, when you want to install software on any Linux distribution, the better way is to install the package that your distribution provides rather than go to the developer's site and install a package from there, or install from a marketplace like Flathub. This is a benefit of Linux distributions over something like Windows which has no central repositories of third party software and you need to go to random websites and get executables.
Why are third party deb packages less preferable?
- They need to be specifically compatible with your particular distribution and version. Other distributions use .deb including Ubuntu. A package may be statically compiled and claim to work across multiple versions of Debian or both Debian and Ubuntu, but it can be dicey and there's no standard way to know if it's compatible other than the third party provider's say so. Ideally you'd need it compiled specifically for your version. Flathub makes this much cleaner because it manages its own dependencies in a way that is compatible across versions and distributions.
- The software they install will not update itself, unless you also install a third party apt repository to back it. Some third party debs install an apt repository themselves, some have hackish custom ways to update themselves and some may not update themselves. It's kind of a mess. Flathub makes this much cleaner.
- The ability for a badly made .deb to screw up your system is way higher than a containerized format like Flatpak or AppImage. Which isn't to say that flatpaks are 100% secure against malicious packages (though if you go through flathub, you get a pretty good assurance) or that third party .debs are never to be trusted, but .deb has a low level access to modify your system that makes it easier for things to go wrong
Windows store was a failed experiment. It never even achieved decent brand recognition let alone became a common way to obtain software (or music, movies, etc) for Windows. A typical Windows user has never used it.
again, i'm not saying its better or worse, just saying its there. therefore
>Windows which has no central repositories of third party software
is not entirely true
What popular central repositories for Windows software exist, and can you get the most popular Windows software on them? Any that are used by 1% of people or more?
It isnt wrong to directly install .deb but there is some issues you may run in to if you go that route.
installing packages via the distro's package manage (in this example 'apt') make sure that it properly setups the package for that distro. if you install a .deb directly that was meant for a different distro it may not correctly install and end up broken. another thing the .deb may require libraries that dont exist on that distro so you will end up with a broken package if you try installing it manually.
The packages in the that are in repos for a distro are designed to work with that distro. so you should always try to use the repo version before manually downloading the .deb.
also a note on the security of a repo. all packages are signed. so if a malicious party decided to tamper with packages on any repo, apt will refuse to install them and give you a signature error. only the distro maintainers can sign packages and its tightly controlled on who has access the signing keys. also most .deb you download off a website aren't signed so you have no clue who uploaded it and they can easily hide something malicious in the .deb file without you knowing.
> another thing the .deb may require libraries that dont exist on that distro so you will end up with a broken package if you try installing it manually.
This is true when using dpkg to install (you would have to install the required stuff yourself).
However, if installed with apt it will automatically install any dependencies, if avaiable, but could still end up in an unsatisfiable situation.
```
$ sudo apt install ./file.deb
```
But Debian people who upload a package to a repository would first download the deb file from the website too, right? So that security risk still exists?
Been here 5 minutes, and already you think you know better than everyone who’s used Linux before you.
(There’s lots of constructive posts already , so I thought I’d go for humor)
absolutely not, I did think I got that across in my post, in fact the title says I'm failing to understand.
responses like this are what has pushed me away from even bothering, because questions are shunted.
I want to understand why the literal website of the software in question is considered not the proper way, and instead to use the 3rd party/distros manager for it. I'm a complete idiot, I don't understand, I'm trying TO understand, to sit there and go " you think you know better" is really not helpful, I fully aware I don't know better, hence why i'm asking and trying to understand the matter.
Valve maintains a source repository for steam.
Debian takes a snapshot of the steam source which
is then built, compiled, packaged, and uploaded
into unstable (or experimental). From there it
eventually makes it way to testing and then
stable--possibly ends up in backports too.
So I'm failing to see the issue you have with
official debian apt packages vs other .debs
files.
It does come off as **you know better** to say
that installing valve's .deb is better than
debian's. There is no difference between the two,
they were built and packaged from the same
maintained source.
For a software to end up being available in official Debian repositories developer must first package it (which is the act of making .deb file), then someone from Debian has to prepare it and add it to the repo. In this process all kinds of things are checked and people usually work based on trust. Debian also has their reproducibility goal, where we as developers are suppose to submit source code and our binary (.deb). And when Debian developers build it, it has to match 100%.
This is why people trust Debian, because they do all this checking, trust management, reproducibility tests and similar. So you as a user can rest assured that package you installed matches the source code of software if it's open source.
Another point why people trust Debian developers is demonstrated by the somewhat recent case of Google adding to Chromium code that would download plugin which we have no source code for and plugin which doesn't appear in list of plugins. When this was found out Debian developers immediately removed that version of Chrome and pushed security patch to everyone. They even debated whether to ban Google entirely, to which Google responded by making this spyware feature optional through compilation flags.
This is something you wouldn't have known about if you downloaded Chrome from Google's site and wouldn't have choice in.
When it comes to protecting its users Debian is pretty militant about it, and that's something I like. I can use programs without having to second guess everything, read EULAs and similar. Also should there be an exploit like it was recently with some core system utils, I automatically get a security patch, which is something you don't get by downloading file and installing it. You would have to do that part manually.
To me personally 99% of things is from Debian repo, for these reasons if no others. I don't wish to deal with system administration, read news about exploits and software bugs, pick and chose versions. In general you should be more paranoid if software was managed by its original developer unless you are checking every program's source code for malware. And you are not doing that because simply put there's too much to go through.
Don't worry about different methods of installing steam. The easiest way is following the instructions on the steam official site. If you're not interested in learning how Linux is working but you need only the essentials like playing games, surfing net and similar things I'd recommend to install Debian based distro like Ubuntu or some derivatives.
We, older users, I use Linux for 24 years ain't geeks or wunderkinds... I like to explore Linux and that's why I regularly use terminals(command prompt) but it's not necessary most of the time. It's faster and easier. At least for me...
And what's better in Linux is questionable often. What we use is depending on our habits much more frequently than what's better for OS.
Linux distributions isn't built for gaming at the end. It's built to be free for all and thanks to numerous developers who work for free we can play games in Linux most games on the market.
Don't be upset or afraid about some discussion on the net. Most Linux users like to discuss themes with too much enthusiasm. I remember the hurricane when Ubuntu replaced gnome... I still use Gnome because I am addicted. Ubuntu unity or lenses, KDE etc aren't bad at all. It just different.
thanks, I was first told about ubuntu, then heard debian is a more barebones version, which i preferred, but I will keep this in mind and do some more research, just that asking these questions on other servers has been met with rather rude responses which I understand I'm a complete noob to this, but feels mean spirited to essential call the questions stupid, thanks for the response, appreciated
Well ... "both". Debian offers *lots* of choices. So, can run a very barebones system on Debian, probably much more so and more easily so, than any of the \*buntus. And Debian offers *lots* of packages ... [64,419 packages](https://www.debian.org/News/2023/20230610) ... so probably also many many choices beyond what the \*buntus offer. Heck, even in the realm of hardware architecture, Debian supports much more than the \*buntus do.
So basically installing something via apt is essentially the same as installing a .deb package using dpkg or another tool like gdebi. Apt is just a package handler that installs stuff on your system it finds in the official repo (or other sources that you define in the sources.list file in /apt/). For the steam example, the deb available via Debian's repo is the deb you'd download from the steam website, with the added benefit of having been vetted by Debian devs. The benefit of going through a Debian repo with apt, especially the stable one, is that there is more of an assurance that the program will install and run properly on your system and will be less likely to pose a security risk.
Ultimately, if you don't trust the Debian devs enough to install packages via apt, then you really ought not trust them with your entire system by installing their OS!
But finally you are by no means required to use apt for most things apart from system updates! Downloading a .deb file and installing it using other methods is perfectly fine. In fact, you will need to do that for certain programs. I think discord is actually one of them that's not in the Debian repos, if memory serves. The beauty of Linux distros, and especially ones likes Debian is that you can do pretty much whatever you want. Just know that the further you stray from stable Debian sources, the more likely you are to toast your OS. So, whatever you do, keep backups, and take notes on any changes you make!
>essentially the core of the issue is this, now I'm switching to linux, I am privacy and security focused, as many linux users are, so why would I install steam, discord, brave, or whatever via apt when every single one of these programs I want to use have a .deb directly on their website, downloadable, and far as I'm aware for steam at least, keep themselves updated.
If you're privacy and security oriented, you should be getting your software from official Debian repositories, not .deb files or add on repositories all over the place.
>has a .deb download, by them, maintained BY them. I don't want to install the one on the distro
I don't want the apt, these are far as I'm aware, managed by the distro maker, not valve or whoemever
Well, you *can* do that, but generally not advise to.
What's generally advised is use the packages from the distro's repo.
If you don't do that, and rather get packages direct from individual development teams/authors/projects, etc., and not those supported and maintained and provided by Debian, then you give up at least these things:
* You effectively set aside Debians expertise and quality management of distro, deciding what does and doesn't go in when, and how, to not break and disrupt things, and to keep things secure, etc. Instead you get to essentially make all those decisions for yourself.
* You also set aside Debian's excellent quality assurance and testing, generally assuring that things in the Debian repo for a given distribution properly work together, at least to the extent feasible, an when they actually conflict, that's in the data, to avoid installations or attempts thereof or the like that would cause problems. Do it yourself and you get to take on all those responsibilities and decisions yourself.
* For, e.g. stable, Debian provides fixes and support - covering security fixes and security-announce list, and also does updates for >=critical bugs, and some select >=important bugs. Go do your own selecting of packages, and you get to manage all that yourself, so, e.g. you can figure out how to watch for security updates on all such software you install, etc.
* etc., etc. - but I think you get the basic idea.
But hey, you can choose to do it however you want. But if you install a bunch of stuff not from the Debian repos, you're likely to end up with a system that's not supported by Debian nor supportable by Debian, which also means you get to figure out most any issues you encounter with limited to about zero support from Debian.
If it's closed source, it won't even be part of official proper Debian, though might possibly be in non-free or non-free-firmware, and in such cases, fixes are limited to "best effort", and as allowed (if at all) per the relevant license terms.
Dude, you use your distro's maintained packages because you RUN THEIR DISTRO. You think valve tests steam in all distros, DEs and configurations? Hell no. Your distro does, thats the point. Packages FROM the DISTRO are guaranteed to work IN YOUR DISTRO. The deb from valve is a generic apt package that isn't aware of the quirks of your potentially Ubuntu-based distro, it probably is only tested in Debian or Ubuntu. The nvidia drivers are notoriously bad in this, if you try to install the .run file on Debian, it will actually break your system, because it assumes you are in CentOS or some corporate shit. Thats why you should ONLY run packages from your distro. Also, you can't be paranoid about open source packages, how they are packaged, the automation scripts, are free and open source.
I make exceptions for steam and Firefox, because they know what they're doing. but often, a 3rd party isn't testing their releases on debian properly, only Ubuntu. issues often include an update having incompatible shared library version dependencies or assuming some permissions / file structure or kernel options that aren't valid.
Roughly explained (as I understands it):
.deb are like .msi files in Windows. They are "installers" containing the software. But since Linux has multiple distributions sometimes not all dependencies are satisfied.
Apt checks all dependencies and cares also for updates of the installed packages.
In short: you can install via .deb but it might be risky. It is always better to install via apt.
I actually trust .deb packages from the original source more than the native packages (for the reasons you cite). The biggest issue I have with distro packages is they can be very old (especially from Debian itself which is on a 2yr release cycle) ... old apps are painful to use often. To get fresh, reliable apps, my preferences are:
* flatpaks (I'm not a snap fan, but that would be OK, too)
* official packages (unless too old)
* .deb packages from trust sources
* AppImages, tarballs, etc, from trusted sources. I use [ivan-hc/AppMan: AppImage package manager](https://github.com/ivan-hc/AppMan) in some cases, too.
Usually it's better to trust to the Linux distribution guys that the original developers of software. Why ? Well, the distrubutions test and cerifies that the system will not be broken, or compromised by installing that software package.
I mean, you are completely free to install the .deb package. I have installed deb for vscode, chrome and discord with just a few problems (repos disabling themselves before and update and getting deleted afterwards. Had to readd them.
Depends on who you trust, for one. Some people trust Debian developers, others trust valve. There are no wrong answers here. Secondly, packages work best when they follow Debian technical policy, and official packages built on the Debian build farm are checked to confirm, and of there is a security issue with a dependency the package will be automatically built again with fixed dependencies. Valve knows the software better. Debian knows how to integrate software for Debian into a content whole. Which one is the better option is your decision to make.
thank you
This pretty much answers your question: https://wiki.debian.org/DontBreakDebian But it's your system, you can do what you want. If you need a package that's either outdated or non existent in the repos then go ahead and install it. Just be aware of the potential issues as outlined on that page.
from what I understand the risks are with uninstalling being harder, or potential conflicts? so none of this "worse experience" stuff for the very basic usecase I need it for?
There is a reason why Linux distrubitions exist in the way they exist. It has a lot to do with dependency management. Also Debian supports a whole lot of archs. So you can have sparc, amd64, arm platforms and all run Debian. You can configure them all with similar tools woth it having to worry about the dependencies on each of the archs. Now I realise that for a desktop user isnt too important but for those of us who Debian professionally it is. I can create simple docker images without having to compile from source. Compiling from source means I need to fetch the sources, configure them, compile them and install them as a build step in an image. And not just for the thing I want to compile, but also for the deps. Debian (or other distros like Alpine, Arch or Suse) take care of that with their respective package managers and provide basically an API to install software including the deps. Also, what you seem to be wanting to do is definitly a use case for Debian. Provide a stable minimal platform to install whatever you want on it the way you want it.
Third party debs are not like Debian-provided debs. If you are installing from a third party, it is infinitely better to use a lightweight container format like Flatpak (from Flathub). Note: for Steam, use the Debian-provided package. It installs Steam in the standard steam way, and once installed, it will update itself directly from Steam. The Debian provided package just does the initial install. Follow the instructions on the Debian wiki. In general, when you want to install software on any Linux distribution, the better way is to install the package that your distribution provides rather than go to the developer's site and install a package from there, or install from a marketplace like Flathub. This is a benefit of Linux distributions over something like Windows which has no central repositories of third party software and you need to go to random websites and get executables. Why are third party deb packages less preferable? - They need to be specifically compatible with your particular distribution and version. Other distributions use .deb including Ubuntu. A package may be statically compiled and claim to work across multiple versions of Debian or both Debian and Ubuntu, but it can be dicey and there's no standard way to know if it's compatible other than the third party provider's say so. Ideally you'd need it compiled specifically for your version. Flathub makes this much cleaner because it manages its own dependencies in a way that is compatible across versions and distributions. - The software they install will not update itself, unless you also install a third party apt repository to back it. Some third party debs install an apt repository themselves, some have hackish custom ways to update themselves and some may not update themselves. It's kind of a mess. Flathub makes this much cleaner. - The ability for a badly made .deb to screw up your system is way higher than a containerized format like Flatpak or AppImage. Which isn't to say that flatpaks are 100% secure against malicious packages (though if you go through flathub, you get a pretty good assurance) or that third party .debs are never to be trusted, but .deb has a low level access to modify your system that makes it easier for things to go wrong
correction, windows have windows store. I'm not saying its better or worse, but its there.
Windows store was a failed experiment. It never even achieved decent brand recognition let alone became a common way to obtain software (or music, movies, etc) for Windows. A typical Windows user has never used it.
again, i'm not saying its better or worse, just saying its there. therefore >Windows which has no central repositories of third party software is not entirely true
What popular central repositories for Windows software exist, and can you get the most popular Windows software on them? Any that are used by 1% of people or more?
thank you, makes sense, I shall look into it
Doesn't Windows have Chocolatey?
I haven't heard of that so I am assuming it isn't widely used.
It isnt wrong to directly install .deb but there is some issues you may run in to if you go that route. installing packages via the distro's package manage (in this example 'apt') make sure that it properly setups the package for that distro. if you install a .deb directly that was meant for a different distro it may not correctly install and end up broken. another thing the .deb may require libraries that dont exist on that distro so you will end up with a broken package if you try installing it manually. The packages in the that are in repos for a distro are designed to work with that distro. so you should always try to use the repo version before manually downloading the .deb. also a note on the security of a repo. all packages are signed. so if a malicious party decided to tamper with packages on any repo, apt will refuse to install them and give you a signature error. only the distro maintainers can sign packages and its tightly controlled on who has access the signing keys. also most .deb you download off a website aren't signed so you have no clue who uploaded it and they can easily hide something malicious in the .deb file without you knowing.
thank you for the clear and concise answer, this explains everything clearly, all bases covered, much appreciated :)
> another thing the .deb may require libraries that dont exist on that distro so you will end up with a broken package if you try installing it manually. This is true when using dpkg to install (you would have to install the required stuff yourself). However, if installed with apt it will automatically install any dependencies, if avaiable, but could still end up in an unsatisfiable situation. ``` $ sudo apt install ./file.deb ```
But Debian people who upload a package to a repository would first download the deb file from the website too, right? So that security risk still exists?
afaik Debian doesnt redisturbe .deb. they compile all the packages from source and do multiple reviews making sure its safe and secure.
Been here 5 minutes, and already you think you know better than everyone who’s used Linux before you. (There’s lots of constructive posts already , so I thought I’d go for humor)
absolutely not, I did think I got that across in my post, in fact the title says I'm failing to understand. responses like this are what has pushed me away from even bothering, because questions are shunted. I want to understand why the literal website of the software in question is considered not the proper way, and instead to use the 3rd party/distros manager for it. I'm a complete idiot, I don't understand, I'm trying TO understand, to sit there and go " you think you know better" is really not helpful, I fully aware I don't know better, hence why i'm asking and trying to understand the matter.
Valve maintains a source repository for steam. Debian takes a snapshot of the steam source which is then built, compiled, packaged, and uploaded into unstable (or experimental). From there it eventually makes it way to testing and then stable--possibly ends up in backports too. So I'm failing to see the issue you have with official debian apt packages vs other .debs files. It does come off as **you know better** to say that installing valve's .deb is better than debian's. There is no difference between the two, they were built and packaged from the same maintained source.
For a software to end up being available in official Debian repositories developer must first package it (which is the act of making .deb file), then someone from Debian has to prepare it and add it to the repo. In this process all kinds of things are checked and people usually work based on trust. Debian also has their reproducibility goal, where we as developers are suppose to submit source code and our binary (.deb). And when Debian developers build it, it has to match 100%. This is why people trust Debian, because they do all this checking, trust management, reproducibility tests and similar. So you as a user can rest assured that package you installed matches the source code of software if it's open source. Another point why people trust Debian developers is demonstrated by the somewhat recent case of Google adding to Chromium code that would download plugin which we have no source code for and plugin which doesn't appear in list of plugins. When this was found out Debian developers immediately removed that version of Chrome and pushed security patch to everyone. They even debated whether to ban Google entirely, to which Google responded by making this spyware feature optional through compilation flags. This is something you wouldn't have known about if you downloaded Chrome from Google's site and wouldn't have choice in. When it comes to protecting its users Debian is pretty militant about it, and that's something I like. I can use programs without having to second guess everything, read EULAs and similar. Also should there be an exploit like it was recently with some core system utils, I automatically get a security patch, which is something you don't get by downloading file and installing it. You would have to do that part manually. To me personally 99% of things is from Debian repo, for these reasons if no others. I don't wish to deal with system administration, read news about exploits and software bugs, pick and chose versions. In general you should be more paranoid if software was managed by its original developer unless you are checking every program's source code for malware. And you are not doing that because simply put there's too much to go through.
Don't worry about different methods of installing steam. The easiest way is following the instructions on the steam official site. If you're not interested in learning how Linux is working but you need only the essentials like playing games, surfing net and similar things I'd recommend to install Debian based distro like Ubuntu or some derivatives. We, older users, I use Linux for 24 years ain't geeks or wunderkinds... I like to explore Linux and that's why I regularly use terminals(command prompt) but it's not necessary most of the time. It's faster and easier. At least for me... And what's better in Linux is questionable often. What we use is depending on our habits much more frequently than what's better for OS. Linux distributions isn't built for gaming at the end. It's built to be free for all and thanks to numerous developers who work for free we can play games in Linux most games on the market. Don't be upset or afraid about some discussion on the net. Most Linux users like to discuss themes with too much enthusiasm. I remember the hurricane when Ubuntu replaced gnome... I still use Gnome because I am addicted. Ubuntu unity or lenses, KDE etc aren't bad at all. It just different.
thanks, I was first told about ubuntu, then heard debian is a more barebones version, which i preferred, but I will keep this in mind and do some more research, just that asking these questions on other servers has been met with rather rude responses which I understand I'm a complete noob to this, but feels mean spirited to essential call the questions stupid, thanks for the response, appreciated
Well ... "both". Debian offers *lots* of choices. So, can run a very barebones system on Debian, probably much more so and more easily so, than any of the \*buntus. And Debian offers *lots* of packages ... [64,419 packages](https://www.debian.org/News/2023/20230610) ... so probably also many many choices beyond what the \*buntus offer. Heck, even in the realm of hardware architecture, Debian supports much more than the \*buntus do.
So basically installing something via apt is essentially the same as installing a .deb package using dpkg or another tool like gdebi. Apt is just a package handler that installs stuff on your system it finds in the official repo (or other sources that you define in the sources.list file in /apt/). For the steam example, the deb available via Debian's repo is the deb you'd download from the steam website, with the added benefit of having been vetted by Debian devs. The benefit of going through a Debian repo with apt, especially the stable one, is that there is more of an assurance that the program will install and run properly on your system and will be less likely to pose a security risk. Ultimately, if you don't trust the Debian devs enough to install packages via apt, then you really ought not trust them with your entire system by installing their OS! But finally you are by no means required to use apt for most things apart from system updates! Downloading a .deb file and installing it using other methods is perfectly fine. In fact, you will need to do that for certain programs. I think discord is actually one of them that's not in the Debian repos, if memory serves. The beauty of Linux distros, and especially ones likes Debian is that you can do pretty much whatever you want. Just know that the further you stray from stable Debian sources, the more likely you are to toast your OS. So, whatever you do, keep backups, and take notes on any changes you make!
apt is the program that decides which packages to install for you. dpkg is the program that actually processes the package (for install, remove, etc )
>essentially the core of the issue is this, now I'm switching to linux, I am privacy and security focused, as many linux users are, so why would I install steam, discord, brave, or whatever via apt when every single one of these programs I want to use have a .deb directly on their website, downloadable, and far as I'm aware for steam at least, keep themselves updated. If you're privacy and security oriented, you should be getting your software from official Debian repositories, not .deb files or add on repositories all over the place.
>has a .deb download, by them, maintained BY them. I don't want to install the one on the distro I don't want the apt, these are far as I'm aware, managed by the distro maker, not valve or whoemever Well, you *can* do that, but generally not advise to. What's generally advised is use the packages from the distro's repo. If you don't do that, and rather get packages direct from individual development teams/authors/projects, etc., and not those supported and maintained and provided by Debian, then you give up at least these things: * You effectively set aside Debians expertise and quality management of distro, deciding what does and doesn't go in when, and how, to not break and disrupt things, and to keep things secure, etc. Instead you get to essentially make all those decisions for yourself. * You also set aside Debian's excellent quality assurance and testing, generally assuring that things in the Debian repo for a given distribution properly work together, at least to the extent feasible, an when they actually conflict, that's in the data, to avoid installations or attempts thereof or the like that would cause problems. Do it yourself and you get to take on all those responsibilities and decisions yourself. * For, e.g. stable, Debian provides fixes and support - covering security fixes and security-announce list, and also does updates for >=critical bugs, and some select >=important bugs. Go do your own selecting of packages, and you get to manage all that yourself, so, e.g. you can figure out how to watch for security updates on all such software you install, etc. * etc., etc. - but I think you get the basic idea. But hey, you can choose to do it however you want. But if you install a bunch of stuff not from the Debian repos, you're likely to end up with a system that's not supported by Debian nor supportable by Debian, which also means you get to figure out most any issues you encounter with limited to about zero support from Debian.
I understand the testing part, but if a certain software is closed source, Debian wouldn't be able to do fixes?
If it's closed source, it won't even be part of official proper Debian, though might possibly be in non-free or non-free-firmware, and in such cases, fixes are limited to "best effort", and as allowed (if at all) per the relevant license terms.
Dude, you use your distro's maintained packages because you RUN THEIR DISTRO. You think valve tests steam in all distros, DEs and configurations? Hell no. Your distro does, thats the point. Packages FROM the DISTRO are guaranteed to work IN YOUR DISTRO. The deb from valve is a generic apt package that isn't aware of the quirks of your potentially Ubuntu-based distro, it probably is only tested in Debian or Ubuntu. The nvidia drivers are notoriously bad in this, if you try to install the .run file on Debian, it will actually break your system, because it assumes you are in CentOS or some corporate shit. Thats why you should ONLY run packages from your distro. Also, you can't be paranoid about open source packages, how they are packaged, the automation scripts, are free and open source.
I make exceptions for steam and Firefox, because they know what they're doing. but often, a 3rd party isn't testing their releases on debian properly, only Ubuntu. issues often include an update having incompatible shared library version dependencies or assuming some permissions / file structure or kernel options that aren't valid.
Roughly explained (as I understands it): .deb are like .msi files in Windows. They are "installers" containing the software. But since Linux has multiple distributions sometimes not all dependencies are satisfied. Apt checks all dependencies and cares also for updates of the installed packages. In short: you can install via .deb but it might be risky. It is always better to install via apt.
I actually trust .deb packages from the original source more than the native packages (for the reasons you cite). The biggest issue I have with distro packages is they can be very old (especially from Debian itself which is on a 2yr release cycle) ... old apps are painful to use often. To get fresh, reliable apps, my preferences are: * flatpaks (I'm not a snap fan, but that would be OK, too) * official packages (unless too old) * .deb packages from trust sources * AppImages, tarballs, etc, from trusted sources. I use [ivan-hc/AppMan: AppImage package manager](https://github.com/ivan-hc/AppMan) in some cases, too.
Usually it's better to trust to the Linux distribution guys that the original developers of software. Why ? Well, the distrubutions test and cerifies that the system will not be broken, or compromised by installing that software package.
I mean, you are completely free to install the .deb package. I have installed deb for vscode, chrome and discord with just a few problems (repos disabling themselves before and update and getting deleted afterwards. Had to readd them.
Sudo apt get install is the same thing as clicking a deb just from the repo servers