Reliabilty of community updated OpenSUSE Build Service apps?

[DeabianDieHard]

So, I really really love Debian. I can't believe how miserable Ubuntu has turned this beauty into! Anyways, I prefer to have fresh software on my Debian install. For e.g Latest GIMP or Inkscape without having to deal with source tarballs myself. Out of all methods, the community maintained packages hosted on OBS (OpenSUSE Build Service) seem to be the best. But, I have a few question about it:
1. Are they safe to install?
2. Will installing newer packages from OBS break my current Debian install? (Break in the sense that up gradation of certain system libraries that'd hurt system upgrades in future)
3. Is there anything else that I need to know about this?
Please help! Thanks in advance.

[cuckooflew]

This: https://wiki.debian.org/DontBreakDebian does not mention OpenSuse Build service, but there are things to consider, one being the " Shiny New Stuff Syndrome", and you seem to have it:

by DeabianDieHard » I prefer to have fresh software on my Debian install. For e.g Latest GIMP or Inkscape without having to deal with source tarballs myself.

From the wiki:(don't break Debian)

Don't suffer from Shiny New Stuff Syndrome

The reason that Debian Stable is so reliable is because software is extensively tested and bug-fixed before being included. This means that the most recent version of software is often not available in the Stable repositories. But it doesn't mean that the software is too old to be useful!

Before attempting to install the newest version of some software from somewhere other than the Debian Stable repositories, here are some things to keep in mind:

Debian backports security fixes and new features, judging software by comparing the version number of the Debian package to the upstream version number does not take this into account.
The latest version of the software you're trying to use might also have new bugs.

Installing software from places other than official Debian repositories are not covered by Debian' Security team.

Also from the same above link:

Research the issue on your own first, including reading documentation and using search engines.

Provide details and ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html

There are some members here that occasionally do use the OpenSUSE Build Service, you can search the forum and read some of the topics that have been posted, or wait , I amsure they will jump in here soon, ..me, ? I don't use those, and won't. and don't need the shiniest newest software, ...
But , if I did want to use the OpenSuse Build Service, I would start by reading their documentation:
https://en.opensuse.org/openSUSE:Build_Service_Tutorial

Prerequisites

You should have a general understanding about RPMs and how they are created. See the packaging guidelines for openSUSE or a similar document of another supported packaging system such as dpkg. This document is not meant to be a replacement for packaging documentation, which can be found at the above links.

You should be familiar with the source code environment your project is using for your package. The Build Service can work around some common mistakes and will try to guide you in case of failures. We have a buildservice-mailinglist which can be a source of help and advice. However, decisions on which patches to apply, what compiler flags to use, etc. are ultimately up to you.

Do you meet the "Prerequisites" ? I have my doubts on that,... but let's take a look at the "requirements"
Well, you can read that , it is to long to post here,......After I had read the documentation, I would decide for myself, if 1 I trusted them, and 2 can I meet the prerequisits ?
There is much more information about the OpenSUSE Build Service apps, if you do a search... obviously the members that use this build service are going to promote it, and tell you it is reliable , and that is fine, if you decide you can trust them, even though you have never met them, etc . that is fine as well.
Building and packaging your own builds, well, it is only as reliable as you are. I am not going to say, Oh yea man, it is reliable, but also I am not going to say it isn't either,... it might depend on which specific app, and who the packager is,.... the only on you specify is Gimp, as a example,...a smart question qould ask about a specific app, and who packages it,....So any way , go figure,

[stevepusser]

Maybe we're talking about some of my packages on the OBS? Well, I'm the lead packager from MX Linux, where we do try and update packages we think are getting stale on Stable, so I hope I can be trusted, but otherwise, anyone can open an account on the OBS and start uploading anything, so you have to know or check the source and whatever changes the uploader can be making. Most of my original sources are directly from upstream Debian, or from the developer's site when Debian's behind or doesn't have the package (SMPlayer or Foliate, for example, or Pale Moon, where I have to smoosh together two separate downloads from github into one orig source tarball).

Anyway, anyone can download the orig source tarball from the OBS, extract it, and run a diff on the files to see if there's been any evil hacks made from the dev's source, as well as check the patches in the debian/patches folder to make sure no hackery was involved there. I have seen some other packages where the build worked, but the debian folder wasn't quite up to Debian standards, having lots of incorrectly formatted changelogs, missing copyright files, example files in there that should have been removed, and so on, but that doesn't affect the final debs.

It's pretty much the same there as for the Ubuntu Launchpad PPAs--some are of the finest quality, and some...not.

[DeabianDieHard]

Maybe we're talking about some of my packages on the OBS? Well, I'm the lead packager from MX Linux, where we do try and update packages we think are getting stale on Stable, so I hope I can be trusted, but otherwise, anyone can open an account on the OBS and start uploading anything, so you have to know or check the source and whatever changes the uploader can be making.

Well, yes! Of course I trust you! (You are 'stevepassert' on OBS, right?) But the only reason I switched to vanilla Debian from MX was MX's requirement to perform clean install with complete base upgrades!! Since I have installed SMPlayer, lollypop and few other apps this morning, I'm probably going to have some troubles when Bullseye comes up!

It's pretty much the same there as for the Ubuntu Launchpad PPAs--some are of the finest quality, and some...not.

But AFAIK, PPAs aren't known to break upgrades. I could be wrong. I am a total noob in this matter anyways. If Ubuntu, Mint installs do fine with upgrades, why does Debian break?

[DeabianDieHard]

This: https://wiki.debian.org/DontBreakDebian does not mention OpenSuse Build service, but there are things to consider, one being the "
Shiny New Stuff Syndrome", and you seem to have it:

Why isn't OpenSuse Build service mentioned though?! And yikes. I have that syndrome cuz I like new features and improvements. (But not at the cost of system stability so Rolling releases are a big NO). The only reason I am straying from Flatpaks is their mammoth bandwidth requirements. I can't afford to waste gigabytes of 'mobile' data on simple applications. So, my best bet will be appimage! The best thing is that they leave everything on the system completely untouched! All these apps have app-images. The only problem is their integration (or lack of it) with the system.

There is much more information about the OpenSUSE Build Service apps, if you do a search... obviously the members that use this build service are going to promote it, and tell you it is reliable , and that is fine, if you decide you can trust them, even though you have never met them, etc . that is fine as well.

I can trust official maintainers (like the MX maintainer here. But that can possibly lead me to a broken Debian install down the line (when Bullseye is released). So'll remain content with appimage.

Building and packaging your own builds, well, it is only as reliable as you are. I am not going to say, Oh yea man, it is reliable, but also I am not going to say it isn't either,... it might depend on which specific app, and who the packager is,.... the only on you specify is Gimp, as a example,...a smart question qould ask about a specific app, and who packages it,....So any way , go figure,

Got it.

[cuckooflew]

OK, sounds like you do "get it", and stevepusser is a positive example, and so if you have a specific package in mind, odds are maybe he all ready has packaged something, and if he says it is reliable, it probably is, I have also seen where he was honest and tells us when he knows about potential problems or bugs.

Why isn't OpenSuse Build service mentioned though?

To be honest , probably mostly because it is only a summary , and does not try to mention all the "outside" sources, like wise it does not mention one , "deb-multimedia.org ", and that has been known to be very problematic, you will see posts about it here, if you look for them, in fact at times I think maybe a edit should be made on the wiki page and add it, along with the Ubuntu ppa's ,

But that can possibly lead me to a broken Debian install down the line (when Bullseye is released).

I have not seen anything bad or problematic said about any of the OpenSuse Build service packages here. A important part of using any package, and I would even include the Debian packages, Is there good support, ? And Is the maintainer/packager active and available ? For example, stevepusser is available and active here, so if there is any problem, you would have support and help fixing it, if it can be. There even are some Debian packages that are not very well maintained.
There are ways to avoid possible problems with upgrades , EG: when Bullseye is released, that is to say there are safe ways to use outside repos and packages, steve and some others could probably give you more details on that , better then me, asking here, before using any "out side" package is also a good way to avoid future problems, any way, for now that is about it.

[DeabianDieHard]

In fact at times I think maybe a edit should be made on the wiki page and add it, along with the Ubuntu ppa's ,

I hope that happens sooner than later.

I have not seen anything bad or problematic said about any of the OpenSuse Build service packages here. A important part of using any package, and I would even include the Debian packages, Is there good support, ? And Is the maintainer/packager active and available ? For example, stevepusser is available and active here, so if there is any problem, you would have support and help fixing it, if it can be. There even are some Debian packages that are not very well maintained.

Thank you for that clarification!

There are ways to avoid possible problems with upgrades , EG: when Bullseye is released, that is to say there are safe ways to use outside repos and packages, steve and some others could probably give you more details on that , better then me, asking here, before using any "out side" package is also a good way to avoid future problems, any way, for now that is about it.

Gotcha!

[stevepusser]

It's really not that hard to do a reinstall of MX if you preserve your home folder, which is an option in the installer, and use aptik-gtk to restore your installed packages from a list that you create beforehand. I did a reinstall of MX 19.2 on my production laptop on Thursday because I screwed it up with a partition resize and I forgot to backup first, and I was back building packages on it in an hour.

[djk44883]

As for "trust" mentioned packages smplayer and palemoon - direct you OBS repositories.
Palmoon, directly to Steve's https://software.opensuse.org/download. ... e=palemoon

Smplayer smplayer from home:smplayerdev project - https://software.opensuse.org/download. ... e=smplayer

As for "shiny and new" have you considered Bullseye? Yes, officially it's not stable, and there will be many comments about "can you fix..." and probably nearly as many stating we've been running testing daily with no serious issues.

OK, I run Bullseye on my HTPC - nothing never not worked since Jessie was testing... but that's what worked for me. For my home and personal affairs, I do have a Debian stable system, it doesn't need to anything fancy, just important. Perhaps consider partitioning some 12GB and dual boot testing and stable with a third, shared for "stuff" (yes I've done it, chainload grub). It's not a good idea to share a /home due to configuration files. In the unlikely event your testing system has issues, there's a stable backup... even if for peace of mind.

[stevepusser]

Generally, if a package is already in Debian, I version it in a way similar to debian-backports so a Bullseye version will be seen as an upgrade. This doesn't work if the Bullseye version is still really old, like for SMPlayer, and for Pale Moon and similar apps not in Debian it's probably best to switch over the sources to the Bullseye repo when doing the upgrade, or remove it and reinstall after the upgrade.

Even Debian backports has a "sloppy" section where the packages are newer than in the next Debian--stretch-backports-sloppy has newer versions than in Buster, for example, so you have to do the same sort of thing there.