[Bug 578045] Re: Upgrading packaged Ubuntu application unreasonably involves upgrading entire OS

Matthew Paul Thomas mpt at canonical.com
Mon Jul 25 13:35:24 UTC 2011 

** Description changed:

-     It's hard to imagine that this could be true, but it is easier to
+ It's hard to imagine that this could be true, but it is easier to
  upgrade to the newest stable versions of popular free and open source
  software (referred to from here on as FOSS) in proprietary operating
- systems, than it is to do so on Ubuntu. I will use Firefox, a popular
- bit of FOSS on all platforms, as an example during this bug report.
+ systems, than it is to do so on Ubuntu.
  
- Steps to repeat:
-     1. Wait for a new version of Firefox to come out, or flash back with me to the launch of Firefox 3.6.
+ Two examples:
+ 
+ 1. Wait for a new version of LibreOffice to be released.
  
  What happens:
-     2. Observe that an installer is available for the newest stable version on http://www.mozilla.com/en-US/firefox/personal.html for Windows. If you have Windows, or know someone who will let you use their Windows PC, then download and run the installer.
-     3. You should observe that if an older version of Firefox exists on the system, the installer should import from and replace that version with little need for effort from the user.
+ * <http://www.libreoffice.org/download/> offers downloadable versions for Windows, Mac OS X, Ubuntu and other systems.
+ * However, nothing in Ubuntu Software Center, Update Manager, or anywhere in the default system, allows you to install the newest version in a trusted way.
  
-     4. Observe that nowhere in the Ubuntu Software Center, or anywhere in the default system, allows you to install the newest version of Firefox from a trusted source. Observe that Mozilla does not package Firefox as a *.deb available from the aforementioned page, but instead as a *.tar.bz2, which a new user will likely not know what to do with.
-     
-     5. There is no installer available from the main site that automates the installation and replacement process, the download is just a precompiled binary with the miscellaneous other files and dependencies it needs. The USC doesn't provide this either. Users learn that they shouldn't download from outside trusted repositories or websites as a rule, and it's very true that choosing to install applications from outside trusted places poses a risk to the system. PPAs often provide unstable, development releases which may not run well on the system they're installed on, or pose security risks to the system. GetDeb.net is a reasonably trustable source for now, but a new user may not know about it, and it still may not provide the same level of trust that an Ubuntu sanctioned source would to the user. But if nothing else, GetDeb could be configured as a source for new, stable yet unsupported versions of software and be advertised as such somewhere in the default Ubuntu install.
+ 2. Wait for a new Hedgewars version to be released. (Or notice that you
+ are unable to play network games, because the server requires a client
+ version newer than the one packaged in Ubuntu.)
+ 
+ What happens:
+ * <http://hedgewars.org/download.html> links to an Ubuntu package, but this requires setting up an untrusted "Playdeb" channel.
+ * On Mac OS X, the new version is advertised by a badge on the App Store icon, and can be installed in a couple of clicks.
+ * However, nothing in Ubuntu Software Center, Update Manager, or anywhere in the default system, allows you to install the newest version in a trusted way.
+ 
+ Users learn that they shouldn't download from outside trusted
+ repositories or websites as a rule, and it's very true that choosing to
+ install applications from outside trusted places poses a risk to the
+ system. PPAs often provide unstable, development releases which may not
+ run well on the system they're installed on, or pose security risks to
+ the system. GetDeb.net is a reasonably trustable source for now, but a
+ new user may not know about it, and it still may not provide the same
+ level of trust that an Ubuntu sanctioned source would to the user. But
+ if nothing else, GetDeb could be configured as a source for new, stable
+ yet unsupported versions of software and be advertised as such somewhere
+ in the default Ubuntu install.
  
  What should happen:
-     1. The user should run the Ubuntu Software Center or Update Manager and be told that he/she has the option to replace the current version of Firefox with a newer, but potentially unsupported version, packaged for Ubuntu. USC should then connect to an 'upgrades repository' and go about installing/upgrading Firefox using the new version found there.
+ * On running Ubuntu Software Center or Update Manager, you should be told that you have the option to replace the current version with a newer version.
  
  WHY THIS SHOULD HAPPEN:
  
-     A rolling release, or semi-rolling release system has been suggested
+     A rolling release, or semi-rolling release system has been suggested
  in the past and almost always is shot down for various reasons. I don't
  believe the way I'm suggesting this would constitute a rolling release
  system, and I don't think it would require any large change to the way
  things are done now. Ultimately, it would be up to the devs to implement
  this idea in whatever way they wished if they so chose, but here's why I
  think the USC should provide the ability to upgrade software easily and
  safely:
  
-     -Software development stops for no operating system, and Windows
+     -Software development stops for no operating system, and Windows
  users are used to having the newest versions of software as soon as, or
  soon after they come out. Being able to upgrade easily to newer versions
  of software, is a rather reasonable expectation of a modern, mainstream
  operating system.
  
-    -Resources wouldn't be stretched too thin; software would be upgraded
+    -Resources wouldn't be stretched too thin; software would be upgraded
  to their newest stable version under the stipulation that regardless of
  their former status of support (main or universe), they may or will be
  completely unsupported after upgrade. It's better than or at least equal
  to the alternative; using potentially malicious or unstable untrusted
  software from unofficial sources.
  
-    -Doesn't it seem wrong that it's easier to have the newest versions of FOSS software on proprietary operating systems than on a largely FOSS one? Ubuntu should showcase the best and newest of what FOSS has to offer, not so much or in a way that makes it look like a Debian-based Fedora, but in a way that if the user wants it, he can get it easily. Sure, you could reasonably argue that if the user cares so much about new software, he/she could go to a distro like Fedora or a rolling release distro, but that'd be kinda like Windows telling it's users that if they want the newest version of say, Windows Media Player (bear with me here xD) they have to upgrade their entire OS to an unstable development release. Ubuntu should be able to offer new versions of software easily, but it doesn't mean that all the core system libraries and daemons have to be upgraded. Simply an option for (at least) commonly used software.
-     
- I hope I was able to present my point in a valid and clear way; if I was unable to, please ask me to elaborate. I'd really like to see something resembling this idea be implemented in Maverick or Maverick+1. Thank you for your time.
+    -Doesn't it seem wrong that it's easier to have the newest versions
+ of FOSS software on proprietary operating systems than on a largely FOSS
+ one? Ubuntu should showcase the best and newest of what FOSS has to
+ offer, not so much or in a way that makes it look like a Debian-based
+ Fedora, but in a way that if the user wants it, he can get it easily.
+ Sure, you could reasonably argue that if the user cares so much about
+ new software, he/she could go to a distro like Fedora or a rolling
+ release distro, but that'd be kinda like Windows telling it's users that
+ if they want the newest version of say, Windows Media Player (bear with
+ me here xD) they have to upgrade their entire OS to an unstable
+ development release. Ubuntu should be able to offer new versions of
+ software easily, but it doesn't mean that all the core system libraries
+ and daemons have to be upgraded. Simply an option for (at least)
+ commonly used software.
+ 
+ ------------
+ 
+ Latest progress:
+ * <https://blueprints.launchpad.net/ubuntu/+spec/foundations-o-backports-ui> (for software in the Ubuntu archive)
+ * <http://voices.canonical.com/isd/?p=167> (for software not in the Ubuntu archive)

** Changed in: software-center (Ubuntu)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to software-center in Ubuntu.
https://bugs.launchpad.net/bugs/578045

Title:
  Upgrading packaged Ubuntu application unreasonably involves upgrading
  entire OS

Status in NULL Project:
  Invalid
Status in Ubuntu Software Center:
  Invalid
Status in “software-center” package in Ubuntu:
  In Progress

Bug description:
  It's hard to imagine that this could be true, but it is easier to
  upgrade to the newest stable versions of popular free and open source
  software (referred to from here on as FOSS) in proprietary operating
  systems, than it is to do so on Ubuntu.

  Two examples:

  1. Wait for a new version of LibreOffice to be released.

  What happens:
  * <http://www.libreoffice.org/download/> offers downloadable versions for Windows, Mac OS X, Ubuntu and other systems.
  * However, nothing in Ubuntu Software Center, Update Manager, or anywhere in the default system, allows you to install the newest version in a trusted way.

  2. Wait for a new Hedgewars version to be released. (Or notice that
  you are unable to play network games, because the server requires a
  client version newer than the one packaged in Ubuntu.)

  What happens:
  * <http://hedgewars.org/download.html> links to an Ubuntu package, but this requires setting up an untrusted "Playdeb" channel.
  * On Mac OS X, the new version is advertised by a badge on the App Store icon, and can be installed in a couple of clicks.
  * However, nothing in Ubuntu Software Center, Update Manager, or anywhere in the default system, allows you to install the newest version in a trusted way.

  Users learn that they shouldn't download from outside trusted
  repositories or websites as a rule, and it's very true that choosing
  to install applications from outside trusted places poses a risk to
  the system. PPAs often provide unstable, development releases which
  may not run well on the system they're installed on, or pose security
  risks to the system. GetDeb.net is a reasonably trustable source for
  now, but a new user may not know about it, and it still may not
  provide the same level of trust that an Ubuntu sanctioned source would
  to the user. But if nothing else, GetDeb could be configured as a
  source for new, stable yet unsupported versions of software and be
  advertised as such somewhere in the default Ubuntu install.

  What should happen:
  * On running Ubuntu Software Center or Update Manager, you should be told that you have the option to replace the current version with a newer version.

  WHY THIS SHOULD HAPPEN:

      A rolling release, or semi-rolling release system has been
  suggested in the past and almost always is shot down for various
  reasons. I don't believe the way I'm suggesting this would constitute
  a rolling release system, and I don't think it would require any large
  change to the way things are done now. Ultimately, it would be up to
  the devs to implement this idea in whatever way they wished if they so
  chose, but here's why I think the USC should provide the ability to
  upgrade software easily and safely:

      -Software development stops for no operating system, and Windows
  users are used to having the newest versions of software as soon as,
  or soon after they come out. Being able to upgrade easily to newer
  versions of software, is a rather reasonable expectation of a modern,
  mainstream operating system.

     -Resources wouldn't be stretched too thin; software would be
  upgraded to their newest stable version under the stipulation that
  regardless of their former status of support (main or universe), they
  may or will be completely unsupported after upgrade. It's better than
  or at least equal to the alternative; using potentially malicious or
  unstable untrusted software from unofficial sources.

     -Doesn't it seem wrong that it's easier to have the newest versions
  of FOSS software on proprietary operating systems than on a largely
  FOSS one? Ubuntu should showcase the best and newest of what FOSS has
  to offer, not so much or in a way that makes it look like a Debian-
  based Fedora, but in a way that if the user wants it, he can get it
  easily. Sure, you could reasonably argue that if the user cares so
  much about new software, he/she could go to a distro like Fedora or a
  rolling release distro, but that'd be kinda like Windows telling it's
  users that if they want the newest version of say, Windows Media
  Player (bear with me here xD) they have to upgrade their entire OS to
  an unstable development release. Ubuntu should be able to offer new
  versions of software easily, but it doesn't mean that all the core
  system libraries and daemons have to be upgraded. Simply an option for
  (at least) commonly used software.

  ------------

  Latest progress:
  * <https://blueprints.launchpad.net/ubuntu/+spec/foundations-o-backports-ui> (for software in the Ubuntu archive)
  * <http://voices.canonical.com/isd/?p=167> (for software not in the Ubuntu archive)

To manage notifications about this bug go to:
https://bugs.launchpad.net/null/+bug/578045/+subscriptions

More information about the foundations-bugs mailing list