us.zoom.Zoom VS flatpak-cve-checker

For example, let's say we want a separate instance of Zoom (Zoom on Flathub) to run along the default one.

It seems to divert the discussion to something that doesn't make too much sense. X and Wayland are two different things by design, this probonopd sounds extraordinarily salty that moving an application under a new server breaks some things, making some applications entirely useless, but I say, that is to be expected. Saying that Wayland breaks stuff by design, as if that was their only objective is just petty, of course it's a pity that those devs have thrown in the towel, but let's not pretend like theirs were the only options, e.g. screen recording works perfectly fine with OBS, at least it has done so on my machines with AMD/Intel GPUs; Jitsi works now; Zoom screensharing being GNOME only is Zoom devs being dicks that can't be arsed to support standards, the community came in to work around it and also I don't know how they could bring up a proprietary application that has not made the Flatpak package themselves as an example, the whole thing is a community effort there apparently; etc. etc. (I'm not going to debunk all the others that are invalid, the internet is there for everyone)

Can you be specific about the problems with X11? I've been using X11 for decades and it's been ROCK SOLID. And that is exactly what you want from something so essential. Wayland feels like an expensive boondogle, frankly. Wayland breaks everything and only provides 20% the functionality that X11. It also forces application and DE developers to implement special tools and solutions for wayland which have always been provided as a common interface by X11, like screenshots/ recording and screen sharing, e.g. https://github.com/flathub/us.zoom.Zoom/issues/22

For college and therapy, I've had to use Zoom. I've been using the zoom flatpak, as I try and use flatpak for any proprietary software. That being said, it is not officially supported (by zoom), and also doesn't listen to Pop!_OS's tiling window manager. Certainly, I'm not the only one who has questioned which client to use, but I'm curious what y'all think. I like flatpak because I can trust that, worst case scenario, the proprietary software (read: Spyware) only has access to a limited amount of my system. But it'd also be nice to, ya know, use the tiling feature.

I've gathered a coredump and a stack trace, which might be useful.

You can get it as a flatpak too which should (presumably) take care of any dependencies automatically. :)

Here you go: https://flathub.org/apps/details/us.zoom.Zoom

Check this out https://github.com/flathub/us.zoom.Zoom/blob/master/zoom.sh

Link to the github issue for the flatpak

Parsing the manifest for vulns is doable. Here I wrote one: https://github.com/TingPing/flatpak-cve-checker

If Debian (or whatever org/group/project/initiative that) provides the images has a security policy, they can extend that to the images too.

Users don't run CVE checkers [0], at best they reluctantly click on the update button. Of course the authoritarian evergreen auto-update thing is what actually works in practice.

For example as much as snap's UX sucks it does auto update by default.

[0] Though they could, as files in container images are trivially accessible, after all it's their purpose. Plus there are metadata based approaches: https://github.com/TingPing/flatpak-cve-checker (plus the Flatpak project already spends some energy on ensuring that the base image is chechekd against CVEs https://gitlab.com/freedesktop-sdk/freedesktop-sdk/-/jobs/18... ) of course duplicating this effort, and building a parallel world besides packages is not ideal, but