I have a question about snaps, one of the advantages of them seem to be the upstream/developer has the ability to quickly push updates. e.g. less static LTS. Compared to my understanding of the traditional repository flow, where changes are made, then pulled, tested then pushed to public consumption. (Correct me if I am wrong).
What is to stop a snap developer from pushing untested changes to a stable track. Is there a review stage like there would be in the traditional package life cycle?
Nothing. Any review stage is up to the snap developer’s choice to implement such processes.
Consider a snap equivalent to how Ubuntu users have traditionally used PPAs or third party apt repositories. Just as PPA and third party apt repository developers have had control to issue updates to their users at will, so can snap developers.
As I understand it, part of the point of snaps is exactly to decouple from distribution release management process like this.
However, as an exception I believe there are however additional safeguards for snaps that ship with Ubuntu by default. I don’t have a link to the details right now; hopefully someone can provide that.
For non-default snaps, if as a user you don’t want to trust a snap developer on release management matters like this, then you probably should avoid using the snap.