Debian repository is out-of-date

Reply

Debian repository is out-of-date

ChrReimer
Newbie

Plan

Free/Premium

Country

Germany

Device

Desktop

Operating System

Arch Linux

 

My Question or Issue

Your Debian repository under repository.spotify.com is out-of-date for some time now (1.1.42). The only way to get an up-to-date version of Spotify is through snapcraft (1.1.46 and 1.1.52)

 

There are several reasons not to like snap and snapcraft but I don't want to go into too much detail since most of them are subjective.

 

But fact is: Your Debian repository provides a GPG signature for the 'Release' file which contains the checksums for the actual *.deb package.
By trusting your GPG signature it is possible to check the spotify package for authenticity (Release.gpg -> Release -> (checksum) -> *.deb)

 

There's no GPG signature on snapcraft (at least I can't find one). And since there is no way to check for authenticity we don't only have to trust you, but also snapcraft/Canonical. This brings a whole new set of concerns

 

What are your future plans for Spotify on Linux? Will the Debian repository see updates again?

 

As far as I can tell there are a few possible solutions to this

 

- Continue updating the Debian repository
- Provide an AppImage signed with your GPG key, ideally from *.spotify.com
- Provide the Linux Spotify as ZIP or tarball signed with your GPG key, ideally from *.spotify.com

 

Thanks

 

Christopher

9 Replies

Re: Debian repository is out-of-date

NicoHood
Music Fan
Hey Spotify Team,
please have a look at this. As you already saw with this [previous Post users really want to see Spotify on linux](https://community.spotify.com/t5/Live-Ideas/Redistribute-Spotify-on-Linux-Distributions/idc-p/455159...).

It would be really nice, if you could have a chat with us package maintainers, so we can easily find a proper way to integrate spotify into our distributions. This would help Spotify, their users and improve the overall security and makes things simpler.

Cheers
Nico

Re: Debian repository is out-of-date

Jpfonseca
Newbie

I support everything said before.

Re: Debian repository is out-of-date

alanmrich
Newbie

Hi Spotify Team,

Please help the community by updating the repository.

 

Thanks,

Alan

Re: Debian repository is out-of-date

LordChaos
Regular

Hey Spotify gurus,

 

Please update the Debian repositories; I've been a longtime Linux user but also a longtime paying (premium) customer of Spotify as well. I think the Spotify client on Linux deserves the same attention as the ones on the more popular platforms.

 

Thank you.

Re: Debian repository is out-of-date

megamaced
Regular

Has there been any communication about this yet? I am the maintainer of the spotify-easyrpm script for openSUSE and so I'll need to change it to grab the binaries from snap instead of the deb if Spotify decides to abandon the latter.

 

I think it would be a huge regression to only ship snaps which is not present on non-Ubuntu based distributions. Many people still prefer deb or rpms, especially on rolling distributions like openSUSE Tumbleweed

Re: Debian repository is out-of-date

mychaos87
Casual Listener
Ong term Linux and Spotify user. Please give us back signed releases!

Re: Debian repository is out-of-date

megamaced
Regular
well Spotify just updated the debian repo with a new version.

Re: Debian repository is out-of-date

NicoHood
Music Fan
Spotify finally updated the Debian repositories and switched to GTK3!
Thanks a lot Spotify Dev Team!

Re: Debian repository is out-of-date

LordChaos
Regular

This is great news, installing the AUR package as we speak. Thank you all.

SUGGESTED POSTS