Ordering Package Managers for Debian

5 minutes read

With so many places to get software in 2026, here’s my personal perspective on installing new software while avoiding FrankenDebian.

  1. Debian Stable Repository
    • Reason - Tight integration w/ my system. Also, easy to find packages from my terminal via nala and my trusty ripgrep. Whenever I want to install a new package, I start my search here.
    • Concern - Because of dependencies et al, if you start mixing and matching sources, you can break stuff. Separately, being that the repo is only updated every two years, you have to be OK w/ not having the latest and greatest. I started my Linux journey in 2023 and definitely felt the pull here. Over time, as I got my workflow down, new software for base functionality started to lose its appeal fwiw.
    • Personal Example - Two as of late are zoxide and ripgrep. I had installed them previously from external sources, but they were in the official repositories as of Debian Trixie.
  2. Debian Backports Repository
    • Reason - I use this primarily for packages that work best when up-to-date or for packages that are a work in progress.
    • Concern - It does take some additional steps to set it up but it is largely automated once that’s out of the way fwiw.
    • Personal Example - yt-dlp needs to be constantly updated as its maintainers’ play cat and mouse w/ Google. LibreOffice is another app I use backports for to avoid waiting two years for UI/UX improvements
  3. Adding a 3rd Party Repository to Debian
    • Reason - I choose to install packages this when thanks to its tight integration w/ Debian. I forget that they’re there since they are indistinguishable from the official repo when undergoing the updating process.
    • Concern - Most times this integration involves blindly following the instructions on a website. I still don’t fully understand keyrings et al 😅. My advice is to make sure you trust the maintainer here given the access they have to your system as a package source…
    • Personal Example - Syncthing
  4. Go Packages
    • Reason - Very popular for TUI apps. Easy to install (and the same command is used to upgrade). All of this makes it ideal for all of my devices including my finicky OpenWrt router.
    • Concern - This (and all subsequent install methods) require separate additional steps to update packages. I do have RSS feeds on release pages for the apps I find interesting fwiw.
    • Personal Example - jfsh is my current fave. It lets me to watch saved videos w/ my personal MPV config, yet since it is a Jellyfin client, the stats show up in JellyStat. Some other nice pkgs are discordo (Discord w/ TUI vibes) or snitch on my router.
  5. Rust Packages
    • Reason - This is interchangeable from Go packages more or less but there are more Go TUI packages which is why I default to it. Rust does seems more bleeding edge and ‘cooler’ though.
    • Concern - Not quite related, but I had trouble compiling Rust packages when I was using the backported edition. The version in the Stable repo was perfectly fine so I downgraded to that and haven’t had issues since.
    • Personal Example - Don’t have any Rust packages installed ATM.
  6. 3rd Party .deb Files
    • Reason - Some GitHub repos provide .deb packages, which integrate just as well as the official repositories. One trick I found out over time is that it still pays to install them w/ your package manager apt/nala (ie: nala install ./path/to/file.deb) as it gives your package manager visibility. You cannot upgrade this way, but you can uninstall w/ the package manager, and it’ll show up in package manager’s history as well.
    • Concern - From a privacy perspective, any .deb packages you install have full access to your system. I was surprised when I found this out and I think it isn’t discussed often enough. The same access applies for the official repositories, but w/ the official repository, you at least know that the pkg is vetted… I almost always create firejail profiles to lock down access to minimize the risk for 3rd party deb files, but it can require extensive troubleshooting.
    • Personal Example - schildichat-desktop as a modern Matrix client. It was a last resort after the visually appealing option in the official repo (Nheko) was too buggy for my taste.
  7. Flatpak
    • Reason - This is one of the more popular options. Its built-in privacy is better than all the other options and it has a lot of modern/bleeding-edge software.
    • Concern - Because it creates its own sandbox each time, it takes up a lot more space than ideal. This doesn’t matter as much since storage is relatively cheap in 2026, but I have a minimalist approach to software, so Flatpak is too inefficient for my liking.
    • Personal Example - I installed Jan as a Flatpak since I encountered issues w/ my initial .deb install and firejail. Today, for Shortwave, I also switched from the official .deb repo install -> Flatpak for as well. With this one, a new release improved the functionality re: recording time and I use the app almost daily so it was worth the extra space.
  8. ???
  9. Snap
    • Reason - I can’t speak for Ubuntu but the integration w/ Debian was lacking. I struggled to figure some stuff out.
    • Concern - Not a fan of Ubuntu’s aggressive implementation, altho I do think some of the pushback they’ve received is overblown
    • Personal Example - Initially I had a snap install of TradingView desktop. Once I switched it out for the .deb file, I uninstalled the back-end for Snaps completely.