Late Night Linux Family All Episodes Linux Matters 65: MacOS Made Me Snap!
Sep 30, 2025
Alan discusses his work on Snap vulnerability scanning and how Snaps differ from Docker images. Martin shares his journey switching from MacOS to a Framework laptop, highlighting UI challenges. Mark introduces Immich for indexing photos from Nextcloud, showcasing its face recognition and search capabilities. The team delves into the privacy benefits of self-hosted solutions while navigating hiccups like auto-update issues. Get ready for a lively discussion on productivity and technology transitions!
AI Snips
Chapters
Transcript
Episode notes
Snaps Can Be Scanned Like Containers
- Alan implemented Snap scanning by parsing snap metadata and integrating it into existing container scanning workflows.
- This lets scanners produce accurate SBOMs for snaps instead of guessing from directory listings.
Compression And Licensing Complicate Snap Inspection
- Snaps are compressed with varied algorithms so unpacking requires handling multiple formats and licensing issues.
- Alan had to reimplement LZO decompression to avoid incompatible licenses and reliably inspect snaps.
Use Snap Metadata For Accurate SBOMs
- Use built-in snap metadata when available to identify precise packages and versions instead of guessing from files.
- Feed that accurate SBOM into vulnerability scanners to get reliable CVE matches.
