> plus sudden updates that nuke active applications.

This is not what’s supposed to happen. If an app installed through flatpak is active while it’s receiving an update, then the update is not supposed to affect the running application until it’s closed/restarted.

Edit: Somehow I didn’t realize the concern was raised against Snap and not Flatpak.

I’ve installed it through secureblue’s ujust script. I think this has been the smoothest experience I’ve had with it on Fedora Atomic.

Previously, I relied on the wireguard profiles I downloaded from ProtonVPN and which I loaded through NetworkManager. While it definitely worked, it was a hassle to redo it every now and then. Furthermore, switching on the go to something else I hadn’t loaded already was never an experience I enjoyed doing.

Though, for completeness’ sake, ProtonVPN^[1] hasn’t fixed its IP leakage on Linux. And, to my knowledge, the workaround is only available with access to the wireguard profiles. And thus, the cumbersome method actually offers a very tangible merit over the comfortable one.

Finally, while I don’t endorse the use of NordVPN, it’s the only other VPN that’s installable as a sysext. Note that systemd system extensions are still experimental, though. Even if they’ve (read: N=1) been reliable to use for me.

Please consider to stop hating on GNOME or its design choices the very moment it’s brought up.