I have some questions around this, if it is ok to ask them in this thread (or I can move it to a new thread if preferred).
If I understand correctly the AUR builds the software from source on your system following a pre-supplied build script (from the original developer?). The biggest trouble I have had with this is that it can be a lengthy process with no indication ahead of time of how long it might take, and no clear way to pause or cancel it while in process. It seems reasonable therefore that this should be the lowest priority choice. I guess it is also the least tested and most likely to cause stability problems? On the other hand, I was wondering if there are any potential performance improvements from building the software locally where it can detect things like what CPU feature flags are available etc.?
(BTW, I have noticed instances where the AUR result is served as the highest result in the search in the case where there are additional suffixes like “-bin” on the Chaotic AUR builds).
My understanding of the Chaotic AUR is that it contains community pre-built packages from the AUR. Which is obviously a big improvement in avoiding having to go through the build process yourself, but I was wondering how it otherwise is expected to compare to the AUR in terms of stability or security? I was guessing it should be about the same in this regard with just some additional security risk for having to also trust whoever built it?
So far I have found myself preferring to use the Chaotic AUR over Flatpak, simply because the Flatpaks can be multiple orders of magnitude larger by comparison, and don’t even advertise the true size ahead of time (e.g. I have seen cases where it is claimed to be a few tens of kB, but actually results in many hundreds of megabytes). But I’m wondering if this is really wise, and what risks to stability I might be running which is of prime importance to me. Maybe it is worth having all those cleanly separated sets of dependencies if it really does make the system more stable?
Another related question I have as a new Linux user is why there is such a thing as “incompatible dependencies”. I find it strange to have to uninstall dependency “X” (which presumably other software might like to make use of) when installing some new piece of software which requires dependency “Y”. Why can’t X and Y coexist in peace such that one or the other can be called by at different times by different pieces of software?