I would love to give this a try but its software supply chain story seems like a car crash, with dependency bumps needed every few days: https://github.com/immich-app/immich/commits/main/server/pac...

I'm keen to use it as soon as the dependency story is mature (eg. it is packaged in Debian). This doesn't seem likely to happen any time soon.

I'm sure many people won't care about this. But for me, it's a measure of quality. I expect to be able to deploy and not worry about it, except for security updates, for at least a couple of years, preferably more. Constantly moving dependencies spidering out to a multitude of other projects, and Docker Compose, provide no such confidence.

Edit:

Ironically, just after posting that I came across this, which I think proves why my concern is warranted: https://news.ycombinator.com/item?id=45169657

Debian isn't immune to this, but it's much harder for such an attack to be successful when dependencies aren't constantly changing.

> Ironically, just after posting that I came across this, which I think proves why my concern is warranted: https://news.ycombinator.com/item?id=45169657

> Debian isn't immune to this, but it's much harder for such an attack to be successful when dependencies aren't constantly changing.

Immich is more immune to this issue because they wait 5 days before raising PRs to bump dependencies, which is a good practice https://github.com/immich-app/.github/blob/main/renovate-con...

I've been keeping my eye on Immich for a while and keep waiting for a stable release to try it out, but that hasn't happened yet. I'm also dreading having to setup proper backups if I were to switch to this over Google photos. My current solution is to backup critical homelab things to Google Drive automatically but I'd want a proper off-site backup if I were going to self host all my photos.

To be fair, there’s a massive banner on their front page warning users it’s in beta. Until they settle on a proper release it’ll continue to be a bit chaotic. All software development is like that.

This looks like a project that’s under heavy development (it is) responsibly keeping up with dependencies. This gives me more confidence, not less.

To be honest, a decent image server that can be the root server for a CDN and do the right things with modern web formats is something that should be standard and built in by now, with nobody needing to build and install their own.

That said, this is far better than my own non-existent image server.

For me a measure of quality is the rendered HTML code, which should use all the content sectioning elements and not be bloated with gazillions of divs and classes. This software is well off the pace in this regard.

Why is docker compose a red flag? That feels like a benefit to me.

You want to run it in docker and manage it with some tool. I use dockge and click the upgrade button every couple of days / weeks (when the app or website tells me). that's it.

Immich is an excellent piece of software, I have switch all my photo needs from over 25 years to it. It will mature and it actually already is. Don't hold yourself back with such practicalities.

Are there any/many applications that require a configured database (like PostgreSQL) and Redis/Valkey in Debian's package manager at all?

Also, Docker-compose is pretty great in terms of getting complex applications up and running.

so you find it too immichure? <jk>

[flagged]