Unofficial up-to-date Spotify Package(that could be installed with pacman) based upon Flatpak

Spotify has not updated the package on the Debian repositories(and in turn the Arch package) since September 2020(version 1.1.42.622)

They seemed to have switched exclusively to Flatpak/Snap and are no longer providing updates to the Debian package(or are neglecting it).

I installed the flatpak package and realized the program files are very similar between the two different versions.
After a bit of copying and pasting I produced a mixed binary where I replaced as many files from the old package as possible with the new files. I then tested by moving my mixed binary files over to my /opt directory and my /usr directory and it just worked! I opened spotify and looked at the "about section" to see the latest version (1.1.46.916.g416cacf1)


I went ahead and made a github repository with the combined binaries that worked for me(as a proof of concept):

I'm thinking it might be worthwhile to create a "Unofficial-Spotify" or "Spotify-Unofficial" package based on the flatpak package. I figured out it was possible, but I don't know how to proceed with making packages.

Perhaps, it would be best to try to make an AUR package that pulls from the Flatpak package(if that is possible.) A repository could also be designed that syncs the files from the Flatpak(or can be manually synced) and is then used for the package.

Unfortunately, it does not look like the Spotify team are going to maintain Debian packages any more. Perhaps this project will apply some pressure, but there is no guarantee. If not, assuming there aren't too many changes in the code, an unofficial package seems pretty practical.

6 Likes

If you haven't already, pass this along to the AUR package maintainer.

5 Likes

I have not passed it on to him yet.

It looks like he has discussed trying to pull files from the snap package. However, he decided against the idea because snaps don't have the ability to offer a "secure way to verify."

I don't know if flatpaks have an ability to verify up to his standards. I am very unaware of the inner mechanics of flatpak packages.

If flatpaks do have some method of verification suitable, it might work out.

If that doesn't work, I think it could also work to create an "spotify-unofficial" pkgbld without any sort of promises of verification. I think in order to get it to work properly, the pkgbld would need to pull files from both the debian package and the flatpak package(the flatpak has a few things missing, such as icons).

Edit:
it does look like someone has made a snap-based package. I haven't tried it out yet, but it might be a good option.
https://aur.archlinux.org/packages/spotify-snap/

2 Likes

Alright, I went ahead and mentioned it to him on the AUR page.

Again, I don't know if it would work with his security concern, but it's worth a shot!

5 Likes

Maybe you must change the year of the © to 2021 :wink: too, to be up-to-date.

image

3 Likes

Unfortunately, I actually think that is part of the pre-compiled "spotify" executable and not in anything that could be modified.

Even on the official flatpak package that was an issue.
It would be probably be practically an instant fix if we had the source code, but Spotify has kept their software closed source. I can understand why, however. Their software deals with DRM and they also probably don't want someone making a fork with their ads removed.

4 Likes

I did some more digging to try to figure out how to find the .flatpak file for spotify of the flathub repository.

I ran flatpak install com.spotify.Client in verbose mode and it looks like it is actually downloading the binary files from the snap as can be seen here:

From my research, flatpak does have a way to verify files on their repository (In think in this case it would be a .flatpakref file). Unfortunately, I think that file is kind of similar to a PKGBUILD on the AUR. The actual binaries still come from the snap repository(which does not have suitable verification).

Spotify only really uploads their binaries to the snap repository. The flatpak package is basically a slightly modified snap package. As such, there is no possible way to meet a verification requirement and keep the spotify package updated.

edit:
I'll give the spotify-snap AUR package a try, if it works, perhaps it should be added to the Chaotic-AUR. It could even replace the spotify package in the Chaotic-AUR all together. In addition to there being no issues with mixing the files, the new version of spotify also remained logged in and could use all previous cache. It would be seamless to just switch packages.

5 Likes

I tried the spotify-snap AUR package(https://aur.archlinux.org/packages/spotify-snap/) and it worked perfectly!

If I recall correctly, I think @dr460nf1r3 and PedroHLC are the main people who maintain the Chaotic AUR.
I can submit a request on the github, if this thread doesn't work as a request.

Although, it still might need to be determined if the "spotify-snap" package should replace the current "spotify" package. My guess is that a majority of users will be confused by the "spotify-snap" name, even though it is the best package for them to use. In addition, the spotify and spotify-snap packages, when built, are practically identical and remain compatible.

2 Likes

A request at GitHub would be best as we can track why exactly we added it this way :wink:

3 Likes

Alright sounds good! I'll make a request so that the rationale is on the record and not hidden on the forum.

Edit:
Issue is submitted here:

3 Likes

I saw that you closed the issue.

Is there a way to build the spotify-snap package, but then change the name to "spotify" in the repository?

My hope is that people can run sudo pacman -S spotify and it installs the spotify-snap package without them even having to worry about the distinction

edit:
I guess another thing that could be done is to set it up so that pacman asks you to replace spotify with spotify-snap during an update.

My only concern would be for new users. I don't know if spotify-snap will throw them off and they would go for the AUR spotify package instead. Although it might be possible to make it so when you try to install spotify, it just automatically uses the spotify-snap package(through a blank redirector package, at least I think that's what it is called).

1 Like

It can be done but currently its working quite like you pictured it:

Idk, is that still too confusing?

1 Like

The only thing I would probably do is get rid of the edge option when you run the basic command to install spotify(or make spotify-snap the default).

I would guess that most users that want the dev or edge version of spotify would would be skilled enough to go out of the way for it in the first place.

I would believe that most users who just type sudo pacman -S spotify into the terminal just want the stable(or regular) version. Although Gaurda users are higher skilled than userbases from some other distros, it's probably still good to try to make things user friendly.

Feel free to disagree, however. Perhaps that idea babies the user too much

1 Like

Well, Pedro wanted the -dev package so there is no getting rid of it :stuck_out_tongue:
But we can just patch that using our interfere repo (just putting in pkgname=spotify and its done, love it) - which I just did. Issue solved :partying_face:

3 Likes

Here is a little update:

The resourceful people on the AUR have already made a package(spotify-snap).

I realized that other distros do not have such a convenience, so I decided to embark on a project of making packages for other distros.
I just recently updated my github repository(GitHub - ThePoorPilot/Unofficial-Spotify: Unofficial up-to-date Spotify package derived from the Snap Package.) with a Debian package.

Although not related directly to Gaurda Linux, I just wanted to showcase my project and show much I've enjoyed putting it together!
I'm planning on making an RPM package next.

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.