Snap name and classic confinement for Warp terminal

Hi there!

I’m an engineer working on the Warp terminal (https://warp.dev) - I’m currently setting up our various distribution mechanisms for Linux, including making it available through the Snap Store.

I tried registering the snap name warp, but got an error saying “The snap name “warp” is reserved.”. https://snapcraft.io/warp returns a 404, so it’s not clear whether the name is taken by a private snap or it’s something that could be granted upon request. If the latter, I’d be happy to explain why I am “confident nobody else will have a stronger claim to that particular name”.

Additionally, my understanding is that we’ll want to use classic confinement for our Snap - is this accurate? I expect to have a Snap built and ready for a more formal review by early next week, but wanted to get a head-start on the process.

Thanks!

– David

Hey @david-warpdotdev ,

I believe the issue here is that the store prevents snaps to be registered with names consisting of 3 letter (only). But @verterok or @odysseus-k can provide further information.

Can you please describe the technical requirements behind this? Classic confinement is a last resource. It means the snaps runs basically unconfined and thus provides device ownership. We exercise due diligence in trying to understand application intent, user expectations, etc to make sure the application can run with the least privileges possible meanwhile enjoying the benefits of a stable runtime environment. Strictly confined snaps can usually achieve their functionality by plugging some of the supported interfaces. This guide should help with debugging the snap and try to detect missing interfaces.

If this still does not work for Warp Terminal, make sure you check the process-for-reviewing-classic-confinement-snaps.

Hey @emitorino! Thanks for the quick response.

We’re a terminal emulator, which is one of the categories listed under the “Supported” section on Process for reviewing classic confinement snaps. Among other things, we’d need access to tty devices, which doesn’t seem to be provided by any interface other than custom-device, another super-privileged interface.

I can do some investigation to see which interfaces would need to be exposed if we were to use strict confinement, if need be.

Gentle ping here - would love to nail down our Snap name and get classic confinement approval so we can get Warp onto the Snap store in time for our launch on Linux (in the coming weeks).

hi @david-warpdotdev,

Apologies for the delay. Were you able to do any investigation/have any success with the custom-devices interface?

The requirements for classic are understood as your snap falls under the supported category of, terminal emulators, multiplexers and shells. However, as @emitorino mentioned, it would be beneficial to see if it can be implemented using strict confinement first.

So I’ve spent a few hours trying to get a snap to run in devmode and am running into a bunch of issues relating to locale data not being present in the snap (I believe this is an open snapd bug on the topic: Bug #1576411 “UTF-8 is not very well supported inside snaps” : Bugs : snapd package : Ubuntu).

Ultimately, I think getting Warp to work with strict confinement is going to be a major hassle. If we start with classic confinement and eventually figure out how to get strict confinement working, would the switch be transparent to users who have already installed the classic confinement version then update to the strict confinement one?

Yes - going from classic to strict is seamless (however if a snap goes from strict to classic that requires a manual snap refresh with the --classic argument since this is a widening of permissions for the snap).

In that case, I propose that we start by using classic confinement and we can spend some time in the future trying to switch over to strict confinement, as there won’t be any user impact.

Does that seem acceptable?

Also, is the warp name available or should we go with something like warp-terminal?

I think using strict confinement for a terminal that will run arbitrary programs and expect them to work is not a good avenue, so I support the need for classic confinement.

Having looked at the github page, I see that warp is not open-source. This is a message for other reviewers as I’m not entirely sure what the rules are for classically confined, closed-source applications.

2 Likes

I agree, the requirements for classic confinement for warp is understood. Given the upstream name is Warp I think it is fine that the snap is also called that.

1 Like