Using snaps like this is something that I will never do
Using snaps like this is something that I will never do.
Jay R. Wren

Snap upgrades is a matter of trust.

Do you trust that the vendor (Canonical in the case of microk8s) will not break your deployment and/or drop features? Isn’t this similar to what all OS vendors are doing right now? Updates are pushed transparently to you, and you trust them to do so.

Specifically for snaps now. As you move from edge to beta and then candidate and stable channels things get more trustworthy. Software updates are pushed from the application vendor and you can schedule when these updates will land on your system. You can delay updates to a snap for up to 90 days. If you need to never update then you can grab the snap revision you want from the store and deploy as if it is a local snap (not recommended). If you are a corporation you will need to have your own snap store to gate any updates. The software update options you have with snaps are VERY similar with what you get with any other application distribution method, what changes is the default approach. The snaps default is that updates on all applications will be pushed when the application author decides to, and we both know you trust the application author because you are already using the app. If the application author is not a trustworthy then the application will just not sell.

This is a long discussion. I have to admit I was initially not convinced by the snap approach; it might not be suitable for all software out there. But after giving it a bit of thought, snaps present an elegant way to solve the problem of unpatched and outdated software.