I looked up specifically examples of this and didn’t find answers, they’re buried in general discussions about why compiling may be better than pre-built. The reasons I found were control of flags and features, and optimizations for specific chips (like Intel AVX or ARM Neon), but to what degree do those apply today?
The only software I can tell benefits greatly from building from source, is ffmpeg since there are many non-free encoders decoders and upscalers that can be bundled, and performance varies a lot between devices due to which of them is supported by the CPU or GPU. For instance, Nvidia hardware encoders typically produce higher quality video for similar file sizes than ones from Intel AMD or Apple. Software encoders like x265 has optimizations for AVX and NEON (SIMD extensions for CPUs).
lol, saw title, came to say ffmpeg, read body, it’s your prime example!
I can’t remember what flag or feature it is I’ve more than once found myself having to build from source to enable, but there is one!
In order to use a bit of Windows only software for controlling my CNC machine, I have to use a Wine patch that is only available in source form. That means building Wine from source if I want to use my CNC
- I build software that I changed or patched
- When the bat version in the repos was broken I just installed it with cargo which compiles the latest version
- You can get a compiled version with a ‘-git’ package from the AUR if you need the latest features not yet in a stable release
- Some pieces of software I use I made myself so they are compiled by me
- Maybe you want to install some software that is not available precompiled
- The XZ backdoor didn’t work if you compiled it yourself: https://www.openwall.com/lists/oss-security/2024/03/29/4
Anecdotally: the night Mozilla builds were a godsend when I couldn’t afford decent hardware.
Also anecdotally and professionally: when you have a client that insists on using source like most software companies do nowadays; you can use that source along with something like a hash to keep them honest and prevent them from leaving you holding the bag when shtf. (ask me how I know this works. Lol)
Anecdotally: the night Mozilla builds were a godsend when I couldn’t afford decent hardware.
I don’t know much about them, do you happen to know why the nightly builds were better? Did the new features fix a problem?
i wasn’t using the main build; i was using a minimalist build on my ancient laptop and i struggle to remember what it was called now.
For me the biggest benefit is the ease of applying patches. For example in Nix I can easily take a patch that is either unreleased, or that I wrote myself, and apply it to my systems immediately. I don’t need to wait for it to be released upstream then packaged in my distro. This allows me to fix problems and get new features quickly without needing to mess with my system in any other way (no packages in other directories that need to be cleaned up, no extra steps after updates to remember, no cases where some packages are using different versions and no breaking due to library ABI breaks).
Another benefit that you are pointing at is changing build flags. Often times I want to enable an optional feature that my distro doesn’t enable by default.
Lastly building packages with different micro-architecture optimizations can be beneficial. I don’t do this often but occasionally if I want to run some compute-heavy work it can be nice to get a small performance boost.
OP asked for specific examples, do you have any you think are worth emphasizing?
I love this about Nix. Had a case this year where I’d hit a bug in the upstream, I fixed it and submitted a PR but then could reference that PR directly for the patch file until a new release finally made it out.
The question is not really whether the software will be “better.” In most cases, you only compile from source if you have a specific situation where you need, or think you might benefit from, some specific non-default build option. Or if you don’t trust the provider of pre built releases for whatever reason.
Nginx has a number of compile-time optional features and they aren’t all enabled in the pre-built packages. For example, the ability to echo back HTTP requests for debugging.
I used to have to custom compile nginx to get HTTP/3 and brotli working (significant speed benefits), but now it’s possible to get those in packages on my OS. This makes maintenance far easier or even automatic for me, which is great from a security standpoint.
Obviously only for important cases, like compiling custom insults into
sudo
. :)FreeBSD.
I needed to set up a whole new small server for a company I had just joined. (Their old beast with MS Exchange was old and fat and dying, with crashes and manual actions every day etc.) I had an expert do the initial install, and he wanted to compile it all in place, right there on this machine. OK well why not.
The FreeBSD server turned out to be a quiet workhorse that never complained about anything, and only about 3 or 4 years later we had the first occasion when a reboot was needed.