Debian Users - Be aware the maintainer of the KeePassXC package for Debian has unilaterally decided to remove ALL features from it. You will need to switch to `keepassxc-full` to maintain capabilities once this lands outside of testing/sid.
The response by the debian maintainer responsible for this change to the keepassxc developer is an actual disgrace
Request to revert change:
@julian-klode this needs to be reverted asap. This is now our fourth bug report because of the decision to neuter the base KeePassXC package in Debian. Put the base package back where it was and create a keepassxc-minimal.
Response by debian maintainer:
julian-klode commented 9 hours ago:
I’m afraid that’s not going to happen. It was a mistake to ship with all plugins built by default. This will be painful for a year as users annoyingly do not read the NEWS files they should be reading but there’s little that can be done about that.
It is our responsibility to our users to provide them the most secure option possible as the default. All of these features are superfluous and do not really belong in a local password database manager, these developments are all utterly misguided.
Users who need this crap can install the crappy version but obviously this increases the risk of drive-by contributor attacks.
The whole github issue is worth a read, as it actually explains the issue with the change.
If I were maintaining a package and got a “request” worded like that I would tell the person to go fuck themselves. It’s extremely rude to order people around like that.
Of anything the maintainer was extremely courteous. I will be extremely wary of KeepassXC in the future given that its developers behave like this. As far as I’m concerned this is a clear cut case of maintainer bullying and I hope Debian sends a signal by kicking their -full package out completely.
The response by the debian maintainer responsible for this change to the keepassxc developer is an actual disgrace
Request to revert change:
Response by debian maintainer:
The whole github issue is worth a read, as it actually explains the issue with the change.
He’s not wrong but he sounds like a jackass. A minimal version sounds better than removing features that are present and used by people.
At first i thought some reasons sounded reasonable too, but after reading the github issue i changed my mind. See my edit for reasons.
Devs having too much time.
If I were maintaining a package and got a “request” worded like that I would tell the person to go fuck themselves. It’s extremely rude to order people around like that.
Of anything the maintainer was extremely courteous. I will be extremely wary of KeepassXC in the future given that its developers behave like this. As far as I’m concerned this is a clear cut case of maintainer bullying and I hope Debian sends a signal by kicking their -full package out completely.