@keepassxc I dont find it so problematic to offer two versions of your program: One minimal one that does the basic job (which is enough for me) and has less attack vectors, and the fully-blown "monster" with all those nifty features.
Top-level
@keepassxc I dont find it so problematic to offer two versions of your program: One minimal one that does the basic job (which is enough for me) and has less attack vectors, and the fully-blown "monster" with all those nifty features. 13 comments
@Zugschlus Sure, but the problem comes from the fact that users have had the full version installed as one package for X amount of time and now that package is suddenly the minimal version. Most users will blame the change on @keepassxc rather than realizing that their distro made a change. Both the maintainer and KeePassXC agree on this pain point and the maintainer even said he anticipates it will last a year. Crippling a user's installed software feels more like M$ than FOSS. @healsdata @keepassxc There is a message displayed on package installation. Julian's actions are just fine and well withing the responsibilites of a package maintainer. @Zugschlus @healsdata @keepassxc are you sure about that? I was affected (running testing) and didn't remember seeing a notice on update @lbehm The current version has a NEWS.Debian, which is automatically displayed if apt-listchanges is installed and active (which is the default). Maybe there was a version without that entry, but that's the price you pay for using an unreleased development version. @healsdata @Zugschlus @keepassxc Has anyone proposed the obvious solution? * make two packages, keepasxc-light and keepassxc-full @nik @healsdata @Zugschlus @keepassxc The rename will happen, ftpteam willing. As for the direction of the trixie transitional package, maybe that is the best. We'll certainly kill it after Trixie, then apt install keepassxc tells you the two choices and you can decide for yourself. @juliank @healsdata @Zugschlus @keepassxc I don't see any problem, then. Clean transition to a reasonable choice. You say it took a year to make this decision, admitted to not talking to upstream about it, and recognized it would cause confusion for users for at least a year. And then suddenly, in one day, you have plans to make a better UX, some other team willing. All because you decided what features this software should & shouldn't have and are bending things to your preferences. Man, it must be nice to be in a role where you can act so transparently antagonistic with no repercussions. @juliank i appreciate your diligence, and personally i am very happy with the minimized version of keepassxc, but i don't understand why you needed to insult the keepassxc developers for that? (https://github.com/keepassxreboot/keepassxc/issues/10725#issuecomment-2104401817) @Zugschlus
@keepassxc the basic version does not let you open some databases (specifically ones that use a hardware key as a second factor) and is also more prone to phishing due to lack of autofill |
@Zugschlus @keepassxc Keepassxc is not the only package that is split this way. Vim and Nginx are packaged like that too.