Christina WarrenMay 11, 2024
Watching Linux distros (and yes, it is usually Debian packagers who act the most sanctimonious) shoot themselves in the face and then insult upstream AND the users of a popular package under the delusion that only the distro's self-declared experts are capable of making decisions is always a good reminder as to why you will never be able to waterboard me into using Linux as my primary desktop. Very sorry this is happening Team KeePassXC. https://fosstodon.org/@keepassxc/112417353193348720
Team KeePassXC (@[email protected])

Debian Users - Be aware the maintainer of the KeePassXC package for Debian has unilaterally decided to remove ALL features from it. You will need to switch to `keepassxc-full` to maintain capabilities once this lands outside of testing/sid.

Fosstodon
Show threadChristina WarrenMay 11, 2024
The KeePassXC GitHub repo where Debian users are filing bugs (b/c people by default blame upstream, in part b/c the distros love to blame upstream for everything, even when the changes are clearly the packagers fault) and the Debian packager responds by calling the software crap is my favorite part. https://github.com/keepassxreboot/keepassxc/issues/10725
Debian No-Feature KeePassXC Package · Issue #10725 · keepassxreboot/keepassxc

Overview I'm using the Brave and Firefox browsers under Ubuntu testing using keepassxc version 2.7.7, suddenly the browser integration doesn't work anymore. So I went into the settings menu to enab...

GitHub
Show threadidlestate's SDF liason acctMay 11, 2024

@film_girl

my favorite part was the call back to the xscreensaver fracas from days long gone by

part of the answer is the same now as then: The bugs from Debian users belong in Debian channels

(deleted & redrafted into the "my favorites" part of the thread)

Show threadKg. Madee Ⅱ.May 11, 2024

@idlestate @film_girl but also that was the upstream dev being an ass hiding that time bomb message & generally sabotaging an orderly packaging process.
Other distros just patched that one out, while Debian tried to be nice and coordinate with upstream ...

This time, the Debian maintainer does seem kinda rude. And while I think the reasoning behind the change is sound, they're definitely late to the party and should really use a more delicate approach

Show threadKg. Madee Ⅱ.May 11, 2024
On the other hand, this is what happens when you use the *testing* distribution.
I use stable because I don't want these kind of changes. In two years, I might have to switch a few packages around when I switch to the next stable. And that's fine, because before I make that decision, I won't.
Show threadKg. Madee Ⅱ.May 11, 2024
PS: I use Debian stable on my gaming rig. Backports kernel and bam, works. I don't see the motivation to use testing when you're not willing to be exposed to these processes.
If you wanna chase the latest version numbers, there are other distros for that ...
Show threadChristina WarrenMay 11, 2024
@kgMadee2 I agree with this but again, a change of this magnitude without any rational reason (I’m worried about future xz-like backdoors is not rational), especially when the features are turned off by default, and with Debian’s complete lack of willingness to alert users who now can’t access their password database b/c YubiKey support was removed, goes far beyond the RTFM expectations of using testing.
Show threadChristina WarrenMay 11, 2024
@kgMadee2 More disturbingly, these problems were found in testing and when users bring up the very real issues with this approach, the asshole packager has the nerve to insult upstream, insult users who use a password manager differently than him, and then has the temerity to call them “his” users. No. They use KeePassXC. They don’t belong to him just because they happen to use Debian.
Show threadKg. Madee Ⅱ.May 11, 2024
@film_girl I agree on the communication issue: insulting everyone around is bad.
The change itself is just not that surprising to me: It would have to happen in unstable, then testing.
I want to avoid breaking changes myself, so I stick to stable.
Show threadChristina WarrenMay 11, 2024
@kgMadee2 But this will trickle down to stable! Ubuntu and all its derivatives use Debian testing for their repos and so that’s even more headache for upstream. And unless they have a CLI and GUI pop-up about the new keepassxc-full, existing users are still very much going to be out of the loop. There are ways to make this change and this was not the way.
Show threadKg. Madee Ⅱ.May 11, 2024

@film_girl Debian stable? Sure, next release when Trixie steps up. That's, what, a year to go still? And even then there's another year of support for oldstable. When I finally upgrade to Trixie (or the one after that), I will have to look out for the things that have changed.
If I used unstable or testing as a daily driver, I'd (have to) be careful with any updates. Because that is where these changes are introduced before they go into the next stable release.

No, maintainers shouldn't insult upstream devs or users. But users obviously shouldn't be filing bugs upstream in the first place for issues that are explained in their distribution's release notes.

And if Ubuntu and others quietly, or blindly, just copy everything from Debian testing, that is their own fault and I again don't see why you would blame the next stage upstream for Ubuntu's mistakes.

Show threadChristina WarrenMay 11, 2024
@kgMadee2 I mean, I’m blaming Debian downstream because this is a problem that will proliferate for a year or longer. I’m not saying users shouldn’t be aware of what they are doing (but Debian testing is used by lots of distros and Debian knows this so saying don’t blame Debian for Ubuntu’s decisions, esp when this Debian maintainer works for Canonical doesn’t work when this has been status quo for 20 years), I’m saying this decision is bad and wrong.
Show threadKg. Madee Ⅱ.
@film_girl I just don't see why Debian should be responsible for whatever Ubuntu does further downstream. Surely they're aware of this issue by now and can re-package the -full package if that is what they/their users want and expect
May 11, 2024 at 9:50pmWeb
Show threadChristina WarrenMay 11, 2024
@kgMadee2 should be, no. But after 20 years, it’s obtuse to pretend/ignore that Debian changes don’t have broader impact is my point. So changes need to be more considerate. But the real loser is upstream, who already has a heavier burden just from Debian users, even advanced users who knowingly choose Sid, because they file bugs upstream instead of with Debian. In this case, the person who maintains the Ubuntu package is almost certainly the same person anyway. Because he works at Canonical.