Subject: keepassxc: Package doesn't contain it's core features Package: keepassxc X-Debbugs-Cc: [email protected] Version: 2.7.7+dfsg.1-2 Severity: important
Dear Maintainer,Is it really a good idea to have a stripped down version of KeepassXC as the standard package (keepassxc)? If normal users (pretty much everyone) get to install it they would expect the advertised features of KeepassXC. With the change in version 2.7.7+dfsg.1-2 you pulled most of them out to a separate package (keepassxc-full).
I suggest to have the standard version of KeepassXC be called keepassxc (or link it to keepassxc-full) with it's intended upstream features built-in. A smaller hardened (and hopefully working) version e.g. can be keepassxc-core or keepassxc-minimal .
It shouldn't be Debian's job in my opinion to axe part of a program and also break it because of (unfounded) "dangerous" opt-in functionality. Features that the user even needs to enable. My advice would be to not even plug your computer to the network to be even more safe and please don't use any browser or this nasty thing referred to as email.
If that's not possible it would be at least a good idea to state that the standard package comes "Without any features" in it's short description.
Kind regards, Sven Grewe PS: Upstream maintainers and users are mad because of this change.
OpenPGP_0x8BABBCC7175C7DA0.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
