Control: forwarded -1 https://bugs.kde.org/show_bug.cgi?id=415089 Control: severity -1 important Justification: kio-gdrive is not unusable for everyone
Hi Eric, Thank you for reporting this bug, and especially for providing a link to the upstream bug :-) I've reduced the severity to important, because the package remains usable for anyone who already has already authorised kio-gdrive and who did not fall victim to Google's manipulation--the narrative you've provided is remarkably similar to a phishing attack in the sense that an email requested user action, the user took action, and consequently the user lost access to their files. I agree that it's a severe issue that has greatly inconvenienced you, but we need to abide by official severity definitions: https://www.debian.org/Bugs/Developer#severities It is my position that this is a user-hostile action by Google and not a bug in kio-gdrive, and I expect that existing kio-gdrive versions will begin to work again without maintainer action as soon as Google reauthorises kio-gdrive's application API key. While it only affects a minority of users (eg: not on Windows or MacOS), it's a really bad PR move (like Dropbox dropping non-ext4 support) that ought to drive users away from their proprietary services towards freedom-respecting solutions like Syncthing and OwnCloud/NextCloud. If maintainer action is required, then I will also provide a stable update for buster users. It's 10 or 11 months early for the decision about whether this package should be cut from bullseye (Debian 11) due to this issue. At that time it may be appropriate to raise this bug's severity to RC, with the practical "for all intents and purposes unusable for new users" rationale you provided. It will be interesting to see what Ubuntu will do for their 20.04 LTS release! With respect to the "Accounts" interface, Plasma will activate whatever it can use, as will GNOME. The former has checkboxes and the later has toggle switches to limit which services are activated. https://bugs.kde.org/show_bug.cgi?id=415089#c15 * From what you wrote it sounds like there's also a bug (or evil misfeature) in Google's authorisation interface/infrastructure, because deauthaurising calendar or mail should not have disabled access to GDrive. Thanks again for taking the time to file this bug and for drawing attention to a real-life problem that demonstrates how we shouldn't trust our data to corporations who hold all the locks and keys...and I say this as someone who took the time to package kio-gdrive for Debian, because it's better to have it than to not, but best not to use it at all. Sincerely, Nicholas
signature.asc
Description: PGP signature
