• 9488fcea02a9@sh.itjust.works
    link
    fedilink
    arrow-up
    70
    ·
    7 months ago

    Debian sid user here, and long time keepassxc user

    Debian maintainer didnt communicate this well, but i agree that i dont want my password manager having any access to networking or interacting with anything other than the clipboard.

    I’m not a developer or a security expert. This is just my gut feeling talking

    • Tanoh@lemmy.world
      link
      fedilink
      arrow-up
      9
      ·
      7 months ago

      Exactly. And if you want those features, you install the full version. Packages can break in sid, that is the whole point of it.

      I am also running sid and keepassxc and I see no problem with this change. In fact it seems like a very sane thing to do, and something I wished more packages did.

      • 9488fcea02a9@sh.itjust.works
        link
        fedilink
        arrow-up
        13
        ·
        7 months ago

        Sane move by maintainer, but he should not go around calling other people’s code crap unless there is proof that the code was actually crap with gaping security hole

        • Tanoh@lemmy.world
          link
          fedilink
          arrow-up
          8
          ·
          7 months ago

          He could have handled it better. But he didn’t call the code crap directly, just the bundle of everything.

          Having a meta package and let users choose seems like the best way. But this is a Debian issue, and not a keepassxc issue. It is up to Debian to package it anyway they want.

          • rushaction@programming.dev
            link
            fedilink
            arrow-up
            7
            ·
            7 months ago

            If you look deeper at the recorded PR commit, comments, and package description it’s clearly straight up mean-spirited.