My reading is that the Debian maintainer disables features at compile time that are pretty basic to the Keepass package. And upstream disagrees about the features getting disabled in the Debian package.
"Secure by default" has its merits, but when it means the package cannot be used anymore by a good chunk of users and has to be recompiled, this violates my expectation of getting "mostly vanilla" packages from Debian.
Looks like upstream is considering to just remove the flags so this particular maintainer can't disable them anymore. Weird dynamic.
Ah ok, so the squabble is just whether the `keepassxc` package is the full or the limited version. That's no biggie but I can see how it's annoying when people raise issues upstream after downstream disabled features.
infinite complexity and choice sure is incompatible with security, I sadly can not even comprehend how we could move toward a more secure software future
"Secure by default" has its merits, but when it means the package cannot be used anymore by a good chunk of users and has to be recompiled, this violates my expectation of getting "mostly vanilla" packages from Debian.
Looks like upstream is considering to just remove the flags so this particular maintainer can't disable them anymore. Weird dynamic.