Think about it, do you really want to have X11 going forward the next decades?

If the alternative is a new system that literally does nothing? Sure!

Want to present a menu for windows? Wayland: “lol, do it yourself”.

Want to position a window? Wayland: “lol, do it yourself”.

Want to remember that a window has a position? Wayland: “lol, do it yourself”.

Want to add a global keyboard shortcut? Wayland: “AAAAHAHAHAHAHAHAHHAHAHAHAHAHAHA!”

X11 may be old and whatever you want, but it works and it’s battle-tested. Wayland can’t even launch a full desktop session in my machine, which is even less than the failure Pulseaudio was back in its day and that’s saying something. And even if it did somehow launch, I probably would not be able to use anything serious like a media player or multiple workspaces on it.

February this year, and the iGPU of my machine (Intel 915 driver).

I mean yes, how exactly would you want the web to work?

Text and images and hyperlinks; maybe audio and video if you’re lucky and you can prove you can be trusted. No such thing as scripting, or if it’s allowed, only in a limited manner with no such thing as “eval” and obfuscation and no ability to add or delete nodes from the DOM (or if it’s allowed, those nodes must reflect under View Source / CTRL+U). No such things as loading a javascript audioplayer that tries to mix 123456 weird sources, just link me the .m3u direct to the audio stream’s .mp3 file, or even better an .opus.

Definitively no DRM.

If any such thing as GPU access is provided it should be to deposit data, not to run code.

It’s not dead there either, although I’d make the argument that X11 as a project is “mature” or “finalized”, it doesn’t really need hyperactive development like the tiktok children are used to.

(There are very good arguments that a new software stack was needed, but I’d expect the result to at least do something; ATM Wayland is little more than literally a “everyone else do my work for me” project)

I ask for some method that prevents the file to even be copied through a disk clone

Oh that’s quite simple! Just don’t have the files on the first disk in the first place. Make them a remote mount from a server, for example via sshfs, webdav, etc. Heck, even ftp if it comes down to it. That way, even though you can clone the disks, you can not get to the files if you don’t also have the full authentication requirements for the remote server (such as a password).

At a conceptual level, you can’t do anything via root to prevent someone who clones the disk from… well, cloning the disk. Having physical access to a disk is a much higher level of access than even root, so if what you are looking for is for your content to not be cloned, you need to fortify physical access to the device.

alias run0=sudo

(not really; I’d rather not introduce an alias or any sort of symbolic behaviour that would teach me to expect that systemd crap is available on a system. The less you rely on it, the better)

lol, Wayland can’t even start a desktop session on my machine, whereas X11 has worked without issues since 2009 (the last time I ever had to edit xorg.conf).

Sure sounds like X11 is the one who’s “dead” around here!

To be fair, the fact that browsers are allowed to do so much that this warning has to be shown is more an indictment on the current state of browsers (which at this point are almost like installing VMWare and a virtual machine on your computer!) than on something something Firefox or something something Flatpak.

Genocide “Not a Felon” Joe finds out being pro genocide, not-a-felon, are not enough to get votes. Oh if there was something he could do about that.

It would make sense to require a company to release the code for players to host their own servers, which has been done by many games in the past. Not to continue to run it themselves.

That counts as “working state”, assuming the published code is reasonable to operate (it must be FOSS, or at least permit open modification and distribution; and it must run in a server with specs that’s reasonable to have at the time of game publication)

Oh great now we’ll have DRM in Mesa. Linux is turning into Windows! /s

Feel free to explain then, because from here it looks like El Trumpo should have been thrown to jail 8 contempts ago, like any normal citizen. Right now if I was a US citizen I would be justified in citing precedent that I can’t be sent to jail or even threatened with jail time with only 6 contempts.

And no, it wasn’t just the favicons feature that was removed (which like … is that really such a big privacy issue that you need to remove it from the binary?)

Fetching a favicon means raising a network connection with a predictable endpoint. That’s already three concerns (four on the modern internet) to handle security-wise, and it’s absolutely an unneeded feature. Favicons could just be shipped on something like keepassxc-data or keepassxc-contrib to handle locally, no need to raise a network call.

Storm in a teacup, as tends to be the norm on the internet.

Not only this is nothing new and nothing unexpected to happen in Sid of all places, but it’s also something that helps bring keepassxc more in line with packaging guidelines on Debian. They already have lots of packages, both of the mutually-exclusive kind and of the complementary kind, with “foo-full”, “foo-minimal”, “foo-data” etc naming. p7zip and nginx of all things are quite interesting examples.

Plus, the author of the post sensationalizes the title to brigade the issue.

All that said:

• If the maintainer wishes to do this, “only” having two packages is a half-assed measure and that causes more issues in the long term. I’d expect three packages: keepassxc-minimal, keepassxc-full and the retained name keepassxc as a virtual package name.
• Furthermore, a direct upgrade path should go from (previous) keepassxc to (proposed) keepassxc-full.
• I don’t know enough of KeePassXC to know if something like keepassxc-data would be needed. Are there potential cases where one would want to switch between “-full” and “-minimal” or viceversa without the system seeing a software uninstallation in the meantime?
• The “crap” rationale is definitively something we all can do without, but given how people tend to brigade developers who try to do things, I can completely understand and support raising shields and looking defensive because some damage is already going to be done.
• Most responses are right in that the right place to discuss this is in the opened Debian bug report. The entire point is to see Debian (not KeepassXC) handle this before things get to Next Stable.

So, if I am understanding correctly, as a citizen I can threaten a judge 9 times, or threaten 9 different judges, and demand that I can only be held accountable for only one of them, or for all of them as a package only once?

10th time

only now threatens jail time

Correct me but any pregraduate law student who hasn’t been skipping on their classes could get rich by filing for the obvious bias the judges have to allow 10 contempts of court, wouldn’t they?

Hmmm maybe that’s the one that tries to do everything on its own instead of using the stuff I’ve already set up. Had similar issues with eg.: Nextcloud.

I’ve been looking for an alternative “the actual XMPP service only, nothing else that can be sourced by the host” container setup but there doesn’t seem to be any.

You can, but honestly no idea how to handle stuff like the certs from that point on. Most other software on docker lets me eg.: just bind-mount the host’s directory with the certs I want to use - or just not even know about SSL in the first place and just let me reverse-proxy the access in (like, say, a simple static page web server).

But, like I said, the last times I tried to get into it, it tried its darnest to get in my way. If that’s changed since then, that’d be great.

While I like it conceptually, the two times I tried to install it I felt it was far too opinionated for me to get it to work correctly, like other software “bundles” of its kind that want to take control of the entire process of setting up ports, networking, storage, certificates etc…, instead of just hanging down from stuff that I have already prepared for it (like my own domain with my own cert).

Like, as a piece of software it’s something I’d absolutely use… if someone else sets everything up for me.

Putting a cost on software is adding a restriction, thus making it less free (as in freedom).

Don’t confuse “free from cost” with “free from restrictions”.

Writing software costs costs - be them time, money, evne mental health as we have often seen because of too many entitled people in these communities. Putting a price on the software means valuing it for what it is, and does not incur in any additional restriction on the usage of the software.

All that said, I think the cost of free software, at least when it comes to infrastructure software, is something that shouldn’t be necessary for the end user to pay. Similar to how we pay taxes, instead of paying for the installation of semaphores on our streets directly.

If I were to design any such global system, it would be eg.: distro maintainers who would pay a maintenance cost to the developers of the dependencies they ship. Probably in the form of a funding pool that is distributed across projects prioritizing those that 1.- have ethics and development practices more similar to the distro’s and 2.- are in need of more immediate attention for solving security or usability bugs.

Furthermore, national-level funds for this would be collected via a taxation system managed by an academic office or other such entity and taken in a measure scaled according to the nation’s average technological “estate” (after all, developing and maintaining a more complex system requires more cares and attentions).