pull down to refresh

What do you think? Less features, less attack surface. End-user will be mad and lost?
I think it would have been better if the new version with less features was packaged separately as keepassxc-minimal as was raised in the discussion and not as a "rugpull" by replacing the existing keepassxc package.
Security needs to work with user interests in mind, not against them.
reply
It's a valid point, I am 50/50 here, it will be valid to offer keepassxc-full and offer by default the most secure version.
reply
I agree
reply
Another alternative is to use the flatpak version of keepassxc, then use Flatseal (the flatpak permission manager) to reduce what permissions it has (ie. remove network, assign only specific directory access, etc)
reply
I love and trust KeePassXC.
I never got any of the browser integrations to work, no matter what I tried. Finally I gave up trying and learned to love the separation since it brings more peace of mind, less attack vectors.
reply
5 sats \ 0 replies \ @xz 11 May
Same same.
reply
I am at the same side of the camp :)
reply