I don't care about the plugin, nor do I doubt anyone else does: it isn't even being removed, just disabled; additionally, as you say, the user will get a prompt and can easily install it when required, as we are dealing with an interactive GUI. Were I to be in charge of that package, I would easily make that call: it sounds like a great tradeoff.
What I care about is the version of the package that is coming in the "near future" that will entirely remove the JDK from the user's system; the one that is actually "empty", as I specifically stated in my comment you are replying to (and which I can only presume is what the people on this thread that are up in arms about are discussing given the behaviors they are describing).
This package is just going to cause some poor administrator to see "installing 4 security updates" followed by "the server is no longer working", at which point they won't even be able to go "oh shit" and easily fix it, as this e-mail not only claims that the Sun JDK packages will be removed from the partner archives, but (as I was forced to anally demonstrate in another part of this thread) Ubuntu deletes all traces of packages once they are removed from the Partner archive.
The result is that the administrator is going to have the experience of installing a security upgrade, and then having their server non-functional until they can either 1) figure out how to install the SDK from Sun's website in a manner sufficiently compatible with Ubuntu's package (which has a lot of supporting dpkg-alternatives and other configuration behavior) or 2) port their app to work on OpenJDK.
If that isn't enough to drive home the lesson "don't apply security updates without careful review: the people who release them are nigh unto actively trying to mess with you; better to leave it until next week when you have time to test each of the packages to see if they are actually trojans in disguise", a lesson we should very obviously be carefully avoiding teaching /anyone/ (security updates should be something people /always/ are willing to apply), I don't know what is.
What I care about is the version of the package that is coming in the "near future" that will entirely remove the JDK from the user's system; the one that is actually "empty", as I specifically stated in my comment you are replying to (and which I can only presume is what the people on this thread that are up in arms about are discussing given the behaviors they are describing).
This package is just going to cause some poor administrator to see "installing 4 security updates" followed by "the server is no longer working", at which point they won't even be able to go "oh shit" and easily fix it, as this e-mail not only claims that the Sun JDK packages will be removed from the partner archives, but (as I was forced to anally demonstrate in another part of this thread) Ubuntu deletes all traces of packages once they are removed from the Partner archive.
The result is that the administrator is going to have the experience of installing a security upgrade, and then having their server non-functional until they can either 1) figure out how to install the SDK from Sun's website in a manner sufficiently compatible with Ubuntu's package (which has a lot of supporting dpkg-alternatives and other configuration behavior) or 2) port their app to work on OpenJDK.
If that isn't enough to drive home the lesson "don't apply security updates without careful review: the people who release them are nigh unto actively trying to mess with you; better to leave it until next week when you have time to test each of the packages to see if they are actually trojans in disguise", a lesson we should very obviously be carefully avoiding teaching /anyone/ (security updates should be something people /always/ are willing to apply), I don't know what is.