You fundamentally misunderstand our program when you use the word plugin. These are
built in features, not plugins. The features can be enabled as desired by the user and
they come disabled by default. This change to not compile and ship these features in the
base keepassxc package does nothing besides create angry (or confused) users.
That Canonical guy is not coming off brilliantly there. I appreciate that reasonable people can disagree on the best way to package this, but these kind of strong absolute statements – together with calling useful features "misguided" and "crap" – is not great, to put it mildly.
I'm pretty sure some compromise could theoretically be reached here. But not with that attitude. "It is our responsibility to our users to provide them the most secure option possible as the default"? You know what would be even more secure? To disable all networking in any program, and in fact, in Linux itself. Actually, it's even more secure to just not give people a computer at all. This is one of those stupid discussion-stoppers.
These kind of Highly Opinionated Maintainers™ has always been what put me off from Debian (and by extension, Ubuntu). I want to use KeePassXC, not "KeePassXC as some random guy thinks it should have been".
It really depends on your usecase; I'm personally fond of OpenSUSE and Alpine Linux. OpenSUSE is more "conventional" like Debian/RHEL, and Alpine is a touch idiosyncratic (mostly, musl as its libc means 3rd-party binaries often won't work) but is tiny ant fantastic when it does work for your usecase.
plugin, compile time ./configure flag, whatever - package maintainers extremely routinely create multiple versions of a package for various reasons, from security (this case) to dependencies (Debian contains a emacs-nox package that is emacs compiled without X libraries to avoid dragging them in on servers, for example) to license reasons.
again, all of the complaints are literally about the change, which the maintainer has decided to do in a disruptive fashion.
