This is really concerning, how many other packages are distributed by OpenSUSE which do not match their policies and are not reviewed?
A Linux distribution is supposed to be more coherent and vetted than an app store. This... does not inspire confidence.
GuinansEyebrows · 17h ago
I'm a little surprised that they covered a work-around to install Deepin - I wouldn't expect a team with such a strong opinion to make a judgement call on whether or not to distribute the software but then go out of their way to document platform-specific steps to use it, rather than leaving that responsibility to Deepin.
personalcompute · 7h ago
I was impressed at this. By sharing side-load instructions and by the the overall restrained language of the post, they're emphasizing that this is not a personal attack on Deepin or an attempt to hurt Deepin and also emphasizing that OpenSUSE leadership understands the value of their community and have no power fantasy aspirations about trying to exert undue control over the users of the distribution. Really, OpenSUSE had more than enough ammunition to make a scathing takedown on the behavior of the Deepin maintainer and all of Deepin upstream, and many other OSS leaders would have done so ("Fuck Nvidia" anyone?), but they did not. They chose restraint and statements encouraging reconciliation. Cheers to the author for keeping it together in this obviously quite disappointing situation.
parag0ne · 8h ago
That surprised me too. It's strange to see one of the most well-known Linux names to suggest adding an unreviewed repo that contains known security flaws in official documentation.
znpy · 4h ago
> The history of Deepin code reviews clearly shows that upstream is lacking security culture
As somebody that doesn't write code for a living (i manage infrastructure)... besides common sense, where would one start looking in order to learn "security culture" ?
A Linux distribution is supposed to be more coherent and vetted than an app store. This... does not inspire confidence.
As somebody that doesn't write code for a living (i manage infrastructure)... besides common sense, where would one start looking in order to learn "security culture" ?