I thought from reading the bug report is that they only changed the default of a supported cmake build flag. I think that a keepass-nonet would have be a wiser choice, but I do not blame Debian people to be opinionated towards the more secure choice.

vim-nox is pretty much full-featured vim without x11 stuff.

Do you have a non-trivial .vimrc/.vim directory?

Would you be accepting of the maintainer disabling a bunch of features and pushing those changes out under the main vim-nox package such that it breaks your existing install? Would it be reasonable to expect you as the end user to figure out what has happened and that you need to uninstall vim-nox and and install vim-nox-full?

My .vimrc is 8 lines. I learned not take the kitchen sink with me on holiday.

But vim-nox is a separate package with a clear name saying that it's got X removed; I don't think this would be nearly as controversial if they'd shipped a keepassxc-nonetwork package.

vim-tiny is installed by default on debian (providing a vim command), and also has X removed.

Okay? Calling it keepassxc-tiny would also be fine. I think it's relevant that `apt install vim` does not give you vim-tiny.

Yeah, I hated that too.