Package: variety Version: 0.7.1-2 Severity: important Tags: upstream Hi,
Thank you for packaging variety. It is a very nice program and does its work smoothly. Sadly, it contains code which attempts to load "options" from a remove server without user's consent. See [1] and [2]. [1] https://sources.debian.org/src/variety/0.7.1-2/variety/VarietyWindow.py/?hl=81#L609 [2] https://sources.debian.org/src/variety/0.7.1-2/variety/VarietyWindow.py/?hl=81#L932 I'll prepare a merge request that removes the start of the background thread which does the fetch. Variety works just fine without it. Thanks for considering, Damyan -- System Information: Debian Release: 10.0 APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_OOT_MODULE Locale: LANG=bg_BG.UTF-8, LC_CTYPE=bg_BG.UTF-8 (charmap=UTF-8), LANGUAGE=bg_BG.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages variety depends on: ii gir1.2-gdkpixbuf-2.0 2.38.1+dfsg-1 ii gir1.2-gexiv2-0.10 0.10.9-1 ii gir1.2-glib-2.0 1.58.3-2 ii gir1.2-gtk-3.0 3.24.5-1 ii gir1.2-notify-0.7 0.7.7-4 ii gir1.2-pango-1.0 1.42.4-6 ii imagemagick 8:6.9.10.23+dfsg-2.1 ii imagemagick-6.q16 [imagemagick] 8:6.9.10.23+dfsg-2.1 ii python3 3.7.3-1 ii python3-bs4 4.7.1-1 ii python3-cairo 1.16.2-1+b1 ii python3-configobj 5.0.6-3 ii python3-dbus 1.2.8-3 ii python3-gi 3.30.4-1 ii python3-gi-cairo 3.30.4-1 ii python3-lxml 4.3.3-2 ii python3-pil 5.4.1-2 ii python3-pkg-resources 41.0.1-1 ii python3-requests 2.21.0-1 Versions of packages variety recommends: ii gir1.2-appindicator3-0.1 0.4.92-7 ii python3-httplib2 0.11.3-2 Versions of packages variety suggests: pn feh | nitrogen <none> ii gnome-shell-extension-appindicator 22-1 -- no debconf information
