Quote:
Originally Posted by NullNix
How do you know that? Without more debugging output it might just be that the plugin requires a newer Calibre. That's not 'botched', that's 'don't use a version of Calibre from a location which specializes in stability if what you need is a feature not available in the old stable version'. This sort of "don't randomly upgrade and risk breaking stuff that already works" is what many Linux distributions are *for*. In particular, what distros usually guarantee is that stuff you install *from a distribution* works with other stuff *from that distribution*. Not being psychics, distro maintainers obviously do not and cannot guarantee that things from the distribution work with random plugins downloaded from random places on the Internet, which is what the attached poster is trying to do.
|
The version installed was a Python 3 beta version (4.99.4) which is the common version that I've read of coming from a repository. Installing the current version fixed the problem. The OP was trying to use the DeDRM plugin. So a newer Calibre was not the problem. It was the wrong version being installed from the repository.
Quote:
|
(Downloading stuff from random places on the Internet, rather than getting it from the distro, is fairly terrifying to a Linux user, and frankly should be fairly terrifying to anyone who uses computers in this day and age: who knows what's in it? Calibre plugins can execute arbitrary code: do you have time to read the code and make sure it's not doing all sorts of nefarious stuff? The packages in the distro, you don't need to be worried about... the distro is a curated source. That's what it's *for*.)
|
The Calibre website is not some random place on the Internet. It's the home of Calibre and if you cannot trust it, you should not be using Calibre.
Quote:
|
If you want to use bleeding-edge stuff downloaded from random places on the Internet, I'd agree that (given Calibre's plugin API design errors), using the latest upstream Calibre is probably necessary. But that's not the distros' fault, and it's not a sign that distro repos are in any way broken. They're doing precisely what they're designed for. The fault here is Calibre's poor plugin API and a design that expects to download code from random places on the internet with no signing or even hash verification: all you get is a warning that ooh this might be dangerous. In the modern world this sort of thing is just not anywhere close to adequate. I'm frankly amazed that nobody has exploited this to replace a popular plugin and attack Calibre users en masse yet: probably Calibre is too niche for the attackers to bother with (God knows what user figure that might be, I'm not an attacker: five million users? fifty?)
|
It is the Distro's fault for not keeping up with Calibre correctly. The Distro installed an oldish beta version instead of a more recent non-beta. I would expect that if a version 4 (say 4.20) was installed that it would query the Calibre website to find there is a newer version and allow the user to get the current version. But the problem seems to be either that doesn't happen or the user ignores it. If that doesn't happen then that is the Distro's fault. But if the user ignores the update notice, then it's the user's fault that Calibre may not be working as expected.