Who should be software packaging is a tough problem, I can see the value in #linux distros pushing for better changes downstream, encouraging upstream to change (double click in #KDE) but then I see cases like KeepassXC where the Debian package is now by default broken, actively damaging the reputation of upstream but then I remember #XZ where upstream was left unchecked and hid bad code in plain sight and I go back around in a circle.
Yes, I find reporting to downstream packagers (a.k.a. distributors) extremely relevant! When your favorite #SoftwareCenter or #PackageManager is all for linking to upstream, but not to those who directly affect your package in a supply chain, as a result, tops like in #KeePassXC get all the pinecones: there is no enthusiasm in an average user to link back those issues to downstream, not with the p(l)ain text and how derivatives are communicated anyway... :blobcat_flop_woozy: