An update process offers a button to “View” what the specific updates will do before they’re installed and then, after the updates are installed, a “Review” button that reveals general software descriptions of the packages that were updated. Every now and then (not in every update but in many of them) the update, according to “Review”, was to both the OS and to the Chromium browser. The OS update may include the following package description: “By using the openSUSE update-alternatives the password store for Chromium is changed to utilize Gnome’s Keyring. Please be aware that by this change the old password [sic] are no longer accessible and are also not converted to Gnome’s Keyring.” A similar statement refers to KDE’s KWallet.
I assumed from the wording that this description was supplied by openSuse’s people, not Chromium’s people. However, openSuse replied, “[t]he chromium package is following the upstream changes with regards to the password stores” (https://bugzilla.opensuse.org/show_bug.cgi?id=977941#c14). So, maybe, the description is based on what Chromium/Google said (or didn’t say) to openSuse/Novell. However, I posted to Chromium’s bug system and their reply (https://bugs.chromium.org/p/chromium/issues/detail?id=620360#c3) implies that the software description is substantially wrong.
The present software description is alarming about security, telling us, when it’s too late to do anything about it, that our passwords have been deleted from Chromium’s storage system and cannot be recovered. Chromium says that’s not the case and they provide details, including for password recovery and migration (https://bugs.chromium.org/p/chromium/issues/detail?id=620360#c3). Therefore, the Review software description should reflect this.
I’m not authorized to post an attachment showing the software description but it can be seen in either of the threads cited above.
I’m prepared to ask the appropriate organization to correct the description.