On Mon, Feb 08, 2021 at 02:59:45PM +0000, Peter Stuge wrote: > Hanno Böck wrote: > > > "It does mean, however, that GTK 2 has reached the end of its life. > > > We will do one final 2.x release in the coming days, and we encourage > > > everybody to port their GTK 2 applications to GTK 3 or 4." > > > > I read that as there will be one more gtk2 release and none after that. > > > > This seems to imply: > > * When there's a security flaw in gtk2 there won't be a fix from > > upstream. > > * When there's an incompatibility with new infrastructure (e.g. new gcc > > version / new glibc / changing API of libraries gtk depends on) there > > will be no updates from upstream. > > > > This means in all those instances maintainers will have to get patches > > from somewhere. We'll likely end up with some form of > > gtk-2.x-r[largenumber] with a large patchset at some point. > > Maintaining that will be an increasing burden. > > > > No urgency, but a sign to slowly move off gtk2. > > Until there's a relevant flaw that will remain unfixed or there is > significant incompatibility with infrastructure (recurse my argument) > no signs actually exist.
Waiting until such a problem pops up and bites everyone before doing anything about it doesn't sound like a good way to handle it. > > Assuming that there will be a significant maintenance burden which > affects all uses doesn't seem rational - hence my question. > > The blog post shouldn't be misunderstood. The intended audience seems > to be application developers, encouraging them to port applications, > not so much distributions. If an application never ports, do you expect the distribution to maintain that package ad infinitum? > > Distributions quite often overlook that they wield much power, and > thus also have much responsibility. > > Of course, GTK maintainers in Gentoo choose what to work on, and have > made many (only?) excellent choices. > > I'm merely pleading for rational choices based on actual problems. > > > //Peter >
signature.asc
Description: PGP signature
