Hi, On Sat, May 13, 2017 at 3:40 PM, Partha Bagchi <parth...@gmail.com> wrote: > > > On Sat, May 13, 2017 at 8:52 AM, Jehan Pagès <jehan.marmott...@gmail.com> > wrote: >> >> Hi, >> >> On Sat, May 13, 2017 at 6:25 AM, Partha Bagchi <parth...@gmail.com> wrote: >> > >> > >> >> >> No, there are at least 2 features affected: open remote files indeed >> >> and the help browser (help will fail showing with an error since our >> >> websites are now https only). This last one was getting quite a lot of >> >> report on the tracker and was very bad experience. >> >> Anyway nowadays https is the standard for web access. Not supporting >> >> this is not acceptable IMO. >> >> >> >> Jehan >> > >> > >> > Hi, >> > >> > You realize that for platforms other than Linux, that if you wish to >> > install >> > glib-networking, you have to install >> >> Yes I realize that dependencies have often dependencies themselves. >> Unless there is something which proves to be impossible to compile on >> other platforms, I don't see the problem. >> >> > gnutls which requires that you install >> > nettle which in turn requires that you install gmp? >> >> gnutls is a SSL/TLS lib (the feature we need). And from my searches, >> nettle is apparently a cryptographic library and gmp would be an >> arithmetic library. This does make total sense for a SSL/TLS lib >> (which is a cryptographic protocol, and cryptography usually needs a >> lot of arithmetic). >> I don't see your point. That doesn't seem at all far fetched >> dependencies for the feature we need, quite the opposite. >> >> > All this because you >> > want remote help files and remote images be accessed from GIMP? Does >> > this >> > seem reasonable to you? >> >> It does seem absolutely reasonable, yes. I would even say that in >> 2017, not having support for TLS/SSL when we have web access >> requirement would be the thing which is absolutely non-reasonable. > > For an image editor, I think this is unreasonable. I don't understand why we > are considering GIMP to be a network aware product due to 2 possible usage > when the rest of GIMP does not depend on it.
GIMP *IS* a network-aware software (not a "product", we are not a company). Especially with the port to GIO. Right, not everything is about network, and we don't want this. That's only a few features, and this won't increase much since we are not into jailing people into services and fees for web access (once again, we are not a company). But even if just for a few features, that's still important features. There is not much arguing that internet access and better interaction with web/internet resources is considered as granted by most people nowadays. Let's not be backward please, GIMP should live with its time. > Is it not possible to ship the > help files as PDFs while disabling URI if TLS/SSL is not installed with the > package? How do you determine which language to ship? All of them? Also it needs some code on our website then to make this conditional decision. And not only our own website but all websites of third party (like yours). Are you going to write it for yours at least? So yes, nearly everything is possible. That's more or less work depending on what you want. And we welcome contributions if you have good ideas. Also as said already, that would only make for one of the feature (the help system). We still need to allow people to access remote files in a secure way. >> I am rerunning a crossbuild again to check that everything is all >> right, just to make sure. What I can say is that there exists >> pre-built packages for glib-networking (and all the dependencies) so I >> could install it and all its dependencies in about 10 seconds inside >> my crossbuild environment (using my tool called crossroad, with a >> single command: crossroad install glib-networking). So first it means >> that glib-networking is buildable for Windows and in you have the >> right tools, that's really not much of a hassle. Now on Windows, I >> have no idea how hard things are. But I assume you have various helper >> tools too. > > You mean it's easy on Windows and then on Windows you have no idea how hard > things are? Did you mean Windows it's easy and Mac you don't know? I am not > sure I understand. I don't build *on* Windows, no. But I build *for* Windows all the time, as I just explained. Until we got a developer dedicated to Windows (there is one lately, hopefully he'll stay long!), I was one of the only ones who would sometimes fix bugs and test on Windows, taking some of my time to install VMs, cross-building, etc. Please, there is no need to be unpleasant and smirking at other's work. I am not unpleasant towards you, I expect the same. > In any case, as Kris mentioned below, you are talking > about bloating the application on both Windows and Mac. Come on, it's a very small dependency which itself brought 3 more small dependencies! I will check right now the size of all deps: glib-networking: - libgiognutls.dll 117K - libnettle-6-2.dll 205K - libgmp-10.dll 437K I'm not sure about gnutls, I don't find the right lib. But I doubt it would be huge. Is that bloating GIMP? Also that's not how I understood Kris. He was proposing to have something more adapted to every platform, as well as noting the problem of shipping dependencies which require to care more about security. These comments made total sense and were very constructive. In any case, we are completely open to suggestions and improvements. If Windows has a SSL/TLS lib by default, you could write a GIO backend for it, and we could just drop the glib-networking dep in favor of this specific one. Patches welcome towards one of these goals (or another alternative if you find one suitable/better; dropping SSL/TLS support not being suitable). >> I really don't see the big deal here. And I don't see on which ground >> it may seem acceptable to not have secure protocols support when the >> whole internet is fighting these last few years for getting rid of >> non-secure protocols (for very obvious and understandable reasons). >> This is like trying to go against the flow. > > The "internet is fighting is an interesting point of view for an image > editor. :) As I said, internet is a big part of computer usage these days. We have to take this into account. Not seeing this (or faking to not see this) is not our problem. GIMP is not an internet-dedicated software, nor will it become. That's true. Yet It does not prevent it to have a few features on this area. And when it does, they should be done right (i.e. with security in mind). I will stop answering to any more irrelevant email on this topic. I will continue to answer to constructive emails which propose solutions to the problem raised (as were both Pat and Kris emails, both with interesting alternatives), though. Jehan >> >> Jehan >> >> > Thanks, >> > Partha >> >> >> >> -- >> ZeMarmot open animation film >> http://film.zemarmot.net >> Patreon: https://patreon.com/zemarmot >> Tipeee: https://www.tipeee.com/zemarmot > > -- ZeMarmot open animation film http://film.zemarmot.net Patreon: https://patreon.com/zemarmot Tipeee: https://www.tipeee.com/zemarmot _______________________________________________ gimp-developer-list mailing list List address: gimp-developer-list@gnome.org List membership: https://mail.gnome.org/mailman/listinfo/gimp-developer-list List archives: https://mail.gnome.org/archives/gimp-developer-list
