Re: QtWebKit in Qt5.6+ in Debian

2015-06-25 Thread Lisandro Damián Nicanor Pérez Meyer 
On Thursday 25 June 2015 14:13:59 Florian Bruhin wrote:
 Hi,
 
 first of all, I hope it's okay I mail you directly because of this - I
 didn't feel like this is appropriate for a bug report.

It's appropiate for our team's -talk list, which I'm CCing right now :)

 Seeing that Qt removes QtWebKit from their source- 

Actually they are not going to update it anymore, maybe except for security 
bugfixes. The source will remain there and should be able to keep building 
with Qt5.6+

 and binary
 distributions starting with Qt 5.6[1] and there's nobody stepping up
 to package QtWebEngine for Debian so far, what are Debian's plans for
 QtWebEngine after 5.6 has been released upstream?

Not packaging it at all. See [lwn]. Properly packaging it in Debian means 
almost a fork, or in other words, a nightmare. Just consider that it bundles 
ffmped and most possibly a patched ffmpeg...

[lwn] https://lwn.net/Articles/643423/

 If Debian were to drop QtWebKit when it's dropped upstream, that'll
 mean there is no Qt web rendering engine in the Debian repos - also,
 of course there are a lot of packages which need QtWebKit.

We don't plan to drop it soon, but we might be forced at some point :(

Yes, we know the situation sucks, but there is not much we can do about
this :(

-- 
No pienses que estoy loco, es sólo una manera de actuar
  De mí - Charly García

Lisandro Damián Nicanor Pérez Meyer
http://perezmeyer.com.ar/
http://perezmeyer.blogspot.com/


signature.asc
Description: This is a digitally signed message part.
-- 
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk

Re: QtWebKit in Qt5.6+ in Debian

2015-06-25 Thread Kevin Krammer 
On Thursday, 2015-06-25, 18:45:52, Florian Bruhin wrote:
 * Kevin Krammer kevin.kram...@gmx.at [2015-06-25 18:35:41 +0200]:
  On Thursday, 2015-06-25, 15:56:22, Florian Bruhin wrote:

   I still have some hope - I think Qt will still apply at least security
   fixes for QtWebKit until Qt 6, which still should be a while away.
  
  I would also be surprised if they would knowingly ship insecure code.
 
 I wouldn't call it *knowingly* - but chances are slim that someone
 will take care of security issues until there's a bug report - and
 even then, I guess it depends on the ressources Qt is willing to
 allocate to QtWebKit (which seems to be dropping at a fast rate the
 past few months).

Hmm, I would think that there are people monitoring webkti related security 
lists, the new engine is webkit based as well.

Also there might be commercial entities currently using QtWebKit who would 
want to get such update either as part of existing service agreements with one 
of the companies providing such services or through new agreements 
specifically set up for this.

The open nature of Qt makes resource allocation basically driven by demand.
E.g. all the code contributed by KDE developers was created because KDE 
applications needed it.

Cheers,
Kevin

signature.asc
Description: This is a digitally signed message part.
-- 
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-talk