El mié, 06-07-2016 a las 19:22 +0200, Carlos Alberto Lopez Perez escribió: > Hi, > > > I think the current policy of not raising the minimum version for > WebKitGTK+ build-dependencies is perhaps too strict. > > IMHO it don't makes much sense that we continue to support building > with > versions of libraries that were deprecated >= 4 years ago (like GTK+ > 3.6). [1] > > Having to support such old version of some libraries makes difficult > to > use new features, or causes the code to be full of ifdefs. > > And in a practical sense, I really don't think nobody is using or > needs > to use WebKitGTK+ 2.12 with GTK+ 3.6. Anyone? > > I really can't think of any real usage of this. > > So, perhaps we can change that policy to something more practical > like: > > "WebKitGTK+ has to build both on the last version of Debian stable > and > the last version of Ubuntu LTS".
I like this idea, but we should probably consider more distros to be fair. > That means that we can raise any build-dependency version to: > > maxVersionDependencyWebKitGTK+ = std::min(DebianStable, UbuntuLTS); > > Both this two distributions are quite conservative in regards to > raising > versions of dependency and have a ~2-year release cycle. I think that > aiming at building in both, is at the same time: conservative enough > and > flexible enough. > > - I think is conservative enough because I don't foresee this could > cause any problems to any downstream. In the end we are aiming at > supporting two of the most conservative/stable distributions. > > - I think this is flexible enough because it allows to raise the > version of the dependencies each 2 years at least, which allows us to > use or depend on new features more easily than nowadays. > > > For example, nowadays Debian 8 stable has GTK+ 3.14, and Ubuntu 16.04 > LTS has GTK+ 3.18. This means that now we could raise the GTK+ > dependency to 3.14. > > If the next year Debian 9 includes GTK+ 3.22, then we can raise it to > 3.18 (until Ubuntu 18.04 is released) > > > Opinions? The main problem is the security updates, since you might need to upgrade to a new major version to get updates, like distros do for the other browsers. When releasing the security advisories, we could include the list of commits in the branches that fixed the security issues included in the report, so that distros could manually bakcport. > > [1] https://trac.webkit.org/wiki/WebKitGTK/Dependencies > > _______________________________________________ > webkit-gtk mailing list > [email protected] > https://lists.webkit.org/mailman/listinfo/webkit-gtk -- Carlos Garcia Campos http://pgp.rediris.es:11371/pks/lookup?op=get&search=0xF3D322D0EC4582C3
signature.asc
Description: This is a digitally signed message part
_______________________________________________ webkit-gtk mailing list [email protected] https://lists.webkit.org/mailman/listinfo/webkit-gtk
