Re: Bug#1057755: Qt WebEngine Security Support In Stable
- To: Adrian Bunk <bunk@debian.org>, Soren Stoutner <soren@stoutner.com>
- Cc: 1057755@bugs.debian.org, Alberto Garcia <berto@igalia.com>, Debian UBports Team <team+ubports@tracker.debian.org>, Debian Release Team <debian-release@lists.debian.org>, Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>, Dmitry Shachnev <mitya57@debian.org>, Debian Security Team <security@debian.org>, Pirate Praveen <praveen@debian.org>, Nilesh Patra <nilesh@debian.org>, Aurélien COUDERC <coucouf@debian.org>, Fritz Reichwald <reichwald@b1-systems.de>, Mike Gabriel <sunweaver@debian.org>, Thomas Goirand <thomas@goirand.fr>
- Subject: Re: Bug#1057755: Qt WebEngine Security Support In Stable
- From: Patrick Franz <deltaone@debian.org>
- Date: Sun, 17 Dec 2023 00:53:48 +0100
- Message-id: <[🔎] 23989730.ouqheUzb2q@treadstone-71>
- In-reply-to: <[🔎] 13959538.T3QCIvBk17@soren-desktop>
- References: <170199911428.713712.13945181272059018033.reportbug@soren-desktop.stoutner.com> <[🔎] ZX4ucgOXSXBA6Gbe@localhost> <[🔎] 13959538.T3QCIvBk17@soren-desktop>
Hej,
Am Sonntag, 17. Dezember 2023, 00:33:58 CET schrieb Soren Stoutner:
[...]
> > No matter what angelfish does, qtwebview-opensource-src will in any
> > case also need a rebuild.
>
> Qt WebView is deprecated upstream. It was based on the same Apple
> WebKit source that WebViewGTK uses. It was replaced quite a while
> ago by Qt WebEngine, which is based on Google’s Chromium. There is
> no Qt 6 version of Qt WebView, so it will go entirely away at that
> point.
There is one: https://tracker.debian.org/pkg/qt6-webview
Are you perhaps confusing Qt WebView with Qt WebKit ?
> But this brings up an interesting question. Why are the Qt source
> packages building private-dev binary packages? There was probably
> some historical reason for doing so, but handling security support in
> stable would be a lot easier if we stopped shipping private headers
> that other packages can build- depends on. Perhaps Dmitry or Patrick
> could provide some background.
Usually, we try to avoid packaging the private headers. But for some
packages, we just need to. And that's because other packages depend on
them incl. other Qt submodules.
We don't have a rule set in stone, but we usually package private
headers when either another Qt submodule needs them (e.g. qtwebview
needs the private headers of qtwebengine, hence we package them) or when
important KDE components need them (e.g. qtwayland).
--
Med vänliga hälsningar
Patrick Franz
Reply to: