Re: Bug#1057755: Qt WebEngine Security Support In Stable

To: Adrian Bunk <bunk@debian.org>, Soren Stoutner <soren@stoutner.com>
Cc: 1057755@bugs.debian.org, Alberto Garcia <berto@igalia.com>, Debian UBports Team <team+ubports@tracker.debian.org>, Debian Release Team <debian-release@lists.debian.org>, Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>, Dmitry Shachnev <mitya57@debian.org>, Debian Security Team <security@debian.org>, Pirate Praveen <praveen@debian.org>, Nilesh Patra <nilesh@debian.org>, Aurélien COUDERC <coucouf@debian.org>, Fritz Reichwald <reichwald@b1-systems.de>, Mike Gabriel <sunweaver@debian.org>, Thomas Goirand <thomas@goirand.fr>
Subject: Re: Bug#1057755: Qt WebEngine Security Support In Stable
From: Patrick Franz <deltaone@debian.org>
Date: Sun, 17 Dec 2023 00:53:48 +0100
Message-id: <[🔎] 23989730.ouqheUzb2q@treadstone-71>
In-reply-to: <[🔎] 13959538.T3QCIvBk17@soren-desktop>
References: <170199911428.713712.13945181272059018033.reportbug@soren-desktop.stoutner.com> <[🔎] ZX4ucgOXSXBA6Gbe@localhost> <[🔎] 13959538.T3QCIvBk17@soren-desktop>

Hej,

Am Sonntag, 17. Dezember 2023, 00:33:58 CET schrieb Soren Stoutner:
[...]
> > No matter what angelfish does, qtwebview-opensource-src will in any
> > case also need a rebuild.
> 
> Qt WebView is deprecated upstream.  It was based on the same Apple
> WebKit source that WebViewGTK uses.  It was replaced quite a while
> ago by Qt WebEngine, which is based on Google’s Chromium.  There is
> no Qt 6 version of Qt WebView, so it will go entirely away at that
> point.

There is one: https://tracker.debian.org/pkg/qt6-webview

Are you perhaps confusing Qt WebView with Qt WebKit ?


> But this brings up an interesting question.  Why are the Qt source
> packages building private-dev binary packages?  There was probably
> some historical reason for doing so, but handling security support in
> stable would be a lot easier if we stopped shipping private headers
> that other packages can build- depends on.  Perhaps Dmitry or Patrick
> could provide some background.

Usually, we try to avoid packaging the private headers. But for some 
packages, we just need to. And that's because other packages depend on 
them incl. other Qt submodules.
We don't have a rule set in stone, but we usually package private 
headers when either another Qt submodule needs them (e.g. qtwebview 
needs the private headers of qtwebengine, hence we package them) or when 
important KDE components need them (e.g. qtwayland).


-- 
Med vänliga hälsningar

Patrick Franz

Reply to:

Follow-Ups:
- Re: Bug#1057755: Qt WebEngine Security Support In Stable
  - From: Soren Stoutner <soren@stoutner.com>

References:
- Re: Bug#1057755: Qt WebEngine Security Support In Stable
  - From: Adrian Bunk <bunk@debian.org>
- Re: Bug#1057755: Qt WebEngine Security Support In Stable
  - From: Soren Stoutner <soren@stoutner.com>

Prev by Date: Re: Bug#1057755: Qt WebEngine Security Support In Stable
Next by Date: Re: Bug#1057755: Qt WebEngine Security Support In Stable
Previous by thread: Re: Bug#1057755: Qt WebEngine Security Support In Stable
Next by thread: Re: Bug#1057755: Qt WebEngine Security Support In Stable
Index(es):
- Date
- Thread