Digging into this a little further, it looks like the current version of Angelfish does not use any Qt WebEngine private headers (qtwebengine5-private-dev is not listed as a build-depends).
https://tracker.debian.org/media/packages/a/angelfish/control-22.11-1
I had previously been told that Angelfish was using private headers by one of the Qt WebEngine packagers. Perhaps it did so at some time in the past, but it doesn’t appear to be a problem any longer.
Now that is all cleared up, I think that next week I am going to build the current version of Qt 5 WebEngine for stable and test it on a system I have running locally, focusing specifically on all of the browsers that use Qt WebEngine. If all seems to work well, would anyone have any objections to me uploading it to bookworm-backports?
On Saturday, December 16, 2023 5:16:58 PM MST Soren Stoutner wrote:
> Looking at the list of private header files that ship in
> qtwebengine5-private- dev, these all relate to the Qt specific bindings on
> top of the Chromium source code (these are the Qt specific APIs that are
> then translated into Chromium calls). None of Chormium’s private headers
> are exposed, meaning that none of the private headers that are involved in
> the rendering or processing of websites are included. It is nearly
> unthinkable that any of these Qt specific headers would be modified by a
> security update. So, it should generally be possible to ship Qt WebEngine
> LTS updates without creating any problems for packages that built against
> these private headers.
--
Soren Stoutner
soren@stoutner.com
Attachment:
signature.asc
Description: This is a digitally signed message part.