[Development] QtCS 2018: Third-party and security policy

Lisandro Damián Nicanor Pérez Meyer perezmeyer at gmail.com
Fri Jul 13 16:49:47 CEST 2018

El viernes, 13 de julio de 2018 10:59:09 -03 Mårten Nordheim escribió:
> On 05.07.2018 16:48, Thiago Macieira wrote:
> > On Thursday, 5 July 2018 01:56:43 PDT Kai Koehne wrote:
> >> PS: Notes from the session at the Qt Contributor Summit are available at
> >> https://wiki.qt.io/QtCS2018_Third-Party_Sources_Policy_and_Security
> > 
> > Thanks Kai.
> > 
> > Do we have a volunteer to trial out vcpkg and explain to the rest of us
> > how it would work for Qt? Will it be invisible to our users and
> > ourselves? Note how Linux distros don't have it nor does Homebrew on Mac.
> I implemented a POC here: https://codereview.qt-project.org/#/c/234478/
> I'm not sure if this is what people had in mind (e.g. installing
> dependencies during configure), but it works at the moment for what I've
> tested it for.

I understand this as: at configure time download 3rdparty code.

From a distro's point of view, if the download can be disabled that's a pretty 
nice thing to have, because it would mean (and please do correct me if I'm 
wrong) that Qt tarballs will not bundle 3rdparty code. Or will bundle less of 

 1: Una computadora sirve:
    * Para tratar de dominar el mundo, un caso conocido de esto fue el de
    Damian Nadales

Lisandro Damián Nicanor Pérez Meyer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.qt-project.org/pipermail/development/attachments/20180713/a9929823/attachment.sig>

More information about the Development mailing list