[Development] Pinging Marco Bubke for QTCREATORBUG-20401 - Allow to build with system's SQLite
Thiago Macieira
thiago.macieira at intel.com
Thu Jun 7 05:13:07 CEST 2018
On Wednesday, 6 June 2018 19:57:55 PDT Thiago Macieira wrote:
> On Wednesday, 6 June 2018 19:09:00 PDT Lisandro Damián Nicanor Pérez Meyer
>
> wrote:
> > - Is it worth the trade off considering it makes finding security bugs
> > more
> >
> > complicated?
>
> We're not supposed to find or fix sqlite security issues. We get them from
> upstream and upstream supports the single-file build style.
Actually, this is a very important subject, so I just added a session to the
QtCS program next week to discuss it.
As you may be aware, Intel is taking security VERY seriously and I cannot
accept a project I contribute to having any worse policies. Our open source
security team also evaluates each project's security policies and they have
blacklisted quite a few open source projects from being used in Intel
products, so I'd like to make sure Qt continues to comply with the stricter
guidelines.
--
Thiago Macieira - thiago.macieira (AT) intel.com
Software Architect - Intel Open Source Technology Center
More information about the Development
mailing list