[Development] Qt online SDK security problems

Bernhard Lindner private at bernhard-lindner.de
Thu Apr 18 11:20:58 CEST 2019 

Actually the Qt update behavior annoys my as well.

I wish there would be two checkbox options in the maintenance tool:
   "Install new bug fix versions automatically"
   "Install new minor versions automatically"

This is reasonable, isn't it?

-- 
Best Regards
Bernhard Lindner

> 
>  As I said, they still have the possibility to install a specific Qt version 
> and stick with it. The installer will not force them to use the latest 
> version! If some companies prefer to use outdated software which might have 
> security issues is their choice, what I'm asking is for an easy way for the 
> other companies/people to use the latest Qt versions.
>   One of the biggest problems when installing multiple Qt versions is that you 
> end-up with multiple Kits in QtCreator. Small projects can switch from one kit 
> to another very easy, but complex projects which need lots of custom qmake 
> params or custom Build/Run steps are not that easy to swicth to another Qt 
> version.
>   Last but not least, it's a waste of disk space. Just ~/Qt/5.12.2 
> (android_arm64_v8a+android_armv7+gcc_64) installation has 1.7GB.
> 
> Cheers,
> BogDan.
> 
> În ziua de joi, 18 aprilie 2019, la 11:18:30 EEST, Maurice Kalinowski a scris:
> > Hey,
> > 
> > Disclaimer: I am not involved in the decision making process for this
> > update.
> 
>  
> > However, one frequent feedback has been, that users (customers) did not like
> > the fact that the installer changed the specific Qt version "under the
> > hood".
> 
>  It was specifically requested that each user has to select the
> > version to use. This is related to the fact, that many companies decide on
> > one version and updating to a new one involves quite a lot of QA and other
> > processes. Only then, developers are allowed to switch to a newer version. 
> > This is (IIRC) why the installer switched to this approach.
> > 
> > I can see your point as well, especially when your project is flexible
> > enough to update dependencies. But that is not the case for many projects
> > out there.
> 
>  
> > BR,
> > Maurice
> > 
> > 
> > 
> > > -----Original Message-----
> > > From: Development <development-bounces at qt-project.org> On Behalf Of
> > > BogDan Vatra via Development
> > > Sent: Thursday, April 18, 2019 9:24 AM
> > > To: development at qt-project.org
> > > Subject: [Development] Qt online SDK security problems
> > > 
> > > Hi,
> > > 
> > > 
> > >   Long time ago the Qt online SDK used to help the users to use the latest
> > >   and
> > > the safest Qt version all the time. Sadly that was changed, IMHO without
> > > too
> 
>  much thinking, and now a lot of users (I'm one of them) are stucked
> > > with outdated versions. A few days ago I installed 5.12.2 and today
> > > suprise is outdated again.  It’s just ridiculously, I have five 5.9.x,
> > > 5.10.0, two 5.11.x and three 5.12.x versions, but NONE is latest version!
> > > Not a single one! 
> > > 
> > >   I propose to go back to the good old times when the Qt online SDK was
> > >   safe
> > > 
> > > and helpful.
> > > 
> > > 
> > >   I'm not against to have a chooice to install a specific version, what
> > >   I'd like is
> > > to install e.g. 5.12 version and the online installer will update it with
> > > the latest
> 
>  5.12.x version automatically.
> > > 
> > >  If an user, for some reason, want's to install a specific version he can
> > >  pick it
> > > from new "Archive" section.
> > > 
> > > 
> > >   As I commented in
> > >   https://blog.qt.io/blog/2019/04/11/updated-qt-installer->; > 
> > > released/,  as a Qt maintainer, I wonder quite often, if it's worth to
> > > spend
> 
>  time to fix bugs that will go in revision/micro versions as long
> > > as even I, as a Qt maintainer, don’t use them! I imagine that the
> > > percentage of Qt users that are using the latest Qt versions is very low…
> > > 
> > > 
> > >   Having said that, pretty please with sugar on top consider to add the
> > > 
> > > needed support to help the users to always use the latest and the safest
> > > Qt
> 
>  version.
> > > 
> > > 
> > > Cheers,
> > > BogDan.
> > > 
> > > 
> > > _______________________________________________
> > > Development mailing list
> > > Development at qt-project.org
> > > https://lists.qt-project.org/listinfo/development
> 
> 
> 
> _______________________________________________
> Development mailing list
> Development at qt-project.org
> https://lists.qt-project.org/listinfo/development

More information about the Development mailing list