[Development] Qt online SDK security problems

Khuram Ali khuram.ali at aim.com
Thu Apr 18 11:31:57 CEST 2019


I agree. Why not offer a patch for the bug fixes, instead of a new release which needs to be installed separately.

Regards,
Khuram Ali

Sent from my iPhone

> On 18. Apr 2019, at 11:20, Bernhard Lindner <private at bernhard-lindner.de> wrote:
> 
> Actually the Qt update behavior annoys my as well.
> 
> I wish there would be two checkbox options in the maintenance tool:
>   "Install new bug fix versions automatically"
>   "Install new minor versions automatically"
> 
> This is reasonable, isn't it?
> 
> -- 
> Best Regards
> Bernhard Lindner
> 
>> 
>> As I said, they still have the possibility to install a specific Qt version 
>> and stick with it. The installer will not force them to use the latest 
>> version! If some companies prefer to use outdated software which might have 
>> security issues is their choice, what I'm asking is for an easy way for the 
>> other companies/people to use the latest Qt versions.
>>  One of the biggest problems when installing multiple Qt versions is that you 
>> end-up with multiple Kits in QtCreator. Small projects can switch from one kit 
>> to another very easy, but complex projects which need lots of custom qmake 
>> params or custom Build/Run steps are not that easy to swicth to another Qt 
>> version.
>>  Last but not least, it's a waste of disk space. Just ~/Qt/5.12.2 
>> (android_arm64_v8a+android_armv7+gcc_64) installation has 1.7GB.
>> 
>> Cheers,
>> BogDan.
>> 
>> În ziua de joi, 18 aprilie 2019, la 11:18:30 EEST, Maurice Kalinowski a scris:
>>> Hey,
>>> 
>>> Disclaimer: I am not involved in the decision making process for this
>>> update.
>> 
>> 
>>> However, one frequent feedback has been, that users (customers) did not like
>>> the fact that the installer changed the specific Qt version "under the
>>> hood".
>> 
>> It was specifically requested that each user has to select the
>>> version to use. This is related to the fact, that many companies decide on
>>> one version and updating to a new one involves quite a lot of QA and other
>>> processes. Only then, developers are allowed to switch to a newer version. 
>>> This is (IIRC) why the installer switched to this approach.
>>> 
>>> I can see your point as well, especially when your project is flexible
>>> enough to update dependencies. But that is not the case for many projects
>>> out there.
>> 
>> 
>>> BR,
>>> Maurice
>>> 
>>> 
>>> 
>>>> -----Original Message-----
>>>> From: Development <development-bounces at qt-project.org> On Behalf Of
>>>> BogDan Vatra via Development
>>>> Sent: Thursday, April 18, 2019 9:24 AM
>>>> To: development at qt-project.org
>>>> Subject: [Development] Qt online SDK security problems
>>>> 
>>>> Hi,
>>>> 
>>>> 
>>>>  Long time ago the Qt online SDK used to help the users to use the latest
>>>>  and
>>>> the safest Qt version all the time. Sadly that was changed, IMHO without
>>>> too
>> 
>> much thinking, and now a lot of users (I'm one of them) are stucked
>>>> with outdated versions. A few days ago I installed 5.12.2 and today
>>>> suprise is outdated again.  It’s just ridiculously, I have five 5.9.x,
>>>> 5.10.0, two 5.11.x and three 5.12.x versions, but NONE is latest version!
>>>> Not a single one! 
>>>> 
>>>>  I propose to go back to the good old times when the Qt online SDK was
>>>>  safe
>>>> 
>>>> and helpful.
>>>> 
>>>> 
>>>>  I'm not against to have a chooice to install a specific version, what
>>>>  I'd like is
>>>> to install e.g. 5.12 version and the online installer will update it with
>>>> the latest
>> 
>> 5.12.x version automatically.
>>>> 
>>>> If an user, for some reason, want's to install a specific version he can
>>>> pick it
>>>> from new "Archive" section.
>>>> 
>>>> 
>>>>  As I commented in
>>>>  https://blog.qt.io/blog/2019/04/11/updated-qt-installer->; > 
>>>> released/,  as a Qt maintainer, I wonder quite often, if it's worth to
>>>> spend
>> 
>> time to fix bugs that will go in revision/micro versions as long
>>>> as even I, as a Qt maintainer, don’t use them! I imagine that the
>>>> percentage of Qt users that are using the latest Qt versions is very low…
>>>> 
>>>> 
>>>>  Having said that, pretty please with sugar on top consider to add the
>>>> 
>>>> needed support to help the users to always use the latest and the safest
>>>> Qt
>> 
>> version.
>>>> 
>>>> 
>>>> Cheers,
>>>> BogDan.
>>>> 
>>>> 
>>>> _______________________________________________
>>>> Development mailing list
>>>> Development at qt-project.org
>>>> https://lists.qt-project.org/listinfo/development
>> 
>> 
>> 
>> _______________________________________________
>> Development mailing list
>> Development at qt-project.org
>> https://lists.qt-project.org/listinfo/development
> 
> _______________________________________________
> Development mailing list
> Development at qt-project.org
> https://lists.qt-project.org/listinfo/development



More information about the Development mailing list