[Development] Changes to Qt offering
kevin.kofler at chello.at
Tue Jan 28 00:16:35 CET 2020
Thiago Macieira wrote:
> All security fixes are made available to everyone, for all Qt versions
> that they affect, provided it's still a supported Qt version
> (or it was easy to make the fix).
How will this work for QtWebEngine? There are a few dozen security fixes at
each QtWebEngine point release, how will you make those available? And is a
version in commercial-only LTS mode even "still a supported Qt version"?
(Because QtWebEngine with its dozens of security fixes definitely does not
qualify for the "or it was easy to make the fix" clause.)
For intermediate LTS releases such as 5.12, there is the option to just
upgrade to 5.n+1 (e.g., 5.13) instead (where currently those releases will
even compile against the LTS Qt, and sometimes even against older Qt
branches, with no changes), but this is not an option for 5.15 (unless
QtWebEngine 6.0 will be buildable as 5.16 somehow – it would likely not only
need to build against Qt 5.15, but also need to lie about its major version
number). So we really need a plan to provide security fixes for QtWebEngine
5.15 for a reasonable amount of time (until at least the major network-
facing consumers such as Falkon, KMail, etc. are all ported to Qt 6).
More information about the Development