[Development] Changes to Qt offering

Thiago Macieira thiago.macieira at intel.com
Tue Jan 28 03:27:04 CET 2020


On segunda-feira, 27 de janeiro de 2020 15:16:35 PST Kevin Kofler wrote:
> Thiago Macieira wrote:
> > All security fixes are made available to everyone, for all Qt versions
> > that they affect, provided it's still a supported Qt version
> > (or it was easy to make the fix).
> 
> How will this work for QtWebEngine? There are a few dozen security fixes at
> each QtWebEngine point release, how will you make those available? And is a
> version in commercial-only LTS mode even "still a supported Qt version"?
> (Because QtWebEngine with its dozens of security fixes definitely does not
> qualify for the "or it was easy to make the fix" clause.)

With QtWebEngine, you really ought to upgrade to the next minor series, except 
for 5.15. The team retains compatibility with a couple of older versions (I 
don't know the exact policy) and this seems to me like the most indicated 
solution.

> For intermediate LTS releases such as 5.12, there is the option to just
> upgrade to 5.n+1 (e.g., 5.13) instead (where currently those releases will
> even compile against the LTS Qt, and sometimes even against older Qt
> branches, with no changes), but this is not an option for 5.15 (unless
> QtWebEngine 6.0 will be buildable as 5.16 somehow – it would likely not only
> need to build against Qt 5.15, but also need to lie about its major version
> number). So we really need a plan to provide security fixes for QtWebEngine
> 5.15 for a reasonable amount of time (until at least the major network-
> facing consumers such as Falkon, KMail, etc. are all ported to Qt 6).

5.15 needs to be addressed.

-- 
Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel System Software Products





More information about the Development mailing list