[webkit-gtk] About the policy of (non) updating minimum build-dependencies

Carlos Alberto Lopez Perez clopez at igalia.com
Thu Jul 21 13:04:29 PDT 2016 

On 20/07/16 15:52, Michael Catanzaro wrote:
> On Wed, 2016-07-06 at 19:22 +0200, Carlos Alberto Lopez Perez wrote:
>> So, perhaps we can change that policy to something more practical
>> like:
>>
>> "WebKitGTK+ has to build both on the last version of Debian stable
>> and
>> the last version of Ubuntu LTS".
> 
> It's a good proposal. The disadvantage is that it ties our dependency
> policy towards distros that do not take our updates. If Ubuntu or
> Debian were to start taking our security updates, then of course we
> should cater our policy to them, but that's not the world we live in.
> 

Debian is already taking our updates: WebKitGTK+ 2.12 is available on
the backports repository for stable.

They are not including it on the main security repository for a number
of reasons [1]. If you don't like that and you want to change it, then
proper place to discuss it is on the debian-devel mailing list and not here.

Also, I really don't think the policy about dependencies should take
only into account what distributions are taking our updates.

The purpose of allowing to build the last WebKitGTK+ on the last Ubuntu
LTS is not to make things easier for those Ubuntu developers that won't
update WebKitGTK+ to a major version on a LTS distro.

The purpose is to make things easier for the developers that develop
WebKitGTK+ or use it for their application, and at the same time happen
to run Ubuntu LTS.

If some developer is working on an application that uses WebKitGTK+ they
can download our last tarball, build it, and use it to test their
application. And they can do that on the last Ubuntu LTS. Which is nice
and makes their life easier because they are not forced to choose
between "change of distro or don't use WebKitGTK+".

Regards
-------
[1]
https://www.debian.org/releases/stable/amd64/release-notes/ch-information.en.html#browser-security

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 883 bytes
Desc: OpenPGP digital signature
URL: <https://lists.webkit.org/pipermail/webkit-gtk/attachments/20160721/38967a20/attachment.sig>

More information about the webkit-gtk mailing list