| |||||||||||||
Bundled == oldBundled == oldPosted Apr 6, 2012 22:34 UTC (Fri) by scientes (guest, #83068)In reply to: Bundled == old by david.a.wheeler Parent article: Wheeler: Insecure open source software libraries?
perhaps applications can embed blacklists of known-bad version of libraries, and refuse to run if that is the only version available, printing an appropriate error message. That is about the maximum amount of bundling i can find remotely acceptable.
(Log in to post comments)
Bundled == old Posted Apr 7, 2012 7:25 UTC (Sat) by boudewijn (subscriber, #14185) [Link]
It's what we have to do for Calligra right now. All the good Qt hackers seem to be on Qt 5, so Qt 4.8 is pretty bad quality. I've had at least six regressions that affected Krita, but the big one was a regression in editing that made every app that uses the text component crash.
There's a patch and it'll be in Qt 4.8.2.
So what we did is refuse to build against 4.8.0 and 4.8.1, provide an override to that and the patch -- hoping that distributions will patch Qt when they package Calligra.
|
|||||||||||||