GNU bug report logs -
#21288
Qt's bundled libraries must not be used
Previous Next
Reported by: ludo <at> gnu.org (Ludovic Courtès)
Date: Tue, 18 Aug 2015 14:54:01 UTC
Severity: normal
Done: Efraim Flashner <efraim <at> flashner.co.il>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
Hi Andreas,
Andreas Enge <andreas <at> enge.fr> writes:
> Commit bc554b4 compiles qt-5 with the system harfbuzz and removes a bundled
> copy from our source code (the one called harfbuzz-ng; strangely, there is
> another one, called harfbuzz, without which the package does not compile).
>
> Commit 9c32e1f removes the bundled sqlite copy (the system sqlite was already
> used before).
Sounds good, thank you!
> Some other system libraries are already used automatically; to make things
> clearer, we could also remove their source code (from the corresponding
> 3rdparty/ subdirectories).
Yes, I think we should remove as many bundled libraries as possible.
Even if the build system does not use the bundled libFOO today, a future
version might start using it, and so when there's a security flaw found
in libFOO, we will have to double-check to make sure it's really not
being used. It's much easier to just remove the bundled copies.
What do you think?
Mark
This bug report was last modified 5 years and 64 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.