GNU bug report logs -
#78052
[PATCH] gnu: ungoogled-chromium: Fix WebRTC.
Previous Next
Full log
Message #32 received at 78052 <at> debbugs.gnu.org (full text, mbox):
Hi Nicolas,
Nicolas Goaziou <mail <at> nicolasgoaziou.fr> writes:
> Maxim Cournoyer <maxim.cournoyer <at> gmail.com> writes:
>
>> Nicolas Goaziou <mail <at> nicolasgoaziou.fr> writes:
>>
>> I agree that it has value; wouldn't it only be for testing website
>> problems (it's still a thing in 2025 to find a website feature that only
>> works with Chromium, in a nudge to the good old Internet Explorer
>> days).
>
> My hypothetical use-case is simply to display PDF on a Chromecast. It
> only needs to connect to a LAN.
>
>> But I'm not sure that this value is worth the exposure of unsuspecting
>> user to tens of CVEs:
>
> [...]
>
>> I'd think that most users expect that security matters for web browsers
>> and that they are kept up to date/secure.
>
> Wouldn’t a big fat warning in the description of the package help?
I'm not convinced that'd be enough; existing users would probably not
see it for example. I think going through the deprecation route would
be a more visible option.
Our (info "(guix) Deprecation Policy") suggests a one month period after
the removal PATCH is submitted, plus a news to etc/news.scm broadcasting
the removal in this case, because ungoogled-chromium is probably
considered a 'popular' package.
This would give someone one month to update it, or move it to another
channel (perhaps guix-past could keep legacy browser versions around,
for testing for example).
--
Thanks,
Maxim
This bug report was last modified 48 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.