On Wed, Jul 20, 2022 at 11:04 AM Vitaly Zaitsev via devel <devel@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > > On 20/07/2022 08:55, Demi Marie Obenour wrote: > > I also wonder if some features of QtWebEngine, such as the V8 JIT > > compiler or even scripting as a whole, ought to be proactively > > disabled. > > QtWebEngine is an extremely vulnerable thing due to a major lag after > WebKit/Blink security patches. I even decided to build Psi+ client > without WebEngine support. > > But QtWebEngine is also used by GNOME/KDE web browsers (Epiphany, > Falcon). Their users won't be happy after disabling JS engine. Just to clarify, epiphany and other GTK- and WebKit-based browsers don't use QtWebEngine, but WebKitGTK. As far as I know, it doesn't suffer from the same support / late security fixes problem as QtWebEngine, because it's an official WebKit project, and released in parallel with new versions of WebKit. I just noticed that epiphany snapshot builds are even prominently featured in the webkit.org download section :) Fabio _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
