On Wednesday, 6 June 2018 19:57:55 PDT Thiago Macieira wrote: > On Wednesday, 6 June 2018 19:09:00 PDT Lisandro Damián Nicanor Pérez Meyer > > wrote: > > - Is it worth the trade off considering it makes finding security bugs > > more > > > > complicated? > > We're not supposed to find or fix sqlite security issues. We get them from > upstream and upstream supports the single-file build style.
Actually, this is a very important subject, so I just added a session to the QtCS program next week to discuss it. As you may be aware, Intel is taking security VERY seriously and I cannot accept a project I contribute to having any worse policies. Our open source security team also evaluates each project's security policies and they have blacklisted quite a few open source projects from being used in Intel products, so I'd like to make sure Qt continues to comply with the stricter guidelines. -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel Open Source Technology Center _______________________________________________ Development mailing list Development@qt-project.org http://lists.qt-project.org/mailman/listinfo/development
