David Craven <da...@craven.ch> writes: >> One thing that worries me about Inox is that version 53 is very old and >> likely contains known vulnerabilities. Do you know if they backport >> fixes? If not, I think we should try to stick with upstream Chromium. > > This is due to me not having worked on it for a while. Inox are just a couple > of patches and default configure flags, but it's still chromium. I'm not too > concerned with inox, but *whisper* I got the impression that there where > FSDG issues with chromium. By applying a bunch of patches and calling it > inox instead of chromium, I think it could be considered a "good faith > effort", > and the problem avoided until someone complains. > > Another interesting collection of chromium patches would be: > https://github.com/Eloston/ungoogled-chromium
I actually picked most of the patches from ungoogled-chromium (which includes inox and iridium), but skipped "high maintenance" ones. This started as an attempt to package that very project, but they were lagging too far behind upstream IMO. FSDG problems is the reason I haven't advertised it. At the very least, the Google integrations should be disabled and analytics removed (but Chromium can't currently build without either). I think if most of the "FIXMEs" are resolved upstream, it might be eligible for a free distro. Now that the cat is out of the box, feel free to send patches somewhere and I'll incorporate them in the branch :-)
signature.asc
Description: PGP signature
