- cross-posted to:
- hackaday@ibbit.at
- cross-posted to:
- hackaday@ibbit.at
In an excellent example of one of the most overused XKCD images, the libxml2 library has for a little while lost its only maintainer, with [Nick Wellnhofer] making good on his plan to step down by the end of the year.
While this might not sound like a big deal, the real scope of this problem is rather profound. Not only is libxml2 part of GNOME, it’s also used as dependency by a huge number of projects, including web browsers and just about anything that processes XML or XSLT. Not having a maintainer in the event that a fresh, high-risk CVE pops up would obviously be less than desirable.
Extractivists would be welcome to continue being stuck with the GPLv2’d version of the library. The sane world meanwhile can move on with a v3 version that sees community improvements, respects consumer rights, etc.
Current version is actually still MIT: https://gitlab.gnome.org/GNOME/libxml2#license (which is the most preferred license for a low-level library like this)
Ah yeah, same difference.