1. your link is broken. This should work:
https://lists.fedoraproject.org/archives/list/devel%40lists.fedoraproject...
2. I like the idea!
3. about the FESCO exceptions:
Question: What if my application doesn't process untrusted
input?
Answer: If you're sure your application never processes untrusted input, it is a
special flower. You should request a bundling exception from FESCo if you do not intend to
upgrade.
gnucash does use webkitgtk for rendering charts with JavaScript libraries, so it will
probably need this exception. Anyway, I think it's a bad idea to bundle webkitgtk into
gnucash. Maybe we should just wait after the mass bug filing until the F26/rawhide split.
4. Btw: In the mail referenced above you've written about an update to QtWebKit. How
is it going? Are there any links? How are contingency plans for QtWebKit? Since it has
probably even more security bugs, isn't it time to deprecate it as well?