Let's reconsider some more applications installed by default

Fri Aug 28 21:11:31 UTC 2015

On Fri, 2015-08-28 at 15:19 -0400, Eric Griffith wrote:
> The one in particular that comes to mind is thermald-- Intel's
> thermal daemon for ensuring Intel CPU's laptops and tablets do not
> overheat and stay within usual temperature ranges. Its a relatively
> small package, and while this is anecdotal evidence, it seemed to
> keep my laptop a few degrees coolers during compiles. Minor addition
> for a better user experience (cooler laps). I've got a spec file for
> it laying around that use privately, though I know there's a copr
> that hosts it as well.

That's very interesting. I have a laptop that overheats all the time; I
wonder if this package would help with my problem. Would be great if we
could get this into Fedora. I will leave it to others to judge if it
should be included by default.

But I'd prefer to keep this thread focused on graphical applications.

> Going back to your original question. Why will the evolution not
> happen? Lack of willpower (no one wants to / Evolution is a mess) or
> lack of manpower (Other things are more important)? I don't use
> Evolution personally so I don't care, it just stood out to me in your
> original mail.

Evolution is a mature app and the developers don't want to redesign it.
And they shouldn't have to, just to conform to GNOME/Fedora's desires
for a mail app. It's a great mail client for GNOME 2 and similar
environments, and that's its end goal.

We currently plan to start a new mail client from scratch: 
https://wiki.gnome.org/Design/Apps/Mail

But nobody has started on it. It would be a big project.

> As far as Firefox / Epiphany.. I vote Firefox only because, like
> LibreOffice, it's a bit of a jewel of open source software. But, if
> Epiphany were to be made the default, is the team sufficiently strong
> and active enough to respond to security issues in a timely manner?

We do security updates every 1-2 months, usually before Apple even
releases a security advisory. We provide security support for six
months after each major release, then an API/ABI-compatible upgrade to
the next major release (on the GNOME release cycle), which Fedora does
not take (since there will always be regressions with such an update),
but should take. So the option of continuous security support is
certainly available. :) We do have a problem in that Apple stopped
giving us CVE IDs, so we haven't been able to do any upstream
advisories in a while. We need to fix that urgently, either by applying
for duplicate CVE IDs, or by just doing advisories without CVEs. You
can see changes backported into 2.8 at [1]. Any bug report that you
can't view has been classed as a security bug (but you can see the
change entry to view the fix). In practice that just means the bug was
found by a researcher rather than a WebKit developer. ;) Recently we
started counting the number of such bugs when releasing Fedora updates;
for instance, [2] says it includes 12 security fixes, and [3] includes
3 fixes.

Note that Epiphany itself very low-maintenance and almost never has
security vulnerabilities (at least, not reported vulnerabilities :), so
it's easy to keep up with. WebKit does have many issues, though, like
other rendering engines, which is why it's very important to only use
the most recent version of WebKit.

[1] http://trac.webkit.org/log/releases/WebKitGTK/webkit-2.8?action=sto
p_on_copy&mode=stop_on_copy&rev=189122&stop_rev=&limit=500
[2] https://bodhi.fedoraproject.org/updates/webkitgtk4-2.8.4-2.fc22
[3] https://bodhi.fedoraproject.org/updates/webkitgtk4-2.8.5-1.fc22