Fedora 40 Removing Version of WebkitGTK That Many Applications Need.
Fedora 40 will remove the oldest of three builds of WebkitGTK.
As of now, there’s a fairly large list of widely used software, at the bottom of this “change” page that needs this version.
WebkitGTK is part of the GTK toolkit.
Removing it basically means that part of the toolkit, which you told application developers would be available to them is gone.
The stated reason:
“Building three different package versions is slow, and Red Hat does not wish to do so anymore.”
They also stated:
“This is a slimmed-down version of the libsoup 3: Part Two change proposal that was previously rejected by FESCo. Instead of removing all packages that depend on libsoup 2, packages will only be removed if they depend on both libsoup 2 and also WebKitGTK. No effort will be made to remove libsoup 2 from the distribution (though an obsolete HTTP library is a major security risk and packages really ought to stop using it).”
As to the part about it being slow, I’ve built WebkitGTK on my old 2016 laptop in minutes.
As to the part about HTTP 1.1 being slow, bullshit.
I still use HTTP 1.1 in SeaMonkey and it loads most sites as fast as other browsers.
It turned out that after all that time saying that you needed to replace it, that come to find out, when you’re not blocking at the HTTP layer, you usually are blocking due to TCP itself.
As HTTP/2 still runs on top of a single open TCP connection, you can get head-of-line blocking at that level if any TCP packets are delayed or fail to reach the other end of the connection.
So now, and this standard isn’t even 8 years old, HTTP 1.1 is 26 years old and still very widely used, they plot HTTP/2’s demise because it wasn’t well-designed, and they say HTTP/3 won’t even use TCP at all.
It will use UDP and construct its own transport layer (QUIC) and congestion control protocol on top of it. I’m sure they’ll get everything right this time!
Only 36% of the top 10 million Web sites have HTTP/2 support as of July 2023, and that’s actually down from about half in late 2022.
I think we need to stop and ask why servers are turning this off and reverting to HTTP 1.1 before we continue with the propaganda.
Regardless, libsoup 2 probably isn’t that big of a deal, in and of itself. Maybe by libsoup 14 you can finally be fast?
Almost all Web browsers (everything except I think Lynx, SeaMonkey, and possibly a few others) have had HTTP/2 on for a while now, so why would sites start turning it off, I wonder? Anyone?
Sites that don’t want to use TLS more or less have to use HTTP 1.1.
Although the standard for HTTP/2 doesn’t mandate TLS, every browser that implements it does. So they will refuse to connect over HTTP/2 unless you also use TLS.
This whole thing is part of a power grab by the TLS certificate cartel. The “Certificate Authorities”, and it’s an obvious plot to censor what people can even put on the Web in the future.
At some point, if support on Web sites for HTTP/2 became universal, Google could just decide to drop HTTP 1.1 and then TLS would be mandatory.
Some don’t seem to understand why Techrights has a self-signed certificate.
Technically, THIS may not even work someday. Instead of a big scary screen that browsers use to scare your viewers away, the browser may just refuse to connect to the Web site at all without a cartel certificate.
This is another reason to use simpler protocols that Google and Microsoft and various government three letter spy agencies don’t dictate.
I look at Web resources on Gemini and Gopher all the time because it’s less painful once they’ve just been stripped back down of all this Web garbage and reformatted into text, and faster too, even through a proxy!
In Gemini, users are encouraged to use self-signed certificates. Gopher doesn’t have them at all! I’m not doing onling banking with Gopher. Why do I need TLS? ⬆