dos1
commented
1 year ago Also, aside of obvious security implications, having a 2 years old web engine makes the itch app increasingly useless for running HTML games.
Open SCOTT-HAMILTON opened 2 years ago
dos1
commented
1 year ago Also, aside of obvious security implications, having a 2 years old web engine makes the itch app increasingly useless for running HTML games.
Anderssorby
commented
1 year ago This is a quite breaking problem. Sad to see that this hasn't been given attention so far. @fasterthanlime any comments? How much work would it be to upgrade to a later version of electron?
Anderssorby
commented
1 year ago I see that dependabot already has suggested this upgrade #2879
techsy730
commented
1 year ago I have to give itch.io some leeway here.
Electron's release cycle is way too frickin' fast. They release a major version every 8 weeks, and only have active support for the last 4 major versions. That is about 7-8 months of support for any given major version release, and they have no LTS system.
This might be fine for a complete app like Chromium, but for something meant to be reused and embedded as an engine and API, that (should be) unacceptable.
It's completely understandable why many apps out there using electron are using versions long since EOLed.
davidak
commented
1 year ago I have to give itch.io some leeway here.
They decided to use Electron. They could have choosen some other GUI framework like GTK, which would also produce native apps that look like a native app cross-platform. This is just bad, insecure, poorly maintained software.
SuperSamus
commented
1 year ago Fixed by 164fa9f5a12f1184b55e7fcca3ff36ed58e86466.
Nixpkgs' package can't build because itch uses electron 11.5.0 which has reached end of life cf https://www.electronjs.org/docs/latest/tutorial/electron-timelines#timeline and is thus becoming a potential security breach.