[Digikam-users] digiKam 0.9.4-rc1 release

Gilles Caulier caulier.gilles at gmail.com
Wed Jun 18 19:25:36 BST 2008

2008/6/18 Treeve Jelbert <treeve at scarlet.be>:
> while I welcome a new digikam  release, I think that integrating sqlite3 is a
> backward step.  If a security  fix is made to sqlite3, digikam will not benefit
> from it until it is re-released.
> Is it possible to disable the embedded version when building digikam from
> source?
> As a general rule products should not embed other libraries, as it bloats the
> source code and introduces insecurity, as well as making more work for
> developers.

And this is not the case. For ex, look in Qt for example libpng is
included like qslite3... and this not make a problem.

We don't have any way to control fine witch sqlite3 version used to
compile digiKam. We want a suitable program. This is the only solution

Also, digiKam do not provide a new sqlite3 program. We compile it with
the source code of shared libs. that all.

The source code of sqlite is the same that the official package. if a
security issue is found, we can just update source code and _validate_
the version included.

For KDE4, another way is done : we use QT4::SQLite plugin... which is
also compiled with a dedicated libsqlite version embeded in the

Note : Amarok also include libsqlite3 source code...


Gilles Caulier

More information about the Digikam-users mailing list