this post was submitted on 09 Dec 2025
124 points (98.4% liked)

Linux

13804 readers
496 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 3 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev
124
Libxml2 Becomes Officially Unmaintained After Maintainer Steps Down (linuxiac.com)
submitted 5 months ago by cm0002@lemmings.world to c/linux@programming.dev
28 comments fedilink hide all child comments
 

In mid-September, we reported that Nick Wellnhofer, the long-time maintainer of the widely used XML parsing library libxml2, planned to step down from the project. A few days ago, that change became official.

When looking at one of the latest commits in the project’s GitLab repository, you can now see the following notice:

“This project is unmaintained and has known security issues (https://gitlab.gnome.org/GNOME/libxml2/-/issues/346). It is foolish to use this software to process untrusted data.”

you are viewing a single comment's thread
view the rest of the comments
[–] onlinepersona@programming.dev 33 points 5 months ago (1 children)

Good on Nick. Do what you want buddy, you had a good run. Go have some fun doing what you love.

Now it's time for a corporate user of libxml2 to donate resources for maintenance and bug fixing or forking it. It doesn't always have to be on the shoulders of unpaid maintainers.

[–] ulterno@programming.dev 5 points 5 months ago (1 children)

Considering that qt6-webengine also depends upon it, I guess someone will come and pick it up soon, or maybe they will just create an alternative?

[–] onlinepersona@programming.dev 3 points 5 months ago (1 children)

My guess, it'll be rewritten in rust.

[–] ulterno@programming.dev 11 points 5 months ago* (last edited 5 months ago) (2 children)

Well, there's already sax, xml-rs and rust-xml.
How many more do you want?

Better off giving more attention to those that already exist than making more rewrites.

[–] The_Decryptor@aussie.zone 2 points 5 months ago

There's also xml5ever, for if you hate XML.

[–] onlinepersona@programming.dev 1 points 5 months ago (1 children)

Didn't know about those. Thanks for bringing them to my attention. I wonder how they compare to libxml2.

[–] ulterno@programming.dev 2 points 5 months ago

I don't know much to compare either, just did a quick search.
I might end up checking some out later when I start doing more stuff with Rust, but nothing for now.