In mid-September, we reported that Nick Wellnhofer, the long-time maintainer of the widely used XML parsing library libxml2, planned to step down from the project. A few days ago, that change became official.
When looking at one of the latest commits in the project’s GitLab repository, you can now see the following notice:
“This project is unmaintained and has known security issues (https://gitlab.gnome.org/GNOME/libxml2/-/issues/346). It is foolish to use this software to process untrusted data.”
Where were you when libxml2 die?
I was at house eating dorito when Lemmy ring.
“libxml2 is kil”
“no”
I actually used it the other day to grab a value from an xml file.
xml files have a value?
Landfill.
Good on Nick. Do what you want buddy, you had a good run. Go have some fun doing what you love.
Now it’s time for a corporate user of libxml2 to donate resources for maintenance and bug fixing or forking it. It doesn’t always have to be on the shoulders of unpaid maintainers.
Considering that
qt6-webenginealso depends upon it, I guess someone will come and pick it up soon, or maybe they will just create an alternative?My guess, it’ll be rewritten in rust.
Well, there’s already
sax,xml-rsandrust-xml.
How many more do you want?Better off giving more attention to those that already exist than making more rewrites.
Didn’t know about those. Thanks for bringing them to my attention. I wonder how they compare to libxml2.
I don’t know much to compare either, just did a quick search.
I might end up checking some out later when I start doing more stuff with Rust, but nothing for now.
Never bothered to check how many packages depend on libxml2. It’s 418 packages that directly depends on it.
I hope this is a nail in the coffin for xml. It’s just so unpleasant to work with, even through great libraries.
Wishful thinking. XML is going to be around for a very long time.
Don’t podcasts and RSS still rely heavily on XML?
Lots of stuff uses XML still.
That’s super underselling it. Open Financial Exchange OFX is still the go-to for markets and banks to exchange information with various end user devices. ISO 20022 is a standard used in banking that is XML based. Fedwire, the platform that moves money between the central banks completed transition to XML in July… of this year.
Credit reporting agencies, insurance agencies, hospitals, medicare, medicaid, massive amounts of the entire global logistics industry are heavily using XML with no plans in the near future to move off of it. Like the network that handles auto insurance claims and reporting them to people like LexisNexus is all XML.
Like it’s impossible to cover just how much of this planet runs on XML.
Electrical Vehicles use EXI to communicate with chargers, which is just compressed xml
It was in fact these non-browser interests that initially poisoned W3C to take the position of completely abandoning html for XML back in 2004… Where the browser companies immediately ignored the decision and formed their own working group (whatwg) which worked on almost all new web technologies post html4.
Don’t forget the OpenDocument format of LibreOffice and the other format of the other office suite. Yeah, these will be retired any day now.
Also these.
Declarative structured data is super important it turns out
Every office suite document format is just a disguised ZIP archive full of XML files.
two have expressed interest in taking over: https://gitlab.gnome.org/GNOME/libxml2/-/commit/9c80a89af2fdf4f853892f84e46580f4902658ba#note_2626536
Yes, things will be so much better when we eventually replicate all of XML’s functionality in JSON.
Well we’ve recreated namespaces, and JSON already has a completely useless type system, so it’s pretty much already there.
It’s great for non-HTML markup, like https://hyperview.org/.
A lot of the hate is undeserved. It has had awful paradigms built around it (like SOAP), but that doesn’t make XML inherently bad by any means.
Sure it is, but I don’t see a good enough replacement.
Although I have only used XML a couple of times, which were in other people’s projects, and considering their low complexity, they might as well have used JSON, XML does have a space where JSON is not good enough.
