KDE Is Now Offering A Qt 5.15 LTS Branch Patch-set For The Free Software Community
The Qt Company, the corporation behind the Qt toolkit used by the KDE desktop environment and numerous other free software projects, has been restricting updates to Qt Long Term Support (LTS) releases to paying customers since January 2020. KDE e.V. has announced that they will be maintaining their own Qt 5 "patch collection" for free software users and projects using the Qt 5.15 LTS release.
The Qt Company has been withholding updates and fixes to GPL-licensed Qt LTS versions in an attempt to maximize profits since January 2020. They have also been seriously considering making the entire toolkit proprietary. They have not yet gone that far.
Qt 6.0 was released in December 2020 and the last Qt 5 version, Qt 5.15, is now in practice an unsupported Qt version.
Free free software users were faced with two choices when Qt 5 became a LTS release: They could either run a potentially insecure Qt 5.15 version without the latest security patches, or switch to the latest Qt 6 branch. The latter is not a realistic alternative if you are using a piece of software meant to be built against Qt 5 since there are significant differences between Qt 5 and Qt 6. You can port Qt 5 software to Qt 6, but you can't just replace Qt 5 with Qt 6 and expect that to work without a hassle.
The KDE e.V. foundation, in partnership with the now very profitable Qt Company, is now offering free software users a third option: A Qt5PatchCollection repository for Qt 5.15 with fixes for security issues, crashes and "functional defects". The QT Company had this to say about it in a joint KDE e.V/Qt Company press release:
"The Qt Company and KDE have been co-operating in development of Qt 6 actively and KDE is well set to migrate to Qt 6. Even though our aim has been to make porting to Qt 6 easy and straightforward, we do understand that with a large framework like KDE has porting to Qt 6 takes some time, and such a patch collection can help manage the transition."
What does and does not go into "KDE's" new Qt 5.15 patch collection appears to be decided by the Qt Company, not the KDE e.V. foundation.
"To get a patch merged you must open a Merge Request against the kde/5.15 branch on the corresponding repository in https://invent.kde.org/qt/qt, describing the change as well as the reason it should be merged (e.g. by referencing a relevant defect report in an open source product). Also required is a reference to where it was approved upstream within https://codereview.qt-project.org."
GNU/Linux distributions will be able to apply the patches the KDE e.V. makes available at the behest of the Qt Company to the Qt 5.15 versions they offer in their repositories. Independent free software developers who bundle Qt with their software can do the same. The patch-set is GPL licensed, so proprietary software developers are left out in the cold unless they buy a software license from the Qt Company.
This isn't exactly a win for the free software community, but it is better than nothing. There will, at least, be security updates available in a timely fashion if major GNU/Linux distributions decide to adopt the limited sub-set of LTS patches the Qt Company let the KDE e.V. publish. That's better than nothing.