sdl3-image: disable STBI for more security and performance #400074
Description
Nixpkgs version
- Unstable (25.05)
Describe the bug
Currently, sdl3-image uses stb_image for png and jpeg image loading.
stbi is nice for getting up fast on a new platform, or when you are in control of all of your files/assets.
But as they say themselfs:
This project discusses security-relevant bugs in public in Github Issues and Pull Requests, and it may take significant time for security fixes to be implemented or merged. If this poses an unreasonable risk to your project, do not use stb libraries.
Not only that, but stbi is also slower at loading images and supports generally less features.
This should be easy to fix. Just add -DSDLIMAGE_BACKEND_STB=OFF and the libpng and libjpeg dependencies.
xref: #384531
Expected behaviour
Use system libpng and libjpeg.
Notify maintainers
Note for maintainers: Please tag this issue in your pull request description. (i.e. Resolves #ISSUE.)
I assert that this issue is relevant for Nixpkgs
- I assert that this is a bug and not a support request.
- I assert that this is not a duplicate of an existing issue.
- I assert that I have read the NixOS Code of Conduct and agree to abide by it.
Is this issue important to you?
Add a 👍 reaction to issues you find important.