How safe is wxWidgets in terms of third-party software libraries/modules and open source/COTS components

This forum can be used to talk about general design strategies, new ideas and questions in general related to wxWidgets. If you feel your questions doesn't fit anywhere, put it here.
Post Reply
itachiboi999
Knows some wx things
Knows some wx things
Posts: 32
Joined: Mon Nov 15, 2021 7:06 pm

How safe is wxWidgets in terms of third-party software libraries/modules and open source/COTS components

Post by itachiboi999 »

Hi all, I'm trying to use wxWidgets in a tool i wish to deploy and wanted to see if anyone had general or in-depth information on how secure, safe, and approved wxWidgets was in terms of being used and listed as a third-party software library/module in a professional application.

The security team has to approve all third-party software libraries/modules and open source/COTS components, and therefore I was wondering if anyone here could provide information and/or direction on what to use and overall how to defend the security of wxWidgets.

Thank you in advance! I appreciate the help!! :)
User avatar
doublemax
Moderator
Moderator
Posts: 17608
Joined: Fri Apr 21, 2006 8:03 pm
Location: $FCE2

Re: How safe is wxWidgets in terms of third-party software libraries/modules and open source/COTS components

Post by doublemax »

I don't think there are any independent security audits for the wxWidgets code base. Maybe you should try asking on the wx-users group where you can reach the core wx developers: https://groups.google.com/g/wx-users

But it is open source and has a relatively big number of users. I think it's pretty safe to assume that there are at least no intentional security leaks in wxWidgets.

What's the alternative? You can exclusively work with closed source libraries, e.g. from Microsoft. Or you can code everything low-level in assembly talking directly to the Win32 API without any external libraries. In both cases you only have to deal with the security leaks in the Microsoft parts :)
Use the source, Luke!
ONEEYEMAN
Part Of The Furniture
Part Of The Furniture
Posts: 6226
Joined: Sat Apr 16, 2005 7:22 am
Location: USA, Ukraine

Re: How safe is wxWidgets in terms of third-party software libraries/modules and open source/COTS components

Post by ONEEYEMAN »

Hi,
wxWidgets is an approved software of the US Government (as COTS), even though it is open-source.

If you work there, you don't need an approval - its already in the list.

Thank you.
User avatar
doublemax
Moderator
Moderator
Posts: 17608
Joined: Fri Apr 21, 2006 8:03 pm
Location: $FCE2

Re: How safe is wxWidgets in terms of third-party software libraries/modules and open source/COTS components

Post by doublemax »

ONEEYEMAN wrote: Mon Sep 12, 2022 3:08 pm wxWidgets is an approved software of the US Government (as COTS), even though it is open-source.
Do you have a source for that?
Use the source, Luke!
ONEEYEMAN
Part Of The Furniture
Part Of The Furniture
Posts: 6226
Joined: Sat Apr 16, 2005 7:22 am
Location: USA, Ukraine

Re: How safe is wxWidgets in terms of third-party software libraries/modules and open source/COTS components

Post by ONEEYEMAN »

Hi,
Its used currently as a GUI library for a US Army product.
Sorry - can't say more.

But I can dig it up if you want.

The product is fileded and used and it was being used extensively.

Now - I consider US Army part of US Government.

And I was hired to support that product (in 2015).

This product unfortunately is rewritten in Qt, but people who played with both and who were used thenm AND people who I worked with on the second project say the first one (wx based) is better. And I feel the same way.

Thank you.
Post Reply