please consider removing webkitgtk

Hello, WebKitGTK+ has recently started issuing regular security
updates[1]. These updates have been made available for the "webkit2"
version of WebKitGTK+, which is our webkit2gtk package. In a progress
report about the updates[2] Michael Catanzaro has asked distributions
to stop shipping the older version. The post includes, in part:

> [T]his old version of WebKit is affected by over 200 known
> vulnerabilities and really has to go sooner rather than later. We’ve
> agreed to remove WebKitGTK+ 2.4 and its dependencies from Fedora rawhide
> right after Fedora 26 is branched next month, so they will no longer be
> present in Fedora 27 (targeted for release in November).

It'd be nice to follow suit so that we don't ship this version of WebKit
in 18.04 LTS.

This transition may not be easy:

$ reverse-depends src:webkitgtk
Reverse-Depends
===============
* apvlv (for libwebkitgtk-3.0-0)
* balsa (for libjavascriptcoregtk-1.0-0)
* balsa (for libwebkitgtk-1.0-0)
* banshee (for libwebkitgtk-1.0-0)
* bibledit-gtk (for libwebkitgtk-1.0-0)
* bijiben (for libwebkitgtk-3.0-0)
* cairo-dock-plug-ins (for libwebkitgtk-3.0-0)
* cinnamon (for gir1.2-javascriptcoregtk-3.0)
* cinnamon-screensaver-webkit-plugin (for gir1.2-webkit2-3.0)
* claws-mail-fancy-plugin (for libwebkitgtk-1.0-0)
* cyclograph-gtk3 (for gir1.2-webkit-3.0)
* emacs25 (for libwebkitgtk-3.0-0)
* empathy (for libwebkitgtk-3.0-0)
* geany-plugin-devhelp (for libwebkitgtk-1.0-0)
* geany-plugin-markdown (for libwebkitgtk-1.0-0)
* geany-plugin-webhelper (for libwebkitgtk-1.0-0)
* geary (for libwebkitgtk-3.0-0)
* gnome-web-photo (for libwebkitgtk-3.0-0)
* gnucash (for libwebkitgtk-1.0-0)
* gphpedit (for libwebkitgtk-1.0-0)
* gtkpod (for libwebkitgtk-3.0-0)
* guitarix (for libwebkitgtk-1.0-0)
* libwebkit1.1-cil (for libwebkitgtk-1.0-0)
* libwebkitgtk3.0-cil (for libwebkitgtk-3.0-0)
* libwxgtk-webview3.0-0v5 (for libwebkitgtk-1.0-0)
* liferea (for libwebkitgtk-3.0-0)
* lightdm-webkit-greeter (for libjavascriptcoregtk-1.0-0)
* lightdm-webkit-greeter (for libwebkitgtk-1.0-0)
* luakit (for libjavascriptcoregtk-1.0-0)
* luakit (for libwebkitgtk-1.0-0)
* maildir-utils-extra (for libwebkitgtk-3.0-0)
* midori (for libwebkitgtk-1.0-0)
* midori (for libjavascriptcoregtk-1.0-0)
* monodevelop (for libwebkitgtk-1.0-0)
* node-topcube (for libwebkitgtk-1.0-0)
* osmo (for libwebkitgtk-1.0-0)
* python-webkit (for libwebkitgtk-1.0-0)
* ruby-webkit-gtk (for gir1.2-webkit-3.0)
* sugar-read-activity (for gir1.2-webkit-3.0)
* surf (for libjavascriptcoregtk-3.0-0)
* surf (for libwebkitgtk-3.0-0)
* thawab (for gir1.2-webkit-3.0)
* typecatcher (for gir1.2-webkit-3.0)
* ubuntu-release-upgrader-gtk (for gir1.2-webkit-3.0)
* uzbl (for libwebkitgtk-1.0-0)
* uzbl (for libjavascriptcoregtk-1.0-0)
* variety (for gir1.2-webkit-3.0)
* webkit-image-gtk (for libwebkitgtk-1.0-0)
* webkit2pdf (for libwebkitgtk-1.0-0)
* xiphos (for libwebkitgtk-3.0-0)
* xombrero (for libjavascriptcoregtk-3.0-0)
* xombrero (for libwebkitgtk-3.0-0)
* xtrkcad (for libwebkitgtk-1.0-0)
* zekr (for libwebkitgtk-1.0-0)

The Fedora plans include removing all packages that aren't upgraded[3]:

> Dependencies that are not updated to use modern WebKit will not be
> present in Fedora 27.

Thanks

1: https://blogs.gnome.org/mcatanzaro/2016/02/01/on-webkit-security-updates/
2: https://blogs.gnome.org/mcatanzaro/2017/02/08/an-update-on-webkit-security-updates/
3: https://bugzilla.redhat.com/show_bug.cgi?id=1375784