dev-python/spyder depends on dev-qt/qtwebkit:4 which is ancient and will never see any security updates. Since 3.0.2-r1 can alternatively depend on PyQt5, I'd suggest to drop 2.3.9 and drop any transitive qtwebkit:4 dependencies from 3.0.2-r1 (PyQt4, pyside:0).
ping...
Cleaned up as proposed.