On Mon, Mar 04, 2013 at 10:59:49AM -0600, Joe Brockmeier wrote: > On Mon, Mar 4, 2013, at 09:03 AM, David Nalley wrote: > > So software typically has several stages: > > > > Does end of support mean both of these things simultaneously. > > No more bugfixes > > No more security fixes > > > > So wearing your enterprise software consumer hat - does a support > > lifetime of approximately 12 months make sense? (not saying it > > doesn't, just asking the question) Under the above proposal we'd end > > support for the 4.0 line after 4.2 releases. (I'd personally say we > > should add a month (so that EOL is one month after 4.n+2 releases, > > with the understanding that 4.n is likely to only receive security > > fixes if any during that extra one month window) > > Does it matter if we're ending support for 4.0.x if the users can > reliably upgrade to 4.2.x and we're sticking to a no API breakage > policy?
IMO, that was the reason that I suggested it the way I did. Perhaps we consider security updates for the last X feature releases, but bug fixes (non-security) are (again IMO) probably OK being limited to the last feature release. > > Note that a policy saying that we will support (say) 4.2 and 5.0 > wouldn't preclude also pushing out a security fix for 4.1 and 4.0 if it > was not overly difficult to backport the security fix. Right > > The biggest concerns I have are: 1) finding people to address bugs in > older releases and 2) testing the releases - so I'd like to be > conservative in what we promise, but there's no reason we can't > over-deliver if we see a security issue that needs to be addressed. Those are my exact same concerns. > > Best, > > jzb > -- > Joe Brockmeier > j...@zonker.net > Twitter: @jzb > http://www.dissociatedpress.net/ >
