For trunk/next only I support Yann's thoughts here. Within the ecosystem, do we actually worry about pairing 1.0.0 OpenSSL, pcre 6.x etc with 2.6.0 httpd? Is there any expectation that running SLES 11 will let you build modern packages? Or RHEL 5.x ... while in "extended" pseduo-support, RedHat offers nothing more than critical fixes, and won't target new software to run on that platform. I suggest it isn't our issue to keep a new release running on such thing.
All these dependencies also build on such old platforms, and while it will be rare for a user to wish to run a modern httpd on a more ancient distro, it obviously can be done. My distro component rev tracking table is here, just enabled comments for suggested edits; https://docs.google.com/spreadsheets/d/1y5tENm_L8m0tV5iJHPfg9pQoBTeyjCB8JxwkNEwuH44/edit?usp=sharing Realistically, we should never change our prerequisites on a released version major.minor, so 2.4 is set in stone. Even with APR we had long ago agreed to support 1.5.x for the lifespan, although some new modules or features would not be supported with that older flavor. But with any httpd version.next, if it is already part of the modern vendor distribution ecosystem, let's move on. By the time vendors adopt, we are time-shifted into relevance. On Mar 16, 2018 07:44, "Eric Covener" <[email protected]> wrote: On Fri, Mar 16, 2018 at 8:36 AM, Yann Ylavic <[email protected]> wrote: > On Fri, Mar 16, 2018 at 1:34 PM, Yann Ylavic <[email protected]> wrote: >> As already said on the other thread... >> >> On Fri, Mar 16, 2018 at 1:07 PM, Rainer Jung <[email protected]> wrote: >>> >>> Do we have more data points? Opinions about increasing to 1.0.1? >> >> +1, and while at it I think I think we should even require 1.0.2 (if >> possible) since 1.0.1 in no longer supported at OpenSSL. > > Per: https://www.openssl.org/policies/releasestrat.html Although I personally have no need with $bigco hat on (no openssl/mod_ssl here) I would not want to go too far and make life overly difficult for maintainers who are several years into some long/complicated support lifecycle. Not that I know 1.0.2 is somehow problematic or anything.
