FWIW, I'm inclined to agree with James and Gabriel that having security only releases on the bugfix branch will increase confusion, and will increase the likelihood that human error with regards to packages (both by the Django team and by Django users) is the cause of both more security problems and more regressions.
Gabriel wrote: > 1) Even security patches can introduce regressions, so creating a > security-fix only branch doesn't inherently provide a regression-free > branch; it only make it less likely by decreasing the number of > changes which could potentially contain a bug. A case in point being the admin lookup security fix in 1.2.4. Luke -- "Underachievement: The tallest blade of grass is the first to be cut by the lawnmower." (despair.com) Luke Plant || http://lukeplant.me.uk/ -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
