IIRC such a service could threaten the DSF’a nonprofit / charity status. There are certainly third parties that offer this, including OS distributions that will backport security fixes as has been mentioned.
Kye Russell Sent from my iPhone > On 12 Aug 2019, at 11:34 pm, Patryk Zawadzki <pat...@gmail.com> wrote: > > W dniu sobota, 10 sierpnia 2019 18:19:07 UTC+2 użytkownik Uri napisał: >> >> Thanks for your feedback. Eventually I found out that the Django Crispy >> Forms issue was a CSS bug in our CSS code. Anyway not related to Crispy >> Forms, it may take a lot of time and effort to upgrade Django for us, and I >> would prefer to keep using Django 1.11 as much as we can. > > If upgrading looks like a lot of work today, it will be even more work in a > year or two. Today a single dependency may be blocking you from the upgrade. > Unless you have a contract with that dependency's maintainer, there's no > guarantee of the situation ever improving. Soon you may not be able to add a > dependency because it will require a newer version of Django. Anecdotal > evidence: we have an internal policy of not supporting Django versions older > than the current LTS unless we have someone paying for the effort. > > As for the LTS policy: I don't think the current one cuts it. There are > companies who are fine with upgrading once every two years but these > companies could probably also do it every release or two. Then there are > companies who want LTS support and these are often projects that need to run > largely unmodified for five to ten years. I don't think the current LTS > support helps them in any way. I think a better option (for both sides) would > be if the foundation offered paid support for the releases nominated as LTS > and if that support became more expensive every year (to compensate for > having to maintain outdated software and to motivate the company to > eventually allocate the budget to a proper upgrade). Paid support could also > include features like early vulnerability disclosure and instructions for > determining whether an issue was exploitable in a particular project. > -- > You received this message because you are subscribed to the Google Groups > "Django developers (Contributions to Django itself)" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-developers+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-developers/c4fd117b-830e-4274-b563-902973316344%40googlegroups.com. -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/60E5ED20-012A-40E9-AF92-3D66C2009234%40kye.id.au.