On Mar 19, 2012, at 4:18 PM, Doug Cutting wrote: > > We also should decide whether we want to permit ourselves to get in this > pinch again. I think it's avoidable if in the future we only make > releases that are consistent with our other policies. Backports should > be easier for intervening releases. We might reasonably grandfather > 0.22 as skippable for backports as it's too late to fix that now.
Agree. 0.22 & security is somewhat of a special case: # hadoop-0.20.203 (with security) was released in May 2011. # Folks working on branch-0.22 abandoned security much later in-spite of advise against. Thus, there has been sufficient opportunity to fix security in branch-0.22 since it's been repeatedly pointed out. Again, as I mentioned previously, please note that none of this is meant to discourage folks on 0.22 or further releases off the branch. It's just hard to call it hadoop-2 given it's current state or known roadmap. So, let me ask again - is there anyone willing to step up and fix security in branch-0.22? If not, and I haven't seen evidence to the contrary for a very long time now, IMHO this discussion is moot. IAC, at this point everyone is sufficiently entrenched and I don't expect that anyone will be swayed anymore, so we could just call a vote with the options discussed and decide. thanks, Arun
