eschutho edited a comment on issue #12566: URL: https://github.com/apache/superset/issues/12566#issuecomment-763901006
> We also don't have to immediately release another major version if the features in the work were not breaking changes. Yeah, I agree. After thinking about it more, if we released the security fix as a patch on the previous version with a major bump, I don't think the next version will necessarily need to be another major version. It could be a minor. > If someone pinned their Superset deployment to the most recent minor release and chose to ignore (or wait for maturity of) a new major release, they might not notice the change, either. So maybe in addition to publishing the breaking security fix as a major version, we should also release a minor version that adds a deprecation warning. That's a good point. So your preference would be to go with the original proposal which is to push a patch fix out ( I think it could likely be a patch instead of a minor if we only cherry-pick the security fix and that should get picked up with pinned minor versions) and then fast follow with the major? Or to go straight to the major version, with the expectation that that pushing out a new version will be less work in the future? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
