Michael Starks wrote: >> I don't understand. Some of the are major yes and some of them change >> the contract with the users. Example install will be different, rules >> have been removed, and much much more. This means new version not a bug >> fix release. So I say release 2.8.
I missed the beginning of this conversation, so maybe this was answered.. I see mention of rules being removed. Uh.. why? Removing core rules can be problematic, especially if users are depending on them. Is there something planned to provide feedback about removed rules? >> 3.0 is a time of HUGE changes and we are not even started on that. I >> talk about it but no code has made it in yet. > > I guess I am a bit more risk averse than you. OSSEC has a reputation for > being able to handle very large deployments with relative stability and > I believe that's because we have been very conservative in releases. > We're moving fast now, which is great, but we have to be cautious not to > lose the respect we have earned over the years. I personally know of > several large installations in which OSSEC plays a critical role in > their compliance program (especially PCI) and it is absolutely critical > that OSSEC remains stable for those folks. That's why I suggested > maintaining a stable branch for awhile longer while we integrate all of > these exciting new changes. With respect to releases, numbering, and stability, I would probably err on the side of caution. I would definitely recommend creating a stable release and having it stick around for a while. Granted, 2.7 has been around for a while with only a single bugfix release. This is great for those people that need to remain stable and have a long testing process before upgrading. Moving to a 2.8 or 3.0 release would be where I would expect functional changes. To be honest, I don't see a huge difference between a 2.8 and a 3.0 release. Thus far ossec has basically been using point releases for all major changes. If we were to jump to a 3.0 release from 2.7, I would expect some major changes, far beyond what we've seen from previous point releases. Just my $0.02, not that it's worth much these days.. :) I haven't been incredibly active lately (damn you life!), but I'm still heavily invested in OSSEC and I'd like to see it grow. -- --------------------------- Jason 'XenoPhage' Frisvold [email protected] --------------------------- "Any sufficiently advanced magic is indistinguishable from technology.\" - Niven's Inverse of Clarke's Third Law -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
