* Michael Starks <[email protected]> [2014-03-10 10:11:19 -0500]:
On 03/08/2014 12:37 PM, Jeremy Rossi wrote:
As you noted, we have a lot of changes. Some of them are major. I'd
rather see a stable 2.7 branch maintained for awhile while we really
break away for 3.0.
I don't understand. Some of the are major yes and some of them change
the contract with the users. Example install will be different, rules
have been removed, and much much more. This means new version not a bug
fix release. So I say release 2.8.
3.0 is a time of HUGE changes and we are not even started on that. I
talk about it but no code has made it in yet.
I guess I am a bit more risk averse than you. OSSEC has a reputation
for being able to handle very large deployments with relative
stability and I believe that's because we have been very conservative
in releases. We're moving fast now, which is great, but we have to be
cautious not to lose the respect we have earned over the years. I
personally know of several large installations in which OSSEC plays a
critical role in their compliance program (especially PCI) and it is
absolutely critical that OSSEC remains stable for those folks. That's
why I suggested maintaining a stable branch for awhile longer while we
integrate all of these exciting new changes.
Who is gonna do that? I don't want to support many different releases.
I am being cautious. I did not define a timeline nor said when things
should happen, but we need to talk about formailzing the process and
look to get someone to start running the process because this could take
months with betas, release candidits, etc. But we should start soon.
And we should do this at least twice a year :)
-Jeremy Rossi
--
---
You received this message because you are subscribed to the Google Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
