Hi Dominik, On Thu, 17 Oct 2024 at 07:41, Dominik Psenner <dpsen...@gmail.com> wrote: > I agree and wanted to point out, we could recommend projects to have clear > communication about what consumers can expect from their products. That > promise should be a close match to reality. The promise probably would have > to be kept up to date as time passes by and "things change".
The author of `endoflife.date` published a set of recommendations[1] for publishing versioning and end-of-life data. Maybe we can come up with a common template for multiple projects. I would be happy to just shortly remind the user what semantic versioning means and what "BUGFIX ONLY" means and redirect the user to the appropriate definitions ([2] for semantic versioning and some ASF page for the level of support, e.g. Airflow). There are also some reporting keywords[3] like "New", "Ongoing", "Dormant", "At risk" that we could convey to the public for sub-projects. The purpose would be to make the public aware that if they don't start contributing to a "dormant/at risk" sub-project (e.g. Flume), the sub-project will reach EOL. Piotr [1] https://endoflife.date/recommendations [2] https://semver.org/ [3] https://www.apache.org/foundation/board/reporting#guidelines --------------------------------------------------------------------- To unsubscribe, e-mail: security-discuss-unsubscr...@community.apache.org For additional commands, e-mail: security-discuss-h...@community.apache.org
