On 22/07/16 05:00, Michael Catanzaro wrote: > On Thu, 2016-07-21 at 22:04 +0200, Carlos Alberto Lopez Perez wrote: >> Debian is already taking our updates: WebKitGTK+ 2.12 is available on >> the backports repository for stable. > > This hardly counts. Users don't realize the only safe way to use WebKit > is to enable the backports repository.... I gave some comments on > Debian's policy at [1] (scroll down to the Debian heading) which is > good enough for me, as I'm not a Debian developer. > > Regardless, you're right, I'm pretty sure your suggested policy is > better than mine. I would tweak it slightly: > > * We support each major Debian version until one year after the > release of the next major version. > * We support each Ubuntu LTS until one year after the release of the > next Ubuntu LTS. > > In practice, it means we don't depend on anything newer than about > three years old, whereas with your original proposal it would be about > two years. This makes it possible for distros to do security updates > for while longer. Sound good? >
If Debian releases a stable version at the same time than Ubuntu LTS, then with my original proposal, it could happen that our policy would allow to drop support for a version of some dependencies that was only released 2-3 years ago. The thing is that Ubuntu releases the LTS on even years, meanwhile Debian (lately) does that in odd years. But meanwhile Ubuntu guarantees a release date, Debian does not. So there is still a small risk of both releasing on the same year. So I think that your suggestion is reasonable. It ensures that the minimum age of any dependency will be at least 3 years, and that developers using webkitgtk+ will have at least one year to upgrade to the next version of their distro.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ webkit-gtk mailing list [email protected] https://lists.webkit.org/mailman/listinfo/webkit-gtk
