I wrote: > On 09/12/11 08:44, Trevor Parscal wrote: >> I'd like to suggest something Neil has suggested before... >> >> http://semver.org/ > > Maybe we could have an "API version" which corresponds to the rules > given there, like the API version in PHP. > > Our major versions (1.18 etc.) correspond to branches, and so we > sometimes have to introduce non-backwards-compatible changes in minor > releases in order to fix security vulnerabilities. If we only applied > such security changes to new major releases, applying them would be > tied to performing a major and potentially complex upgrade, which > would slow down the mitigation process significantly.
Actually, come to think of it, PHP is probably a bad example for this. I told the PHP devs about a security vulnerability (a dangling pointer) in PHP 4, two years before the branch end-of-life, and they said they couldn't fix it in that branch because it would break the interface. http://thread.gmane.org/gmane.comp.php.devel/34503 -- Tim Starling _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
