Re: Git stable releases

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



John Carlissi <johncarlissi@xxxxxxxxx> writes:

> I noticed that with 2.16.6 development stopped whereas with the latest
> security update, everything 2.17 and newer got the fix. Is there any
> formal definition as to when a minor version is EOL and no longer gets
> security updates?

Nothing formal, but I try not to give a false sense of security by
backmerging a fix to maintenance tracks that are too old.  Unless
a "fix" is quite trivial, it always risks introducing new bugs,
given that most developers and testers work on the more modern
codebase.  A call to a helper that is made to "fix" an issue may be
safe in today's codebase, but the same helper in the ancient
maintenance track may not have been updated to match what the new
callsite expects it to do, for example.

Limiting backmerging also is a way to encourage people to update to
the latest major releases.

I currently aim to limit to at most four or five of maintenance
tracks.  Each development cycle usually lasts for 8-10 weeks, so
that means the shelf life of a major release is about 8 months at
the most---but sometimes people get greedy and demand backmerging to
way older tracks.  The last one for 2.17.x track was an example.

Of course, the above does not mean distro packagers and managers of
platform specific ports are not allowed to backport the fixes to
older codebase than I cut "official" maitenance releases for.




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux