Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:76673
Return-Path: <smalyshev@sugarcrm.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 14946 invoked from network); 18 Aug 2014 23:59:09 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 18 Aug 2014 23:59:09 -0000
Authentication-Results: pb1.pair.com smtp.mail=smalyshev@sugarcrm.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=smalyshev@sugarcrm.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain sugarcrm.com designates 108.166.43.67 as permitted sender)
X-PHP-List-Original-Sender: smalyshev@sugarcrm.com
X-Host-Fingerprint: 108.166.43.67 smtp67.ord1c.emailsrvr.com Linux 2.6
Received: from [108.166.43.67] ([108.166.43.67:53844] helo=smtp67.ord1c.emailsrvr.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 15/00-14556-94392F35 for <internals@lists.php.net>; Mon, 18 Aug 2014 19:59:07 -0400
Received: from localhost (localhost.localdomain [127.0.0.1])
	by smtp17.relay.ord1c.emailsrvr.com (SMTP Server) with ESMTP id CC3F118018F
	for <internals@lists.php.net>; Mon, 18 Aug 2014 19:59:01 -0400 (EDT)
X-Virus-Scanned: OK
Received: by smtp17.relay.ord1c.emailsrvr.com (Authenticated sender: smalyshev-AT-sugarcrm.com) with ESMTPSA id 97E69180631
	for <internals@lists.php.net>; Mon, 18 Aug 2014 19:59:01 -0400 (EDT)
X-Sender-Id: smalyshev@sugarcrm.com
Received: from Stass-MacBook-Pro.local ([UNAVAILABLE]. [74.85.23.222])
	(using TLSv1.2 with cipher DHE-RSA-AES128-SHA)
	by 0.0.0.0:465 (trex/5.2.10);
	Mon, 18 Aug 2014 23:59:01 GMT
Message-ID: <53F29345.40607@sugarcrm.com>
Date: Mon, 18 Aug 2014 16:59:01 -0700
Organization: SugarCRM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:31.0) Gecko/20100101 Thunderbird/31.0
MIME-Version: 1.0
To: PHP Internals <internals@lists.php.net>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Subject: 5.4 security only
From: smalyshev@sugarcrm.com (Stas Malyshev)

Hi!

Moving this out of other topics into its own: according to the release
RFC, we should have 5.4 have 2 years of bugfixes & one year of security
fixes. Since 5.4 was released in March 2012, we're already past 2 year
mark. However, we're still have some bugfixes in 5.4, so I'd like to do
this:

- 5.4.32 is released as planned this week, nothing changes there.

- 5.4 branch that is to be 5.4.33 will be the last release that has any
non-security bugfixes. We hope that by the time 5.4.33 is out 5.6.0 is
out too, so that would play nice with the "two stable branches, one
security branch" theme. Starting from that release forward, 5.4 would be
purely security fixes only branch.

- EFFECTIVE IMMEDIATELY, we do not accept new non-security bugfixes into
5.4 branch unless they are very important ones (and that is only because
people may, in theory, have pending patches and we didn't give advance
notice). Importance would have to be determined somewhat arbitrarily,
but basically if it works without it, then it's not in, if there's
serious doubt if it should be in, it's not in, etc. Security issues, of
course, still allowed in.

This means if somebody has some pending non-security fixes that have to
be in 5.4, the following two weeks are the last call, provided that the
fixes really must be in 5.4.

Any objections/suggested modifications to this plan?
-- 
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/