Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:76698 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 79143 invoked from network); 19 Aug 2014 11:08:37 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 19 Aug 2014 11:08:37 -0000 Authentication-Results: pb1.pair.com smtp.mail=julienpauli@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=julienpauli@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.220.179 as permitted sender) X-PHP-List-Original-Sender: julienpauli@gmail.com X-Host-Fingerprint: 209.85.220.179 mail-vc0-f179.google.com Received: from [209.85.220.179] ([209.85.220.179:33537] helo=mail-vc0-f179.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 52/94-55441-43033F35 for ; Tue, 19 Aug 2014 07:08:37 -0400 Received: by mail-vc0-f179.google.com with SMTP id hq11so7252838vcb.10 for ; Tue, 19 Aug 2014 04:08:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=Fwpz3TjgKEEr9cx3gdL4wLIj94D7PpOLj5KNABStRZo=; b=GcZbA2iv/STKwcLVLc4DXQCC1/dFfd0JrjQP8YKJ2DIsQEIncxEp6EM+J031lDrlBH BxiwVQnbl4D+AMyXQoRwsL2BQAA1EISjSxcydYXXleufaRtaZZ+gA/ygMW5Dt3F3fKpt Ai/VvVdE6FtHvLyTC/uXkCsqnmmq0lPHCOby3D4ALs2TS/RwXsWZdCYPnHnAS7TLcBLW StH18PCse9bsN1gj7raoe5D7rE12o3cJKbekh77iRBFy4gxe4Npbmx+Ym37Sl3XsrULH ajeclRMUrR9GdMGnU/Z7KxFK+AzJyviCblA7Hxqqa27/LU8uyDR7dB8y0HhjJ/mQ/uAu 9frg== X-Received: by 10.52.245.66 with SMTP id xm2mr1797364vdc.36.1408446513622; Tue, 19 Aug 2014 04:08:33 -0700 (PDT) MIME-Version: 1.0 Sender: julienpauli@gmail.com Received: by 10.220.30.70 with HTTP; Tue, 19 Aug 2014 04:07:53 -0700 (PDT) In-Reply-To: <53F29345.40607@sugarcrm.com> References: <53F29345.40607@sugarcrm.com> Date: Tue, 19 Aug 2014 13:07:53 +0200 X-Google-Sender-Auth: p8siSvUHB09hWJ0Lp315PIfTf3g Message-ID: To: Stas Malyshev Cc: PHP Internals Content-Type: text/plain; charset=UTF-8 Subject: Re: [PHP-DEV] 5.4 security only From: jpauli@php.net (Julien Pauli) On Tue, Aug 19, 2014 at 1:59 AM, Stas Malyshev wrote: > Hi! > > Moving this out of other topics into its own: according to the release > RFC, we should have 5.4 have 2 years of bugfixes & one year of security > fixes. Since 5.4 was released in March 2012, we're already past 2 year > mark. However, we're still have some bugfixes in 5.4, so I'd like to do > this: > > - 5.4.32 is released as planned this week, nothing changes there. > > - 5.4 branch that is to be 5.4.33 will be the last release that has any > non-security bugfixes. We hope that by the time 5.4.33 is out 5.6.0 is > out too, so that would play nice with the "two stable branches, one > security branch" theme. Starting from that release forward, 5.4 would be > purely security fixes only branch. > > - EFFECTIVE IMMEDIATELY, we do not accept new non-security bugfixes into > 5.4 branch unless they are very important ones (and that is only because > people may, in theory, have pending patches and we didn't give advance > notice). Importance would have to be determined somewhat arbitrarily, > but basically if it works without it, then it's not in, if there's > serious doubt if it should be in, it's not in, etc. Security issues, of > course, still allowed in. > > This means if somebody has some pending non-security fixes that have to > be in 5.4, the following two weeks are the last call, provided that the > fixes really must be in 5.4. > > Any objections/suggested modifications to this plan? This seems just right to me. +1 Julien