Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:89658
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Received-SPF: error (pb1.pair.com: domain telia.com from 81.236.60.155 cause and error)
To: =?UTF-8?Q?Fran=c3=a7ois_Laupretre?= <francois@php.net>
References: <d7986bddhrs5d7o2c6r42g6h9to3au5kq0@4ax.com>
 <90c8ecbc29f8a40a2430306b807a169e@mail.gmail.com> <566464A8.7030203@php.net>
Cc: PHP internals <internals@lists.php.net>
Message-ID: <566468FD.5020001@telia.com>
Date: Sun, 6 Dec 2015 17:57:33 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <566464A8.7030203@php.net>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Subject: Re: [PHP-DEV] PHP 5.6 life cycle
From: bjorn.x.larsson@telia.com (=?UTF-8?Q?Bj=c3=b6rn_Larsson?=)

Den 2015-12-06 kl. 17:39, skrev François Laupretre:
> Le 06/12/2015 13:38, Zeev Suraski a écrit :
>>> -----Original Message-----
>>> From: Jan Ehrhardt [mailto:phpdev@ehrhardt.nl]
>>> Sent: Sunday, December 06, 2015 2:15 PM
>>> To: internals@lists.php.net
>>> Subject: [PHP-DEV] PHP 5.6 life cycle
>>>
>>> See http://php.net/supported-versions.php
>>>
>>> Will PHP 5.6 go into 'security fixes only' on 28 Aug 2015 with a end of
>> life on
>>> 28 Aug 2016? Or will we be postponing this a couple of months?
>> I think you're off by one here, no?
>>
>>> BTW: An end-of-life in Dec 2016 will be in line wih the EOL of OpenSSL
>>> 1.0.1: "Version 1.0.1 will be supported until 2016-12-31."
>>> http://openssl.org/policies/releasestrat.html
>> IMHO, I think we need to look at the 5.6 lifecycle very differently from
>> how we look at 5.5 and earlier.  This is really the 5.x lifecycle as 
>> it's
>> the last version that's relatively completely painless to upgrade to 
>> from
>> 5.x (especially 5.3 and later).
>>
>> PHP 4 was maintained for 4+ years after PHP 5.0 was released (5.0 
>> release
>> July 2004, PHP 4 support ended 8/8/08).  Not saying that we need to 
>> do the
>> same for 5, but one year upgrade cycle for everyone on 5.x doesn't sound
>> reasonable.  I don't have a firm opinion on 'active support' vs. 
>> 'security
>> only' - I think the latter much more closely defines what people truly
>> care about in terms of whether they feel comfortable having the version
>> still deployed or not.
>>
>> At the very least I think we should give 5.6 24 months of lifetime from
>> PHP 7.0's release date (i.e. take it until Dec 2017), but I think we
>> should also consider either extending it even further, or at least 
>> paying
>> attention to the situation on the ground in terms of PHP 5's 
>> popularity as
>> we get closer to that EOL date.  Personally I'm leaning towards having a
>> firm date further down the road than a 'flexible' one, so that we give
>> people a clear and reasonable timeline to upgrade - without risking that
>> they "won't take us seriously" and assume we'd delay the EOL.
>>
>> Zeev
>
> What about modifying the rules to state that :
>
> When a new major version (version N) is released, the latest minor 
> version of the previous major (N - 1) automatically gets one 
> additional year of active support, extending it to 3 years instead of 
> 2. The subsequent 'security fix only' period is maintained to one year.
>
> Regards
>
> François
>
Sounds like a good proposal to me. Starting point for a decision?

Would like to add that given 7.0 major uptake with ISP's coming next
year (at least in my region) it seems prudent to prolong 5.6 lifecycle a
little.

Regards //Björn