git@vger.kernel.org mailing list mirror (one of many)
 help / color / mirror / code / Atom feed
From: Junio C Hamano <gitster@pobox.com>
To: John Carlissi <johncarlissi@gmail.com>
Cc: git@vger.kernel.org
Subject: Re: Git stable releases
Date: Sun, 24 May 2020 09:26:12 -0700	[thread overview]
Message-ID: <xmqq367pqoyj.fsf@gitster.c.googlers.com> (raw)
In-Reply-To: CAGa9yXqOY0onB4cg4rjCY+RCL7qqxtYDBT+B9DoJ3nwpKh5_Hg@mail.gmail.com

John Carlissi <johncarlissi@gmail.com> writes:

> I noticed that with 2.16.6 development stopped whereas with the latest
> security update, everything 2.17 and newer got the fix. Is there any
> formal definition as to when a minor version is EOL and no longer gets
> security updates?

Nothing formal, but I try not to give a false sense of security by
backmerging a fix to maintenance tracks that are too old.  Unless
a "fix" is quite trivial, it always risks introducing new bugs,
given that most developers and testers work on the more modern
codebase.  A call to a helper that is made to "fix" an issue may be
safe in today's codebase, but the same helper in the ancient
maintenance track may not have been updated to match what the new
callsite expects it to do, for example.

Limiting backmerging also is a way to encourage people to update to
the latest major releases.

I currently aim to limit to at most four or five of maintenance
tracks.  Each development cycle usually lasts for 8-10 weeks, so
that means the shelf life of a major release is about 8 months at
the most---but sometimes people get greedy and demand backmerging to
way older tracks.  The last one for 2.17.x track was an example.

Of course, the above does not mean distro packagers and managers of
platform specific ports are not allowed to backport the fixes to
older codebase than I cut "official" maitenance releases for.


      parent reply	other threads:[~2020-05-24 16:26 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-05-14 20:25 Git stable releases John Carlissi
2020-05-22 15:32 ` John Carlissi
2020-05-22 16:54   ` Elijah Newren
2020-05-22 21:06     ` John Carlissi
2020-05-24 16:26 ` Junio C Hamano [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: http://vger.kernel.org/majordomo-info.html

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=xmqq367pqoyj.fsf@gitster.c.googlers.com \
    --to=gitster@pobox.com \
    --cc=git@vger.kernel.org \
    --cc=johncarlissi@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://80x24.org/mirrors/git.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).