[wp-hackers] Short term suckage

Peter Westwood peter.westwood at ftwr.co.uk
Fri Jun 18 17:56:45 UTC 2010 

On 18 Jun 2010, at 18:34, eric at eamann.com wrote:

> +1 for the idea of keeping the current-1 release up to date with security.
>  There are several other open source systems on the market that already do this
> (the best example is YUI).  So long as we're making security/stability patches
> to the 3.0 branch, we could still port them to the 2.9 branch.  Once 3.1 comes
> out, we can "officially" deprecate the 2.9 branch and just maintain the 3.0
> branch with security patches.
>  
> It seems straight-forward to me.  Am I missing anything here?
> 
> On June 18, 2010 at 5:20 PM Dougal Campbell <dougal at gunters.org> wrote:
> 
>> On Jun 18 2010 11:49 AM, Matt Mullenweg wrote:
>>> While I like the theory of LTS, what happens in practice is it covers
>>> up the incompetence of IT or developers because they put off small
>>> slightly painful upgrades until they get so out of date of trunk (3
>>> years? 5 years?) and you have to go through a giant, painful, screws
>>> everybody over upgrade.
>> 
>> Yeah, but I think what we're* talking about here is more realistic.
>> Maybe we should call it "STS" (Short-Term Support) instead of "LTS"? I
>> don't think we have to make any commitment (official or otherwise) to
>> support any particular release for years. But if we could just support
>> the "current-minus-one" release up until the time that the
>> "current-plus-one" version came out, it would provide a
>> not-too-unreasonable window for those who hesitate to upgrade to the
>> shiniest new version, for whatever reason.
>> 
> 


We've discussed alot the idea of a Short-Term Support in the dev chats in months past and from what I can remember we have the following stumbling blocks:

 * What kind of UI do you offer to people?
 * What kind of fixes to you backport?
 * Who wants it?
 * How do plugins and themes fit in?

Now in general the consensus has been that the idea of providing security support for version-1 till version+1 is released sounds sane.

However, I'm starting to think that from a suckage point of view it starts to fight back.  It doesn't just add extra work for the core team of contributors is back porting security fixes, testing releases and getting them shipped but it adds a whole lot of extra work on theme/plugin authors - as soon as we step forward and say version-1 is supported for security fixes until version+1 is released we are now effectively saying to all the plugin/theme devs that you need to support both these versions in order to not get alot of grief from users who want to use them.

I'm also unsure how the upgrade paths would work for someone using this STS release.

Hypothetically let say we did the following:

Released a 2.9.3 tomorrow for people to upgrade to
Released a 3.0.1 in the future
Released 3.1

If someone is running 2.9.3 when we release 3.1 they now get pushed to which version - 3.0.1 a 6 month old release or 3.1?

It feels a bit like short term support sucks too as you just end up with more work for all the contributors and trying to support two different versions

Cheers
-- 
Peter Westwood
http://blog.ftwr.co.uk | http://westi.wordpress.com
C53C F8FC 8796 8508 88D6 C950 54F4 5DCD A834 01C5

More information about the wp-hackers mailing list