8 Feb
2008
8 Feb
'08
12:48 p.m.
On Friday 08 February 2008, Bogdan-Andrei Iancu wrote:
[..]
Many project have lists where you can subscribe in order to get
notification for critical bug or security fixes. Currently, for openser,
if you are not subscribed on devel list and if you are not "good" enough
in "decrypting" the commit logs, you may miss important fixes you may
want to update.
I think is our duty as project to inform the users about the discovered
flows in the stable versions. My suggestion is to create a new mailing
list where, who is interested, will receive notifications when something
critical was fixed in the stable versions of openser.
[..]
Hi Bogdan,
good points. Such a list would be surely a good thing. But i don't think this
is exactly what we need. If somebody choose to run a openser version from the
stable branch, he must monitor the devel list for importantant changes in
this branch. This could be easily achieved with some filtering. If there are
understanding problems with svn commit messages, we should improve them.
Remaining questions could be easily be resolved on the devel list.
But distributions and many users don't use the stable branch as base for their
usage, the rely on stable releases.
So if a really critical fix is merged into the stable branch, e.g. a security
fix, then we should immediately release a new minor release that includes
this fix. Otherwise the user which don't have the knowledge or the time to
run from the stable branch will be left in the cold.
So, my suggestions are:
- implement a regular release schedule for minor releases, e.g. every 2 months
- release immediately for _really_ critical fixes
- add a new list, called "announce" for announcements for new releases
This policy is implemented from many successful other projects. This way
people running stable or from the branch know that there was a cricital fix,
and that they should update.
Cheers,
Henning