[Zope-dev] Re: Zope 2.6 branch "closed for bugfixes"?
Tres Seaver
tseaver at zope.com
Wed Apr 21 08:44:40 EDT 2004
Chris Withers wrote:
> Tres Seaver wrote:
>
>> Chris,
>>
>> I would call the 2.6 branch "closed except for serious security bugs";
>> please don't check in new features or minor bugfixes there.
>
>
> How come? and was this announced anywhere?
See the last topic in:
http://dev.zope.org/CVS/ZopeDevelopmentProcess
> I don't see what harm applying minor bugfixes to any release branch
> could do...
- It is a well-established principle of software engineering that the
most likely source of new bugs in mature code is fixes for old ones.
- People who are still running 2.6 in production are demonstrably
risk-averse (and often for good reason). Adding non-critical fixes
to the "mature" branch increases the amount of risk involved in
upgrading production sites, which they typically won't do except to
close major security vulnerabilities.
- If something comes up which forces us to make a 2.6.5 release,
keeping the diff from 2.6.4 as small as possible is a real goal
for the release manager, who must communicate with the risk-averse
sysadmins.
- As a parallel, think about the kinds of changes you want to see
*today* to the 2.2 Linux kernel: if you are still running sites on
2.2, you definitely don't want *any* non-essential fixes being
backported there.
Tres.
--
===============================================================
Tres Seaver tseaver at zope.com
Zope Corporation "Zope Dealers" http://www.zope.com
More information about the Zope-Dev
mailing list