> -----Original Message----- > From: Jan Ehrhardt [mailto:php...@ehrhardt.nl] > Sent: Sunday, December 06, 2015 2:15 PM > To: internals@lists.php.net > Subject: [PHP-DEV] PHP 5.6 life cycle > > See http://php.net/supported-versions.php > > Will PHP 5.6 go into 'security fixes only' on 28 Aug 2015 with a end of life on > 28 Aug 2016? Or will we be postponing this a couple of months?
I think you're off by one here, no? > BTW: An end-of-life in Dec 2016 will be in line wih the EOL of OpenSSL > 1.0.1: "Version 1.0.1 will be supported until 2016-12-31." > http://openssl.org/policies/releasestrat.html IMHO, I think we need to look at the 5.6 lifecycle very differently from how we look at 5.5 and earlier. This is really the 5.x lifecycle as it's the last version that's relatively completely painless to upgrade to from 5.x (especially 5.3 and later). PHP 4 was maintained for 4+ years after PHP 5.0 was released (5.0 release July 2004, PHP 4 support ended 8/8/08). Not saying that we need to do the same for 5, but one year upgrade cycle for everyone on 5.x doesn't sound reasonable. I don't have a firm opinion on 'active support' vs. 'security only' - I think the latter much more closely defines what people truly care about in terms of whether they feel comfortable having the version still deployed or not. At the very least I think we should give 5.6 24 months of lifetime from PHP 7.0's release date (i.e. take it until Dec 2017), but I think we should also consider either extending it even further, or at least paying attention to the situation on the ground in terms of PHP 5's popularity as we get closer to that EOL date. Personally I'm leaning towards having a firm date further down the road than a 'flexible' one, so that we give people a clear and reasonable timeline to upgrade - without risking that they "won't take us seriously" and assume we'd delay the EOL. Zeev -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
