Re: [PHP-DEV] PHP 5.6 life cycle

[Björn Larsson]

Den 2015-12-06 kl. 17:39, skrev François Laupretre:

Le 06/12/2015 13:38, Zeev Suraski a écrit :

-----Original Message-----
From: Jan Ehrhardt [mailto:php...@ehrhardt.nl]
Sent: Sunday, December 06, 2015 2:15 PM
To: internals@lists.php.net
Subject: [PHP-DEV] PHP 5.6 life cycle

See http://php.net/supported-versions.php

Will PHP 5.6 go into 'security fixes only' on 28 Aug 2015 with a end of

life on

28 Aug 2016? Or will we be postponing this a couple of months?

I think you're off by one here, no?

BTW: An end-of-life in Dec 2016 will be in line wih the EOL of OpenSSL
1.0.1: "Version 1.0.1 will be supported until 2016-12-31."
http://openssl.org/policies/releasestrat.html

IMHO, I think we need to look at the 5.6 lifecycle very differently from

how we look at 5.5 and earlier. This is really the 5.x lifecycle as it's the last version that's relatively completely painless to upgrade to from

5.x (especially 5.3 and later).

PHP 4 was maintained for 4+ years after PHP 5.0 was released (5.0 release July 2004, PHP 4 support ended 8/8/08). Not saying that we need to do the

same for 5, but one year upgrade cycle for everyone on 5.x doesn't sound

reasonable. I don't have a firm opinion on 'active support' vs. 'security

only' - I think the latter much more closely defines what people truly
care about in terms of whether they feel comfortable having the version
still deployed or not.

At the very least I think we should give 5.6 24 months of lifetime from
PHP 7.0's release date (i.e. take it until Dec 2017), but I think we

should also consider either extending it even further, or at least paying attention to the situation on the ground in terms of PHP 5's popularity as

we get closer to that EOL date.  Personally I'm leaning towards having a
firm date further down the road than a 'flexible' one, so that we give
people a clear and reasonable timeline to upgrade - without risking that
they "won't take us seriously" and assume we'd delay the EOL.

Zeev

What about modifying the rules to state that :

When a new major version (version N) is released, the latest minor version of the previous major (N - 1) automatically gets one additional year of active support, extending it to 3 years instead of 2. The subsequent 'security fix only' period is maintained to one year.

Regards

François

Sounds like a good proposal to me. Starting point for a decision?

Would like to add that given 7.0 major uptake with ISP's coming next
year (at least in my region) it seems prudent to prolong 5.6 lifecycle a
little.

Regards //Björn


--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php