Hi! > If 2/3 of sites still run EOLed versions of PHP, all adding a long-term > support version is going to do is encourage habits of inertia. "Well,
You seem to be under impression that we have some control over these habits. We do not. There are a lot of factors that influence these decisions, but out "encouraging" or "not encouraging" would not even enter top 10. The reality is that adoption did not catch up yet, and I do not see how we can change it - we can only recognize it or ignore it (and call it "not encouraging"). Unless you can name something that we can really do to make people upgrade (and no, dropping support wouldn't work, we already know that). > 5.6 was supported until 2020, why can't 7.0.0 be supported until past > 2019? This isn't fair." I'm not sure what you mean by "fair" here. There's no inherent moral obligation on support timeframes, so the word "fair" has no meaning here. > Yes, given the lack of a sensible alternative, I think we need to do > this. And then the community needs to, collectively, invest serious But that lack is not given, the sensible alternative exists - extending the support. The premise that this alternative is not sensible is exactly the question under discussion, so you can not use it as an argument without engaging in circular reasoning. > effort in finding a remotely exploitable vulnerability in any/all EOL'd > versions of PHP to give a strong incentive to stop running 5.2.x and > 5.3.x in 2016. Community doesn't need to do any such thing, exploitable vulnerabilities exist in many old versions already. However, I hope you are not implying we should be somehow making exploiting old versions easier in a misguided attempt to get people to upgrade? That would be like setting somebody's home on fire in order to educate them about fire safety. -- Stas Malyshev smalys...@gmail.com -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
